Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft
File:                     2pk_5cBP-fIsUmJjC-w39bOngoU.mft (raw, json)
Hash identifier:          s74XbulAGJ8gUVwQBHOji0Y38APoCTSo4Tb/YsbkcVI=
Subject key identifier:   A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7
Authority key identifier: DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85
Certificate issuer:       /CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285
Certificate serial:       16DE
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft
Manifest number:          16CE
Signing time:             Sat 23 Aug 2025 06:04:07 +0000
Manifest this update:     Sat 23 Aug 2025 06:04:07 +0000
Manifest next update:     Sat 23 Aug 2025 12:04:07 +0000
Files and hashes:         1: 2pk_5cBP-fIsUmJjC-w39bOngoU.crl (hash: qLYAE/C0VTv2eccr/fwe+awGJWDEh3DSGYFeXbhsc1I=)
                          2: KbrSp-JA2XF2Ql8hSCrC1CbLt6g.roa (hash: Np74l2zvMHdN3u9vLx3Kbuovv22rSj7qXcnMGAme8L4=)
                          3: OlrGKbm_5LqtcCt6zE3f2bsHpHo.roa (hash: 0InvCCX8dmQtbbbD1TB9/AY+GZmHtnh1y6/8B8fnNSM=)
                          4: Qk4wxenHbplbAEPyAo17a6StqGs.roa (hash: UXr3zkn63bsVxvqJjGYar8uul+wIFQszrhfjj7veZwA=)
                          5: dlLTumfb3n-CxqJRR4-AnMwkLTU.roa (hash: SrHv5LPqu/BzOXfzAj3B6C6PsXwXQaCztouku4z+U28=)
                          6: jW98C7HTYm_wXjqS5OtJTAjhJTY.roa (hash: G5J6kc8fmz2XUL1SW2rQqA/EVmUIlUSPvlgZKJ3/e3E=)
                          7: s_2Y_yMkepo3c3mKpue0BpcLOEI.roa (hash: CCdEmfYF1+caZyf7dDJqMzhEvKYXNEI1lkVqcwoxt4U=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5854 (0x16de)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285
        Validity
            Not Before: Aug 23 06:04:07 2025 GMT
            Not After : Aug  3 08:44:40 2026 GMT
        Subject: CN=A8880B2EBDF535B0D8D63A56238BF38A43E9A1B7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:4b:93:49:2e:47:72:6a:d8:85:17:58:f7:df:
                    75:ba:e5:b5:14:c5:d9:67:d2:2a:33:aa:cb:09:f4:
                    33:9c:2e:fc:b8:3b:59:e0:a1:0a:c5:b4:42:b0:2a:
                    7f:f1:ab:16:58:38:ed:c3:2b:4f:c3:37:8d:b2:5f:
                    18:d6:59:87:95:ea:d5:1f:cd:b4:8f:6b:d0:e6:d8:
                    fa:97:d7:4c:88:69:80:10:89:36:ae:52:ae:63:57:
                    0e:59:77:ef:b0:ab:01:fe:fc:cf:90:f9:d3:8e:7d:
                    37:2c:6a:a3:cf:c7:df:09:93:11:70:a2:f7:41:31:
                    53:04:d8:70:c3:f7:3e:14:d0:3a:4a:15:3f:6f:ff:
                    03:af:f6:5e:1f:a5:c3:d7:0f:e9:c6:ed:a1:be:e8:
                    7a:97:9a:d5:6a:75:96:e8:29:23:f3:87:2a:0a:9c:
                    d6:8f:aa:95:ed:e7:d6:e7:2d:c7:16:d9:59:93:3d:
                    05:14:a4:e2:06:d1:c9:30:ae:d2:b3:19:b3:1b:2b:
                    57:1c:77:67:d7:13:e2:ee:9f:71:d3:b6:66:1b:9c:
