Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/332/zgJJuefVZubL61d9djs8y7Gwqy0.mft
File:                     zgJJuefVZubL61d9djs8y7Gwqy0.mft (raw, json)
Hash identifier:          RM3GPHBjx+ENrx3vFJRfpX6B+ycUDIH6ydu/HhVX1Rc=
Subject key identifier:   D7:35:CF:06:4F:7B:A7:C5:2F:10:67:93:7F:4D:16:BA:F0:6C:5E:4A
Authority key identifier: CE:02:49:B9:E7:D5:66:E6:CB:EB:57:7D:76:3B:3C:CB:B1:B0:AB:2D
Certificate issuer:       /CN=CE0249B9E7D566E6CBEB577D763B3CCBB1B0AB2D
Certificate serial:       2509
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgJJuefVZubL61d9djs8y7Gwqy0.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/zgJJuefVZubL61d9djs8y7Gwqy0.mft
Manifest number:          24F7
Signing time:             Mon 20 Oct 2025 03:04:38 +0000
Manifest this update:     Mon 20 Oct 2025 03:04:38 +0000
Manifest next update:     Mon 20 Oct 2025 09:04:38 +0000
Files and hashes:         1: WyTkXHEhLqcsjNd_oPHvbf674aI.roa (hash: gt/t6rEu5sUWRrRf2e3Slg7FAm0I0chcu0jtaf/OGlg=)
                          2: cYoSIKX5rPaGhe1jQErFxMn1KlE.roa (hash: sGiqqVrNR6d7HV7W1A6wNpAMcqkm+3f/aPa23FGvVeA=)
                          3: zgJJuefVZubL61d9djs8y7Gwqy0.crl (hash: 9GlBBKfZPl2ACkzJ9+ZoA4gYoPR3JO5I05LT3gog1m0=)
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/zgJJuefVZubL61d9djs8y7Gwqy0.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/zgJJuefVZubL61d9djs8y7Gwqy0.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgJJuefVZubL61d9djs8y7Gwqy0.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 20 Oct 2025 09:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9481 (0x2509)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CE0249B9E7D566E6CBEB577D763B3CCBB1B0AB2D
        Validity
            Not Before: Oct 20 03:04:38 2025 GMT
            Not After : Aug  3 08:44:40 2026 GMT
        Subject: CN=D735CF064F7BA7C52F1067937F4D16BAF06C5E4A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:09:3b:af:00:60:89:fe:1c:da:67:e3:72:bb:
                    e8:ad:94:64:0b:0e:e3:b8:81:9f:9f:09:c0:99:4c:
                    7e:5d:df:36:31:92:48:82:c2:8d:27:f8:66:60:b6:
                    1a:60:9c:9a:0a:da:a9:8c:fb:0e:a5:cf:6d:64:e4:
                    6c:b6:b3:c8:d0:15:a2:e6:03:55:bb:14:77:6e:d6:
                    2b:1a:2e:70:a9:a8:1f:c9:67:b7:de:a3:53:90:48:
                    88:12:bd:6f:1c:e2:38:aa:40:dd:5c:08:ab:18:8a:
                    75:5b:ac:1f:be:b1:dd:34:9d:b5:69:92:a8:6f:8d:
                    c5:8f:d6:51:ae:37:72:d2:44:27:f8:4c:6c:8f:d5:
                    6f:73:87:21:6a:21:4c:77:fd:5d:b0:1c:01:55:e7:
                    7d:b4:5d:bd:d8:1b:b2:1d:46:05:28:47:f1:82:6f:
                    94:4a:50:83:56:0c:f8:20:cd:78:f4:0e:fa:a2:41:
                    6c:76:1b:67:66:a3:32:12:a4:af:45:a4:f6:25:35:
                    22:cd:f3:b5:bc:ea:8a:2c:f0:64:c9:ba:c4:98:13:
                    90:16:04:5e:17:23:6f:3c:c1:b6:36:15:2c:09:a0:
                    73:fb:e3:51:e6:1f:96:63:14:26:bc:48:48:67:eb:
                    44:67:16:86:ea:59:f5:33:79:b6:5d:49:c9:eb:d5:
