$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3340/pDidtIvE6TSc2eEd0MttcHaa4xk.mft File: pDidtIvE6TSc2eEd0MttcHaa4xk.mft (raw, json) Hash identifier: Wwqf8YiKR6TUxjuVcD8lX2FJ4MKTmgs4pb/GSoU7Sao= Subject key identifier: C0:52:39:ED:FF:B8:35:E3:EA:F1:43:96:11:63:60:E3:9C:CB:FE:1A Authority key identifier: A4:38:9D:B4:8B:C4:E9:34:9C:D9:E1:1D:D0:CB:6D:70:76:9A:E3:19 Certificate issuer: /CN=A4389DB48BC4E9349CD9E11DD0CB6D70769AE319 Certificate serial: 04C5 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/pDidtIvE6TSc2eEd0MttcHaa4xk.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3340/pDidtIvE6TSc2eEd0MttcHaa4xk.mft Manifest number: 04C5 Signing time: Sat 23 Aug 2025 21:05:43 +0000 Manifest this update: Sat 23 Aug 2025 21:05:43 +0000 Manifest next update: Sun 24 Aug 2025 03:05:43 +0000 Files and hashes: 1: pDidtIvE6TSc2eEd0MttcHaa4xk.crl (hash: heJZimtFC2t7hs+BgAQ17yhMV7rlYQYe//zoGu2Bma4=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3340/pDidtIvE6TSc2eEd0MttcHaa4xk.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3340/pDidtIvE6TSc2eEd0MttcHaa4xk.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/pDidtIvE6TSc2eEd0MttcHaa4xk.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 24 Aug 2025 02:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1221 (0x4c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A4389DB48BC4E9349CD9E11DD0CB6D70769AE319 Validity Not Before: Aug 23 21:05:43 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=C05239EDFFB835E3EAF14396116360E39CCBFE1A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:fc:64:9d:88:bd:06:62:49:e7:89:cb:66:36: 3e:77:37:0e:8e:8d:35:9e:5b:97:5d:90:3d:f3:61: ce:7c:59:e9:0a:31:f1:dd:81:fa:24:99:71:dc:e4: 78:a6:9e:b6:12:74:61:08:47:72:8b:35:66:96:92: e2:06:10:af:f0:6a:c9:87:1f:de:cd:6e:d0:50:4a: 22:3c:22:4a:58:c6:86:8a:83:95:9a:17:2c:9e:3e: 3e:a3:ad:62:b6:f5:c8:1b:aa:04:e9:64:a7:23:2e: a2:bd:35:27:55:e2:23:2a:e2:7a:91:bb:f4:1f:c3: e4:fa:81:82:9f:ea:69:ec:1b:27:a2:b0:b6:8e:90: 3e:86:3d:63:52:bb:dd:75:30:f6:0d:93:a7:97:fc: 98:1b:62:eb:35:67:3c:f7:40:30:58:3a:f0:21:78: bb:00:d3:55:63:84:3c:8e:87:be:10:5c:6e:62:fa: 80:4a:a4:e8:5b:74:ec:5a:50:7f:1b:eb:64:b5:30: da:43:09:7a:c3:7a:2f:85:71:5a:4d:72:7b:9b:d2: ac:5a:b1:a6:50:f1:8a:47:ee:24:27:26:43:85:fa: 07:56:06:69:9a:ba:be:f9:c4:2f:12:c3:4d:d4:ed: 74:d5:1a:24:7b:7a:a7:ad:4f:e0:92:9b:30:95:3f: c2:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:52:39:ED:FF:B8:35:E3:EA:F1:43:96:11:63:60:E3:9C:CB:FE:1A X509v3 Authority Key Identifier: keyid:A4:38:9D:B4:8B:C4:E9:34:9C:D9:E1:1D:D0:CB:6D:70:76:9A:E3:19 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3340/pDidtIvE6TSc2eEd0MttcHaa4xk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/pDidtIvE6TSc2eEd0MttcHaa4xk.