Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3164/gL0CjXa7PVXmZBaamvDfKpjHUFU.mft
File:                     gL0CjXa7PVXmZBaamvDfKpjHUFU.mft (raw, json)
Hash identifier:          HcH97neASSK9LtedBn99X8SGiAPjFMtJvS0bhN3PGtU=
Subject key identifier:   FA:3F:BB:B8:7E:5C:7B:29:FA:21:7F:39:55:03:60:5A:00:1E:68:CC
Authority key identifier: 80:BD:02:8D:76:BB:3D:55:E6:64:16:9A:9A:F0:DF:2A:98:C7:50:55
Certificate issuer:       /CN=80BD028D76BB3D55E664169A9AF0DF2A98C75055
Certificate serial:       CD
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/gL0CjXa7PVXmZBaamvDfKpjHUFU.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3164/gL0CjXa7PVXmZBaamvDfKpjHUFU.mft
Manifest number:          CB
Signing time:             Sat 05 Jul 2025 00:42:30 +0000
Manifest this update:     Sat 05 Jul 2025 00:42:30 +0000
Manifest next update:     Sat 05 Jul 2025 06:42:30 +0000
Files and hashes:         1: WTi5A5T4oYjpNn2dVvGbh1qURZA.roa (hash: i3CoRJ27WF0wHLzvYeShD+7iCy/Ov8mMgyrdZRrzN38=)
                          2: gL0CjXa7PVXmZBaamvDfKpjHUFU.crl (hash: rpLlAWNXXbBVn310bs275TJqI30Y+0EqmLSjtdq36gE=)
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3164/gL0CjXa7PVXmZBaamvDfKpjHUFU.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3164/gL0CjXa7PVXmZBaamvDfKpjHUFU.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/gL0CjXa7PVXmZBaamvDfKpjHUFU.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 05 Jul 2025 06:42:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 205 (0xcd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80BD028D76BB3D55E664169A9AF0DF2A98C75055
        Validity
            Not Before: Jul  5 00:42:30 2025 GMT
            Not After : May 26 07:10:29 2026 GMT
        Subject: CN=FA3FBBB87E5C7B29FA217F395503605A001E68CC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:27:e1:84:0a:83:ff:ec:79:a2:9d:4a:97:a8:
                    69:00:14:a3:9d:11:75:70:8d:a7:1c:d4:66:d5:51:
                    c7:10:fc:49:8f:34:62:61:f7:b2:61:e1:51:ba:51:
                    71:61:35:9c:f3:16:0c:cf:41:80:40:e8:c4:6a:d1:
                    20:dc:80:0a:bf:c2:a1:46:db:20:68:d8:d5:6b:66:
                    92:8d:36:f5:cd:8e:c0:00:fe:a8:f1:35:64:13:00:
                    34:65:0d:4d:03:67:2e:da:ca:1c:41:6b:cd:dd:cb:
                    f2:af:be:43:b0:4d:6c:98:a2:6d:ef:89:00:a9:03:
                    df:11:50:c2:95:21:9c:db:3d:a8:cc:4c:81:ed:be:
                    06:06:44:63:60:67:89:d9:fb:83:49:94:c9:fd:26:
                    62:c4:20:29:28:a2:b2:c3:cf:0e:dd:21:41:f5:3f:
                    5a:ed:c9:7c:62:4a:dd:44:9f:c7:be:9d:a0:e8:86:
                    48:5c:dc:de:a5:4e:cf:0a:c7:9d:e3:d8:59:82:62:
                    12:94:a9:5b:fe:cc:a4:f2:54:05:32:7d:07:7c:7a:
                    ba:1a:e9:08:a8:c0:6a:cb:fa:db:f5:f1:69:54:d5:
                    74:72:4d:71:a3:6c:02:7e:b0:81:d8:de:46:19:32:
                    ad:37:ae:d1:f1:87:43:36:c8:8b:6a:25:cd:3d:82:
                    78:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:3F:BB:B8:7E:5C:7B:29:FA:21:7F:39:55:03:60:5A:00:1E:68:CC
