Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.mft
File:                     NdjMXh0vNf-6p6kJ9VILPcTBWIw.mft (raw, json)
Hash identifier:          zsWwJVPTR8NkdTqnNwtqXtP1Tf6IqLdgkFEKu6rRWIg=
Subject key identifier:   12:4A:96:CE:A4:13:E3:58:2C:11:61:76:A9:8A:B4:05:9F:BA:56:1E
Authority key identifier: 35:D8:CC:5E:1D:2F:35:FF:BA:A7:A9:09:F5:52:0B:3D:C4:C1:58:8C
Certificate issuer:       /CN=35D8CC5E1D2F35FFBAA7A909F5520B3DC4C1588C
Certificate serial:       04F4
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NdjMXh0vNf-6p6kJ9VILPcTBWIw.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.mft
Manifest number:          04F2
Signing time:             Mon 20 Oct 2025 22:08:14 +0000
Manifest this update:     Mon 20 Oct 2025 22:08:14 +0000
Manifest next update:     Tue 21 Oct 2025 04:08:14 +0000
Files and hashes:         1: NdjMXh0vNf-6p6kJ9VILPcTBWIw.crl (hash: AMVCcL/kaqM+A4ei/WQOC0Z8yUO3C3TibbNVfzMHyV8=)
                          2: V1y3g7_UwsryAJsJ4xMbSLRjKmo.roa (hash: 5vapIZiEtMa1uqodBseSnY65f8UTyP+AL9UFNhelV3c=)
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NdjMXh0vNf-6p6kJ9VILPcTBWIw.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 21 Oct 2025 04:08:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1268 (0x4f4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35D8CC5E1D2F35FFBAA7A909F5520B3DC4C1588C
        Validity
            Not Before: Oct 20 22:08:14 2025 GMT
            Not After : Aug  3 08:44:40 2026 GMT
        Subject: CN=124A96CEA413E3582C116176A98AB4059FBA561E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:47:22:e6:1f:14:34:f6:5a:46:de:93:2d:3c:
                    69:e1:d6:4e:a7:5c:98:de:e1:78:32:9b:21:ce:10:
                    ce:22:bc:79:86:0a:19:64:f8:77:6c:c0:30:c9:43:
                    b5:3d:5c:49:be:26:f4:af:43:4a:10:7f:84:1f:67:
                    a5:c0:1e:0b:4a:e7:2a:a8:a1:0d:42:9b:98:85:bc:
                    18:45:ab:94:01:be:50:9a:9a:e2:47:8d:dd:6f:60:
                    8e:00:9f:00:9c:00:8b:d0:6e:81:34:70:90:60:c1:
                    a5:e9:ee:85:86:02:9e:e6:4c:dc:d4:bd:3f:2a:ba:
                    61:f1:88:35:75:44:04:5c:37:c1:37:dc:58:3b:ce:
                    8f:5c:7d:95:3f:81:93:e9:0c:03:42:1e:4b:96:42:
                    58:ba:c4:dd:af:43:d9:f1:e1:52:00:e9:6e:bc:24:
                    2f:8c:e3:d6:91:03:99:2c:2d:80:15:af:5f:32:50:
                    68:1a:62:8e:59:b1:f9:c8:a4:de:67:77:23:a5:da:
                    90:85:61:8a:68:75:3f:05:4f:7d:2c:6c:96:45:07:
                    2c:b7:fd:23:b1:7b:99:f4:09:dd:01:dd:c1:4a:f2:
                    2a:cd:47:b5:ed:8f:46:40:4a:e2:54:bb:d4:70:e9:
                    eb:68:8d:b9:8d:8a:4e:5c:ac:0e:3b:6f:40:c1:da:
                    81:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:4A:96:CE:A4:13:E3:58:2C:11:61:76:A9:8A:B4:05:9F:BA:56:1E
