$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft File: 2pk_5cBP-fIsUmJjC-w39bOngoU.mft (raw, json) Hash identifier: 14n4mQ66wJWUpUWerNB8Dgxl2pcpJbExTiaZNTWj5og= Subject key identifier: A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7 Authority key identifier: DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 Certificate issuer: /CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Certificate serial: 15E3 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft Manifest number: 15D3 Signing time: Thu 03 Jul 2025 00:14:44 +0000 Manifest this update: Thu 03 Jul 2025 00:14:44 +0000 Manifest next update: Thu 03 Jul 2025 06:14:44 +0000 Files and hashes: 1: 2pk_5cBP-fIsUmJjC-w39bOngoU.crl (hash: W/FTcOaC1zHXd1vx1PAZNZj6eEEiLwaSIR7JSnoDjuo=) 2: KbrSp-JA2XF2Ql8hSCrC1CbLt6g.roa (hash: Np74l2zvMHdN3u9vLx3Kbuovv22rSj7qXcnMGAme8L4=) 3: OlrGKbm_5LqtcCt6zE3f2bsHpHo.roa (hash: 0InvCCX8dmQtbbbD1TB9/AY+GZmHtnh1y6/8B8fnNSM=) 4: Qk4wxenHbplbAEPyAo17a6StqGs.roa (hash: UXr3zkn63bsVxvqJjGYar8uul+wIFQszrhfjj7veZwA=) 5: dlLTumfb3n-CxqJRR4-AnMwkLTU.roa (hash: SrHv5LPqu/BzOXfzAj3B6C6PsXwXQaCztouku4z+U28=) 6: jW98C7HTYm_wXjqS5OtJTAjhJTY.roa (hash: G5J6kc8fmz2XUL1SW2rQqA/EVmUIlUSPvlgZKJ3/e3E=) 7: s_2Y_yMkepo3c3mKpue0BpcLOEI.roa (hash: CCdEmfYF1+caZyf7dDJqMzhEvKYXNEI1lkVqcwoxt4U=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 03 Jul 2025 06:14:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5603 (0x15e3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285 Validity Not Before: Jul 3 00:14:44 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=A8880B2EBDF535B0D8D63A56238BF38A43E9A1B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:4b:93:49:2e:47:72:6a:d8:85:17:58:f7:df: 75:ba:e5:b5:14:c5:d9:67:d2:2a:33:aa:cb:09:f4: 33:9c:2e:fc:b8:3b:59:e0:a1:0a:c5:b4:42:b0:2a: 7f:f1:ab:16:58:38:ed:c3:2b:4f:c3:37:8d:b2:5f: 18:d6:59:87:95:ea:d5:1f:cd:b4:8f:6b:d0:e6:d8: fa:97:d7:4c:88:69:80:10:89:36:ae:52:ae:63:57: 0e:59:77:ef:b0:ab:01:fe:fc:cf:90:f9:d3:8e:7d: 37:2c:6a:a3:cf:c7:df:09:93:11:70:a2:f7:41:31: 53:04:d8:70:c3:f7:3e:14:d0:3a:4a:15:3f:6f:ff: 03:af:f6:5e:1f:a5:c3:d7:0f:e9:c6:ed:a1:be:e8: 7a:97:9a:d5:6a:75:96:e8:29:23:f3:87:2a:0a:9c: d6:8f:aa:95:ed:e7:d6:e7:2d:c7:16:d9:59:93:3d: 05:14:a4:e2:06:d1:c9:30:ae:d2:b3:19:b3:1b:2b: 57:1c:77:67:d7:13:e2:ee:9f:71:d3:b6:66:1b:9c: 73:7c:d5:8a:c2:a6:9a:ec:ef:e7:ce:8f:4d:6f:cb: bd:81:cc:93:82:3d:61:ab:61:dd:77:83:2e:8d:2d: 9b:07:d5:0d:13:3f:19:e6:e5:fe:84:0b:a1:2b:6d: a7:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7 