            X509v3 Authority Key Identifier:
                keyid:80:BD:02:8D:76:BB:3D:55:E6:64:16:9A:9A:F0:DF:2A:98:C7:50:55

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3164/gL0CjXa7PVXmZBaamvDfKpjHUFU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/gL0CjXa7PVXmZBaamvDfKpjHUFU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3164/gL0CjXa7PVXmZBaamvDfKpjHUFU.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         21:8e:22:a4:b7:a9:a7:c1:8f:63:61:c0:5f:57:18:98:b1:a6:
         3b:52:3e:9c:5e:c2:6f:c1:fb:8d:a6:f8:d9:63:42:be:b2:dc:
         95:40:ea:bf:4f:77:f9:bd:8a:cf:0e:4f:95:53:98:20:5e:7d:
         40:d9:21:66:4e:e4:0d:31:5e:4e:0b:3e:c6:6d:df:b5:ca:21:
         10:fa:fb:cb:31:e7:f9:2e:d6:5b:11:23:b6:80:3c:3d:c6:6a:
         d0:75:ef:fc:fc:e1:4a:2c:c1:f2:0a:8e:53:0f:e3:d3:7e:3d:
         3d:64:2d:0a:a7:bf:5c:58:fa:77:36:b4:a0:38:85:01:5e:5d:
         d6:c0:a1:31:ab:ff:7e:d4:6b:30:ba:03:17:95:07:fe:62:11:
         c7:c1:3d:58:48:54:11:97:c2:3f:a1:22:6b:34:d2:de:d1:30:
         6f:78:25:2a:63:c5:18:4d:4e:b3:46:16:c3:a4:69:fc:c5:ea:
         f1:d5:19:6f:8a:23:bf:f4:a5:fb:ee:1a:6a:b6:8e:0f:e3:0f:
         57:9f:7a:e0:b5:ae:a9:03:14:e3:b5:e7:ff:30:82:cf:a7:1a:
         a9:e8:d7:cc:c9:e3:7d:da:5c:46:b8:48:a4:39:39:bf:55:42:
         44:6d:5e:c5:94:f6:11:ee:b3:33:9f:2f:90:6e:97:bb:df:ce:
         a1:13:cc:9c
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICAM0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODBC
RDAyOEQ3NkJCM0Q1NUU2NjQxNjlBOUFGMERGMkE5OEM3NTA1NTAeFw0yNTA3MDUw
MDQyMzBaFw0yNjA1MjYwNzEwMjlaMDMxMTAvBgNVBAMTKEZBM0ZCQkI4N0U1QzdC
MjlGQTIxN0YzOTU1MDM2MDVBMDAxRTY4Q0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCaJ+GECoP/7HminUqXqGkAFKOdEXVwjacc1GbVUccQ/EmPNGJh
97Jh4VG6UXFhNZzzFgzPQYBA6MRq0SDcgAq/wqFG2yBo2NVrZpKNNvXNjsAA/qjx
NWQTADRlDU0DZy7ayhxBa83dy/KvvkOwTWyYom3viQCpA98RUMKVIZzbPajMTIHt
vgYGRGNgZ4nZ+4NJlMn9JmLEICkoorLDzw7dIUH1P1rtyXxiSt1En8e+naDohkhc
3N6lTs8Kx53j2FmCYhKUqVv+zKTyVAUyfQd8eroa6QiowGrL+tv18WlU1XRyTXGj
bAJ+sIHY3kYZMq03rtHxh0M2yItqJc09gnghAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQU+j+7uH5ceyn6IX85VQNgWgAeaMwwHwYDVR0jBBgwFoAUgL0CjXa7PVXmZBaa
mvDfKpjHUFUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzE2
NC9nTDBDalhhN1BWWG1aQmFhbXZEZktwakhVRlUuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2dMMENqWGE3UFZYbVpCYWFtdkRmS3BqSFVGVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMxNjQvZ0wwQ2pYYTdQVlht
WkJhYW12RGZLcGpIVUZVLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBACGOIqS3qafBj2NhwF9XGJixpjtSPpxewm/B+42m+NljQr6y3JVA6r9Pd/m9
is8OT5VTmCBefUDZIWZO5A0xXk4LPsZt37XKIRD6+8sx5/ku1lsRI7aAPD3GatB1
7/z84UoswfIKjlMP49N+PT1kLQqnv1xY+nc2tKA4hQFeXdbAoTGr/37UazC6AxeV
B/5iEcfBPVhIVBGXwj+hIms00t7RMG94JSpjxRhNTrNGFsOkafzF6vHVGW+KI7/0
pfvuGmq2jg/jD1efeuC1rqkDFOO15/8wgs+nGqno18zJ433aXEa4SKQ5Ob9VQkRt
XsWU9hHuszOfL5Bul7vfzqETzJw=
-----END CERTIFICATE-----
Generated at Sat Jul 5 03:58:47 2025 by rpki-client