Manifest

$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft
File:                     D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft (raw, json)
Hash identifier:          mVk+SvVYo15Cfc38zR9On6RwfUJShIwe2OD+d6cUUZg=
Subject key identifier:   2B:08:7F:F2:04:C3:7B:A9:5F:5D:18:9A:B6:E2:22:FC:DC:C9:EC:96
Authority key identifier: D2:FF:1D:7C:6D:F1:DD:77:5A:61:06:97:0D:05:FF:44:BC:AD:19:43
Certificate issuer:       /CN=D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943
Certificate serial:       08C47FDE3FAA542927272552BFF0F4B4A16FF2EF
Authority info access:    rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer
Subject info access:      rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft
Manifest number:          EC
Signing time:             Tue 14 Jul 2026 12:26:15 +0000
Manifest this update:     Tue 14 Jul 2026 12:21:15 +0000
Manifest next update:     Wed 15 Jul 2026 13:56:15 +0000
Files and hashes:         1: D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl (hash: oIi6lQIjLbD93rmJrY8GdfhxBslPPci8HVebpFaAkCQ=)
                          2: 323430623a613030303a6663333a3a2f34382d3438203d3e20313531333033.roa (hash: TiSdjmUDUZ7Io/2Ke/Pu2qkV+pzBX0aVcs8lYCtTick=)
Validation:               OK
Signature path:           rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl
                          rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft
                          rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer
                          rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl
                          rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 15 Jul 2026 13:56:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:c4:7f:de:3f:aa:54:29:27:27:25:52:bf:f0:f4:b4:a1:6f:f2:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943
        Validity
            Not Before: Jul 14 12:21:15 2026 GMT
            Not After : Jul 15 13:56:15 2026 GMT
        Subject: CN=2B087FF204C37BA95F5D189AB6E222FCDCC9EC96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:85:a2:ec:54:21:f6:9d:98:d5:a8:d0:ca:3e:
                    8a:02:ab:8e:81:12:28:98:af:a6:11:67:39:92:fe:
                    59:af:e3:fc:a0:45:27:a8:99:36:68:80:46:3d:be:
                    55:e1:6e:b6:89:82:bc:e5:27:67:30:00:bf:61:8a:
                    40:54:3c:2e:bf:81:5e:0f:b5:28:8b:4b:7c:6d:70:
                    a6:0a:8a:c4:c2:42:ca:50:5d:10:72:55:87:61:e7:
                    74:63:f9:57:d0:3d:73:55:14:b0:cd:40:02:09:9a:
                    74:18:9c:7e:ac:76:9e:f4:35:15:19:7b:cf:4b:4b:
                    f7:4d:f3:2c:3c:7a:52:10:57:ad:0f:e3:27:10:66:
                    25:75:74:83:33:59:20:d9:d5:2f:c7:84:97:f2:fc:
                    33:7c:60:27:50:51:de:2a:d2:ed:f3:67:f8:b4:52:
                    ed:8d:bb:69:d6:65:d7:0f:88:fb:70:c7:bf:56:43:
                    d9:f8:9d:63:fc:1c:f4:2f:c4:0c:df:ea:1e:d8:63:
                    f9:cc:0f:30:b8:d9:ff:4b:79:12:d6:a6:11:9d:32:
                    6c:65:4e:7a:8e:ad:94:0e:af:c1:94:c2:d0:b7:80:
                    43:87:3a:7d:eb:36:4b:4d:03:42:83:35:bf:c4:d0:
                    9f:19:62:23:72:54:84:31:37:79:84:04:ea:c5:64:
                    ac:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:08:7F:F2:04:C3:7B:A9:5F:5D:18:9A:B6:E2:22:FC:DC:C9:EC:96
            X509v3 Authority Key Identifier:
                keyid:D2:FF:1D:7C:6D:F1:DD:77:5A:61:06:97:0D:05:FF:44:BC:AD:19:43

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065585389265551361/0/D2FF1D7C6DF1DD775A6106970D05FF44BCAD1943.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         6a:c4:28:e1:3e:48:26:46:5e:1d:d3:5e:f3:85:88:b6:d5:36:
         a7:7c:87:a3:72:90:94:22:54:58:82:eb:d0:18:14:6b:18:2e:
         68:9e:92:e6:c6:cd:12:25:f9:19:49:fc:04:15:aa:a6:cc:8b:
         2e:6b:c4:43:8e:bf:8c:2a:36:65:28:2d:1e:60:1b:f7:05:69:
         7c:35:9c:c3:3c:1a:56:96:d6:2e:47:b7:d5:45:9c:9d:fe:b3:
         6d:f6:d0:80:15:70:9a:c3:94:30:7c:20:e6:e1:29:f3:90:bf:
         fc:6d:75:94:41:83:a5:4d:36:91:d2:62:64:d9:0e:bb:5d:ff:
         d8:d6:fb:e6:67:75:f1:c8:2c:74:32:a9:4b:f5:23:42:e2:0e:
         ec:66:ea:90:06:a9:88:69:05:9a:d4:de:73:58:38:a9:54:7e:
         86:c5:29:30:8b:72:fa:a1:42:87:51:35:26:0e:de:c8:4a:5b:
         94:ca:ac:52:19:08:4e:d9:ed:18:bf:6f:5e:b8:7b:87:0c:ef:
         1b:cc:82:87:16:d4:4c:f6:e8:c9:e6:f7:7e:bb:d2:6e:12:f9:
         61:1c:44:9b:a5:a0:b7:05:1d:a1:a8:9f:c4:28:86:34:d9:94:
         55:e9:a4:1c:0d:b6:6d:b4:38:99:ad:79:5f:c5:41:03:04:2f:
         a4:5f:09:16
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUCMR/3j+qVCknJyVSv/D0tKFv8u8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDJGRjFEN0M2REYxREQ3NzVBNjEwNjk3MEQwNUZGNDRC
Q0FEMTk0MzAeFw0yNjA3MTQxMjIxMTVaFw0yNjA3MTUxMzU2MTVaMDMxMTAvBgNV
BAMTKDJCMDg3RkYyMDRDMzdCQTk1RjVEMTg5QUI2RTIyMkZDRENDOUVDOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIhaLsVCH2nZjVqNDKPooCq46B
EiiYr6YRZzmS/lmv4/ygRSeomTZogEY9vlXhbraJgrzlJ2cwAL9hikBUPC6/gV4P
tSiLS3xtcKYKisTCQspQXRByVYdh53Rj+VfQPXNVFLDNQAIJmnQYnH6sdp70NRUZ
e89LS/dN8yw8elIQV60P4ycQZiV1dIMzWSDZ1S/HhJfy/DN8YCdQUd4q0u3zZ/i0
Uu2Nu2nWZdcPiPtwx79WQ9n4nWP8HPQvxAzf6h7YY/nMDzC42f9LeRLWphGdMmxl
TnqOrZQOr8GUwtC3gEOHOn3rNktNA0KDNb/E0J8ZYiNyVIQxN3mEBOrFZKzpAgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQUKwh/8gTDe6lfXRiatuIi/NzJ7JYwHwYDVR0j
BBgwFoAU0v8dfG3x3XdaYQaXDQX/RLytGUMwDgYDVR0PAQH/BAQDAgeAMHMGA1Ud
HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2
NTU4NTM4OTI2NTU1MTM2MS8wL0QyRkYxRDdDNkRGMURENzc1QTYxMDY5NzBEMDVG
RjQ0QkNBRDE5NDMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5
bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1
LzEvRDJGRjFEN0M2REYxREQ3NzVBNjEwNjk3MEQwNUZGNDRCQ0FEMTk0My5jZXIw
fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu
bmljLmNuL3JlcG8vQTEwNjU1ODUzODkyNjU1NTEzNjEvMC9EMkZGMUQ3QzZERjFE
RDc3NUE2MTA2OTcwRDA1RkY0NEJDQUQxOTQzLm1mdDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI
KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAasQo4T5IJkZe
HdNe84WIttU2p3yHo3KQlCJUWILr0BgUaxguaJ6S5sbNEiX5GUn8BBWqpsyLLmvE
Q46/jCo2ZSgtHmAb9wVpfDWcwzwaVpbWLke31UWcnf6zbfbQgBVwmsOUMHwg5uEp
85C//G11lEGDpU02kdJiZNkOu13/2Nb75md18cgsdDKpS/UjQuIO7GbqkAapiGkF
mtTec1g4qVR+hsUpMIty+qFCh1E1Jg7eyEpblMqsUhkITtntGL9vXrh7hwzvG8yC
hxbUTPboyeb3frvSbhL5YRxEm6WgtwUdoaifxCiGNNmUVemkHA22bbQ4ma15X8VB
AwQvpF8JFg==
-----END CERTIFICATE-----
Generated at Tue Jul 14 20:05:05 2026 by rpki-client