X509v3 Authority Key Identifier: keyid:DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c0:8e:7e:98:0a:0e:ab:4b:8d:00:72:9e:bc:a8:52:db:35:ee: 3b:35:93:a0:37:9c:da:58:b0:00:8b:fd:71:bd:0d:79:0e:86: c1:bc:96:64:ff:3b:b5:f6:79:ed:a1:a1:0b:e9:98:e0:3b:4e: e8:8b:49:df:fe:bd:a5:c7:48:01:07:7a:e4:ab:46:14:80:89: ef:52:9e:d2:38:51:ca:c1:bb:17:8a:a1:e1:44:ae:b2:a0:d1: 95:03:4d:51:8b:05:a0:34:c7:4d:8f:cf:98:ff:65:91:09:21: 67:f6:a5:5e:18:af:f2:c3:fc:50:00:51:f2:9e:2a:73:ec:fb: e5:c6:a3:72:fe:22:34:c2:b3:68:4a:94:74:9f:6b:b0:26:ea: 90:5e:55:54:bd:e5:76:c9:8c:7c:12:a3:85:cb:1a:fc:75:d3: 00:6b:3d:bb:ad:4a:6f:71:fe:0e:43:0e:8e:a9:72:67:7e:f4: 70:e1:1c:a7:0f:85:e6:95:3c:fa:4b:07:f3:b6:93:8e:ee:8d: 87:39:7d:bf:d4:1e:98:db:89:c3:e0:87:ea:7e:0b:22:35:0e: 9c:06:fb:7d:0f:6c:93:bd:f0:c2:78:5b:86:a4:53:0f:85:e1: b0:89:52:71:a3:22:7a:6d:0c:47:a1:87:90:2c:04:21:d0:ec: fb:fc:ef:00 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICFeMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREE5 OTNGRTVDMDRGRjlGMjJDNTI2MjYzMEJFQzM3RjVCM0E3ODI4NTAeFw0yNTA3MDMw MDE0NDRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEE4ODgwQjJFQkRGNTM1 QjBEOEQ2M0E1NjIzOEJGMzhBNDNFOUExQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCwS5NJLkdyatiFF1j333W65bUUxdln0iozqssJ9DOcLvy4O1ng oQrFtEKwKn/xqxZYOO3DK0/DN42yXxjWWYeV6tUfzbSPa9Dm2PqX10yIaYAQiTau Uq5jVw5Zd++wqwH+/M+Q+dOOfTcsaqPPx98JkxFwovdBMVME2HDD9z4U0DpKFT9v /wOv9l4fpcPXD+nG7aG+6HqXmtVqdZboKSPzhyoKnNaPqpXt59bnLccW2VmTPQUU pOIG0ckwrtKzGbMbK1ccd2fXE+Lun3HTtmYbnHN81YrCpprs7+fOj01vy72BzJOC PWGrYd13gy6NLZsH1Q0TPxnm5f6EC6ErbaeVAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUqIgLLr31NbDY1jpWI4vzikPpobcwHwYDVR0jBBgwFoAU2pk/5cBP+fIsUmJj C+w39bOngoUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0 LzJwa181Y0JQLWZJc1VtSmpDLXczOWJPbmdvVS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvMnBrXzVjQlAtZklzVW1KakMtdzM5Yk9uZ29VLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0LzJwa181Y0JQLWZJc1Vt SmpDLXczOWJPbmdvVS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQDAjn6YCg6rS40Acp68qFLbNe47NZOgN5zaWLAAi/1xvQ15DobBvJZk/zu19nnt oaEL6ZjgO07oi0nf/r2lx0gBB3rkq0YUgInvUp7SOFHKwbsXiqHhRK6yoNGVA01R iwWgNMdNj8+Y/2WRCSFn9qVeGK/yw/xQAFHynipz7PvlxqNy/iI0wrNoSpR0n2uw JuqQXlVUveV2yYx8EqOFyxr8ddMAaz27rUpvcf4OQw6OqXJnfvRw4RynD4XmlTz6 SwfztpOO7o2HOX2/1B6Y24nD4IfqfgsiNQ6cBvt9D2yTvfDCeFuGpFMPheGwiVJx oyJ6bQxHoYeQLAQh0Oz7/O8A -----END CERTIFICATE-----Generated at Thu Jul 3 02:49:22 2025 by rpki-client