Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft
File:                     rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft (raw, json)
Hash identifier:          wvKlGRerJ3EP9gocfc+cXnpXdBefqdQiatWVMt3xvkM=
Subject key identifier:   21:81:9E:1E:53:59:62:B1:63:A6:CC:10:63:F1:91:C7:F6:C5:BE:0F
Authority key identifier: AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C
Certificate issuer:       /CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C
Certificate serial:       0341
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft
Manifest number:          0324
Signing time:             Mon 20 Oct 2025 04:04:25 +0000
Manifest this update:     Mon 20 Oct 2025 04:04:25 +0000
Manifest next update:     Mon 20 Oct 2025 10:04:25 +0000
Files and hashes:         1: --5p3HNP_npcM9WwQGiJmHx5u0U.roa (hash: Rl9Es6qphuLb/+2nbxNbdm0tzkYUplAdlWLJexuDZlE=)
                          2: 22EffpS7GnnifhXrI4tAbrDDc-g.roa (hash: 4E/yKu43inQAr1L9cp/ACPCiEVmbOTFL687c79yRLyA=)
                          3: 5phZxr5Uhb3NSuw3CQS7G12n8Ms.roa (hash: TiBiBqmX2u+8+lnUT723Nkj/vXcdxQpMq2cHfeG1nv8=)
                          4: 8GxBtEjdWLiRUsEQxe8VKmjAxXM.roa (hash: 0tZPdUKxLUPOpljwCfdgtZKJbSyJ2wrfzcl03BIcSWI=)
                          5: PrzOu3HLgb_fDfFfMV2C3u7dgAY.roa (hash: nQaZQEHGizfw2JArT6RRleWiUXqFqGuwPW1JdBlvgps=)
                          6: hTYglcTaggz46zo2uGojdNR6CiA.roa (hash: oxjLkgxJ/ScFrDTY2HsVJ3eQj12roDmJFBgsJUYTwQE=)
                          7: p8dPCz1-DM8oZAbLKQI9W1S52aI.roa (hash: YlDx1ECxWXJtCx373KSdly7XOBerHvXGr5nQka2FgVk=)
                          8: rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl (hash: Rtkv3E8a65kSRmMraoIedGC3x80tRlxkYgrvit/6DbU=)
                          9: yGBgQ_Is6mtpS4o_kSNsUFhygtE.roa (hash: R7h8Ue7gUr/+0YK1fEjPAlu/UJh1hg66VPEfvazJVHs=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 833 (0x341)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C
        Validity
            Not Before: Oct 20 04:04:25 2025 GMT
            Not After : Aug  3 08:44:40 2026 GMT
        Subject: CN=21819E1E535962B163A6CC1063F191C7F6C5BE0F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:eb:55:37:25:4e:0d:99:c8:9f:f1:4c:70:36:
                    38:4c:9b:db:3c:e2:67:20:93:f7:68:8a:51:f2:86:
                    5f:49:1e:6b:cb:3a:a7:5e:fb:da:ac:fe:da:a4:6a:
                    79:79:90:f0:36:73:2b:f2:98:b2:43:46:28:ae:67:
                    b2:17:6a:8e:81:9e:27:95:97:e2:a5:9e:83:1d:0c:
                    e9:24:52:c4:ea:bb:32:f8:5f:8c:13:74:c4:63:05:
                    9f:4e:15:96:cb:c8:e0:42:69:7e:b1:e7:9a:ed:11:
                    ff:85:8e:96:c4:09:99:10:70:b0:29:71:51:71:30:
                    35:79:ce:c1:d8:7e:4f:a2:fa:02:b9:99:e4:a5:87:
                    21:e7:f4:7a:ab:c0:f2:07:02:06:20:8c:18:1b:4d:
                    e2:4c:fc:16:6b:ae:33:96:5d:1f:6e:dd:1d:5a:fa:
                    2d:52:44:e8:81:8b:5f:41:01:c0:21:fc:e5:d8:8f:
                    d9:53:81:3b:e2:2c:77:05:43:41:7c:ba:94:0b:1c:
