$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/678/UJGXL6ttHEVOK0QS3ESFpHRYvjY.mft File: UJGXL6ttHEVOK0QS3ESFpHRYvjY.mft (raw, json) Hash identifier: t8TK5pclYJXsDFeaTexxKzcpPQqhUvE+SkVoNHzT8ug= Subject key identifier: 0E:11:2D:BB:61:71:02:64:88:46:63:A5:59:99:07:4B:E9:DF:ED:12 Authority key identifier: 50:91:97:2F:AB:6D:1C:45:4E:2B:44:12:DC:44:85:A4:74:58:BE:36 Certificate issuer: /CN=5091972FAB6D1C454E2B4412DC4485A47458BE36 Certificate serial: 1A7C Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UJGXL6ttHEVOK0QS3ESFpHRYvjY.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/678/UJGXL6ttHEVOK0QS3ESFpHRYvjY.mft Manifest number: 1A7C Signing time: Sat 23 Aug 2025 16:03:41 +0000 Manifest this update: Sat 23 Aug 2025 16:03:41 +0000 Manifest next update: Sat 23 Aug 2025 22:03:41 +0000 Files and hashes: 1: UJGXL6ttHEVOK0QS3ESFpHRYvjY.crl (hash: MdOv6eIjwsthobKcPtNjF6MspG95ZDXqQ2I4/VcemOo=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/678/UJGXL6ttHEVOK0QS3ESFpHRYvjY.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/678/UJGXL6ttHEVOK0QS3ESFpHRYvjY.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UJGXL6ttHEVOK0QS3ESFpHRYvjY.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 23 Aug 2025 21:04:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6780 (0x1a7c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=5091972FAB6D1C454E2B4412DC4485A47458BE36 Validity Not Before: Aug 23 16:03:41 2025 GMT Not After : Aug 3 08:44:40 2026 GMT Subject: CN=0E112DBB61710264884663A55999074BE9DFED12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:e7:76:61:d1:03:2b:e3:f6:0c:ce:c3:a5:bf: e0:89:6c:50:37:41:5d:34:7f:a1:ea:ba:9a:de:a9: 00:a6:09:28:c9:59:2c:fd:3e:26:2c:7d:1c:e1:9e: 71:d2:1e:9e:da:0f:52:76:7a:ec:d3:9a:08:3d:17: 2e:da:e0:b2:3b:da:ef:5b:a8:d5:09:db:32:e7:c7: f2:26:66:b0:2a:53:a6:aa:3c:f8:4a:dd:72:f1:e1: 31:7e:b0:8b:a1:9f:af:27:20:29:8c:af:cb:61:06: 5c:52:f2:8f:c5:fe:ef:38:7f:46:44:2e:db:21:88: 6d:d5:9e:7b:4a:2e:94:16:57:c4:fb:67:c3:3c:60: c8:05:00:92:7a:db:84:ec:2b:01:25:68:66:a6:76: 73:52:41:e7:3c:80:f7:9e:ce:75:93:f3:c8:50:b8: fa:17:32:06:fe:31:4e:55:f4:0e:57:ff:f8:a5:a5: 9a:54:67:dd:ee:1d:e5:06:42:12:23:a0:8f:a6:16: d1:4d:60:62:64:e3:63:a7:b6:91:dd:bd:3e:36:60: bf:fb:44:c7:56:6c:a9:28:81:8f:5c:b1:e8:40:62: b2:0d:3d:77:f1:8a:84:04:d3:88:33:20:21:45:db: d5:d5:68:68:09:ea:58:5d:16:ab:27:6a:0f:ad:f0: 64:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:11:2D:BB:61:71:02:64:88:46:63:A5:59:99:07:4B:E9:DF:ED:12 X509v3 Authority Key Identifier: keyid:50:91:97:2F:AB:6D:1C:45:4E:2B:44:12:DC:44:85:A4:74:58:BE:36 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/678/UJGXL6ttHEVOK0QS3ESFpHRYvjY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UJGXL6ttHEVOK0QS3ESFpHRYvjY.