                    f1:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:35:CF:06:4F:7B:A7:C5:2F:10:67:93:7F:4D:16:BA:F0:6C:5E:4A
            X509v3 Authority Key Identifier:
                keyid:CE:02:49:B9:E7:D5:66:E6:CB:EB:57:7D:76:3B:3C:CB:B1:B0:AB:2D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/zgJJuefVZubL61d9djs8y7Gwqy0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgJJuefVZubL61d9djs8y7Gwqy0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/332/zgJJuefVZubL61d9djs8y7Gwqy0.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         5f:31:a2:86:28:26:77:44:ed:bc:74:79:18:05:09:1e:c2:11:
         75:65:33:d4:6d:23:4b:1b:72:c3:97:f5:fa:16:aa:9e:06:f8:
         74:55:d7:6f:ca:ec:18:71:8c:c4:68:7a:55:9c:da:e4:d0:cf:
         3c:41:d0:2c:e5:ee:df:fb:6a:ed:ed:02:6f:f5:7b:7e:26:54:
         e1:40:e8:f1:7e:b8:46:85:81:56:3e:53:2d:7a:55:3a:a4:3e:
         27:8c:1b:30:7b:36:95:57:1b:cd:ff:fa:47:94:08:b1:68:94:
         61:a3:31:84:f9:12:8a:1d:d6:4e:35:74:80:d1:d7:d2:ad:9c:
         83:90:ec:68:55:53:17:39:12:2f:61:65:18:89:61:45:a3:7f:
         91:06:1a:1a:d4:82:e7:a2:27:b8:4c:49:2e:3c:d3:ed:3b:a8:
         35:03:35:f9:dd:ae:b1:93:d9:95:33:75:a1:fe:bc:d1:0c:08:
         c5:47:af:aa:cb:3b:38:fa:b2:e1:da:e4:05:0b:f3:a1:8a:ea:
         a7:77:ba:0e:8a:e7:fe:98:e2:87:2e:21:f3:d3:a8:88:52:87:
         18:73:ca:59:3c:89:dd:66:74:3c:2e:d2:8f:79:8a:7a:0e:91:
         d3:90:3d:81:64:1b:25:d7:0e:53:39:16:1f:68:68:82:da:4a:
         0b:7d:15:8e
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICJQkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Uw
MjQ5QjlFN0Q1NjZFNkNCRUI1NzdENzYzQjNDQ0JCMUIwQUIyRDAeFw0yNTEwMjAw
MzA0MzhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEQ3MzVDRjA2NEY3QkE3
QzUyRjEwNjc5MzdGNEQxNkJBRjA2QzVFNEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcCTuvAGCJ/hzaZ+Nyu+itlGQLDuO4gZ+fCcCZTH5d3zYxkkiC
wo0n+GZgthpgnJoK2qmM+w6lz21k5Gy2s8jQFaLmA1W7FHdu1isaLnCpqB/JZ7fe
o1OQSIgSvW8c4jiqQN1cCKsYinVbrB++sd00nbVpkqhvjcWP1lGuN3LSRCf4TGyP
1W9zhyFqIUx3/V2wHAFV5320Xb3YG7IdRgUoR/GCb5RKUINWDPggzXj0DvqiQWx2
G2dmozISpK9FpPYlNSLN87W86oos8GTJusSYE5AWBF4XI288wbY2FSwJoHP741Hm
H5ZjFCa8SEhn60RnFobqWfUzebZdScnr1fHJAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQU1zXPBk97p8UvEGeTf00WuvBsXkowHwYDVR0jBBgwFoAUzgJJuefVZubL61d9
djs8y7Gwqy0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy
L3pnSkp1ZWZWWnViTDYxZDlkanM4eTdHd3F5MC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvemdKSnVlZlZadWJMNjFkOWRqczh5N0d3cXkwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMyL3pnSkp1ZWZWWnViTDYx
ZDlkanM4eTdHd3F5MC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQBfMaKGKCZ3RO28dHkYBQkewhF1ZTPUbSNLG3LDl/X6FqqeBvh0VddvyuwYcYzE
aHpVnNrk0M88QdAs5e7f+2rt7QJv9Xt+JlThQOjxfrhGhYFWPlMtelU6pD4njBsw
ezaVVxvN//pHlAixaJRhozGE+RKKHdZONXSA0dfSrZyDkOxoVVMXORIvYWUYiWFF
o3+RBhoa1ILnoie4TEkuPNPtO6g1AzX53a6xk9mVM3Wh/rzRDAjFR6+qyzs4+rLh
2uQFC/Ohiuqnd7oOiuf+mOKHLiHz06iIUocYc8pZPIndZnQ8LtKPeYp6DpHTkD2B
ZBsl1w5TORYfaGiC2koLfRWO
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:43:38 2025 by rpki-client