                    67:f1:3c:b4:f7:06:20:0f:e8:9a:5e:92:b9:fc:47:
                    f4:4b:5f:ae:08:dd:8c:b4:e9:1e:e6:de:ce:d1:a5:
                    b0:e4:3c:84:5a:b1:3b:cc:c1:0c:98:db:a0:85:c8:
                    66:56:60:fa:dc:fe:64:46:5f:e0:f8:45:cf:e9:55:
                    b4:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:81:9E:1E:53:59:62:B1:63:A6:CC:10:63:F1:91:C7:F6:C5:BE:0F
            X509v3 Authority Key Identifier:
                keyid:AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         44:27:71:50:4b:a4:a9:a4:15:27:7f:91:d1:e0:e7:86:94:d0:
         73:e2:9c:a6:a2:bc:e8:ca:98:f8:08:71:ec:2a:32:8b:6e:12:
         37:f9:cc:85:14:41:61:85:1c:09:ba:ed:37:fe:8e:5a:ee:53:
         7b:53:ec:04:82:ee:f2:0a:9f:93:2c:6a:7c:a2:73:c9:b4:3b:
         33:61:33:49:79:0b:c2:06:58:be:ba:68:b7:c3:93:c8:14:09:
         07:37:63:8a:b3:05:20:49:0e:ba:2f:60:42:82:f5:fe:d5:5b:
         2f:95:3b:ea:b2:a5:10:fb:c3:7a:99:43:db:99:ae:b3:bf:ef:
         00:2c:78:39:20:c5:af:05:68:72:06:98:a9:53:99:23:4e:88:
         2a:bb:e1:4c:1c:a5:d6:d8:bf:00:7a:44:aa:66:b9:b0:c1:0b:
         ba:fa:19:13:88:86:75:d3:36:c6:64:af:fb:cd:8a:c6:33:b9:
         7c:5f:16:44:b8:9b:50:03:9a:4b:d1:fe:df:24:9e:da:fb:44:
         be:49:5c:69:0f:42:61:9c:30:56:b3:3c:74:1c:65:4e:a1:d8:
         70:f5:13:0b:df:16:7f:5d:6b:4c:bf:41:a6:de:87:89:87:6e:
         ba:a7:76:7e:54:7f:78:4a:dc:a8:c3:80:ab:e2:0b:38:b1:08:
         c5:97:01:e8
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICA0EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQURE
MjcyNkRENkZGOUY1QTQ1OUFFNUIwQTlFRThFN0RERkM3RjA3QzAeFw0yNTEwMjAw
NDA0MjVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDIxODE5RTFFNTM1OTYy
QjE2M0E2Q0MxMDYzRjE5MUM3RjZDNUJFMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/61U3JU4Nmcif8UxwNjhMm9s84mcgk/doilHyhl9JHmvLOqde
+9qs/tqkanl5kPA2cyvymLJDRiiuZ7IXao6BnieVl+KlnoMdDOkkUsTquzL4X4wT
dMRjBZ9OFZbLyOBCaX6x55rtEf+FjpbECZkQcLApcVFxMDV5zsHYfk+i+gK5meSl
hyHn9HqrwPIHAgYgjBgbTeJM/BZrrjOWXR9u3R1a+i1SROiBi19BAcAh/OXYj9lT
gTviLHcFQ0F8upQLHGfxPLT3BiAP6Jpekrn8R/RLX64I3Yy06R7m3s7RpbDkPIRa
sTvMwQyY26CFyGZWYPrc/mRGX+D4Rc/pVbSZAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUIYGeHlNZYrFjpswQY/GRx/bFvg8wHwYDVR0jBBgwFoAUrdJybdb/n1pFmuWw
qe6Ofd/H8HwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIy
OC9yZEp5YmRiX24xcEZtdVd3cWU2T2ZkX0g4SHcuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3JkSnliZGJfbjFwRm11V3dxZTZPZmRfSDhIdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMjgvcmRKeWJkYl9uMXBG
bXVXd3FlNk9mZF9IOEh3Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAEQncVBLpKmkFSd/kdHg54aU0HPinKaivOjKmPgIcewqMotuEjf5zIUUQWGF
HAm67Tf+jlruU3tT7ASC7vIKn5Msanyic8m0OzNhM0l5C8IGWL66aLfDk8gUCQc3
Y4qzBSBJDrovYEKC9f7VWy+VO+qypRD7w3qZQ9uZrrO/7wAseDkgxa8FaHIGmKlT
mSNOiCq74UwcpdbYvwB6RKpmubDBC7r6GROIhnXTNsZkr/vNisYzuXxfFkS4m1AD
mkvR/t8kntr7RL5JXGkPQmGcMFazPHQcZU6h2HD1EwvfFn9da0y/Qabeh4mHbrqn
dn5Uf3hK3KjDgKviCzixCMWXAeg=
-----END CERTIFICATE-----