$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.mft File: OdKJwhDg7Qi9MAYOyP3ObWjuaZU.mft (raw, json) Hash identifier: Y1miR9ya8TANEX3BnIcuZJL8szeJWFOMhGf6bLBOPLE= Subject key identifier: A2:B1:0D:87:B2:0C:1D:01:60:A4:67:5C:11:BF:53:A0:49:28:C5:23 Authority key identifier: 39:D2:89:C2:10:E0:ED:08:BD:30:06:0E:C8:FD:CE:6D:68:EE:69:95 Certificate issuer: /CN=39D289C210E0ED08BD30060EC8FDCE6D68EE6995 Certificate serial: 14ED Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.mft Manifest number: 14ED Signing time: Sat 17 May 2025 17:39:16 +0000 Manifest this update: Sat 17 May 2025 17:39:16 +0000 Manifest next update: Sat 17 May 2025 23:39:16 +0000 Files and hashes: 1: OdKJwhDg7Qi9MAYOyP3ObWjuaZU.crl (hash: RjDGd3BftbI3DGT/AzJuOV/E9mGp9rkVHJX7sHVL5ks=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 23:39:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5357 (0x14ed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39D289C210E0ED08BD30060EC8FDCE6D68EE6995 Validity Not Before: May 17 17:39:16 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=A2B10D87B20C1D0160A4675C11BF53A04928C523 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:f5:0f:57:bf:fd:7f:fc:57:01:e7:d8:db:f1: 33:81:b6:c1:f4:14:a7:56:4d:ca:ab:f7:58:59:e2: 9c:ad:d5:06:0a:9d:1d:7d:8e:79:3e:65:bd:2f:15: f0:d5:85:04:0b:c5:d0:fe:54:e4:6a:41:ee:79:d1: 1a:15:91:74:c2:9d:94:81:82:9d:ca:0a:3b:c2:b5: 6f:6b:50:ff:db:03:c5:02:e8:d1:4b:43:e9:84:ca: fd:cf:93:a1:d2:ba:14:1d:79:ca:4f:87:dd:56:a8: 2a:6e:be:46:0a:78:f4:86:5d:3f:a4:8c:b0:4b:3a: ef:1e:e6:c2:ca:e5:84:a3:1b:34:4f:8c:03:9f:09: 6a:b8:c2:ed:33:29:ee:7b:a0:ac:77:13:53:6b:4d: fa:db:c5:49:1c:6e:c0:47:cb:45:15:b9:8b:ae:b1: 9a:4e:93:c4:7e:d0:46:63:e0:3e:25:bd:f0:3e:3c: ad:30:ec:f0:a9:32:96:bb:ac:fa:64:6d:a6:0e:87: 22:20:90:96:a4:6d:c8:2f:ad:27:2a:ef:c4:9d:08: d7:38:a3:52:f2:10:44:5c:33:be:16:86:c9:d7:07: ac:82:5b:53:fb:9b:45:4c:91:80:fd:04:5f:2b:cc: 74:30:5c:7f:8c:cf:dd:71:2d:a0:2d:45:46:6b:48: 3c:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:B1:0D:87:B2:0C:1D:01:60:A4:67:5C:11:BF:53:A0:49:28:C5:23 X509v3 Authority Key Identifier: keyid:39:D2:89:C2:10:E0:ED:08:BD:30:06:0E:C8:FD:CE:6D:68:EE:69:95 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:f9:6f:d0:fd:10:1c:44:9d:6a:aa:5d:0c:b6:13:9b:1a:5c: 89:f6:cc:72:9e:53:05:f5:46:c8:c1:33:cc:c0:05:2e:12:c6: 