Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft
File:                     OrqLQlIyvliWg5beMqjrWgXuplg.mft (raw, json)
Hash identifier:          /0eDFEcC/vwd44FnJGs2JO8VrdPu+rCv+E9JnltXfH8=
Subject key identifier:   EE:3D:61:32:5F:A4:15:8F:6D:D8:75:32:51:AA:A0:A4:34:31:9D:AF
Authority key identifier: 3A:BA:8B:42:52:32:BE:58:96:83:96:DE:32:A8:EB:5A:05:EE:A6:58
Certificate issuer:       /CN=3ABA8B425232BE58968396DE32A8EB5A05EEA658
Certificate serial:       17B4
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft
Manifest number:          17AC
Signing time:             Tue 18 Jun 2024 02:56:59 +0000
Manifest this update:     Tue 18 Jun 2024 02:56:59 +0000
Manifest next update:     Tue 18 Jun 2024 08:56:59 +0000
Files and hashes:         1: OrqLQlIyvliWg5beMqjrWgXuplg.crl (hash: EiMrBUldxuWq5/rZnm0cXjbScnMZ9txoVKylzpaHW5M=)
                          2: T7JQBgtQCe9NJUaW5loWBX-SEBM.roa (hash: 7OK1kJ6ReIIQNIb/HQzgm7qrrCc212/9ym0FmN8Mu08=)
                          3: lfGXE2Dj7lPSTQBd4hoV-6JrI8o.roa (hash: HDrnJP6wTiBFKf6i8gFKb+D6qpGFM3BL5iEQVngJdeI=)

Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 18 Jun 2024 08:56:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6068 (0x17b4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ABA8B425232BE58968396DE32A8EB5A05EEA658
        Validity
            Not Before: Jun 18 02:56:59 2024 GMT
            Not After : Jan 31 01:13:46 2025 GMT
        Subject: CN=EE3D61325FA4158F6DD8753251AAA0A434319DAF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:4a:bf:c1:b3:f6:44:ba:99:72:56:cb:1f:b3:
                    33:33:73:4e:03:34:6d:68:51:d4:2e:d3:f3:99:db:
                    a5:47:b5:52:24:59:1f:31:c9:99:f2:42:a3:78:6b:
                    29:d6:70:26:97:8c:3d:d1:bf:0c:04:01:6e:72:9f:
                    9b:41:14:eb:2d:bc:db:b6:ab:ed:2b:5f:1b:a6:f1:
                    56:0b:6e:15:69:89:4b:3e:1f:d3:ce:ae:90:48:ab:
                    fd:07:de:04:40:7a:ef:52:20:c2:c1:bd:b8:2e:19:
                    11:71:82:24:72:ad:09:42:84:cf:0a:ac:7e:6a:f4:
                    93:5e:20:86:65:82:6a:7a:15:fd:29:8e:59:74:0d:
                    0f:73:3f:78:d7:3b:11:e6:7c:af:e1:75:1b:58:82:
                    89:37:b1:c9:6a:b8:11:00:35:25:51:ff:81:2d:9b:
                    80:d6:88:03:10:90:f7:49:06:81:1f:ca:b1:fc:4c:
                    29:f1:db:4c:ca:e2:47:0d:52:28:cb:a5:9c:a0:09:
                    2d:ea:c8:95:1a:a0:bd:2e:93:af:0c:f6:c2:d2:89:
                    66:bc:0a:82:9d:2b:6d:40:29:8c:68:8b:06:85:7f:
                    b7:85:1e:05:92:30:d7:7c:86:66:cb:9a:41:a4:52:
                    7b:e7:f9:ab:be:06:f1:8a:48:85:23:b5:45:f7:6f:
                    ea:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:3D:61:32:5F:A4:15:8F:6D:D8:75:32:51:AA:A0:A4:34:31:9D:AF