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3340/pDidtIvE6TSc2eEd0MttcHaa4xk.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:cc:c9:c0:d0:c7:b6:49:83:43:de:13:60:bd:7b:ed:d7:4c: 7d:e1:ae:ae:f3:6c:73:70:6d:34:91:07:9d:81:c7:ba:8d:1c: 48:cf:86:02:e2:72:a8:5f:9b:4b:f3:8d:d1:a2:d8:96:52:5b: bf:0f:14:89:e7:8a:97:c5:b4:7e:f5:32:ec:85:5c:23:25:ec: ab:3e:ee:79:72:df:38:3a:43:dc:03:40:ee:45:18:97:50:1d: 5a:82:b0:25:20:03:a9:a9:75:94:f3:6e:63:ca:0b:43:ad:72: de:a4:7d:9a:ec:88:86:9e:40:75:84:b3:10:46:72:34:8d:f0: 61:25:86:a6:9b:b7:21:af:7e:0f:4c:79:dd:51:3f:f7:de:73: 08:14:9d:1e:8f:af:ec:c2:9b:ad:df:19:8c:dc:f3:06:c2:db: ba:00:a1:c0:28:5e:e9:7d:2d:6e:f7:69:2e:7c:46:8e:a5:f9: 08:fb:e1:18:57:b6:b7:db:62:18:db:4e:61:2b:e0:f6:86:1b: 57:12:19:81:d5:c2:67:58:4e:ec:43:13:fa:b2:ff:ca:bc:11: 33:65:c1:03:16:a2:49:73:8d:ab:d9:4e:86:07:f5:a6:fd:b7: c6:ce:89:71:8d:ca:e2:76:1b:ba:fe:d7:76:e9:7b:eb:35:00: 00:a6:c7:d4 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICBMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTQz ODlEQjQ4QkM0RTkzNDlDRDlFMTFERDBDQjZENzA3NjlBRTMxOTAeFw0yNTA4MjMy MTA1NDNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEMwNTIzOUVERkZCODM1 RTNFQUYxNDM5NjExNjM2MEUzOUNDQkZFMUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCV/GSdiL0GYknnictmNj53Nw6OjTWeW5ddkD3zYc58WekKMfHd gfokmXHc5HimnrYSdGEIR3KLNWaWkuIGEK/wasmHH97NbtBQSiI8IkpYxoaKg5Wa FyyePj6jrWK29cgbqgTpZKcjLqK9NSdV4iMq4nqRu/Qfw+T6gYKf6mnsGyeisLaO kD6GPWNSu911MPYNk6eX/JgbYus1Zzz3QDBYOvAheLsA01VjhDyOh74QXG5i+oBK pOhbdOxaUH8b62S1MNpDCXrDei+FcVpNcnub0qxasaZQ8YpH7iQnJkOF+gdWBmma ur75xC8Sw03U7XTVGiR7eqetT+CSmzCVP8I9AgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUwFI57f+4NePq8UOWEWNg45zL/howHwYDVR0jBBgwFoAUpDidtIvE6TSc2eEd 0MttcHaa4xkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM0 MC9wRGlkdEl2RTZUU2MyZUVkME10dGNIYWE0eGsuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3BEaWR0SXZFNlRTYzJlRWQwTXR0Y0hhYTR4ay5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNDAvcERpZHRJdkU2VFNj MmVFZDBNdHRjSGFhNHhrLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAJ/MycDQx7ZJg0PeE2C9e+3XTH3hrq7zbHNwbTSRB52Bx7qNHEjPhgLicqhf m0vzjdGi2JZSW78PFInnipfFtH71MuyFXCMl7Ks+7nly3zg6Q9wDQO5FGJdQHVqC sCUgA6mpdZTzbmPKC0Otct6kfZrsiIaeQHWEsxBGcjSN8GElhqabtyGvfg9Med1R P/fecwgUnR6Pr+zCm63fGYzc8wbC27oAocAoXul9LW73aS58Ro6l+Qj74RhXtrfb YhjbTmEr4PaGG1cSGYHVwmdYTuxDE/qy/8q8ETNlwQMWoklzjavZToYH9ab9t8bO iXGNyuJ2G7r+13bpe+s1AACmx9Q= -----END CERTIFICATE-----Generated at Sun Aug 24 00:02:49 2025 by rpki-client