$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft File: 17ShZ52D0ID8_qOSpk1CSkdVt4A.mft (raw, json) Hash identifier: sI7iMj4heHEtPTbC7EZb+VnKcEZeJkgkfhwp9Rxarqs= Subject key identifier: 78:47:71:EF:7C:83:CC:DF:49:9C:7D:42:EA:01:D3:B7:5E:CF:4C:DC Authority key identifier: D7:B4:A1:67:9D:83:D0:80:FC:FE:A3:92:A6:4D:42:4A:47:55:B7:80 Certificate issuer: /CN=D7B4A1679D83D080FCFEA392A64D424A4755B780 Certificate serial: 0158 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/17ShZ52D0ID8_qOSpk1CSkdVt4A.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft Manifest number: 0158 Signing time: Mon 28 Apr 2025 18:06:32 +0000 Manifest this update: Mon 28 Apr 2025 18:06:32 +0000 Manifest next update: Tue 29 Apr 2025 00:06:32 +0000 Files and hashes: 1: 17ShZ52D0ID8_qOSpk1CSkdVt4A.crl (hash: dbByqM5E5oecvZ4C4kjhWZ+ulA9rNgpOGOPYSwnwCXo=) Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/17ShZ52D0ID8_qOSpk1CSkdVt4A.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 22:38:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 344 (0x158) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=D7B4A1679D83D080FCFEA392A64D424A4755B780 Validity Not Before: Apr 28 18:06:32 2025 GMT Not After : Apr 3 08:00:09 2026 GMT Subject: CN=784771EF7C83CCDF499C7D42EA01D3B75ECF4CDC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:0b:88:43:47:11:66:8a:5c:73:9b:37:4f:cb: a5:99:bd:12:6e:cd:51:bd:7e:6f:16:fd:6b:0f:0e: 19:cf:a2:f5:f0:3f:54:d4:4d:e8:9b:1f:74:f9:19: f6:02:9d:39:d8:20:d0:58:dd:2e:e5:23:63:4c:d2: 25:b5:d4:3b:9f:f7:ff:bf:08:2e:3b:5f:1c:e8:08: b6:70:35:5a:25:8b:76:be:20:be:a0:c1:1e:7c:7a: 26:9c:bf:9f:5c:25:3e:03:18:c0:fb:ae:1b:34:c1: 0c:ff:80:24:ca:d4:2f:96:a7:47:7d:c2:26:68:b8: e3:c7:0a:2b:6c:91:52:36:26:a9:e8:c7:af:ec:4a: a1:26:c3:28:ea:b1:26:17:8d:02:62:ae:7f:88:6e: d3:d8:ee:77:52:27:72:c3:64:05:b2:fa:5e:ce:20: aa:c4:9b:e8:79:c2:a3:28:1e:c5:54:09:ce:fa:bf: 67:5b:86:b5:eb:51:34:86:54:8d:12:db:0c:81:ec: 4c:68:43:b6:a4:c7:02:a6:10:a9:0b:b8:8c:72:db: f7:b6:e5:98:45:27:31:23:22:ef:53:d0:12:15:26: 9d:00:a6:19:03:fe:c0:a4:dd:51:66:b7:99:93:96: 3a:df:bd:8c:06:61:ae:b8:cd:b6:a9:26:8e:9c:c1: 06:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:47:71:EF:7C:83:CC:DF:49:9C:7D:42:EA:01:D3:B7:5E:CF:4C:DC X509v3 Authority Key Identifier: keyid:D7:B4:A1:67:9D:83:D0:80:FC:FE:A3:92:A6:4D:42:4A:47:55:B7:80 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/17ShZ52D0ID8_qOSpk1CSkdVt4A.