Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
File:                     iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft (raw, json)
Hash identifier:          AfMO00zAG3qvSM33IkGrZNI6ymJSaYoFsgZezMYmNQg=
Subject key identifier:   5A:CA:5A:E6:10:3E:84:98:34:5B:CB:AB:D4:7A:44:3A:C0:93:C2:5A
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Certificate issuer:       /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial:       3298
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
Manifest number:          2DA8
Signing time:             Mon 21 Jul 2025 02:11:36 +0000
Manifest this update:     Mon 21 Jul 2025 02:11:36 +0000
Manifest next update:     Mon 21 Jul 2025 08:11:36 +0000
Files and hashes:         1: 1PjOYcD6n59OGHy74GY01mQgKWU.roa (hash: slNcbUJ32/fRic88R1QJAzj8l6OQcCQSFCDPq6Lf1Qo=)
                          2: 1pGP6piO9t8jbUERzDx-O4nhtLM.roa (hash: LgsHYyRchdYhJU6IjYfSwzPXfyeBNXFC/3oEFZaxr5E=)
                          3: 2VSJXBw1DlaA60bwgPxm1cv8GdI.roa (hash: 3Jnqysnp98kQsNIlhC3H4viLRR0BegKf4veuRJusQc4=)
                          4: 5ds4eeeKAVfUWPoaezuhe5LFxNM.roa (hash: NxwdwJZ66T8fJYz2hLPFighUVTjDVlwvvy94KaICtgA=)
                          5: 6wu7C6LJRgzw0YqBCypPrWvyqtk.roa (hash: Cj+QZPNg8QQ9fmyZfIpGADWCHBPEkN4OpbVPkdHjLNc=)
                          6: Dhn_bw4xhJB691KP5jCNHDjKRbs.roa (hash: l/MtGIE5yzeoJWXqYNU8VMp88JGLtM3CJinlD5DtYWg=)
                          7: FmiW4uE1vxV_L0JFyMCQCWgAhbo.roa (hash: 9T4oxsW3Wr3oGXFq+Gg4fYxU+UfLClovzRvnXH7xPvM=)
                          8: IFidcHNPXthCJghiVHydJRJn1rw.roa (hash: +pTlkb483uRH5SA8wmAgOQc/g2KfZ9hHgdcBfOy1Tco=)
                          9: KIDNSOBC8JqfVS2pTb-e-Ms3bYE.roa (hash: 7BBFlQcOGZq8ItBfVjuFavrJu7MwP1pl143cfGMIp5I=)
                          10: OFb16qiKV-ii6yDwaCXbU2B4frs.roa (hash: zLcZyjzbKuVPCGSGmrW0b6hqPp0C71AlyYXmHNIhZQk=)
                          11: ORuSJlIaI3Yq__3eDzpf8xIBknM.roa (hash: PfyFQDi9AFMqhwRWj28kfHfiw0oxgt1ATSOoqx1y1LQ=)
                          12: P7vrT0OqESfvvu_BMqkyv34P5XU.roa (hash: 1nOqMb6cC7jEjFbdAJEezEi/w5D+hjzwf800kgNEd0M=)
                          13: TzcA4SvlW4dDnwgnj75iZobTJRo.roa (hash: Xv9Q2kxWm0g9IFUUrlfdAks/1WpiCsp5fLwysnIO7a4=)
                          14: VelanPogo3n-IDUuQtAnrMQHtks.roa (hash: yigw0sUAc47ePatlXweGpaaBpq/lsTcHML/wU8Aqh3A=)
                          15: YMG8FMcf58p5E-MgE2YagPtL8i4.roa (hash: A+vnDbISNONVCYDKKfy2MsLgNiCajHx4bRqCkfq54eY=)
                          16: Yq-wEJdpNyrsJ5M1lXcQMx95RI0.roa (hash: C1aXVx3626w3lC0qVGmhnn9Jj9Gy3ZQ5/AtReox93tU=)
                          17: Z6Z4vli2IUGPMxXq8u0d7CpvETo.roa (hash: iFyCSGfO3II9hoQD7VqZ0JzkPphrDQU9+b3q7pFEyuA=)
                          18: ZBWpzeAt4uqUq0zsmnYx0BN3IfQ.roa (hash: 9gV5/OPikxwwnMuhVftvUlu1wHHuXCirb8WorV2MFrM=)
                          19: ZT29OOC9Z7MkG06WXQhj1eon2nQ.roa (hash: nTNiOVkdppVAOZ6tb/ipCtFlrKVaOZKu3RMYe/FzQPY=)
                          20: ZfMXZscIroL0IJRInT2L6oZ2Qj4.roa (hash: wG20f/Bcos/SaUhFOyl7rlHjrCLz7NWVNqXxvWN3p0Q=)
                          21: bnw9kTdy3BRTsgqC_SqOm6AZd-4.roa (hash: CAs55FBJOva6KhEngyLR6yYd66qA1+au5mjD/3r8Dqk=)
                          22: e77FcoZ-9xgW1Udb28rM-7CYQVg.roa (hash: wWJ3YyX6sRH67Xw8WnY1oLjr8fTE9Fbsrgfhtd8Fy48=)
                          23: iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl (hash: xFHnAJ/ugKsXrnb2OT7hxmTU7jdhMLbwYRM9VriH/zY=)
