Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
File:                     iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft (raw, json)
Hash identifier:          9E6aTAyEXnpTb/92juPm7A/Q23SBDqnRFkruBy8HfAI=
Subject key identifier:   5A:CA:5A:E6:10:3E:84:98:34:5B:CB:AB:D4:7A:44:3A:C0:93:C2:5A
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Certificate issuer:       /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial:       253C
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
Manifest number:          2066
Signing time:             Thu 30 Jan 2025 19:55:27 +0000
Manifest this update:     Thu 30 Jan 2025 19:55:27 +0000
Manifest next update:     Fri 31 Jan 2025 01:55:27 +0000
Files and hashes:         1: 6f5E7d7WPmZSftgs9ezOKogP4Ds.roa (hash: HkXsm2cg6s99F50j5mNIIXYYWPHYSg307dJAHV2SP50=)
                          2: 76cx8fquGQlU67eDFsoViD7rZXg.roa (hash: n9L11ufu3a/2aLZGTCC1juQpzKRigFfe6Jl/VTLRgWE=)
                          3: IiRFLwykCE55foHlT9Cyoni3dog.roa (hash: VZF43H+/Xb7dNEQdKEoiW4pZUDAI+mWd5eoYGgXSAoQ=)
                          4: Mw0AMcJ331Zk3LfIw4rGUcMnjA0.roa (hash: 6MvuvsWQ1pBcXJjGGEiPX7d7itOpdEaZUyt9brNvtkc=)
                          5: Upm3NFNJTgjaImZFTPOwqDOsodw.roa (hash: kxTQwsh8Ui9oq+ANhu0QENlwzWm7FjQWP+tuXPa7kKg=)
                          6: _sY32bpnYHuhk-LoecC86lNfRZU.roa (hash: DZvK3eIm+gzA0uWRZkODAbVkxm4LmEKJ1L+/jHrS4f8=)
                          7: iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl (hash: IFE+C46ZNm32Aylvjqbkeo+S59d3IGhyutYJ8QbO/LE=)
                          8: l7pq8USURZhbMz4dVzkliHTwzqc.roa (hash: FU4ykIIBjhclH3fHhZphmbq+W7cmGCCpYPTRAjwQDAc=)
                          9: n_fbJzcBeone-VCh6IJkLgJw3EE.roa (hash: bjY0FSjeG6Q2w9vrLDF+3orzuQJRmNxrodxNW24XpDg=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9532 (0x253c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
        Validity
            Not Before: Jan 30 19:55:27 2025 GMT
            Not After : Jan 31 01:13:46 2025 GMT
        Subject: CN=5ACA5AE6103E8498345BCBABD47A443AC093C25A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:f0:f9:68:52:99:6a:aa:0f:1d:28:ef:d6:32:
                    00:4b:4b:5b:e0:b8:b8:b9:11:b3:01:db:61:3e:66:
                    5e:29:0d:9d:15:62:48:a5:9a:8d:56:e4:ae:2c:e8:
                    d7:c7:ad:fb:37:56:a2:f7:b7:17:64:bc:75:c9:84:
                    df:61:26:6d:a0:94:db:60:2d:da:09:36:45:28:f1:
                    d9:ff:98:4e:b8:6d:f9:7d:32:b4:c8:d5:ca:98:92:
                    04:70:f3:f0:98:8f:66:02:98:6f:8d:f9:48:98:68:
                    17:4b:99:d3:16:04:49:11:32:f7:db:5b:8e:bd:6c:
                    8f:e9:20:b7:11:b0:c5:47:f9:69:82:e9:84:ed:8d:
                    46:2e:a3:90:74:d5:31:bc:f7:36:b9:26:77:39:bb:
                    0f:c7:e2:59:11:83:9b:c8:41:1d:4c:cc:1f:5a:13:
