Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/531/kVqAAtZ3_BY7dHWcHL8-b8IfNF0.mft
File:                     kVqAAtZ3_BY7dHWcHL8-b8IfNF0.mft (raw, json)
Hash identifier:          v5OUfyNNjq/aI2kRxFE3t2tueByfsFasBtvKPxN8OdU=
Subject key identifier:   E9:FC:E1:1C:80:A9:EC:0A:48:C7:6A:8E:AA:5D:DC:AC:B7:47:36:1D
Authority key identifier: 91:5A:80:02:D6:77:FC:16:3B:74:75:9C:1C:BF:3E:6F:C2:1F:34:5D
Certificate issuer:       /CN=915A8002D677FC163B74759C1CBF3E6FC21F345D
Certificate serial:       46D7
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kVqAAtZ3_BY7dHWcHL8-b8IfNF0.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/531/kVqAAtZ3_BY7dHWcHL8-b8IfNF0.mft
Manifest number:          46D7
Signing time:             Fri 04 Jul 2025 05:15:27 +0000
Manifest this update:     Fri 04 Jul 2025 05:15:27 +0000
Manifest next update:     Fri 04 Jul 2025 11:15:27 +0000
Files and hashes:         1: kVqAAtZ3_BY7dHWcHL8-b8IfNF0.crl (hash: FuHpN5fh5a0fy9ewwvD/UDvyT/dozF60IL008QJ/zHI=)
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/531/kVqAAtZ3_BY7dHWcHL8-b8IfNF0.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/531/kVqAAtZ3_BY7dHWcHL8-b8IfNF0.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kVqAAtZ3_BY7dHWcHL8-b8IfNF0.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 04 Jul 2025 11:15:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18135 (0x46d7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=915A8002D677FC163B74759C1CBF3E6FC21F345D
        Validity
            Not Before: Jul  4 05:15:27 2025 GMT
            Not After : Apr  3 08:00:09 2026 GMT
        Subject: CN=E9FCE11C80A9EC0A48C76A8EAA5DDCACB747361D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:98:e4:46:b4:dd:13:5d:c9:8c:9c:ee:e1:b5:
                    23:9e:c3:76:6b:82:86:e3:91:63:cb:a9:25:99:d2:
                    ef:0c:df:59:09:a1:4f:6f:97:d9:b7:f2:dd:d0:58:
                    a4:f6:5b:31:e0:40:d5:8b:f7:e1:82:dd:ad:bc:81:
                    93:21:69:eb:80:a7:b1:42:87:0b:0f:83:e6:c7:19:
                    e2:f9:ca:c4:dd:fc:90:9e:b3:71:27:04:5b:f6:06:
                    e4:1b:54:5a:b3:a3:c0:95:33:a0:1a:24:11:0d:68:
                    27:ba:db:a8:23:95:96:e9:1d:8c:74:76:03:97:86:
                    b2:b4:b6:70:31:6b:15:ad:6f:72:21:51:7c:b6:6d:
                    60:a2:e0:6d:21:25:5c:e7:4d:15:94:c1:0b:20:f8:
                    ac:9a:78:09:c5:99:8b:66:a6:7e:58:f0:44:bb:ac:
                    71:29:3d:09:22:ec:56:3b:52:ec:29:7e:6c:e3:3c:
                    81:42:40:6e:21:8d:76:4c:2c:8e:da:b2:0b:1d:fb:
                    58:f8:a5:d4:88:57:3d:f6:11:88:b1:60:5e:f7:f8:
                    e1:53:83:64:6d:a3:c9:35:bb:9b:d5:f2:8a:10:76:
                    4f:45:77:e3:e3:c9:6f:3b:7f:79:f7:71:b5:1e:0c:
                    7e:74:52:12:c7:b2:5f:a7:b3:19:1a:29:fb:6a:fc:
                    da:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:FC:E1:1C:80:A9:EC:0A:48:C7:6A:8E:AA:5D:DC:AC:B7:47:36:1D
