Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft
File:                     rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft (raw, json)
Hash identifier:          +RR6C8CKB53kZWSqazpqNyYtWXWCnSjiFo9f35tIavk=
Subject key identifier:   21:81:9E:1E:53:59:62:B1:63:A6:CC:10:63:F1:91:C7:F6:C5:BE:0F
Authority key identifier: AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C
Certificate issuer:       /CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C
Certificate serial:       0342
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft
Manifest number:          0325
Signing time:             Mon 20 Oct 2025 09:04:24 +0000
Manifest this update:     Mon 20 Oct 2025 09:04:24 +0000
Manifest next update:     Mon 20 Oct 2025 15:04:24 +0000
Files and hashes:         1: --5p3HNP_npcM9WwQGiJmHx5u0U.roa (hash: Rl9Es6qphuLb/+2nbxNbdm0tzkYUplAdlWLJexuDZlE=)
                          2: 22EffpS7GnnifhXrI4tAbrDDc-g.roa (hash: 4E/yKu43inQAr1L9cp/ACPCiEVmbOTFL687c79yRLyA=)
                          3: 5phZxr5Uhb3NSuw3CQS7G12n8Ms.roa (hash: TiBiBqmX2u+8+lnUT723Nkj/vXcdxQpMq2cHfeG1nv8=)
                          4: 8GxBtEjdWLiRUsEQxe8VKmjAxXM.roa (hash: 0tZPdUKxLUPOpljwCfdgtZKJbSyJ2wrfzcl03BIcSWI=)
                          5: PrzOu3HLgb_fDfFfMV2C3u7dgAY.roa (hash: nQaZQEHGizfw2JArT6RRleWiUXqFqGuwPW1JdBlvgps=)
                          6: hTYglcTaggz46zo2uGojdNR6CiA.roa (hash: oxjLkgxJ/ScFrDTY2HsVJ3eQj12roDmJFBgsJUYTwQE=)
                          7: p8dPCz1-DM8oZAbLKQI9W1S52aI.roa (hash: YlDx1ECxWXJtCx373KSdly7XOBerHvXGr5nQka2FgVk=)
                          8: rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl (hash: MxukkV3yNnwcazoEE0SCZrx4RkwsH+5Q//z9wi1kkLI=)
                          9: yGBgQ_Is6mtpS4o_kSNsUFhygtE.roa (hash: R7h8Ue7gUr/+0YK1fEjPAlu/UJh1hg66VPEfvazJVHs=)
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 20 Oct 2025 13:37:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 834 (0x342)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C
        Validity
            Not Before: Oct 20 09:04:24 2025 GMT
            Not After : Aug  3 08:44:40 2026 GMT
        Subject: CN=21819E1E535962B163A6CC1063F191C7F6C5BE0F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:eb:55:37:25:4e:0d:99:c8:9f:f1:4c:70:36:
                    38:4c:9b:db:3c:e2:67:20:93:f7:68:8a:51:f2:86:
                    5f:49:1e:6b:cb:3a:a7:5e:fb:da:ac:fe:da:a4:6a:
                    79:79:90:f0:36:73:2b:f2:98:b2:43:46:28:ae:67:
                    b2:17:6a:8e:81:9e:27:95:97:e2:a5:9e:83:1d:0c:
                    e9:24:52:c4:ea:bb:32:f8:5f:8c:13:74:c4:63:05:
                    9f:4e:15:96:cb:c8:e0:42:69:7e:b1:e7:9a:ed:11:
                    ff:85:8e:96:c4:09:99:10:70:b0:29:71:51:71:30:
                    35:79:ce:c1:d8:7e:4f:a2:fa:02:b9:99:e4:a5:87:
                    21:e7:f4:7a:ab:c0:f2:07:02:06:20:8c:18:1b:4d:
                    e2:4c:fc:16:6b:ae:33:96:5d:1f:6e:dd:1d:5a:fa:
                    2d:52:44:e8:81:8b:5f:41:01:c0:21:fc:e5:d8:8f:
                    d9:53:81:3b:e2:2c:77:05:43:41:7c:ba:94:0b:1c:
                    67:f1:3c:b4:f7:06:20:0f:e8:9a:5e:92:b9:fc:47:
                    f4:4b:5f:ae:08:dd:8c:b4:e9:1e:e6:de:ce:d1:a5:
                    b0:e4:3c:84:5a:b1:3b:cc:c1:0c:98:db:a0:85:c8:
                    66:56:60:fa:dc:fe:64:46:5f:e0:f8:45:cf:e9:55:
                    b4:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:81:9E:1E:53:59:62:B1:63:A6:CC:10:63:F1:91:C7:F6:C5:BE:0F
            X509v3 Authority Key Identifier:
                keyid:AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         16:48:27:a3:88:ff:87:36:ea:c6:55:2e:af:3c:9b:3d:e3:da:
         46:b0:c7:b1:c0:c7:0e:1a:3a:e9:0c:10:67:7d:ac:9c:6d:0d:
         c6:7c:6c:87:10:38:c8:15:86:93:2b:1a:f1:97:30:d2:1e:da:
         cf:73:c1:ba:5c:d9:e5:e9:15:9a:2a:03:06:51:b7:ac:d4:08:
         3f:b2:53:bd:a0:ac:bb:5c:ff:27:8e:6b:00:a8:2b:a6:55:6d:
         f2:75:15:0d:ea:2f:61:c3:fc:f7:b9:b1:dc:4f:be:c7:e4:f2:
         38:89:a2:1d:73:e5:c7:e2:4c:98:c5:18:12:1d:3b:22:1b:22:
         3a:b7:98:67:6b:11:30:74:b9:f7:07:fe:8b:91:94:a6:8d:03:
         5b:6b:41:04:d0:66:dc:24:45:e2:cb:d6:a5:ca:45:96:3e:34:
         e0:e7:60:ad:88:21:cb:14:0a:8a:9d:ec:bc:28:0a:06:83:f4:
         44:6a:34:3e:0f:cf:fd:78:e1:0d:5e:4a:a5:bc:d8:e3:79:1d:
         2a:6e:b0:48:0e:51:db:b1:86:fc:03:14:e0:f1:b1:55:91:19:
         6f:eb:89:4e:c7:08:a2:45:64:3b:6d:cf:00:8b:32:8f:35:49:
         29:b1:f9:3e:35:87:1c:5e:c7:2c:a7:5e:b0:c2:ca:9c:81:d2:
         15:f1:99:b3
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICA0IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQURE
MjcyNkRENkZGOUY1QTQ1OUFFNUIwQTlFRThFN0RERkM3RjA3QzAeFw0yNTEwMjAw
OTA0MjRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDIxODE5RTFFNTM1OTYy
QjE2M0E2Q0MxMDYzRjE5MUM3RjZDNUJFMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/61U3JU4Nmcif8UxwNjhMm9s84mcgk/doilHyhl9JHmvLOqde
+9qs/tqkanl5kPA2cyvymLJDRiiuZ7IXao6BnieVl+KlnoMdDOkkUsTquzL4X4wT
dMRjBZ9OFZbLyOBCaX6x55rtEf+FjpbECZkQcLApcVFxMDV5zsHYfk+i+gK5meSl
hyHn9HqrwPIHAgYgjBgbTeJM/BZrrjOWXR9u3R1a+i1SROiBi19BAcAh/OXYj9lT
gTviLHcFQ0F8upQLHGfxPLT3BiAP6Jpekrn8R/RLX64I3Yy06R7m3s7RpbDkPIRa
sTvMwQyY26CFyGZWYPrc/mRGX+D4Rc/pVbSZAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUIYGeHlNZYrFjpswQY/GRx/bFvg8wHwYDVR0jBBgwFoAUrdJybdb/n1pFmuWw
qe6Ofd/H8HwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIy
OC9yZEp5YmRiX24xcEZtdVd3cWU2T2ZkX0g4SHcuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3JkSnliZGJfbjFwRm11V3dxZTZPZmRfSDhIdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMjgvcmRKeWJkYl9uMXBG
bXVXd3FlNk9mZF9IOEh3Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBABZIJ6OI/4c26sZVLq88mz3j2kawx7HAxw4aOukMEGd9rJxtDcZ8bIcQOMgV
hpMrGvGXMNIe2s9zwbpc2eXpFZoqAwZRt6zUCD+yU72grLtc/yeOawCoK6ZVbfJ1
FQ3qL2HD/Pe5sdxPvsfk8jiJoh1z5cfiTJjFGBIdOyIbIjq3mGdrETB0ufcH/ouR
lKaNA1trQQTQZtwkReLL1qXKRZY+NODnYK2IIcsUCoqd7LwoCgaD9ERqND4Pz/14
4Q1eSqW82ON5HSpusEgOUduxhvwDFODxsVWRGW/riU7HCKJFZDttzwCLMo81SSmx
+T41hxxexyynXrDCypyB0hXxmbM=
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:40:21 2025 by rpki-client