                    73:7c:d5:8a:c2:a6:9a:ec:ef:e7:ce:8f:4d:6f:cb:
                    bd:81:cc:93:82:3d:61:ab:61:dd:77:83:2e:8d:2d:
                    9b:07:d5:0d:13:3f:19:e6:e5:fe:84:0b:a1:2b:6d:
                    a7:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7
            X509v3 Authority Key Identifier:
                keyid:DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:6f:8c:44:c6:ed:ce:d4:49:20:c2:d9:b5:66:18:36:ee:99:
         d1:17:c3:d5:d0:55:03:ae:a2:45:d8:f7:9a:8d:10:c9:14:70:
         5a:6e:96:eb:d7:fa:14:b6:a5:f9:b5:72:f4:77:55:b0:5e:06:
         4d:f0:ff:07:ca:25:28:ae:3c:7e:b5:e7:6b:0c:ac:f3:bd:c2:
         52:42:e2:30:0f:5f:6c:1a:e6:79:0c:0b:f5:e8:09:46:9d:e6:
         ab:0e:1e:aa:fa:39:f2:cb:fc:28:a4:21:9a:83:55:c4:89:55:
         b2:a5:d7:d4:8a:8f:67:45:93:43:36:b2:54:e6:f9:f5:c1:24:
         a8:de:65:3b:16:0b:fc:9f:e3:22:ca:3a:79:31:02:b0:c7:c6:
         7b:15:8e:3e:a6:24:de:a0:e7:82:19:43:fd:60:a6:10:82:da:
         f6:88:7b:d6:43:3a:d3:29:5b:6d:6b:51:13:eb:70:6f:a0:8e:
         90:5e:ff:93:8d:c6:f7:bd:61:1e:f6:3c:ce:19:2b:0a:82:f0:
         1a:bb:9a:ea:cb:7b:88:da:67:75:f9:84:41:a2:55:10:f0:39:
         2b:59:6e:cc:63:52:35:0f:3d:51:58:a2:cc:8f:93:9a:d2:17:
         c8:c7:25:da:63:65:54:59:fd:2f:51:7b:c4:b8:32:e7:bc:29:
         4d:8d:c4:43
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICFt4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREE5
OTNGRTVDMDRGRjlGMjJDNTI2MjYzMEJFQzM3RjVCM0E3ODI4NTAeFw0yNTA4MjMw
NjA0MDdaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEE4ODgwQjJFQkRGNTM1
QjBEOEQ2M0E1NjIzOEJGMzhBNDNFOUExQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwS5NJLkdyatiFF1j333W65bUUxdln0iozqssJ9DOcLvy4O1ng
oQrFtEKwKn/xqxZYOO3DK0/DN42yXxjWWYeV6tUfzbSPa9Dm2PqX10yIaYAQiTau
Uq5jVw5Zd++wqwH+/M+Q+dOOfTcsaqPPx98JkxFwovdBMVME2HDD9z4U0DpKFT9v
/wOv9l4fpcPXD+nG7aG+6HqXmtVqdZboKSPzhyoKnNaPqpXt59bnLccW2VmTPQUU
pOIG0ckwrtKzGbMbK1ccd2fXE+Lun3HTtmYbnHN81YrCpprs7+fOj01vy72BzJOC
PWGrYd13gy6NLZsH1Q0TPxnm5f6EC6ErbaeVAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQUqIgLLr31NbDY1jpWI4vzikPpobcwHwYDVR0jBBgwFoAU2pk/5cBP+fIsUmJj
C+w39bOngoUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0
LzJwa181Y0JQLWZJc1VtSmpDLXczOWJPbmdvVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMnBrXzVjQlAtZklzVW1KakMtdzM5Yk9uZ29VLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0LzJwa181Y0JQLWZJc1Vt
SmpDLXczOWJPbmdvVS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQAfb4xExu3O1Ekgwtm1Zhg27pnRF8PV0FUDrqJF2PeajRDJFHBabpbr1/oUtqX5
tXL0d1WwXgZN8P8HyiUorjx+tedrDKzzvcJSQuIwD19sGuZ5DAv16AlGnearDh6q
+jnyy/wopCGag1XEiVWypdfUio9nRZNDNrJU5vn1wSSo3mU7Fgv8n+Miyjp5MQKw
x8Z7FY4+piTeoOeCGUP9YKYQgtr2iHvWQzrTKVtta1ET63BvoI6QXv+Tjcb3vWEe
9jzOGSsKgvAau5rqy3uI2md1+YRBolUQ8DkrWW7MY1I1Dz1RWKLMj5Oa0hfIxyXa
Y2VUWf0vUXvEuDLnvClNjcRD
-----END CERTIFICATE-----