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/678/UJGXL6ttHEVOK0QS3ESFpHRYvjY.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:8d:dd:71:24:ad:33:bd:53:6e:4e:0e:4d:cb:53:f7:8c:a7: fe:4f:15:1f:cd:31:5a:5b:16:40:c0:e4:aa:9d:a8:2d:6e:9c: 64:bb:d3:c9:fc:9c:f5:03:42:4f:13:81:45:5d:a4:9c:aa:d3: d3:59:86:67:2b:2e:ac:d6:af:94:b0:ce:42:a0:83:5f:c6:73: 73:de:67:5d:71:05:8f:1e:1d:5a:0d:71:0a:b6:6a:f5:15:10: 64:29:56:bb:4b:11:24:2f:25:be:1d:8b:54:8d:24:5f:c6:bc: 54:21:65:d0:5d:42:d9:71:cc:9c:8d:98:c9:de:5b:b1:dc:e0: fe:c0:1d:c9:a1:c8:4f:f0:7b:5c:84:96:af:b0:94:f9:c2:66: 7d:ad:e6:91:39:0a:35:44:4b:75:be:e4:93:02:3f:5d:94:7d: 1b:b6:8e:22:0a:8e:cb:30:c2:d8:a2:aa:62:82:01:5e:13:2c: cf:a3:7d:e2:e9:6d:83:0f:67:fa:06:07:33:74:34:21:20:31: 6f:07:2b:38:51:00:41:73:c8:95:e8:0d:b9:ad:21:9d:7a:59: 1d:f5:47:7f:de:dc:dc:10:a5:89:c1:61:24:62:2d:84:17:d2: 7f:5f:aa:40:cd:e5:c4:e9:7c:96:63:dd:c2:a0:0d:46:df:8c: ca:33:e2:26 -----BEGIN CERTIFICATE----- MIIE7jCCA9agAwIBAgICGnwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTA5 MTk3MkZBQjZEMUM0NTRFMkI0NDEyREM0NDg1QTQ3NDU4QkUzNjAeFw0yNTA4MjMx NjAzNDFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDBFMTEyREJCNjE3MTAy NjQ4ODQ2NjNBNTU5OTkwNzRCRTlERkVEMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDh53Zh0QMr4/YMzsOlv+CJbFA3QV00f6HqupreqQCmCSjJWSz9 PiYsfRzhnnHSHp7aD1J2euzTmgg9Fy7a4LI72u9bqNUJ2zLnx/ImZrAqU6aqPPhK 3XLx4TF+sIuhn68nICmMr8thBlxS8o/F/u84f0ZELtshiG3VnntKLpQWV8T7Z8M8 YMgFAJJ624TsKwElaGamdnNSQec8gPeeznWT88hQuPoXMgb+MU5V9A5X//ilpZpU Z93uHeUGQhIjoI+mFtFNYGJk42OntpHdvT42YL/7RMdWbKkogY9csehAYrINPXfx ioQE04gzICFF29XVaGgJ6lhdFqsnag+t8GQrAgMBAAGjggIKMIICBjAdBgNVHQ4E FgQUDhEtu2FxAmSIRmOlWZkHS+nf7RIwHwYDVR0jBBgwFoAUUJGXL6ttHEVOK0QS 3ESFpHRYvjYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjc4 L1VKR1hMNnR0SEVWT0swUVMzRVNGcEhSWXZqWS5jcmwwYwYIKwYBBQUHAQEEVzBV MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz RDAwMDAvVUpHWEw2dHRIRVZPSzBRUzNFU0ZwSFJZdmpZLmNlcjAOBgNVHQ8BAf8E BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjc4L1VKR1hMNnR0SEVWT0sw UVMzRVNGcEhSWXZqWS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB AQA0jd1xJK0zvVNuTg5Ny1P3jKf+TxUfzTFaWxZAwOSqnagtbpxku9PJ/Jz1A0JP E4FFXaScqtPTWYZnKy6s1q+UsM5CoINfxnNz3mddcQWPHh1aDXEKtmr1FRBkKVa7 SxEkLyW+HYtUjSRfxrxUIWXQXULZccycjZjJ3lux3OD+wB3JochP8HtchJavsJT5 wmZ9reaROQo1REt1vuSTAj9dlH0bto4iCo7LMMLYoqpiggFeEyzPo33i6W2DD2f6 BgczdDQhIDFvBys4UQBBc8iV6A25rSGdelkd9Ud/3tzcEKWJwWEkYi2EF9J/X6pA zeXE6XyWY93CoA1G34zKM+Im -----END CERTIFICATE-----Generated at Sat Aug 23 20:36:50 2025 by rpki-client