Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft
File:                     rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft (raw, json)
Hash identifier:          yuzprUhwuRNhCSD475mAL8EiMrwLQK/VZITDMVhAlg0=
Subject key identifier:   21:81:9E:1E:53:59:62:B1:63:A6:CC:10:63:F1:91:C7:F6:C5:BE:0F
Authority key identifier: AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C
Certificate issuer:       /CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C
Certificate serial:       16
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft
Manifest number:          0E
Signing time:             Sat 17 May 2025 12:37:38 +0000
Manifest this update:     Sat 17 May 2025 12:37:37 +0000
Manifest next update:     Sat 17 May 2025 18:37:37 +0000
Files and hashes:         1: -8aUEH0vhq9u6QiOx6jnn7G_sdA.roa (hash: VXlM9/7epgqetzNxis2Oa1geLZqhGqAt4ohU5/UsDIw=)
                          2: 8L7icaYP-uDxTNYp5wOJxA_54hk.roa (hash: 2v9/EuSCBYqjry6lfYVl6Jut419xMteF0NKDGDXevpI=)
                          3: QGJXirDa_e-7g6LKz5GHSBkkK3U.roa (hash: p6EqQnaUODfRxGSCpoo7w+UDPwWqIb3pQ6lpnUuz+uY=)
                          4: XbaoOg8zUwxbAtIJYEsulRYoCyg.roa (hash: +tgZ3/HhZH1r9MUZ1g5RzjfAQn95KlQSySRyE0P2sNs=)
                          5: gg5Y69X3BYJYKtKplYkxI624BOc.roa (hash: 7dXDaR1UhAgliO0V0w6sUe9FKzO6OIi8peZ+fAyYMz4=)
                          6: gtRuRxwwUiCOHIWJD1JzwqrjwxI.roa (hash: Uuiwwjualgtrbriy02ts61oCZooeze+AJZazJXGuq18=)
                          7: rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl (hash: YwuZgwj4JuMzwQ80uSpfG6/PFAgkvAAuU68xOyEo+24=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22 (0x16)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ADD2726DD6FF9F5A459AE5B0A9EE8E7DDFC7F07C
        Validity
            Not Before: May 17 12:37:37 2025 GMT
            Not After : May 16 10:06:17 2026 GMT
        Subject: CN=21819E1E535962B163A6CC1063F191C7F6C5BE0F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:eb:55:37:25:4e:0d:99:c8:9f:f1:4c:70:36:
                    38:4c:9b:db:3c:e2:67:20:93:f7:68:8a:51:f2:86:
                    5f:49:1e:6b:cb:3a:a7:5e:fb:da:ac:fe:da:a4:6a:
                    79:79:90:f0:36:73:2b:f2:98:b2:43:46:28:ae:67:
                    b2:17:6a:8e:81:9e:27:95:97:e2:a5:9e:83:1d:0c:
                    e9:24:52:c4:ea:bb:32:f8:5f:8c:13:74:c4:63:05:
                    9f:4e:15:96:cb:c8:e0:42:69:7e:b1:e7:9a:ed:11:
                    ff:85:8e:96:c4:09:99:10:70:b0:29:71:51:71:30:
                    35:79:ce:c1:d8:7e:4f:a2:fa:02:b9:99:e4:a5:87:
                    21:e7:f4:7a:ab:c0:f2:07:02:06:20:8c:18:1b:4d:
                    e2:4c:fc:16:6b:ae:33:96:5d:1f:6e:dd:1d:5a:fa:
                    2d:52:44:e8:81:8b:5f:41:01:c0:21:fc:e5:d8:8f:
                    d9:53:81:3b:e2:2c:77:05:43:41:7c:ba:94:0b:1c:
                    67:f1:3c:b4:f7:06:20:0f:e8:9a:5e:92:b9:fc:47:
                    f4:4b:5f:ae:08:dd:8c:b4:e9:1e:e6:de:ce:d1:a5:
                    b0:e4:3c:84:5a:b1:3b:cc:c1:0c:98:db:a0:85:c8:
                    66:56:60:fa:dc:fe:64:46:5f:e0:f8:45:cf:e9:55:
                    b4:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:81:9E:1E:53:59:62:B1:63:A6:CC:10:63:F1:91:C7:F6:C5:BE:0F
            X509v3 Authority Key Identifier:
                keyid:AD:D2:72:6D:D6:FF:9F:5A:45:9A:E5:B0:A9:EE:8E:7D:DF:C7:F0:7C

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1228/rdJybdb_n1pFmuWwqe6Ofd_H8Hw.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         40:87:9f:88:15:7d:e4:db:9d:63:84:01:d1:eb:0c:ab:aa:6a:
         a9:c7:76:cb:34:97:be:1d:eb:8a:23:4d:c0:8c:b1:13:f8:84:
         a2:3e:85:6b:c5:4d:9c:86:27:8d:1c:df:12:c0:82:10:10:16:
         8a:bf:e4:85:8a:18:9c:19:a4:7e:79:c9:13:d5:66:ff:ea:cf:
         90:ea:36:7e:57:45:ba:e0:d4:2b:28:fe:db:c7:db:bc:8c:e9:
         c7:e4:50:92:73:d7:a6:7f:a1:05:7e:9e:44:c0:4d:c6:77:ab:
         42:b9:4f:a7:84:f7:c2:24:e3:56:a8:66:a4:5d:b3:e2:ad:40:
         7c:59:f7:16:1e:ff:e8:6c:e1:05:75:7d:13:10:ec:fa:c6:a6:
         8d:01:c7:f3:fe:58:68:0f:c9:35:f1:0a:ae:38:e5:6c:3d:35:
         8c:02:b9:b6:f0:4a:b1:6d:91:10:10:65:80:93:69:bc:68:20:
         b6:07:4c:7f:7d:81:84:f1:26:82:35:d6:9d:3c:e4:16:53:21:
         1d:d9:f2:e0:74:d4:9c:73:aa:e8:da:2b:d8:31:58:1b:16:f4:
         57:95:45:ba:01:17:e2:b6:a3:d7:cc:2a:31:6b:60:f7:55:5a:
         07:e0:cc:ea:db:66:f3:58:8a:c6:41:6e:f8:0f:7a:28:a4:af:
         db:eb:cd:e9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIBFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBREQy
NzI2REQ2RkY5RjVBNDU5QUU1QjBBOUVFOEU3RERGQzdGMDdDMB4XDTI1MDUxNzEy
MzczN1oXDTI2MDUxNjEwMDYxN1owMzExMC8GA1UEAxMoMjE4MTlFMUU1MzU5NjJC
MTYzQTZDQzEwNjNGMTkxQzdGNkM1QkUwRjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL/rVTclTg2ZyJ/xTHA2OEyb2zziZyCT92iKUfKGX0kea8s6p177
2qz+2qRqeXmQ8DZzK/KYskNGKK5nshdqjoGeJ5WX4qWegx0M6SRSxOq7MvhfjBN0
xGMFn04VlsvI4EJpfrHnmu0R/4WOlsQJmRBwsClxUXEwNXnOwdh+T6L6ArmZ5KWH
Ief0eqvA8gcCBiCMGBtN4kz8FmuuM5ZdH27dHVr6LVJE6IGLX0EBwCH85diP2VOB
O+IsdwVDQXy6lAscZ/E8tPcGIA/oml6SufxH9EtfrgjdjLTpHubeztGlsOQ8hFqx
O8zBDJjboIXIZlZg+tz+ZEZf4PhFz+lVtJkCAwEAAaOCAgwwggIIMB0GA1UdDgQW
BBQhgZ4eU1lisWOmzBBj8ZHH9sW+DzAfBgNVHSMEGDAWgBSt0nJt1v+fWkWa5bCp
7o5938fwfDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xMjI4
L3JkSnliZGJfbjFwRm11V3dxZTZPZmRfSDhIdy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvcmRKeWJkYl9uMXBGbXVXd3FlNk9mZF9IOEh3LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIyOC9yZEp5YmRiX24xcEZt
dVd3cWU2T2ZkX0g4SHcubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25u
aWMuY24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYI
KwYBBQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOC
AQEAQIefiBV95NudY4QB0esMq6pqqcd2yzSXvh3riiNNwIyxE/iEoj6Fa8VNnIYn
jRzfEsCCEBAWir/khYoYnBmkfnnJE9Vm/+rPkOo2fldFuuDUKyj+28fbvIzpx+RQ
knPXpn+hBX6eRMBNxnerQrlPp4T3wiTjVqhmpF2z4q1AfFn3Fh7/6GzhBXV9ExDs
+samjQHH8/5YaA/JNfEKrjjlbD01jAK5tvBKsW2REBBlgJNpvGggtgdMf32BhPEm
gjXWnTzkFlMhHdny4HTUnHOq6Nor2DFYGxb0V5VFugEX4raj18wqMWtg91VaB+DM
6ttm81iKxkFu+A96KKSv2+vN6Q==
-----END CERTIFICATE-----