$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.mft File: UgcnAEPag5sInL-JHVe0GrI5rYo.mft (raw, json) Hash identifier: XRYmnuns5X887KXcFknpLYHLbTSMSzMGHGy2LxiM9Uc= Subject key identifier: 07:6B:FC:AB:6C:1B:91:6D:A2:F5:0F:1A:9F:03:3F:91:66:7C:4A:22 Authority key identifier: 52:07:27:00:43:DA:83:9B:08:9C:BF:89:1D:57:B4:1A:B2:39:AD:8A Certificate issuer: /CN=5207270043DA839B089CBF891D57B41AB239AD8A Certificate serial: 0915 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UgcnAEPag5sInL-JHVe0GrI5rYo.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.mft Manifest number: 0915 Signing time: Sat 05 Jul 2025 05:44:36 +0000 Manifest this update: Sat 05 Jul 2025 05:44:36 +0000 Manifest next update: Sat 05 Jul 2025 11:44:36 +0000 Files and hashes: 1: UgcnAEPag5sInL-JHVe0GrI5rYo.crl (hash: GCAYdOc3BFnAjbDKsJs1K+x1vb4+Vu9fR+yuiliJ5sQ=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UgcnAEPag5sInL-JHVe0GrI5rYo.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 10:14:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2325 (0x915) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5207270043DA839B089CBF891D57B41AB239AD8A Validity Not Before: Jul 5 05:44:36 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=076BFCAB6C1B916DA2F50F1A9F033F91667C4A22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:25:7c:17:61:a5:b7:97:2d:83:0c:08:aa:14: d8:8c:da:f3:0e:a4:fc:c6:60:69:23:35:d3:df:a5: 20:17:4c:f8:ca:fd:24:d5:c1:f9:f7:8c:87:fd:a4: 13:37:70:b9:a7:1a:c6:76:5a:ff:65:eb:00:3b:cb: ad:70:e4:62:6e:f6:50:78:0e:c8:91:02:42:ec:a8: 27:89:a2:d7:b2:94:c8:85:90:8f:2a:4c:b5:19:14: 42:33:cb:83:e8:38:27:72:1b:29:71:b5:41:2e:0f: 54:25:dd:8b:f0:ef:4b:32:1f:5f:12:dd:c7:d0:7f: 4a:db:7b:a1:21:0e:dd:b8:75:97:d2:05:98:95:13: 81:44:09:41:d6:8a:14:c0:b5:a1:f0:1c:8c:a1:a3: d5:ad:fe:da:d8:ac:a9:6b:bf:54:27:b1:96:6b:88: 3b:60:23:36:5e:d1:5d:7a:7c:80:9c:f6:84:40:c8: 2f:88:31:94:f7:9e:bc:50:d2:2e:15:9a:23:df:9c: 20:39:42:88:d7:c5:d7:1a:10:b1:2c:7a:0f:e3:ed: 0d:d9:d7:c2:6f:be:8b:a0:84:51:8f:b2:97:b8:54: 00:f4:b8:7f:3a:44:5d:5f:5d:2b:6a:25:01:02:73: 4c:71:ea:b9:7a:64:61:27:ca:ec:99:79:8a:c1:83: 20:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:6B:FC:AB:6C:1B:91:6D:A2:F5:0F:1A:9F:03:3F:91:66:7C:4A:22 X509v3 Authority Key Identifier: keyid:52:07:27:00:43:DA:83:9B:08:9C:BF:89:1D:57:B4:1A:B2:39:AD:8A X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UgcnAEPag5sInL-JHVe0GrI5rYo.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3271/UgcnAEPag5sInL-JHVe0GrI5rYo.