$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft File: kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft (raw, json) Hash identifier: aUb4flF3ZD6SxRVFsBWk9XLkG609fnaH5toPn6CknKg= Subject key identifier: F7:CE:72:31:FE:6F:7D:35:AC:67:E1:25:13:0F:01:40:32:45:BB:CE Authority key identifier: 90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 Certificate issuer: /CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Certificate serial: 0A4F Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft Manifest number: 0A4C Signing time: Fri 04 Jul 2025 20:17:32 +0000 Manifest this update: Fri 04 Jul 2025 20:17:32 +0000 Manifest next update: Sat 05 Jul 2025 02:17:32 +0000 Files and hashes: 1: SGpuOxsalusTzpYR3fphfkpzMVY.roa (hash: YMN9QVglyHTZ+uAe4m7iUyKbPe/xcnJgsyMEy+dbYZI=) 2: kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl (hash: JyzJsBGASDtmKClP/GP7RqzjA2oj7KSv3zJadf12rSE=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 00:44:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2639 (0xa4f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90F30E1DF327D103907F1BE08ED3EA64BFB778E3 Validity Not Before: Jul 4 20:17:32 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=F7CE7231FE6F7D35AC67E125130F01403245BBCE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:17:cd:57:be:fe:14:84:57:30:f0:64:79:4f: fe:86:52:f9:94:99:db:ee:be:6b:7c:2e:c6:ad:a7: d2:8f:b5:7b:ea:3b:38:7d:1d:b7:ec:45:19:15:95: 0a:c3:56:ba:78:7b:ea:a0:5b:fc:09:f9:8c:2f:33: 36:a8:c7:a2:89:ef:ab:26:8f:90:e4:8c:f1:90:02: 6f:3c:40:d3:e8:96:70:1a:d4:d6:c2:4e:95:c2:9a: 12:9e:ec:9f:ab:8f:64:45:bc:54:43:a2:fa:46:16: 9f:3c:32:7e:26:a3:47:f3:1a:87:0b:67:c8:c4:e3: 23:ed:62:52:b1:bc:a6:5e:e7:66:ec:e0:c6:a7:25: d2:ea:75:e5:81:9d:b0:8b:d7:ee:98:06:11:f2:35: d1:87:7c:a5:02:89:e0:65:e5:b4:05:38:fe:d9:e9: 6e:92:b0:2f:28:b2:59:0c:66:27:a0:aa:a5:01:ac: 58:eb:7e:3d:12:fb:eb:0f:a1:9b:02:cf:2f:e2:70: f5:40:fa:b3:92:25:64:a1:eb:a0:cd:57:11:b8:f4: 35:e2:92:21:db:d8:b5:86:1d:02:a2:e9:d8:31:1e: 0b:7a:da:5b:df:0c:bc:2c:c3:75:e1:89:27:97:cb: 12:7c:a2:ac:8e:ba:9a:2f:e9:21:78:35:47:61:d7: df:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:CE:72:31:FE:6F:7D:35:AC:67:E1:25:13:0F:01:40:32:45:BB:CE X509v3 Authority Key Identifier: keyid:90:F3:0E:1D:F3:27:D1:03:90:7F:1B:E0:8E:D3:EA:64:BF:B7:78:E3 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kPMOHfMn0QOQfxvgjtPqZL-3eOM.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3258/kPMOHfMn0QOQfxvgjtPqZL-3eOM.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption af:ca:dc:8d:e1:a4:79:2b:70:b9:39:d1:c0:89:c4:ea:b2:1f: bf:e4:fb:9b:6b:e1:03:f3:b7:d6:a8:7e:9a:6a:30:e5:9a:52: 02:1b:bb:d7:17:96:13:60:82:97:b7:bf:6a:6f:b2:fe:22:1c: ae:93:2b:b6:e2:cc:11:22:25:7d:f2:7a:e3:7f:64:da:ef:b7: 81:34:e8:16:07:99:d8:80:fd:38:c3:5e:5c:5f:65:9d:91:28: 6e:72:a3:12:a5:fd:d2:9a:fd:c4:76:0b:67:cb:d3:c1:9d:96: b7:93:4e:69:53:05:2b:94:66:9d:f0:63:48:a1:62:f7:4f:d8: 87:9b:96:44:70:2d:1f:3b:eb:08:a4:bb:4f:0c:59:0f:67:49: d1:79:68:b8:8d:6e:4d:25:c1:d2:2d:68:10:75:b1:46:77:d5: b6:ed:0d:7c:77:6a:8d:70:78:d5:48:b5:78:cc:5a:e2:0f:af: 02:07:e7:cb:9a:41:76:35:a6:98:05:1d:72:96:ed:71:e3:38: 91:29:49:e9:bc:17:d8:c2:77:61:5f:71:13:8f:1f:61:90:f5: f9:e4:cf:fe:07:67:c5:70:aa:47:1d:88:83:5f:ef:b2:4a:43: 4b:3d:5e:40:0c:96:b2:ba:ff:ca:e2:96:70:ba:29:8c:6f:46: 91:da:64:81 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCk8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTBG MzBFMURGMzI3RDEwMzkwN0YxQkUwOEVEM0VBNjRCRkI3NzhFMzAeFw0yNTA3MDQy MDE3MzJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEY3Q0U3MjMxRkU2RjdE MzVBQzY3RTEyNTEzMEYwMTQwMzI0NUJCQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCVF81Xvv4UhFcw8GR5T/6GUvmUmdvuvmt8Lsatp9KPtXvqOzh9 HbfsRRkVlQrDVrp4e+qgW/wJ+YwvMzaox6KJ76smj5DkjPGQAm88QNPolnAa1NbC TpXCmhKe7J+rj2RFvFRDovpGFp88Mn4mo0fzGocLZ8jE4yPtYlKxvKZe52bs4Man JdLqdeWBnbCL1+6YBhHyNdGHfKUCieBl5bQFOP7Z6W6SsC8oslkMZiegqqUBrFjr fj0S++sPoZsCzy/icPVA+rOSJWSh66DNVxG49DXikiHb2LWGHQKi6dgxHgt62lvf DLwsw3XhiSeXyxJ8oqyOupov6SF4NUdh19+vAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQU985yMf5vfTWsZ+ElEw8BQDJFu84wHwYDVR0jBBgwFoAUkPMOHfMn0QOQfxvg jtPqZL+3eOMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1 OC9rUE1PSGZNbjBRT1FmeHZnanRQcVpMLTNlT00uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL2tQTU9IZk1uMFFPUWZ4dmdqdFBxWkwtM2VPTS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTgva1BNT0hmTW4wUU9R Znh2Z2p0UHFaTC0zZU9NLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAK/K3I3hpHkrcLk50cCJxOqyH7/k+5tr4QPzt9aofppqMOWaUgIbu9cXlhNg gpe3v2pvsv4iHK6TK7bizBEiJX3yeuN/ZNrvt4E06BYHmdiA/TjDXlxfZZ2RKG5y oxKl/dKa/cR2C2fL08GdlreTTmlTBSuUZp3wY0ihYvdP2IeblkRwLR876wiku08M WQ9nSdF5aLiNbk0lwdItaBB1sUZ31bbtDXx3ao1weNVItXjMWuIPrwIH58uaQXY1 ppgFHXKW7XHjOJEpSem8F9jCd2FfcROPH2GQ9fnkz/4HZ8VwqkcdiINf77JKQ0s9 XkAMlrK6/8rilnC6KYxvRpHaZIE= -----END CERTIFICATE-----Generated at Fri Jul 4 23:05:59 2025 by rpki-client