Manifest

$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft
File:                     3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft (raw, json)
Hash identifier:          kit3uKxCSsTtJXmOfYzNsxmh2Xqjk8vEEk7d7tNMmnM=
Subject key identifier:   8E:7B:34:6A:C2:31:9D:77:5D:50:0F:31:4C:A3:F7:62:C1:EB:CE:F3
Authority key identifier: 3D:C3:23:89:D8:EB:00:BB:31:C6:A9:5B:34:AF:C8:57:6A:80:7A:0A
Certificate issuer:       /CN=3DC32389D8EB00BB31C6A95B34AFC8576A807A0A
Certificate serial:       1E3A47CB9C597539D5DF4C3DB1DD9A70B125E54A
Authority info access:    rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.cer
Subject info access:      rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft
Manifest number:          EB
Signing time:             Tue 14 Jul 2026 01:50:08 +0000
Manifest this update:     Tue 14 Jul 2026 01:45:08 +0000
Manifest next update:     Wed 15 Jul 2026 03:50:08 +0000
Files and hashes:         1: 3130332e3232332e3132302e302f32342d3234203d3e20313532333230.roa (hash: 5HY0Ue/vWpU1LvYH7L0XmoUxw5TaIDzLdoP5LOndIDk=)
                          2: 34352e3235342e32362e302f32342d3234203d3e20313532333230.roa (hash: zQnT6ObBiJ3XRQBU4LCMwXOfUmhlF2FqQYNCv6Fc46M=)
                          3: 3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.crl (hash: coL7W1hpM45U4zn2QG2Kf7Hu5RCZTBzhAmBydlT2D3c=)
                          4: 34352e3235342e32342e302f32342d3234203d3e20313532333230.roa (hash: HRYgKbtmr+OMYx/1qW6f1p5CaBZOf7Km54MLi7qIJYQ=)
                          5: 3130332e3232332e3132322e302f32342d3234203d3e20313532333230.roa (hash: ENw2cTESVh99EP8BLMv1kqoTtl4yUiDM0XZMs1ujX6o=)
                          6: 3130332e3232332e3132312e302f32342d3234203d3e20313532333230.roa (hash: wzRfwIBhTwNZEHuoPqB4pgLkBoUBXIsG3gE0j7DP/GE=)
                          7: 34352e3235342e32342e302f32322d3234203d3e20313532333230.roa (hash: /jlOtfFFIhy/vioYOPrruZVnaBj+JGwUse/ni91LtIM=)
                          8: 34352e3235342e32372e302f32342d3234203d3e20313532333230.roa (hash: 8ey7xc7GrXn7mmv3ISFSPmAtts9JOcGCGnrt0IYw5NA=)
                          9: 3130332e3232332e3132302e302f32322d3234203d3e20313532333230.roa (hash: QDhDhO+o5EAhmJMJ47IlDxl87DbWK8fpZhIHG6UPABU=)
                          10: 3130332e3232332e3132332e302f32342d3234203d3e20313532333230.roa (hash: BpauxASw+QwtCt0D3PSjlF+wZywrzS5unEAJDnk9hrM=)
                          11: 34352e3235342e32352e302f32342d3234203d3e20313532333230.roa (hash: qjKwVJnGzyI/LX79Tj4cDa3KV/Elv2yjd5+GDsO75bY=)
Validation:               OK
Signature path:           rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.crl
                          rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft
                          rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.cer
                          rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl
                          rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 15 Jul 2026 03:50:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:3a:47:cb:9c:59:75:39:d5:df:4c:3d:b1:dd:9a:70:b1:25:e5:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3DC32389D8EB00BB31C6A95B34AFC8576A807A0A
        Validity
            Not Before: Jul 14 01:45:08 2026 GMT
            Not After : Jul 15 03:50:08 2026 GMT
        Subject: CN=8E7B346AC2319D775D500F314CA3F762C1EBCEF3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:bb:86:7b:4f:ff:96:06:0b:24:59:db:14:de:
                    2f:79:c3:72:fa:ee:7d:f0:e0:03:c0:2a:ad:5f:69:
                    02:18:28:a9:33:75:32:5f:61:08:45:c3:4f:b5:3c:
                    04:14:e5:5e:d6:70:76:28:48:3d:23:28:a0:4c:7d:
                    2a:f9:32:78:60:45:2a:8d:c0:60:4b:2d:d4:13:2f:
                    9e:88:f7:e6:cd:84:9b:aa:61:94:f7:d8:46:30:75:
                    c1:67:b4:df:46:ab:ad:de:6c:99:31:7a:40:c1:9c:
