Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3352/H0H3cLlh6rXj8C3PeC_GHGdWJ00.mft
File:                     H0H3cLlh6rXj8C3PeC_GHGdWJ00.mft (raw, json)
Hash identifier:          +Tq9H3q7lgSUjB9o1KS8oFjPLcvULvZ+8qNU/HTbV7w=
Subject key identifier:   5F:BE:75:6E:5D:53:DF:C2:2E:3E:58:F9:2F:30:FD:94:57:44:AF:E7
Authority key identifier: 1F:41:F7:70:B9:61:EA:B5:E3:F0:2D:CF:78:2F:C6:1C:67:56:27:4D
Certificate issuer:       /CN=1F41F770B961EAB5E3F02DCF782FC61C6756274D
Certificate serial:       04AF
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H0H3cLlh6rXj8C3PeC_GHGdWJ00.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3352/H0H3cLlh6rXj8C3PeC_GHGdWJ00.mft
Manifest number:          04AF
Signing time:             Mon 20 Oct 2025 12:09:08 +0000
Manifest this update:     Mon 20 Oct 2025 12:09:08 +0000
Manifest next update:     Mon 20 Oct 2025 18:09:08 +0000
Files and hashes:         1: H0H3cLlh6rXj8C3PeC_GHGdWJ00.crl (hash: 6xKi4q4Gh+wIeRDgYgmbN/+DvQGHugVQuDzhQCyjus4=)
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3352/H0H3cLlh6rXj8C3PeC_GHGdWJ00.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3352/H0H3cLlh6rXj8C3PeC_GHGdWJ00.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H0H3cLlh6rXj8C3PeC_GHGdWJ00.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 20 Oct 2025 18:07:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1199 (0x4af)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1F41F770B961EAB5E3F02DCF782FC61C6756274D
        Validity
            Not Before: Oct 20 12:09:08 2025 GMT
            Not After : Aug  3 08:44:40 2026 GMT
        Subject: CN=5FBE756E5D53DFC22E3E58F92F30FD945744AFE7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:29:e5:2a:3a:1c:96:6b:15:d9:90:40:2e:ff:
                    36:34:3d:dd:bd:df:58:d5:a3:8e:f5:92:29:06:1f:
                    bf:84:20:4a:af:9c:6f:00:d9:38:63:9b:46:c5:0d:
                    c4:3f:3b:bd:ae:70:10:02:8c:9f:5b:ac:93:4c:69:
                    31:94:bf:5b:81:a2:b7:64:62:79:2d:f3:53:09:5f:
                    df:cb:06:bb:5b:a9:25:80:23:d5:7f:f7:15:91:66:
                    c6:f5:67:0c:ba:6b:c0:e6:a9:30:86:72:f2:6b:07:
                    43:4d:75:43:8e:ad:9a:92:4a:95:69:b7:aa:42:61:
                    5c:96:4b:41:f8:82:b2:d2:da:e0:19:c3:36:65:a2:
                    b2:de:06:a6:e4:31:24:f1:0d:9f:32:9e:59:92:e0:
                    fb:2d:b6:ba:6f:b0:ee:8f:f4:1a:08:f8:7d:ce:cb:
                    1b:40:b8:fc:66:7e:ef:bf:5d:ef:1c:2e:2e:1a:dc:
                    d6:15:82:4b:ba:1f:0c:72:1a:aa:75:7b:55:55:b3:
                    fa:ec:b0:ee:db:07:f0:6f:73:06:23:34:3f:34:37:
                    5b:a3:05:bd:f6:ae:55:e7:fc:50:55:e0:d9:97:f9:
                    c6:60:27:8b:82:df:64:af:54:06:05:93:5b:c0:97:
                    5c:dd:76:4b:a2:56:75:5c:eb:8e:32:47:2b:d1:ef:
                    04:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:BE:75:6E:5D:53:DF:C2:2E:3E:58:F9:2F:30:FD:94:57:44:AF:E7
