Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft
File:                     2pk_5cBP-fIsUmJjC-w39bOngoU.mft (raw, json)
Hash identifier:          XuBsJ/Z2JFtd9MAL9E63gM7KpyGW5ECq0/IQMV5tlTg=
Subject key identifier:   A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7
Authority key identifier: DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85
Certificate issuer:       /CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285
Certificate serial:       14F3
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft
Manifest number:          14E3
Signing time:             Thu 15 May 2025 11:40:21 +0000
Manifest this update:     Thu 15 May 2025 11:40:21 +0000
Manifest next update:     Thu 15 May 2025 17:40:21 +0000
Files and hashes:         1: 2pk_5cBP-fIsUmJjC-w39bOngoU.crl (hash: rO8ULpvhSuePR7m707UqQyVvjZ3v8p1eB7WG5WULS4A=)
                          2: KbrSp-JA2XF2Ql8hSCrC1CbLt6g.roa (hash: Np74l2zvMHdN3u9vLx3Kbuovv22rSj7qXcnMGAme8L4=)
                          3: OlrGKbm_5LqtcCt6zE3f2bsHpHo.roa (hash: 0InvCCX8dmQtbbbD1TB9/AY+GZmHtnh1y6/8B8fnNSM=)
                          4: Qk4wxenHbplbAEPyAo17a6StqGs.roa (hash: UXr3zkn63bsVxvqJjGYar8uul+wIFQszrhfjj7veZwA=)
                          5: dlLTumfb3n-CxqJRR4-AnMwkLTU.roa (hash: SrHv5LPqu/BzOXfzAj3B6C6PsXwXQaCztouku4z+U28=)
                          6: jW98C7HTYm_wXjqS5OtJTAjhJTY.roa (hash: G5J6kc8fmz2XUL1SW2rQqA/EVmUIlUSPvlgZKJ3/e3E=)
                          7: s_2Y_yMkepo3c3mKpue0BpcLOEI.roa (hash: CCdEmfYF1+caZyf7dDJqMzhEvKYXNEI1lkVqcwoxt4U=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5363 (0x14f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285
        Validity
            Not Before: May 15 11:40:21 2025 GMT
            Not After : Apr  3 08:00:09 2026 GMT
        Subject: CN=A8880B2EBDF535B0D8D63A56238BF38A43E9A1B7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:4b:93:49:2e:47:72:6a:d8:85:17:58:f7:df:
                    75:ba:e5:b5:14:c5:d9:67:d2:2a:33:aa:cb:09:f4:
                    33:9c:2e:fc:b8:3b:59:e0:a1:0a:c5:b4:42:b0:2a:
                    7f:f1:ab:16:58:38:ed:c3:2b:4f:c3:37:8d:b2:5f:
                    18:d6:59:87:95:ea:d5:1f:cd:b4:8f:6b:d0:e6:d8:
                    fa:97:d7:4c:88:69:80:10:89:36:ae:52:ae:63:57:
                    0e:59:77:ef:b0:ab:01:fe:fc:cf:90:f9:d3:8e:7d:
                    37:2c:6a:a3:cf:c7:df:09:93:11:70:a2:f7:41:31:
                    53:04:d8:70:c3:f7:3e:14:d0:3a:4a:15:3f:6f:ff:
                    03:af:f6:5e:1f:a5:c3:d7:0f:e9:c6:ed:a1:be:e8:
                    7a:97:9a:d5:6a:75:96:e8:29:23:f3:87:2a:0a:9c:
                    d6:8f:aa:95:ed:e7:d6:e7:2d:c7:16:d9:59:93:3d:
                    05:14:a4:e2:06:d1:c9:30:ae:d2:b3:19:b3:1b:2b:
                    57:1c:77:67:d7:13:e2:ee:9f:71:d3:b6:66:1b:9c:
                    73:7c:d5:8a:c2:a6:9a:ec:ef:e7:ce:8f:4d:6f:cb:
                    bd:81:cc:93:82:3d:61:ab:61:dd:77:83:2e:8d:2d:
                    9b:07:d5:0d:13:3f:19:e6:e5:fe:84:0b:a1:2b:6d:
                    a7:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7
            X509v3 Authority Key Identifier:
                keyid:DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         13:c6:82:ad:bb:a9:21:ea:39:9f:32:51:4f:3b:f4:03:b7:b2:
         5a:42:c3:99:c4:61:9b:a4:07:9a:93:4a:4e:f8:3b:fa:46:39:
         e4:a6:06:22:35:06:44:bf:69:3d:19:86:13:86:e2:97:57:27:
         34:22:a2:2a:53:72:59:5c:91:7a:42:f2:24:77:78:cd:44:91:
         01:9b:d0:05:2b:f9:3a:aa:15:21:31:40:d2:c9:db:bc:1e:59:
         09:85:21:ca:cd:8c:e5:3e:0e:8b:1a:ad:b2:3a:50:22:a7:d8:
         a2:fd:45:44:78:de:d9:5c:f1:2e:52:86:bb:15:e3:0c:bc:66:
         84:14:74:e4:85:28:df:64:61:6c:1c:cb:7f:6c:30:7b:f0:85:
         c2:d4:80:06:70:f4:d1:32:d0:c6:33:8a:75:5b:3d:8c:eb:b8:
         0c:b9:d0:61:08:c5:b2:20:c3:91:03:ef:e6:ce:05:2f:b1:4f:
         d4:79:71:0d:7d:5a:b7:08:23:0a:28:9f:33:52:ee:6d:66:2e:
         82:66:57:e3:b4:7f:00:aa:85:bd:b0:d6:79:ca:34:64:08:f0:
         17:7e:f4:53:57:36:f3:de:bc:61:c8:ce:05:82:f3:99:77:90:
         38:f7:19:20:42:31:38:46:75:97:99:e3:79:86:65:16:a0:00:
         22:20:6e:65
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICFPMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREE5
OTNGRTVDMDRGRjlGMjJDNTI2MjYzMEJFQzM3RjVCM0E3ODI4NTAeFw0yNTA1MTUx
MTQwMjFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEE4ODgwQjJFQkRGNTM1
QjBEOEQ2M0E1NjIzOEJGMzhBNDNFOUExQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwS5NJLkdyatiFF1j333W65bUUxdln0iozqssJ9DOcLvy4O1ng
oQrFtEKwKn/xqxZYOO3DK0/DN42yXxjWWYeV6tUfzbSPa9Dm2PqX10yIaYAQiTau
Uq5jVw5Zd++wqwH+/M+Q+dOOfTcsaqPPx98JkxFwovdBMVME2HDD9z4U0DpKFT9v
/wOv9l4fpcPXD+nG7aG+6HqXmtVqdZboKSPzhyoKnNaPqpXt59bnLccW2VmTPQUU
pOIG0ckwrtKzGbMbK1ccd2fXE+Lun3HTtmYbnHN81YrCpprs7+fOj01vy72BzJOC
PWGrYd13gy6NLZsH1Q0TPxnm5f6EC6ErbaeVAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQUqIgLLr31NbDY1jpWI4vzikPpobcwHwYDVR0jBBgwFoAU2pk/5cBP+fIsUmJj
C+w39bOngoUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0
LzJwa181Y0JQLWZJc1VtSmpDLXczOWJPbmdvVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMnBrXzVjQlAtZklzVW1KakMtdzM5Yk9uZ29VLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0LzJwa181Y0JQLWZJc1Vt
SmpDLXczOWJPbmdvVS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQATxoKtu6kh6jmfMlFPO/QDt7JaQsOZxGGbpAeak0pO+Dv6RjnkpgYiNQZEv2k9
GYYThuKXVyc0IqIqU3JZXJF6QvIkd3jNRJEBm9AFK/k6qhUhMUDSydu8HlkJhSHK
zYzlPg6LGq2yOlAip9ii/UVEeN7ZXPEuUoa7FeMMvGaEFHTkhSjfZGFsHMt/bDB7
8IXC1IAGcPTRMtDGM4p1Wz2M67gMudBhCMWyIMORA+/mzgUvsU/UeXENfVq3CCMK
KJ8zUu5tZi6CZlfjtH8AqoW9sNZ5yjRkCPAXfvRTVzbz3rxhyM4FgvOZd5A49xkg
QjE4RnWXmeN5hmUWoAAiIG5l
-----END CERTIFICATE-----