$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.mft File: OdKJwhDg7Qi9MAYOyP3ObWjuaZU.mft (raw, json) Hash identifier: yuYhlmRdC8IHBacY1QIF0ACMY8GAc/G57KFYOmxkPyg= Subject key identifier: A2:B1:0D:87:B2:0C:1D:01:60:A4:67:5C:11:BF:53:A0:49:28:C5:23 Authority key identifier: 39:D2:89:C2:10:E0:ED:08:BD:30:06:0E:C8:FD:CE:6D:68:EE:69:95 Certificate issuer: /CN=39D289C210E0ED08BD30060EC8FDCE6D68EE6995 Certificate serial: 15DE Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.mft Manifest number: 15DE Signing time: Sat 05 Jul 2025 10:43:00 +0000 Manifest this update: Sat 05 Jul 2025 10:43:00 +0000 Manifest next update: Sat 05 Jul 2025 16:43:00 +0000 Files and hashes: 1: OdKJwhDg7Qi9MAYOyP3ObWjuaZU.crl (hash: 7nIAUfrO6Q4VI69avuf42C6eVySiDr2Z6JuW7J5gj0c=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 13:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5598 (0x15de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=39D289C210E0ED08BD30060EC8FDCE6D68EE6995 Validity Not Before: Jul 5 10:43:00 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=A2B10D87B20C1D0160A4675C11BF53A04928C523 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:f5:0f:57:bf:fd:7f:fc:57:01:e7:d8:db:f1: 33:81:b6:c1:f4:14:a7:56:4d:ca:ab:f7:58:59:e2: 9c:ad:d5:06:0a:9d:1d:7d:8e:79:3e:65:bd:2f:15: f0:d5:85:04:0b:c5:d0:fe:54:e4:6a:41:ee:79:d1: 1a:15:91:74:c2:9d:94:81:82:9d:ca:0a:3b:c2:b5: 6f:6b:50:ff:db:03:c5:02:e8:d1:4b:43:e9:84:ca: fd:cf:93:a1:d2:ba:14:1d:79:ca:4f:87:dd:56:a8: 2a:6e:be:46:0a:78:f4:86:5d:3f:a4:8c:b0:4b:3a: ef:1e:e6:c2:ca:e5:84:a3:1b:34:4f:8c:03:9f:09: 6a:b8:c2:ed:33:29:ee:7b:a0:ac:77:13:53:6b:4d: fa:db:c5:49:1c:6e:c0:47:cb:45:15:b9:8b:ae:b1: 9a:4e:93:c4:7e:d0:46:63:e0:3e:25:bd:f0:3e:3c: ad:30:ec:f0:a9:32:96:bb:ac:fa:64:6d:a6:0e:87: 22:20:90:96:a4:6d:c8:2f:ad:27:2a:ef:c4:9d:08: d7:38:a3:52:f2:10:44:5c:33:be:16:86:c9:d7:07: ac:82:5b:53:fb:9b:45:4c:91:80:fd:04:5f:2b:cc: 74:30:5c:7f:8c:cf:dd:71:2d:a0:2d:45:46:6b:48: 3c:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:B1:0D:87:B2:0C:1D:01:60:A4:67:5C:11:BF:53:A0:49:28:C5:23 X509v3 Authority Key Identifier: keyid:39:D2:89:C2:10:E0:ED:08:BD:30:06:0E:C8:FD:CE:6D:68:EE:69:95 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/50/OdKJwhDg7Qi9MAYOyP3ObWjuaZU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9e:ff:99:f0:5b:91:fa:4d:5d:ab:b5:9c:54:1e:d5:2a:73:80: c6:76:a3:82:f5:72:6d:4f:09:f7:69:95:7d:5d:23:95:55:50: d2:cd:33:8c:14:53:98:95:cc:b2:ae:e0:4d:57:55:81:2e:73: b9:3d:92:8d:e5:61:a8:24:19:50:aa:04:14:06:2d:63:5a:9e: 90:b9:6f:5b:72:bb:c2:da:25:5b:11:53:29:2a:9d:55:3c:31: 15:82:70:86:3a:d3:cb:14:6b:15:61:80:1e:26:de:f4:0b:33: 3d:c8:4a:4b:27:3d:1e:20:1f:43:1b:93:9e:3e:50:4d:a9:51: 58:07:df:2e:09:18:f4:6c:bf:8c:a0:39:a0:b1:03:81:e8:59: c9:64:9a:89:1d:f0:26:86:ff:36:29:72:62:5d:94:25:bb:e4: 16:00:c9:a4:ec:22:00:1c:b5:a3:80:d7:2a:13:75:f9:4b:a6: 4c:73:fd:75:38:fd:ec:8a:03:5c:43:0d:c6:b8:c7:f6:a0:60: ad:0f:19:94:f0:12:9f:22:b7:b4:b2:94:01:0c:b6:ab:3f:16: bd:d0:9f:6c:a0:c9:a4:a8:23:af:0b:59:da:d8:ad:21:4f:63: 6a:95:08:de:95:15:dc:3a:22:42:00:48:74:b5:b0:77:c4:29: 44:38:bc:b5 -----BEGIN CERTIFICATE----- MIIE7DCCA9SgAwIBAgICFd4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlE Mjg5QzIxMEUwRUQwOEJEMzAwNjBFQzhGRENFNkQ2OEVFNjk5NTAeFw0yNTA3MDUx MDQzMDBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEEyQjEwRDg3QjIwQzFE MDE2MEE0Njc1QzExQkY1M0EwNDkyOEM1MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDe9Q9Xv/1//FcB59jb8TOBtsH0FKdWTcqr91hZ4pyt1QYKnR19 jnk+Zb0vFfDVhQQLxdD+VORqQe550RoVkXTCnZSBgp3KCjvCtW9rUP/bA8UC6NFL Q+mEyv3Pk6HSuhQdecpPh91WqCpuvkYKePSGXT+kjLBLOu8e5sLK5YSjGzRPjAOf CWq4wu0zKe57oKx3E1NrTfrbxUkcbsBHy0UVuYuusZpOk8R+0EZj4D4lvfA+PK0w 7PCpMpa7rPpkbaYOhyIgkJakbcgvrScq78SdCNc4o1LyEERcM74WhsnXB6yCW1P7 m0VMkYD9BF8rzHQwXH+Mz91xLaAtRUZrSDx1AgMBAAGjggIIMIICBDAdBgNVHQ4E FgQUorENh7IMHQFgpGdcEb9ToEkoxSMwHwYDVR0jBBgwFoAUOdKJwhDg7Qi9MAYO yP3ObWjuaZUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTAv T2RLSndoRGc3UWk5TUFZT3lQM09iV2p1YVpVLmNybDBjBggrBgEFBQcBAQRXMFUw UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE MDAwMC9PZEtKd2hEZzdRaTlNQVlPeVAzT2JXanVhWlUuY2VyMA4GA1UdDwEB/wQE AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81MC9PZEtKd2hEZzdRaTlNQVlP eVAzT2JXanVhWlUubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu Y24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYIKwYB BQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOCAQEA nv+Z8FuR+k1dq7WcVB7VKnOAxnajgvVybU8J92mVfV0jlVVQ0s0zjBRTmJXMsq7g TVdVgS5zuT2SjeVhqCQZUKoEFAYtY1qekLlvW3K7wtolWxFTKSqdVTwxFYJwhjrT yxRrFWGAHibe9AszPchKSyc9HiAfQxuTnj5QTalRWAffLgkY9Gy/jKA5oLEDgehZ yWSaiR3wJob/NilyYl2UJbvkFgDJpOwiABy1o4DXKhN1+UumTHP9dTj97IoDXEMN xrjH9qBgrQ8ZlPASnyK3tLKUAQy2qz8WvdCfbKDJpKgjrwtZ2titIU9japUI3pUV 3DoiQgBIdLWwd8QpRDi8tQ== -----END CERTIFICATE-----Generated at Sat Jul 5 12:12:25 2025 by rpki-client