            X509v3 Authority Key Identifier:
                keyid:3A:BA:8B:42:52:32:BE:58:96:83:96:DE:32:A8:EB:5A:05:EE:A6:58

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         af:31:7d:0f:85:0c:61:a1:95:d8:dc:ce:c9:d2:09:47:b1:76:
         23:98:f0:80:c9:05:fc:d0:26:32:0b:3d:00:5e:b0:9c:8a:0f:
         1a:3f:d5:08:1b:c4:14:8f:fb:d2:2c:20:dd:d7:8d:38:98:e4:
         00:15:07:77:88:e4:4b:e1:db:51:55:71:ea:3f:a7:33:94:d0:
         5f:ac:73:17:48:38:6c:a7:a3:b9:f5:3c:b5:9f:c7:b1:54:82:
         19:9c:1b:94:33:45:8d:e5:58:1b:1b:a6:68:51:79:ad:db:43:
         40:80:99:b2:ad:07:fb:3e:b6:9a:e6:6b:11:53:0d:f9:02:02:
         dd:2d:5e:d1:41:67:af:d9:1c:06:5c:14:30:3d:c9:d4:57:6a:
         be:0b:93:9a:66:3a:54:a7:c7:3e:4d:c6:e7:1c:86:4c:cd:3e:
         ad:78:20:59:f2:73:7a:b1:2d:37:58:56:f2:85:cc:16:c6:3f:
         8d:01:b0:c7:d5:6f:74:5c:7a:92:e6:46:91:5e:35:4f:80:05:
         7a:8b:0b:9f:96:a7:8e:f4:02:7a:b5:62:c9:6e:e2:db:90:62:
         37:12:9a:59:8c:a5:3c:33:bd:be:2e:a9:66:eb:8b:55:f3:c3:
         fd:ba:2c:9d:78:fb:2d:63:00:46:3c:10:a4:97:05:e8:e4:01:
         93:27:52:27
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICF7QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FC
QThCNDI1MjMyQkU1ODk2ODM5NkRFMzJBOEVCNUEwNUVFQTY1ODAeFw0yNDA2MTgw
MjU2NTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEVFM0Q2MTMyNUZBNDE1
OEY2REQ4NzUzMjUxQUFBMEE0MzQzMTlEQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8Sr/Bs/ZEuplyVssfszMzc04DNG1oUdQu0/OZ26VHtVIkWR8x
yZnyQqN4aynWcCaXjD3RvwwEAW5yn5tBFOstvNu2q+0rXxum8VYLbhVpiUs+H9PO
rpBIq/0H3gRAeu9SIMLBvbguGRFxgiRyrQlChM8KrH5q9JNeIIZlgmp6Ff0pjll0
DQ9zP3jXOxHmfK/hdRtYgok3sclquBEANSVR/4Etm4DWiAMQkPdJBoEfyrH8TCnx
20zK4kcNUijLpZygCS3qyJUaoL0uk68M9sLSiWa8CoKdK21AKYxoiwaFf7eFHgWS
MNd8hmbLmkGkUnvn+au+BvGKSIUjtUX3b+o3AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQU7j1hMl+kFY9t2HUyUaqgpDQxna8wHwYDVR0jBBgwFoAUOrqLQlIyvliWg5be
MqjrWgXuplgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
NS9PcnFMUWxJeXZsaVdnNWJlTXFqcldnWHVwbGcuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09ycUxRbEl5dmxpV2c1YmVNcWpyV2dYdXBsZy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEzNzUvT3JxTFFsSXl2bGlX
ZzViZU1xanJXZ1h1cGxnLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAK8xfQ+FDGGhldjczsnSCUexdiOY8IDJBfzQJjILPQBesJyKDxo/1QgbxBSP
+9IsIN3XjTiY5AAVB3eI5Evh21FVceo/pzOU0F+scxdIOGyno7n1PLWfx7FUghmc
G5QzRY3lWBsbpmhRea3bQ0CAmbKtB/s+tprmaxFTDfkCAt0tXtFBZ6/ZHAZcFDA9
ydRXar4Lk5pmOlSnxz5NxucchkzNPq14IFnyc3qxLTdYVvKFzBbGP40BsMfVb3Rc
epLmRpFeNU+ABXqLC5+Wp470Anq1Yslu4tuQYjcSmlmMpTwzvb4uqWbri1Xzw/26
LJ14+y1jAEY8EKSXBejkAZMnUic=
-----END CERTIFICATE-----
Generated at Tue Jun 18 07:49:12 2024 by rpki-client on console-ams.rpki-client.org