Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
File:                     iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft (raw, json)
Hash identifier:          NSmAoDC9NLzApEbvKl0I27GJdAgxvxMX2lCY3FabTrI=
Subject key identifier:   5A:CA:5A:E6:10:3E:84:98:34:5B:CB:AB:D4:7A:44:3A:C0:93:C2:5A
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Certificate issuer:       /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial:       86AD
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
Manifest number:          3BEF
Signing time:             Mon 20 Oct 2025 03:35:14 +0000
Manifest this update:     Mon 20 Oct 2025 03:35:13 +0000
Manifest next update:     Mon 20 Oct 2025 09:35:13 +0000
Files and hashes:         1: 1pGP6piO9t8jbUERzDx-O4nhtLM.roa (hash: LgsHYyRchdYhJU6IjYfSwzPXfyeBNXFC/3oEFZaxr5E=)
                          2: 4wXgRujYTKfihSIvwuLg9rUOP1c.roa (hash: LPoTrqNW+wAwUy8l+OsMAuRG7zGEUq/hKav9nV2a/XY=)
                          3: 6wu7C6LJRgzw0YqBCypPrWvyqtk.roa (hash: Cj+QZPNg8QQ9fmyZfIpGADWCHBPEkN4OpbVPkdHjLNc=)
                          4: 9LZMbOJGzIWrwZIphlUZtLKBd_c.roa (hash: 2ZF77k5Fogyt6qSiuDajPcYoPcUD48QmqAkwhivvEH4=)
                          5: AvIoBSrNnMcpnZyXaLY_B_COOqM.roa (hash: tfuTWBj8mqfIFWkntrseawjOrEIi0ukcaV24gqQhJUE=)
                          6: HEJ6DTy64Jm1xHMNyrxg1ksFP-w.roa (hash: DaUH4N6Ykh2EVKUh+hFWVnqT6gqtXXjR8QPYprODeSA=)
                          7: Lzd2UazZEZK4D-Vi_LM5PwLTTJw.roa (hash: RYhKyfjdDrdFS+vtO7CbGxUt9WkZpShCr4z/pVEDnNo=)
                          8: No7gvAe0HiqMlWPX1eORii_qHNg.roa (hash: fsHInzrmBhxkqHfoeln8hYzxASuDDoDSJJ6xYdeYcAY=)
                          9: OfvtK6UGD_bVKz8pj9fgFWb6zgM.roa (hash: 40esanXG/apJXlFMV+hzoWKw+5KjI8h/fUEMtsSTOfI=)
                          10: PZulO6TyppqWWuGzO34PYYz5Uo0.roa (hash: yxbl0kEI9vox9RiEQxUPGxMV7cLiY2SO7AtRn6kT6eA=)
                          11: QD7THVmiGOcCiQQPVumiDRR-d7I.roa (hash: BeWz4UxSBqt/CJdq0rqcX/Y2LZaQqSYTg9P3zaCSJy8=)
                          12: QwZKguok-b8FhE9hnJbkdnKTTYU.roa (hash: 82DU5HDkqmL/BChANtmMXhnRK94koX+hWClHdvO4uVU=)
                          13: TzZbUoNGLOmB6mnJiaNAHR2oE9c.roa (hash: BweYJDm2QhqDgPj1ChzAIBwgj2kCBYjRI7BD0uiJCsI=)
                          14: XsbnPodlNkVFgCzTwYVVRKP-GEQ.roa (hash: yacvbm4gKGYgc5wCZtcaOFLtzo1EC6TxZpfMKP9mzO4=)
                          15: Yq-wEJdpNyrsJ5M1lXcQMx95RI0.roa (hash: C1aXVx3626w3lC0qVGmhnn9Jj9Gy3ZQ5/AtReox93tU=)
                          16: cW39mtAp8ttxrryEEYyzgpZyl-Y.roa (hash: AHaemtAtPHl6rkUemFWAQRCUJRJsHnHRQru7T2KV13c=)
                          17: evHFKal_BLbftwTo5irhQaueD2U.roa (hash: 4JP/QyQZbAYdHqHseXBGNqOkAZdAPfM1lQ9PPjQdoAg=)
                          18: ffnzNkkLF4B5sEmRbbt-73LygMI.roa (hash: lfR0YWmJicUAI3V8hDlF+PVwpQclCZqiT/dKFEJOFIA=)