                    35:1d:65:c1:f7:3b:b4:32:3c:99:ea:7d:fa:90:1a:
                    16:69:09:6d:9b:3d:c9:b8:4e:8e:85:a9:f7:01:fa:
                    3f:6d:a9:d4:0f:42:2d:1a:96:73:75:b8:4b:41:49:
                    e7:2c:fd:a7:2c:e9:af:6c:a4:ba:2f:2d:82:b9:d7:
                    16:f7:36:fe:b1:95:33:00:98:f2:3a:bf:76:b0:45:
                    cc:a9:4d:be:28:ee:14:0a:48:21:95:ad:58:f7:3b:
                    8b:af:c3:28:41:1a:d6:6a:0b:f8:bb:94:d5:cd:01:
                    eb:3a:ef:73:58:39:b2:8a:bc:fc:ce:77:1d:49:c5:
                    ba:8f:67:9e:04:e9:3d:1a:63:e3:2c:29:ea:62:7f:
                    8b:ac:ac:65:8f:3c:17:53:db:5e:a5:75:fc:0f:6c:
                    02:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:7B:34:6A:C2:31:9D:77:5D:50:0F:31:4C:A3:F7:62:C1:EB:CE:F3
            X509v3 Authority Key Identifier:
                keyid:3D:C3:23:89:D8:EB:00:BB:31:C6:A9:5B:34:AF:C8:57:6A:80:7A:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4d:79:96:4f:ff:d2:59:31:68:6d:55:98:ef:cc:0b:d6:71:b4:
         8e:f1:83:7c:0b:82:e7:d2:c1:d5:2f:bb:85:83:5f:fa:ac:18:
         ad:8d:87:3f:ba:df:13:97:35:dc:14:30:a1:5f:a1:fd:ac:cb:
         73:d4:7d:e9:16:63:db:18:44:c0:b0:4b:e1:3e:96:d5:5f:ed:
         0a:82:7d:2b:88:f9:61:cb:76:e3:2e:a7:c6:bd:2f:03:65:3a:
         3d:57:49:74:ae:4f:a6:de:44:50:9b:c3:ce:f4:4b:98:65:fc:
         91:68:2d:27:82:64:1f:71:81:86:d6:55:b5:10:72:8c:24:a1:
         56:a2:af:21:b1:92:c7:80:a1:3c:82:99:af:99:4b:ca:46:29:
         25:76:e6:a0:93:2d:60:ea:da:5d:cd:6a:35:29:2e:11:07:c5:
         3c:72:cc:31:0b:47:ac:89:16:ff:76:3d:df:7e:f4:11:63:a1:
         64:63:9d:2f:54:bd:ac:6c:a5:16:c5:c6:00:8f:62:da:d6:ba:
         fc:03:57:86:6e:4c:a8:27:dc:cf:c2:a3:02:20:cd:65:e7:90:
         bc:da:b2:f0:0a:50:40:9b:6b:8f:71:cb:aa:65:55:6c:c2:77:
         2b:dd:60:7e:9d:e1:c8:2b:b7:7d:37:b1:4b:b8:e9:10:e6:a1:
         b7:30:99:53
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUHjpHy5xZdTnV30w9sd2acLEl5UowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0RDMzIzODlEOEVCMDBCQjMxQzZBOTVCMzRBRkM4NTc2
QTgwN0EwQTAeFw0yNjA3MTQwMTQ1MDhaFw0yNjA3MTUwMzUwMDhaMDMxMTAvBgNV
BAMTKDhFN0IzNDZBQzIzMTlENzc1RDUwMEYzMTRDQTNGNzYyQzFFQkNFRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCku4Z7T/+WBgskWdsU3i95w3L6
7n3w4APAKq1faQIYKKkzdTJfYQhFw0+1PAQU5V7WcHYoSD0jKKBMfSr5MnhgRSqN
wGBLLdQTL56I9+bNhJuqYZT32EYwdcFntN9Gq63ebJkxekDBnDUdZcH3O7QyPJnq
ffqQGhZpCW2bPcm4To6FqfcB+j9tqdQPQi0alnN1uEtBSecs/acs6a9spLovLYK5
1xb3Nv6xlTMAmPI6v3awRcypTb4o7hQKSCGVrVj3O4uvwyhBGtZqC/i7lNXNAes6
73NYObKKvPzOdx1JxbqPZ54E6T0aY+MsKepif4usrGWPPBdT216ldfwPbAJHAgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQUjns0asIxnXddUA8xTKP3YsHrzvMwHwYDVR0j
BBgwFoAUPcMjidjrALsxxqlbNK/IV2qAegowDgYDVR0PAQH/BAQDAgeAMHMGA1Ud
HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2
NTU4ODU1MzEyOTg1MjkzMS8wLzNEQzMyMzg5RDhFQjAwQkIzMUM2QTk1QjM0QUZD
ODU3NkE4MDdBMEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5
bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1
LzEvM0RDMzIzODlEOEVCMDBCQjMxQzZBOTVCMzRBRkM4NTc2QTgwN0EwQS5jZXIw
fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu
bmljLmNuL3JlcG8vQTEwNjU1ODg1NTMxMjk4NTI5MzEvMC8zREMzMjM4OUQ4RUIw
MEJCMzFDNkE5NUIzNEFGQzg1NzZBODA3QTBBLm1mdDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI
KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATXmWT//SWTFo
bVWY78wL1nG0jvGDfAuC59LB1S+7hYNf+qwYrY2HP7rfE5c13BQwoV+h/azLc9R9
6RZj2xhEwLBL4T6W1V/tCoJ9K4j5Yct24y6nxr0vA2U6PVdJdK5Ppt5EUJvDzvRL
mGX8kWgtJ4JkH3GBhtZVtRByjCShVqKvIbGSx4ChPIKZr5lLykYpJXbmoJMtYOra
Xc1qNSkuEQfFPHLMMQtHrIkW/3Y93370EWOhZGOdL1S9rGylFsXGAI9i2ta6/ANX
hm5MqCfcz8KjAiDNZeeQvNqy8ApQQJtrj3HLqmVVbMJ3K91gfp3hyCu3fTexS7jp
EOahtzCZUw==
-----END CERTIFICATE-----
Generated at Tue Jul 14 20:08:07 2026 by rpki-client