                    99:ba:9a:1b:70:9d:f1:5e:88:99:c5:73:23:eb:c3:
                    8f:0b:61:f0:8d:d7:54:84:5a:9f:93:5a:c3:22:fa:
                    c0:7a:0c:ee:bb:c9:34:3d:82:18:5f:52:96:8f:e1:
                    e9:1f:4e:be:5b:ad:e5:88:61:79:9c:22:91:1f:64:
                    62:5b:6f:0e:0b:c8:6a:9d:34:03:13:56:2b:5f:36:
                    b6:75:4f:d2:79:06:ae:67:e0:7f:59:46:9c:66:2e:
                    22:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:CA:5A:E6:10:3E:84:98:34:5B:CB:AB:D4:7A:44:3A:C0:93:C2:5A
            X509v3 Authority Key Identifier:
                keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         04:6e:f7:ca:b9:67:2c:8a:4e:cf:b8:24:18:d5:ba:14:22:7a:
         4c:56:f8:44:3f:46:57:f0:6d:9f:7a:26:36:c0:e3:02:5c:6c:
         63:b7:19:a6:14:d6:6e:7c:52:cd:6f:a5:9a:9f:7c:18:fe:5c:
         59:af:f0:e2:a1:5b:25:8e:13:af:61:7b:67:46:94:e7:67:c5:
         e5:93:14:ec:12:f0:a0:75:be:bc:34:6f:84:62:2d:89:0a:c6:
         a6:ba:a0:64:1f:33:b8:d1:51:c9:aa:0d:6e:a5:79:78:84:5f:
         5d:75:46:bd:2c:a7:bf:8b:1f:06:c0:6b:bc:21:e3:60:62:f2:
         c7:a8:8b:7f:0a:9d:0f:41:fb:ac:98:59:96:ee:ba:2f:74:a7:
         bf:fb:1b:17:a2:78:a9:f9:09:76:9b:6c:e9:a2:36:a9:e9:12:
         2a:13:3b:cb:41:af:72:5e:39:bd:82:0a:fc:a1:2e:10:95:75:
         d1:93:2a:6c:16:4f:d1:22:32:43:1c:37:4b:86:68:17:e2:9c:
         0b:1a:69:5c:e7:47:19:5d:f9:80:66:14:87:76:42:1f:b1:b4:
         d7:98:dc:18:ba:e1:21:25:dc:2b:25:36:92:2f:01:ee:87:4f:
         56:f0:ff:5f:b6:a3:52:71:86:38:50:10:38:52:9d:0c:ef:e4:
         18:80:9c:5e
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICJTwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTAxMzAx
OTU1MjdaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDVBQ0E1QUU2MTAzRTg0
OTgzNDVCQ0JBQkQ0N0E0NDNBQzA5M0MyNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDb8PloUplqqg8dKO/WMgBLS1vguLi5EbMB22E+Zl4pDZ0VYkil
mo1W5K4s6NfHrfs3VqL3txdkvHXJhN9hJm2glNtgLdoJNkUo8dn/mE64bfl9MrTI
1cqYkgRw8/CYj2YCmG+N+UiYaBdLmdMWBEkRMvfbW469bI/pILcRsMVH+WmC6YTt
jUYuo5B01TG89za5Jnc5uw/H4lkRg5vIQR1MzB9aE5m6mhtwnfFeiJnFcyPrw48L
YfCN11SEWp+TWsMi+sB6DO67yTQ9ghhfUpaP4ekfTr5breWIYXmcIpEfZGJbbw4L
yGqdNAMTVitfNrZ1T9J5Bq5n4H9ZRpxmLiK7AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUWspa5hA+hJg0W8ur1HpEOsCTwlowHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvaXVUUGVMU2Q4TExC
MHAweTVJcVVPdVQwR3N3Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAARu98q5ZyyKTs+4JBjVuhQiekxW+EQ/RlfwbZ96JjbA4wJcbGO3GaYU1m58
Us1vpZqffBj+XFmv8OKhWyWOE69he2dGlOdnxeWTFOwS8KB1vrw0b4RiLYkKxqa6
oGQfM7jRUcmqDW6leXiEX111Rr0sp7+LHwbAa7wh42Bi8seoi38KnQ9B+6yYWZbu
ui90p7/7GxeieKn5CXabbOmiNqnpEioTO8tBr3JeOb2CCvyhLhCVddGTKmwWT9Ei
MkMcN0uGaBfinAsaaVznRxld+YBmFId2Qh+xtNeY3Bi64SEl3CslNpIvAe6HT1bw
/1+2o1JxhjhQEDhSnQzv5BiAnF4=
-----END CERTIFICATE-----