            X509v3 Authority Key Identifier:
                keyid:91:5A:80:02:D6:77:FC:16:3B:74:75:9C:1C:BF:3E:6F:C2:1F:34:5D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/531/kVqAAtZ3_BY7dHWcHL8-b8IfNF0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kVqAAtZ3_BY7dHWcHL8-b8IfNF0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/531/kVqAAtZ3_BY7dHWcHL8-b8IfNF0.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         10:3b:8d:0b:56:15:9c:1d:f6:03:80:c0:83:39:d1:89:54:0f:
         3e:2b:f6:41:71:0f:0d:2d:93:c0:8a:cf:4b:7a:eb:73:bc:99:
         42:77:dc:a0:ab:73:66:97:35:97:aa:c6:83:d3:eb:cf:93:43:
         dd:51:d4:bc:1f:53:cd:16:f4:f0:ed:68:0d:8c:45:49:43:70:
         0f:40:65:6a:d4:5b:dc:f7:a0:45:38:33:6b:58:8a:6d:a9:b5:
         a6:ef:31:e1:52:62:d0:af:a1:f4:dd:b3:36:3f:31:07:62:3d:
         e3:ce:61:a7:29:20:cd:bd:18:91:f6:24:3c:ba:ab:37:b8:d4:
         42:8f:2d:40:dc:95:05:18:55:ad:66:b4:96:56:e8:25:52:3c:
         81:18:f1:6d:f5:40:83:e0:8f:94:69:1b:03:d4:7e:9e:77:3b:
         04:f6:3d:0b:78:37:42:14:c6:ad:fd:6e:72:69:0f:a3:92:5a:
         0d:5a:60:6b:d2:5b:1b:e9:97:86:ed:ac:ee:fa:16:17:41:a8:
         71:b7:b1:0a:af:3f:a4:1d:3d:01:c4:4b:00:32:28:d7:20:a4:
         c3:5e:af:ab:be:7d:ef:82:93:c1:7f:25:f8:68:63:96:0e:98:
         dd:70:ef:88:0a:ee:05:06:cb:5c:3d:0d:ac:c5:e3:b5:fc:18:
         19:97:da:0f
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICRtcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTE1
QTgwMDJENjc3RkMxNjNCNzQ3NTlDMUNCRjNFNkZDMjFGMzQ1RDAeFw0yNTA3MDQw
NTE1MjdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEU5RkNFMTFDODBBOUVD
MEE0OEM3NkE4RUFBNUREQ0FDQjc0NzM2MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvmORGtN0TXcmMnO7htSOew3ZrgobjkWPLqSWZ0u8M31kJoU9v
l9m38t3QWKT2WzHgQNWL9+GC3a28gZMhaeuAp7FChwsPg+bHGeL5ysTd/JCes3En
BFv2BuQbVFqzo8CVM6AaJBENaCe626gjlZbpHYx0dgOXhrK0tnAxaxWtb3IhUXy2
bWCi4G0hJVznTRWUwQsg+KyaeAnFmYtmpn5Y8ES7rHEpPQki7FY7UuwpfmzjPIFC
QG4hjXZMLI7asgsd+1j4pdSIVz32EYixYF73+OFTg2Rto8k1u5vV8ooQdk9Fd+Pj
yW87f3n3cbUeDH50UhLHsl+nsxkaKftq/NplAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQU6fzhHICp7ApIx2qOql3crLdHNh0wHwYDVR0jBBgwFoAUkVqAAtZ3/BY7dHWc
HL8+b8IfNF0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTMx
L2tWcUFBdFozX0JZN2RIV2NITDgtYjhJZk5GMC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAva1ZxQUF0WjNfQlk3ZEhXY0hMOC1iOElmTkYwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTMxL2tWcUFBdFozX0JZN2RI
V2NITDgtYjhJZk5GMC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQAQO40LVhWcHfYDgMCDOdGJVA8+K/ZBcQ8NLZPAis9LeutzvJlCd9ygq3NmlzWX
qsaD0+vPk0PdUdS8H1PNFvTw7WgNjEVJQ3APQGVq1Fvc96BFODNrWIptqbWm7zHh
UmLQr6H03bM2PzEHYj3jzmGnKSDNvRiR9iQ8uqs3uNRCjy1A3JUFGFWtZrSWVugl
UjyBGPFt9UCD4I+UaRsD1H6edzsE9j0LeDdCFMat/W5yaQ+jkloNWmBr0lsb6ZeG
7azu+hYXQahxt7EKrz+kHT0BxEsAMijXIKTDXq+rvn3vgpPBfyX4aGOWDpjdcO+I
Cu4FBstcPQ2sxeO1/BgZl9oP
-----END CERTIFICATE-----
Generated at Fri Jul 4 10:09:58 2025 by rpki-client