                          19: fuNpvyrWjNqASaRbQPtajVPqy6k.roa (hash: BDXVfeJ+p55olmcKYt7LYY+SlG+OhVlWdGyqMfKIgMM=)
                          20: iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl (hash: adyEFB8lRcZN4PjqvqL7ywfkxqDk+g0qPhYDCT5927U=)
                          21: jgjN0IxKws8jDdNRAOYX1CdHt1k.roa (hash: T74oJ4uT1nguMzcsxBkKWMEPcQYXZBdgwGGLqKFQyh4=)
                          22: qe20gAZbuwVu_t2cnfTPZkvTqlA.roa (hash: rEzVYj2gFODsMAGdxG3xTH2suYUBY7xxuVYE2eGkAMI=)
                          23: vQGMLXKuPigq7LZo-Pr7Y9YiM-c.roa (hash: zTk7jcBriJqG2gtlVugmX1oERrjs/CQDeKUtk6NsPUk=)
                          24: ywCQM1l3K43_E-WiIpSnSbWqOvE.roa (hash: hgEPrLxxvDkD6XngS/o1Hzja3xdYFuhr99lC4QpzvhQ=)
                          25: zWbsOJJ1UwVI5pnA1_vMfQ9v7YA.roa (hash: BBz3fH6gauC81KGSU8veCkKr25fDnWrXmEydKqB3KzU=)
                          26: z_lK68q3HuQ2YA-o5O1-QTLxSVs.roa (hash: djDiaR6F3C232funPEOT/ASADrhJX0R/3wJbKzu0uPk=)
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 20 Oct 2025 09:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 34477 (0x86ad)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
        Validity
            Not Before: Oct 20 03:35:13 2025 GMT
            Not After : Aug  3 08:44:40 2026 GMT
        Subject: CN=5ACA5AE6103E8498345BCBABD47A443AC093C25A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:f0:f9:68:52:99:6a:aa:0f:1d:28:ef:d6:32:
                    00:4b:4b:5b:e0:b8:b8:b9:11:b3:01:db:61:3e:66:
                    5e:29:0d:9d:15:62:48:a5:9a:8d:56:e4:ae:2c:e8:
                    d7:c7:ad:fb:37:56:a2:f7:b7:17:64:bc:75:c9:84:
                    df:61:26:6d:a0:94:db:60:2d:da:09:36:45:28:f1:
                    d9:ff:98:4e:b8:6d:f9:7d:32:b4:c8:d5:ca:98:92:
                    04:70:f3:f0:98:8f:66:02:98:6f:8d:f9:48:98:68:
                    17:4b:99:d3:16:04:49:11:32:f7:db:5b:8e:bd:6c:
                    8f:e9:20:b7:11:b0:c5:47:f9:69:82:e9:84:ed:8d:
                    46:2e:a3:90:74:d5:31:bc:f7:36:b9:26:77:39:bb:
                    0f:c7:e2:59:11:83:9b:c8:41:1d:4c:cc:1f:5a:13:
                    99:ba:9a:1b:70:9d:f1:5e:88:99:c5:73:23:eb:c3:
                    8f:0b:61:f0:8d:d7:54:84:5a:9f:93:5a:c3:22:fa:
                    c0:7a:0c:ee:bb:c9:34:3d:82:18:5f:52:96:8f:e1:
                    e9:1f:4e:be:5b:ad:e5:88:61:79:9c:22:91:1f:64:
                    62:5b:6f:0e:0b:c8:6a:9d:34:03:13:56:2b:5f:36:
                    b6:75:4f:d2:79:06:ae:67:e0:7f:59:46:9c:66:2e:
                    22:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:CA:5A:E6:10:3E:84:98:34:5B:CB:AB:D4:7A:44:3A:C0:93:C2:5A
            X509v3 Authority Key Identifier:
                keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:a9:a4:43:a0:01:c6:0a:1e:6d:c1:31:4e:b0:90:16:78:57:
         e1:83:64:a1:ee:3e:bd:ce:64:1d:bc:e6:59:27:e0:78:56:dc:
         50:f0:56:35:35:d9:f4:3d:8f:55:15:47:87:fd:f5:35:b9:ab:
         58:55:df:17:2b:a7:d3:71:27:d1:cd:e8:49:4e:e8:2c:ba:b8:
         a7:00:2b:0e:19:c1:b1:85:10:0a:54:da:54:c2:a3:c1:95:fa:
         33:8b:5e:78:83:5a:18:34:ff:6b:d3:ff:00:60:28:c9:62:00:
         24:09:5f:15:75:03:3e:ed:f5:75:35:1d:63:a9:51:34:e6:da:
         b0:a8:de:a9:aa:77:d8:f9:8f:cd:e2:ad:4d:e6:ec:bb:82:15:
         f2:2d:a6:78:b1:97:0e:1c:5d:66:43:3f:94:0a:7b:aa:91:3c:
         a0:05:92:aa:30:1a:22:2b:3c:7d:dc:e1:09:e6:4f:25:8d:9e:
         f2:bf:d8:2d:f5:82:f8:86:93:2f:04:bc:4b:9e:9b:aa:cd:53:
         34:2d:91:d7:2e:19:60:9c:92:44:ae:3f:48:6a:22:54:48:4f:
         26:ef:31:7a:f0:1d:cf:43:fc:ac:de:df:8c:d6:f3:9f:4d:2e:
         65:c2:e5:9e:d2:f1:26:28:21:e7:c4:71:92:33:37:5b:fb:f1:
         c6:dd:44:af
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDAIatMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhB
RTRDRjc4QjQ5REYwQjJDMUQyOUQzMkU0OEE5NDNBRTRGNDFBQ0MwHhcNMjUxMDIw
MDMzNTEzWhcNMjYwODAzMDg0NDQwWjAzMTEwLwYDVQQDEyg1QUNBNUFFNjEwM0U4
NDk4MzQ1QkNCQUJENDdBNDQzQUMwOTNDMjVBMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2/D5aFKZaqoPHSjv1jIAS0tb4Li4uRGzAdthPmZeKQ2dFWJI
pZqNVuSuLOjXx637N1ai97cXZLx1yYTfYSZtoJTbYC3aCTZFKPHZ/5hOuG35fTK0
yNXKmJIEcPPwmI9mAphvjflImGgXS5nTFgRJETL321uOvWyP6SC3EbDFR/lpgumE
7Y1GLqOQdNUxvPc2uSZ3ObsPx+JZEYObyEEdTMwfWhOZupobcJ3xXoiZxXMj68OP
C2HwjddUhFqfk1rDIvrAegzuu8k0PYIYX1KWj+HpH06+W63liGF5nCKRH2RiW28O
C8hqnTQDE1YrXza2dU/SeQauZ+B/WUacZi4iuwIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFFrKWuYQPoSYNFvLq9R6RDrAk8JaMB8GA1UdIwQYMBaAFIrkz3i0nfCywdKd
MuSKlDrk9BrMMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwXQYDVR0fBFYwVDBS
oFCgToZMcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2
NjMvaXVUUGVMU2Q4TExCMHAweTVJcVVPdVQwR3N3LmNybDBjBggrBgEFBQcBAQRX
MFUwUwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY2VyMA4GA1UdDwEB
/wQEAwIHgDCBnQYIKwYBBQUHAQsEgZAwgY0wWAYIKwYBBQUHMAuGTHJzeW5jOi8v
cnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xNjYzL2l1VFBlTFNkOExM
QjBwMHk1SXFVT3VUMEdzdy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5j
bm5pYy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAh
BggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUA
A4IBAQCmqaRDoAHGCh5twTFOsJAWeFfhg2Sh7j69zmQdvOZZJ+B4VtxQ8FY1Ndn0
PY9VFUeH/fU1uatYVd8XK6fTcSfRzehJTugsurinACsOGcGxhRAKVNpUwqPBlfoz
i154g1oYNP9r0/8AYCjJYgAkCV8VdQM+7fV1NR1jqVE05tqwqN6pqnfY+Y/N4q1N
5uy7ghXyLaZ4sZcOHF1mQz+UCnuqkTygBZKqMBoiKzx93OEJ5k8ljZ7yv9gt9YL4
hpMvBLxLnpuqzVM0LZHXLhlgnJJErj9IaiJUSE8m7zF68B3PQ/ys3t+M1vOfTS5l
wuWe0vEmKCHnxHGSMzdb+/HG3USv
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:42:49 2025 by rpki-client