            X509v3 Authority Key Identifier:
                keyid:35:D8:CC:5E:1D:2F:35:FF:BA:A7:A9:09:F5:52:0B:3D:C4:C1:58:8C

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NdjMXh0vNf-6p6kJ9VILPcTBWIw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3350/NdjMXh0vNf-6p6kJ9VILPcTBWIw.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         7e:b0:1f:95:99:74:a1:e9:65:41:7a:27:d8:39:75:0e:f7:59:
         37:88:7a:bd:aa:94:64:ea:d9:c6:14:30:44:84:e9:bf:46:a6:
         cd:8a:88:40:c0:8d:91:cb:94:8a:a5:cc:40:e4:db:ea:8f:cc:
         53:ea:23:c5:2f:65:8c:75:c1:cb:89:7c:78:0a:62:ac:55:26:
         76:11:32:ea:7c:09:bc:1c:14:b5:47:11:1d:92:6e:84:50:a3:
         4c:e7:ce:26:56:b8:85:a5:cf:24:8f:2f:ec:8c:d5:07:d9:d7:
         19:cb:b8:a4:71:21:0c:c3:7e:85:25:c4:06:be:d4:94:42:2c:
         b8:0e:3b:c4:f0:23:5f:f0:c3:70:fa:9d:47:07:5d:24:cf:18:
         e0:cf:cd:e0:b0:c9:6e:82:1c:4a:9b:c7:26:88:bf:5d:aa:d4:
         2a:0a:93:f8:28:e8:60:b2:a9:eb:79:98:7b:e2:36:ae:64:aa:
         c2:cf:3c:63:73:12:a4:cc:28:66:9b:21:33:b7:53:d0:2a:31:
         37:29:41:a7:87:ef:68:f9:a2:6b:f8:c9:4a:76:86:13:0c:2b:
         bf:4b:45:51:69:da:1d:9a:8d:47:26:eb:c9:e7:64:7d:8b:4d:
         d8:b6:43:3f:ad:20:58:1d:a6:3f:cd:15:f1:69:8b:3c:45:a2:
         7a:40:62:bb
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICBPQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzVE
OENDNUUxRDJGMzVGRkJBQTdBOTA5RjU1MjBCM0RDNEMxNTg4QzAeFw0yNTEwMjAy
MjA4MTRaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDEyNEE5NkNFQTQxM0Uz
NTgyQzExNjE3NkE5OEFCNDA1OUZCQTU2MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlRyLmHxQ09lpG3pMtPGnh1k6nXJje4XgymyHOEM4ivHmGChlk
+HdswDDJQ7U9XEm+JvSvQ0oQf4QfZ6XAHgtK5yqooQ1Cm5iFvBhFq5QBvlCamuJH
jd1vYI4AnwCcAIvQboE0cJBgwaXp7oWGAp7mTNzUvT8qumHxiDV1RARcN8E33Fg7
zo9cfZU/gZPpDANCHkuWQli6xN2vQ9nx4VIA6W68JC+M49aRA5ksLYAVr18yUGga
Yo5ZsfnIpN5ndyOl2pCFYYpodT8FT30sbJZFByy3/SOxe5n0Cd0B3cFK8irNR7Xt
j0ZASuJUu9Rw6etojbmNik5crA47b0DB2oHHAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUEkqWzqQT41gsEWF2qYq0BZ+6Vh4wHwYDVR0jBBgwFoAUNdjMXh0vNf+6p6kJ
9VILPcTBWIwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM1
MC9OZGpNWGgwdk5mLTZwNmtKOVZJTFBjVEJXSXcuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL05kak1YaDB2TmYtNnA2a0o5VklMUGNUQldJdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNTAvTmRqTVhoMHZOZi02
cDZrSjlWSUxQY1RCV0l3Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAH6wH5WZdKHpZUF6J9g5dQ73WTeIer2qlGTq2cYUMESE6b9Gps2KiEDAjZHL
lIqlzEDk2+qPzFPqI8UvZYx1wcuJfHgKYqxVJnYRMup8CbwcFLVHER2SboRQo0zn
ziZWuIWlzySPL+yM1QfZ1xnLuKRxIQzDfoUlxAa+1JRCLLgOO8TwI1/ww3D6nUcH
XSTPGODPzeCwyW6CHEqbxyaIv12q1CoKk/go6GCyqet5mHviNq5kqsLPPGNzEqTM
KGabITO3U9AqMTcpQaeH72j5omv4yUp2hhMMK79LRVFp2h2ajUcm68nnZH2LTdi2
Qz+tIFgdpj/NFfFpizxFonpAYrs=
-----END CERTIFICATE-----
Generated at Tue Oct 21 01:37:47 2025 by rpki-client