            X509v3 Authority Key Identifier:
                keyid:1F:41:F7:70:B9:61:EA:B5:E3:F0:2D:CF:78:2F:C6:1C:67:56:27:4D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3352/H0H3cLlh6rXj8C3PeC_GHGdWJ00.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H0H3cLlh6rXj8C3PeC_GHGdWJ00.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3352/H0H3cLlh6rXj8C3PeC_GHGdWJ00.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         1e:e4:89:9a:cf:b5:37:5f:46:bc:ee:f7:ec:ef:67:4f:6c:7e:
         3e:47:cd:58:4e:10:99:0c:f8:dc:85:56:ca:0f:ff:e4:c6:ea:
         df:19:a5:9f:9b:3b:f2:80:e7:f4:b5:4a:cb:c5:5e:00:18:91:
         8f:64:22:89:9a:4e:0a:a1:7f:89:c4:fb:d0:65:6d:84:9c:09:
         d0:69:69:00:53:bc:e4:e1:60:2f:24:3d:42:9f:1d:6b:3c:11:
         72:37:d5:a9:f0:25:66:a4:3e:0f:f3:60:02:6b:16:dc:63:e6:
         c4:3f:23:6b:42:7d:cc:0b:d9:a0:b0:06:69:46:ea:7f:ad:fa:
         25:9f:44:e7:a4:3a:27:4a:67:43:9e:9c:cd:56:8c:07:8d:60:
         fd:bb:40:ab:81:9e:0e:5d:a8:79:22:be:67:dc:dd:ae:3f:77:
         1d:8d:84:a8:d5:d1:da:51:08:cf:08:34:67:ce:48:3d:1a:4c:
         c3:76:9d:26:bb:b4:d3:17:dd:bd:bc:0d:55:33:2d:3c:c3:6e:
         19:2f:03:17:79:00:b3:84:23:ec:b0:5e:ef:5d:43:18:08:68:
         ff:38:b8:92:27:ed:4c:a9:4b:fb:f0:40:f1:e5:f2:a4:a3:42:
         ae:7b:a2:b9:0e:c9:8c:6d:43:9e:5a:e3:9d:f1:03:e0:2e:6d:
         f5:0a:f3:50
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICBK8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUY0
MUY3NzBCOTYxRUFCNUUzRjAyRENGNzgyRkM2MUM2NzU2Mjc0RDAeFw0yNTEwMjAx
MjA5MDhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDVGQkU3NTZFNUQ1M0RG
QzIyRTNFNThGOTJGMzBGRDk0NTc0NEFGRTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjKeUqOhyWaxXZkEAu/zY0Pd2931jVo471kikGH7+EIEqvnG8A
2Thjm0bFDcQ/O72ucBACjJ9brJNMaTGUv1uBordkYnkt81MJX9/LBrtbqSWAI9V/
9xWRZsb1Zwy6a8DmqTCGcvJrB0NNdUOOrZqSSpVpt6pCYVyWS0H4grLS2uAZwzZl
orLeBqbkMSTxDZ8ynlmS4PsttrpvsO6P9BoI+H3OyxtAuPxmfu+/Xe8cLi4a3NYV
gku6HwxyGqp1e1VVs/rssO7bB/BvcwYjND80N1ujBb32rlXn/FBV4NmX+cZgJ4uC
32SvVAYFk1vAl1zddkuiVnVc644yRyvR7wRrAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUX751bl1T38IuPlj5LzD9lFdEr+cwHwYDVR0jBBgwFoAUH0H3cLlh6rXj8C3P
eC/GHGdWJ00wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM1
Mi9IMEgzY0xsaDZyWGo4QzNQZUNfR0hHZFdKMDAuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0gwSDNjTGxoNnJYajhDM1BlQ19HSEdkV0owMC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNTIvSDBIM2NMbGg2clhq
OEMzUGVDX0dIR2RXSjAwLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAB7kiZrPtTdfRrzu9+zvZ09sfj5HzVhOEJkM+NyFVsoP/+TG6t8ZpZ+bO/KA
5/S1SsvFXgAYkY9kIomaTgqhf4nE+9BlbYScCdBpaQBTvOThYC8kPUKfHWs8EXI3
1anwJWakPg/zYAJrFtxj5sQ/I2tCfcwL2aCwBmlG6n+t+iWfROekOidKZ0OenM1W
jAeNYP27QKuBng5dqHkivmfc3a4/dx2NhKjV0dpRCM8INGfOSD0aTMN2nSa7tNMX
3b28DVUzLTzDbhkvAxd5ALOEI+ywXu9dQxgIaP84uJIn7UypS/vwQPHl8qSjQq57
orkOyYxtQ55a453xA+AubfUK81A=
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:32:31 2025 by rpki-client