Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2671/3Vi43ud7iv5uKRpbggWxMTFpeE8.mft
File:                     3Vi43ud7iv5uKRpbggWxMTFpeE8.mft (raw, json)
Hash identifier:          jhNieL3GiPuhJhQkjtKxNuuyWpRqGoxkkywlUjnrsTg=
Subject key identifier:   BF:2E:AB:E6:21:26:06:38:CA:17:18:30:91:2C:92:15:02:05:C9:86
Authority key identifier: DD:58:B8:DE:E7:7B:8A:FE:6E:29:1A:5B:82:05:B1:31:31:69:78:4F
Certificate issuer:       /CN=DD58B8DEE77B8AFE6E291A5B8205B1313169784F
Certificate serial:       2287
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3Vi43ud7iv5uKRpbggWxMTFpeE8.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/3Vi43ud7iv5uKRpbggWxMTFpeE8.mft
Manifest number:          227E
Signing time:             Mon 20 Oct 2025 22:07:09 +0000
Manifest this update:     Mon 20 Oct 2025 22:07:09 +0000
Manifest next update:     Tue 21 Oct 2025 04:07:09 +0000
Files and hashes:         1: 3Vi43ud7iv5uKRpbggWxMTFpeE8.crl (hash: pEk6hrm1FkoBfC65Tpx0BTEF9PgMl10pPVjoJ52imJU=)
                          2: cqFqWP_u8PMUgu7Wa-ZJA_XHnQQ.roa (hash: LrTEljujW0Atd0a1+D8Fc6IgbT9Dits51r67dMvR4wQ=)
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/3Vi43ud7iv5uKRpbggWxMTFpeE8.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/3Vi43ud7iv5uKRpbggWxMTFpeE8.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3Vi43ud7iv5uKRpbggWxMTFpeE8.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 21 Oct 2025 04:07:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8839 (0x2287)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DD58B8DEE77B8AFE6E291A5B8205B1313169784F
        Validity
            Not Before: Oct 20 22:07:09 2025 GMT
            Not After : Aug  3 08:44:40 2026 GMT
        Subject: CN=BF2EABE621260638CA171830912C92150205C986
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:9c:fd:ca:f5:18:1f:d8:26:53:80:57:67:c9:
                    ee:a7:69:5e:ed:e4:a2:eb:de:d2:73:73:11:d5:6d:
                    6c:4d:91:5a:d8:68:84:64:29:08:a4:2a:24:a3:26:
                    3b:7c:30:e8:e3:b9:47:80:73:b8:2f:7c:b0:55:fc:
                    56:f1:d9:81:ac:8b:e1:eb:b2:81:3d:6f:f9:94:25:
                    ba:2e:06:0b:86:ae:1d:35:ed:15:45:f7:15:06:bc:
                    84:71:36:01:e5:61:96:d6:78:c5:05:f1:cb:2a:7d:
                    70:99:1b:16:9c:42:42:e9:04:a9:b4:8d:a4:e0:12:
                    f0:9a:3a:b7:cc:e7:63:8f:c6:b5:b1:e9:27:38:db:
                    b9:fe:11:70:47:69:b8:8d:7f:b1:f1:26:58:fc:98:
                    16:6c:a5:2c:67:24:63:08:2d:63:47:c3:04:58:e3:
                    41:13:12:ec:d1:aa:a2:c2:51:4e:d6:ae:b7:ba:d7:
                    f9:ce:6a:b7:08:4e:f4:e9:47:f9:54:f6:5c:a7:13:
                    6c:cf:e8:0b:bb:ce:3f:11:89:e2:8e:08:08:49:41:
                    18:90:ce:be:50:9c:0a:aa:16:6d:92:ed:fb:4e:74:
                    0e:c1:1c:61:38:d0:fa:be:fa:16:62:9e:1f:c8:ff:
                    67:05:57:f7:e3:1a:d9:85:bc:d6:7d:da:54:ec:7d:
                    0c:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:2E:AB:E6:21:26:06:38:CA:17:18:30:91:2C:92:15:02:05:C9:86
