Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft
File:                     Lowd4ZR0A1y-pngFS22U9a-lM2E.mft (raw, json)
Hash identifier:          utL4ZrYJACtWFEbrclbKTEc027qPvCHxWHQQb2RqECc=
Subject key identifier:   FF:93:2E:42:5E:06:0B:53:CC:63:EE:F8:B4:2B:91:6D:B3:C0:1C:6C
Authority key identifier: 2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61
Certificate issuer:       /CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
Certificate serial:       1DB6
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft
Manifest number:          1DA4
Signing time:             Mon 20 Oct 2025 03:04:52 +0000
Manifest this update:     Mon 20 Oct 2025 03:04:52 +0000
Manifest next update:     Mon 20 Oct 2025 09:04:52 +0000
Files and hashes:         1: -Mm11tejrqk61wSAldRhB69HTQA.roa (hash: lRVxJ7t0/AkOywuPuigCifvcZhUs87v2Uh4KWM90fFc=)
                          2: 450N7fwLv8pQflKVuwsapP8RTas.roa (hash: v1E9iG1FEaxd+t/wnGLaGAbJ4H6g39idwuIVRcR48QM=)
                          3: 6lgNokrHquzfMY4o0Ue-xILR_FM.roa (hash: bnnFnI4gkAVdY9+fYPbtHDBHofbyD67V5npIc05vTNI=)
                          4: Af3TYKyAmWG3f3wRT4FwONVWh0E.roa (hash: WIpuVfkuPz+LipchXzs38odxTKr63ACk4GOPFnDDDQY=)
                          5: CdYSPaqTjHDQqoFZJ5vmPkQNpY8.roa (hash: 2hSUzzrrHhoV+leHgGGXhH0H0eP//nQX8tn6HCyCUeA=)
                          6: Lowd4ZR0A1y-pngFS22U9a-lM2E.crl (hash: MbgZO00N/3ORcjfgawYjT2/UNvDD/qWYPOKx9iv6mFw=)
                          7: M8L4ONjaKBoFJOwyFIfN_QL2Tn4.roa (hash: 6JL10RiuFvg5F0bZseuVtZv3iY+6VEd+5IItQvVfiV8=)
                          8: S4wFMhuxShBISoepIMT7J0pKx3k.roa (hash: U7UiWrQkJelvyopRtRqGDW0g4Pu1C0z06V7voETr1Pc=)
                          9: lwkVdD9XADeiD0DPl7lvqM4ItpQ.roa (hash: YYmUXAYWXwrCBJM5y0kPQOh2qDNOuJxksVsvgzTPY7s=)
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 20 Oct 2025 09:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7606 (0x1db6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
        Validity
            Not Before: Oct 20 03:04:52 2025 GMT
            Not After : Aug  3 08:44:40 2026 GMT
        Subject: CN=FF932E425E060B53CC63EEF8B42B916DB3C01C6C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ce:ca:10:5a:c9:8f:d2:27:85:80:bb:25:3e:
                    26:96:85:3f:5b:51:fb:24:48:0d:d4:0d:5e:91:18:
                    04:52:77:b0:2d:d3:78:33:73:59:ab:3d:50:93:aa:
                    29:dd:c9:6d:31:6a:60:fb:17:57:f1:b6:f3:a5:bf:
                    ce:7d:00:da:c1:8f:9c:11:a4:28:73:44:98:bd:2f:
                    63:2c:f2:d6:d5:1f:e7:f0:e8:6f:42:ec:2c:4a:d4:
                    53:f8:f3:4e:f4:bb:5c:01:19:43:9f:2b:b4:3c:cd:
                    8e:20:5d:b4:f1:30:b7:0d:be:35:06:12:30:a0:cb:
                    80:f1:c0:44:2c:b2:20:c8:53:66:f2:2c:36:d1:53:
                    f6:aa:45:78:6d:b6:9c:13:2d:81:42:14:e2:e9:3d:
                    76:92:3a:5d:98:cc:7b:db:66:b1:88:a1:47:2b:1d:
                    41:d5:b1:0c:78:bb:83:ca:f7:02:ff:e7:5f:d5:53:
                    f0:0b:95:fc:83:77:e4:a3:ff:19:71:e2:0a:73:a5:
                    18:c1:12:1c:c9:77:90:c4:05:91:12:72:b2:af:fa:
                    f4:c1:eb:93:09:a5:4b:fb:0a:49:d4:2d:00:f4:ac:
                    02:11:35:44:af:04:83:7d:28:49:09:f4:8a:c5:84:
                    fd:3c:9a:04:0b:e6:34:60:9f:20:19:e6:a5:85:96:
                    45:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:93:2E:42:5E:06:0B:53:CC:63:EE:F8:B4:2B:91:6D:B3:C0:1C:6C
            X509v3 Authority Key Identifier:
                keyid:2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:c4:b9:c3:b9:b9:bd:0c:44:be:e2:06:3f:f9:39:b4:a9:fc:
         c3:55:a6:f8:f8:03:e0:c2:9b:6f:19:a4:fc:db:bd:bb:05:d0:
         20:c3:7c:69:fd:63:d5:02:46:f8:6c:ac:ce:a3:09:30:89:e3:
         e0:50:2d:d0:67:2f:14:fb:45:1c:2f:cd:f9:4b:69:d6:e0:0f:
         b5:64:41:41:de:2c:aa:fc:f1:47:06:d5:ea:85:b6:1f:8f:2f:
         aa:a3:8e:98:1f:fb:2c:ca:f9:cf:4d:51:0f:99:22:3a:0e:12:
         4f:cf:6c:53:4f:23:56:f1:16:cb:a9:4c:0b:10:36:d5:6b:67:
         ec:78:41:c6:76:ab:2a:f3:c1:1e:6a:d9:38:71:10:d1:56:50:
         72:08:5d:8b:fa:2d:76:08:ab:bb:f2:80:80:c2:70:df:97:c3:
         e5:83:f6:05:e2:bb:4a:36:af:0f:94:05:41:6f:ad:7c:a4:b6:
         84:5e:e4:f6:82:37:13:12:29:e3:ad:ee:4e:44:30:7a:f8:cd:
         82:ad:34:c8:eb:4c:fc:1a:30:83:2e:2f:c8:47:78:2f:25:4d:
         10:77:50:de:b8:47:e3:6e:08:a3:7d:44:69:1c:5f:41:e6:a6:
         e5:f1:b2:cd:b5:a1:bf:fc:2e:45:80:38:b6:89:4d:2a:ee:f2:
         fe:a4:ea:e7
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICHbYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4
QzFERTE5NDc0MDM1Q0JFQTY3ODA1NEI2RDk0RjVBRkE1MzM2MTAeFw0yNTEwMjAw
MzA0NTJaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEZGOTMyRTQyNUUwNjBC
NTNDQzYzRUVGOEI0MkI5MTZEQjNDMDFDNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1zsoQWsmP0ieFgLslPiaWhT9bUfskSA3UDV6RGARSd7At03gz
c1mrPVCTqindyW0xamD7F1fxtvOlv859ANrBj5wRpChzRJi9L2Ms8tbVH+fw6G9C
7CxK1FP48070u1wBGUOfK7Q8zY4gXbTxMLcNvjUGEjCgy4DxwEQssiDIU2byLDbR
U/aqRXhttpwTLYFCFOLpPXaSOl2YzHvbZrGIoUcrHUHVsQx4u4PK9wL/51/VU/AL
lfyDd+Sj/xlx4gpzpRjBEhzJd5DEBZEScrKv+vTB65MJpUv7CknULQD0rAIRNUSv
BIN9KEkJ9IrFhP08mgQL5jRgnyAZ5qWFlkUvAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQU/5MuQl4GC1PMY+74tCuRbbPAHGwwHwYDVR0jBBgwFoAULowd4ZR0A1y+pngF
S22U9a+lM2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3
L0xvd2Q0WlIwQTF5LXBuZ0ZTMjJVOWEtbE0yRS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTG93ZDRaUjBBMXktcG5nRlMyMlU5YS1sTTJFLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3L0xvd2Q0WlIwQTF5LXBu
Z0ZTMjJVOWEtbE0yRS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQAQxLnDubm9DES+4gY/+Tm0qfzDVab4+APgwptvGaT82727BdAgw3xp/WPVAkb4
bKzOowkwiePgUC3QZy8U+0UcL835S2nW4A+1ZEFB3iyq/PFHBtXqhbYfjy+qo46Y
H/ssyvnPTVEPmSI6DhJPz2xTTyNW8RbLqUwLEDbVa2fseEHGdqsq88Eeatk4cRDR
VlByCF2L+i12CKu78oCAwnDfl8Plg/YF4rtKNq8PlAVBb618pLaEXuT2gjcTEinj
re5ORDB6+M2CrTTI60z8GjCDLi/IR3gvJU0Qd1DeuEfjbgijfURpHF9B5qbl8bLN
taG//C5FgDi2iU0q7vL+pOrn
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:44:48 2025 by rpki-client