97:ca:d1:5c:43:42:64:f8:e0:01:53:ca:6e:ba:da:a5:1a:7e: f0:13:4e:d2:c5:7b:61:a2:a9:0e:6e:ef:88:a2:4d:a3:e7:6a: 99:d7:ad:19:33:56:97:a5:e5:95:3a:9e:cb:d5:84:7c:cd:f3: d9:fd:4a:35:d6:b9:64:f1:3f:32:f7:32:83:ba:9e:29:d9:e4: 32:6c:d9:22:36:3a:68:79:af:c1:c1:36:27:bc:a2:2c:b4:63: 74:32:51:73:49:7a:fc:3d:5b:c8:a6:ee:2a:da:c3:1a:0f:33: 28:33:6d:39:f7:8f:8e:0e:a7:ad:40:93:04:da:6c:e5:bf:db: 63:d2:01:09:69:48:46:2e:ba:c7:e2:b1:13:58:b5:d2:8a:b8: a9:ef:53:61:32:80:18:ad:72:f5:ed:9a:90:05:0b:cb:7b:e7: b9:bb:34:d3:d1:2b:df:20:5e:53:f9:59:e2:05:27:d9:51:ae: 3d:9a:0b:af:c2:2d:88:d5:f0:31:51:38:3b:41:76:fc:69:1c: 42:5f:38:90:42:f9:e0:93:39:14:51:e4:85:78:5c:a3:cd:89: 72:e7:4e:96 -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgICFO0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlE Mjg5QzIxMEUwRUQwOEJEMzAwNjBFQzhGRENFNkQ2OEVFNjk5NTAeFw0yNTA1MTcx NzM5MTZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEEyQjEwRDg3QjIwQzFE MDE2MEE0Njc1QzExQkY1M0EwNDkyOEM1MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDe9Q9Xv/1//FcB59jb8TOBtsH0FKdWTcqr91hZ4pyt1QYKnR19 jnk+Zb0vFfDVhQQLxdD+VORqQe550RoVkXTCnZSBgp3KCjvCtW9rUP/bA8UC6NFL Q+mEyv3Pk6HSuhQdecpPh91WqCpuvkYKePSGXT+kjLBLOu8e5sLK5YSjGzRPjAOf CWq4wu0zKe57oKx3E1NrTfrbxUkcbsBHy0UVuYuusZpOk8R+0EZj4D4lvfA+PK0w 7PCpMpa7rPpkbaYOhyIgkJakbcgvrScq78SdCNc4o1LyEERcM74WhsnXB6yCW1P7 m0VMkYD9BF8rzHQwXH+Mz91xLaAtRUZrSDx1AgMBAAGjggIIMIICBDAdBgNVHQ4E FgQUorENh7IMHQFgpGdcEb9ToEkoxSMwHwYDVR0jBBgwFoAUOdKJwhDg7Qi9MAYO yP3ObWjuaZUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTAv T2RLSndoRGc3UWk5TUFZT3lQM09iV2p1YVpVLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9PZEtKd2hEZzdRaTlNQVlPeVAzT2JXanVhWlUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81MC9PZEtKd2hEZzdRaTlNQVlP eVAzT2JXanVhWlUubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYIKwYB BQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOCAQEA Y/lv0P0QHESdaqpdDLYTmxpcifbMcp5TBfVGyMEzzMAFLhLGl8rRXENCZPjgAVPK brrapRp+8BNO0sV7YaKpDm7viKJNo+dqmdetGTNWl6XllTqey9WEfM3z2f1KNda5 ZPE/Mvcyg7qeKdnkMmzZIjY6aHmvwcE2J7yiLLRjdDJRc0l6/D1byKbuKtrDGg8z KDNtOfePjg6nrUCTBNps5b/bY9IBCWlIRi66x+KxE1i10oq4qe9TYTKAGK1y9e2a kAULy3vnubs009Er3yBeU/lZ4gUn2VGuPZoLr8ItiNXwMVE4O0F2/GkcQl84kEL5 4JM5FFHkhXhco82JcudOlg== -----END CERTIFICATE-----Generated at Sat May 17 23:35:21 2025 by rpki-client