            X509v3 Authority Key Identifier:
                keyid:DD:58:B8:DE:E7:7B:8A:FE:6E:29:1A:5B:82:05:B1:31:31:69:78:4F

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/3Vi43ud7iv5uKRpbggWxMTFpeE8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3Vi43ud7iv5uKRpbggWxMTFpeE8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2671/3Vi43ud7iv5uKRpbggWxMTFpeE8.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         9e:58:24:f2:c4:53:5e:e6:db:43:53:27:47:3d:bc:31:5c:c5:
         fe:3a:c8:03:57:b3:b4:17:34:72:df:6b:5b:97:56:20:a6:08:
         a5:6d:e8:c5:44:9f:e9:ee:56:9c:9b:3c:6b:b3:9d:e5:b1:e7:
         da:56:af:0a:d7:66:15:36:f8:e2:e6:ba:93:00:3c:f3:f2:05:
         ec:11:26:e6:ab:6d:a5:b4:4b:49:d6:e1:73:c2:d5:92:c7:a1:
         f5:a0:42:5e:2a:bc:c4:bd:4a:27:31:e9:4f:5d:b1:55:4f:27:
         ea:06:43:e9:59:65:3f:4c:58:4c:10:93:d6:2b:59:43:88:ae:
         4b:fb:08:de:0c:f4:a2:2a:c6:db:f8:b1:36:61:11:c7:72:3e:
         5c:3b:25:a2:74:59:c5:fa:83:44:33:d6:6e:b9:ea:9d:3a:0f:
         fb:2d:1b:70:d9:4c:55:7d:64:fc:7c:92:a9:91:94:83:db:bc:
         da:09:df:c8:11:6c:a8:a1:1c:33:15:85:31:cd:43:68:6b:4a:
         b2:2d:82:90:6b:1c:d8:0c:ad:d4:06:b7:49:58:03:0d:98:f3:
         ba:5d:b5:4a:bb:0f:7b:26:a8:08:95:6a:2f:a5:14:87:83:b5:
         cf:c8:1f:01:da:08:dc:69:1d:9e:62:d2:66:25:26:2e:16:a4:
         38:bb:a9:8a
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICIocwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREQ1
OEI4REVFNzdCOEFGRTZFMjkxQTVCODIwNUIxMzEzMTY5Nzg0RjAeFw0yNTEwMjAy
MjA3MDlaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEJGMkVBQkU2MjEyNjA2
MzhDQTE3MTgzMDkxMkM5MjE1MDIwNUM5ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDynP3K9Rgf2CZTgFdnye6naV7t5KLr3tJzcxHVbWxNkVrYaIRk
KQikKiSjJjt8MOjjuUeAc7gvfLBV/Fbx2YGsi+HrsoE9b/mUJbouBguGrh017RVF
9xUGvIRxNgHlYZbWeMUF8csqfXCZGxacQkLpBKm0jaTgEvCaOrfM52OPxrWx6Sc4
27n+EXBHabiNf7HxJlj8mBZspSxnJGMILWNHwwRY40ETEuzRqqLCUU7Wrre61/nO
arcITvTpR/lU9lynE2zP6Au7zj8RieKOCAhJQRiQzr5QnAqqFm2S7ftOdA7BHGE4
0Pq++hZinh/I/2cFV/fjGtmFvNZ92lTsfQxtAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUvy6r5iEmBjjKFxgwkSySFQIFyYYwHwYDVR0jBBgwFoAU3Vi43ud7iv5uKRpb
ggWxMTFpeE8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY3
MS8zVmk0M3VkN2l2NXVLUnBiZ2dXeE1URnBlRTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzNWaTQzdWQ3aXY1dUtScGJnZ1d4TVRGcGVFOC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NzEvM1ZpNDN1ZDdpdjV1
S1JwYmdnV3hNVEZwZUU4Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAJ5YJPLEU17m20NTJ0c9vDFcxf46yANXs7QXNHLfa1uXViCmCKVt6MVEn+nu
VpybPGuzneWx59pWrwrXZhU2+OLmupMAPPPyBewRJuarbaW0S0nW4XPC1ZLHofWg
Ql4qvMS9Sicx6U9dsVVPJ+oGQ+lZZT9MWEwQk9YrWUOIrkv7CN4M9KIqxtv4sTZh
EcdyPlw7JaJ0WcX6g0Qz1m656p06D/stG3DZTFV9ZPx8kqmRlIPbvNoJ38gRbKih
HDMVhTHNQ2hrSrItgpBrHNgMrdQGt0lYAw2Y87pdtUq7D3smqAiVai+lFIeDtc/I
HwHaCNxpHZ5i0mYlJi4WpDi7qYo=
-----END CERTIFICATE-----
Generated at Tue Oct 21 01:37:52 2025 by rpki-client