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:90:60:eb:ac:db:03:80:b3:03:dd:1c:84:a7:2d:62:b2:03: 3b:67:02:8d:93:b4:ac:cd:2e:76:3f:60:fa:7a:cb:35:73:7a: c9:57:aa:96:20:1d:c3:e0:db:63:d6:96:d7:e6:ad:c2:d5:e3: 08:0e:e2:01:b3:69:34:6d:96:45:35:2a:49:19:28:f9:9c:9d: bb:93:9d:57:0c:6d:fc:bb:9e:e9:ad:db:3b:3c:6a:d3:c3:bb: f9:ac:76:eb:7f:c7:c4:5b:d8:06:8a:a8:03:0e:01:07:d6:e9: 30:16:11:0e:b9:4b:89:f6:9b:45:d4:d3:42:1c:06:20:b7:ef: 1e:a6:2f:a4:29:37:9b:73:12:ec:fe:64:fd:7c:12:2a:67:0b: 0f:97:b5:95:9b:37:f1:79:05:48:27:62:d2:dc:e4:80:19:c5: 12:d2:73:98:04:c4:5b:50:cb:f1:63:a6:7e:dd:c2:d3:f7:dd: dc:a4:c0:9f:37:83:eb:69:f7:3f:7d:14:40:5c:8b:7c:b7:1e: c7:ee:0d:cd:ae:f4:02:88:34:32:5c:98:af:1a:be:41:eb:57: 2d:2e:7f:01:9d:85:0f:a2:d4:7b:63:6e:e8:87:97:6a:49:34: 1b:9c:c4:d9:3d:16:03:fd:50:6e:49:7f:53:0c:27:f9:19:2c: 21:98:da:74 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICCRUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTIw NzI3MDA0M0RBODM5QjA4OUNCRjg5MUQ1N0I0MUFCMjM5QUQ4QTAeFw0yNTA3MDUw NTQ0MzZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDA3NkJGQ0FCNkMxQjkx NkRBMkY1MEYxQTlGMDMzRjkxNjY3QzRBMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQC8JXwXYaW3ly2DDAiqFNiM2vMOpPzGYGkjNdPfpSAXTPjK/STV wfn3jIf9pBM3cLmnGsZ2Wv9l6wA7y61w5GJu9lB4DsiRAkLsqCeJoteylMiFkI8q TLUZFEIzy4PoOCdyGylxtUEuD1Ql3Yvw70syH18S3cfQf0rbe6EhDt24dZfSBZiV E4FECUHWihTAtaHwHIyho9Wt/trYrKlrv1QnsZZriDtgIzZe0V16fICc9oRAyC+I MZT3nrxQ0i4VmiPfnCA5QojXxdcaELEseg/j7Q3Z18JvvoughFGPspe4VAD0uH86 RF1fXStqJQECc0xx6rl6ZGEnyuyZeYrBgyCRAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUB2v8q2wbkW2i9Q8anwM/kWZ8SiIwHwYDVR0jBBgwFoAUUgcnAEPag5sInL+J HVe0GrI5rYowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI3 MS9VZ2NuQUVQYWc1c0luTC1KSFZlMEdySTVyWW8uY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL1VnY25BRVBhZzVzSW5MLUpIVmUwR3JJNXJZby5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNzEvVWdjbkFFUGFnNXNJ bkwtSkhWZTBHckk1cllvLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAKGQYOus2wOAswPdHISnLWKyAztnAo2TtKzNLnY/YPp6yzVzeslXqpYgHcPg 22PWltfmrcLV4wgO4gGzaTRtlkU1KkkZKPmcnbuTnVcMbfy7numt2zs8atPDu/ms dut/x8Rb2AaKqAMOAQfW6TAWEQ65S4n2m0XU00IcBiC37x6mL6QpN5tzEuz+ZP18 EipnCw+XtZWbN/F5BUgnYtLc5IAZxRLSc5gExFtQy/Fjpn7dwtP33dykwJ83g+tp 9z99FEBci3y3HsfuDc2u9AKINDJcmK8avkHrVy0ufwGdhQ+i1HtjbuiHl2pJNBuc xNk9FgP9UG5Jf1MMJ/kZLCGY2nQ= -----END CERTIFICATE-----Generated at Sat Jul 5 09:16:52 2025 by rpki-client