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3351/17ShZ52D0ID8_qOSpk1CSkdVt4A.mft RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:f0:6f:3f:6f:5e:c7:ca:85:2e:27:df:e7:72:a3:9d:53:5a: 66:d3:33:16:55:40:b0:07:0c:16:f9:70:44:a7:25:c8:6d:62: 8d:7b:b0:bf:f9:59:65:97:e8:f2:fc:25:ce:38:d0:70:84:f7: a1:08:08:c2:42:fa:96:19:78:56:45:d2:7e:c7:01:a5:61:7d: 46:d5:54:73:50:3d:1f:93:6d:2d:b8:ff:ed:0c:d0:31:cd:a8: f5:fb:ee:25:ff:da:71:4f:d2:19:d9:81:bf:cd:83:19:f1:27: ae:21:ac:01:c3:2e:81:1c:02:a2:6e:89:fc:57:20:4a:58:01: c5:e1:ac:e9:b4:6c:f4:5b:59:df:dc:64:70:43:14:f4:30:d6: 5d:ed:e4:03:7e:e9:8b:e2:c5:28:d2:4a:f1:21:ad:23:1e:5a: 29:24:45:1d:08:90:28:22:ce:b6:13:f0:15:7a:d5:ec:00:29: ba:f2:a5:8d:26:01:58:28:ab:a7:1c:3d:39:7e:2d:4c:be:c0: 0a:2d:6f:9a:c9:f9:f4:56:5c:ac:97:3c:fb:de:4f:d4:23:32: 1a:b6:e4:29:5d:7f:84:38:b5:1b:c5:30:b0:1e:bd:04:d9:89: 73:72:0a:a3:b6:c9:c5:c0:eb:27:6b:a4:a2:5f:84:3f:6c:06: 7b:0a:98:b1 -----BEGIN CERTIFICATE----- MIIE8DCCA9igAwIBAgICAVgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDdC NEExNjc5RDgzRDA4MEZDRkVBMzkyQTY0RDQyNEE0NzU1Qjc4MDAeFw0yNTA0Mjgx ODA2MzJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDc4NDc3MUVGN0M4M0ND REY0OTlDN0Q0MkVBMDFEM0I3NUVDRjRDREMwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQCTC4hDRxFmilxzmzdPy6WZvRJuzVG9fm8W/WsPDhnPovXwP1TU TeibH3T5GfYCnTnYINBY3S7lI2NM0iW11Duf9/+/CC47XxzoCLZwNVoli3a+IL6g wR58eiacv59cJT4DGMD7rhs0wQz/gCTK1C+Wp0d9wiZouOPHCitskVI2Jqnox6/s SqEmwyjqsSYXjQJirn+IbtPY7ndSJ3LDZAWy+l7OIKrEm+h5wqMoHsVUCc76v2db hrXrUTSGVI0S2wyB7ExoQ7akxwKmEKkLuIxy2/e25ZhFJzEjIu9T0BIVJp0AphkD /sCk3VFmt5mTljrfvYwGYa64zbapJo6cwQavAgMBAAGjggIMMIICCDAdBgNVHQ4E FgQUeEdx73yDzN9JnH1C6gHTt17PTNwwHwYDVR0jBBgwFoAU17ShZ52D0ID8/qOS pk1CSkdVt4AwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM1 MS8xN1NoWjUyRDBJRDhfcU9TcGsxQ1NrZFZ0NEEuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwLzE3U2haNTJEMElEOF9xT1NwazFDU2tkVnQ0QS5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNTEvMTdTaFo1MkQwSUQ4 X3FPU3BrMUNTa2RWdDRBLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD ggEBAFLwbz9vXsfKhS4n3+dyo51TWmbTMxZVQLAHDBb5cESnJchtYo17sL/5WWWX 6PL8Jc440HCE96EICMJC+pYZeFZF0n7HAaVhfUbVVHNQPR+TbS24/+0M0DHNqPX7 7iX/2nFP0hnZgb/NgxnxJ64hrAHDLoEcAqJuifxXIEpYAcXhrOm0bPRbWd/cZHBD FPQw1l3t5AN+6YvixSjSSvEhrSMeWikkRR0IkCgizrYT8BV61ewAKbrypY0mAVgo q6ccPTl+LUy+wAotb5rJ+fRWXKyXPPveT9QjMhq25Cldf4Q4tRvFMLAevQTZiXNy CqO2ycXA6ydrpKJfhD9sBnsKmLE= -----END CERTIFICATE-----Generated at Mon Apr 28 20:12:28 2025 by rpki-client on console.sobornost.net