                          24: ns9wScn8kvFTzlA4eC2k95lXnvU.roa (hash: u8uqhchUVeTEY3phLIkm3f10i8O1nybT06HAnif5Qx0=)
                          25: wBfzi9DVvJBqpWOdgn_Enb20PKE.roa (hash: vxQooelYK8GHAhBkJhdcEitFbO7l/Rpn4sTXfROBvj4=)
                          26: yASZAsuKpltkjXYnJ0q2zvTZQ0s.roa (hash: CwIh5fGnQ/SVdtUsyIfM2FJbYVKjc2PgFK4eHor269E=)
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 21 Jul 2025 04:13:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12952 (0x3298)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
        Validity
            Not Before: Jul 21 02:11:36 2025 GMT
            Not After : Apr  3 08:00:09 2026 GMT
        Subject: CN=5ACA5AE6103E8498345BCBABD47A443AC093C25A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:f0:f9:68:52:99:6a:aa:0f:1d:28:ef:d6:32:
                    00:4b:4b:5b:e0:b8:b8:b9:11:b3:01:db:61:3e:66:
                    5e:29:0d:9d:15:62:48:a5:9a:8d:56:e4:ae:2c:e8:
                    d7:c7:ad:fb:37:56:a2:f7:b7:17:64:bc:75:c9:84:
                    df:61:26:6d:a0:94:db:60:2d:da:09:36:45:28:f1:
                    d9:ff:98:4e:b8:6d:f9:7d:32:b4:c8:d5:ca:98:92:
                    04:70:f3:f0:98:8f:66:02:98:6f:8d:f9:48:98:68:
                    17:4b:99:d3:16:04:49:11:32:f7:db:5b:8e:bd:6c:
                    8f:e9:20:b7:11:b0:c5:47:f9:69:82:e9:84:ed:8d:
                    46:2e:a3:90:74:d5:31:bc:f7:36:b9:26:77:39:bb:
                    0f:c7:e2:59:11:83:9b:c8:41:1d:4c:cc:1f:5a:13:
                    99:ba:9a:1b:70:9d:f1:5e:88:99:c5:73:23:eb:c3:
                    8f:0b:61:f0:8d:d7:54:84:5a:9f:93:5a:c3:22:fa:
                    c0:7a:0c:ee:bb:c9:34:3d:82:18:5f:52:96:8f:e1:
                    e9:1f:4e:be:5b:ad:e5:88:61:79:9c:22:91:1f:64:
                    62:5b:6f:0e:0b:c8:6a:9d:34:03:13:56:2b:5f:36:
                    b6:75:4f:d2:79:06:ae:67:e0:7f:59:46:9c:66:2e:
                    22:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:CA:5A:E6:10:3E:84:98:34:5B:CB:AB:D4:7A:44:3A:C0:93:C2:5A
            X509v3 Authority Key Identifier:
                keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         5a:16:f0:67:69:4a:1a:46:c9:97:38:c1:52:41:a6:e7:37:6a:
         1d:92:8b:7b:ec:06:b4:c7:f4:af:c7:31:11:1b:91:81:e9:51:
         93:76:c2:20:9d:42:5e:02:63:4c:cd:de:5a:59:ea:b2:ed:4d:
         ed:21:5a:01:cc:3c:38:67:0e:43:9a:2b:eb:10:ba:cb:44:c3:
         c2:fd:b1:93:16:84:42:b6:bf:c7:1f:42:99:54:0a:d2:dc:16:
         ff:be:53:18:17:ba:d0:3a:2f:f4:33:89:77:ba:6d:b1:7d:61:
         39:6a:6b:36:41:8d:81:3c:96:62:ef:90:c3:44:78:2c:25:0c:
         2e:dd:e3:2c:e8:4b:1c:7e:8b:2d:d1:95:24:cb:6d:68:2b:7d:
         1d:ec:1b:a5:5b:15:6c:03:20:55:87:5b:11:e3:6d:30:32:d4:
         06:70:0d:9d:80:fd:4d:e4:69:bd:16:9b:99:ed:13:e3:44:6b:
         71:72:bf:bb:6b:76:9e:68:49:07:81:2b:9c:ca:e5:d0:24:e0:
         95:3d:f7:19:e7:c4:0f:01:9c:dc:49:db:fa:84:63:c1:11:11:
         f1:6a:b4:a1:e3:90:57:3e:7c:f2:6a:ef:aa:0b:0e:58:d6:8e:
         8e:72:9b:30:8b:7f:65:23:2d:ec:21:11:ed:dd:44:ce:59:63:
         01:bd:60:0c
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICMpgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEFF
NENGNzhCNDlERjBCMkMxRDI5RDMyRTQ4QTk0M0FFNEY0MUFDQzAeFw0yNTA3MjEw
MjExMzZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDVBQ0E1QUU2MTAzRTg0
OTgzNDVCQ0JBQkQ0N0E0NDNBQzA5M0MyNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDb8PloUplqqg8dKO/WMgBLS1vguLi5EbMB22E+Zl4pDZ0VYkil
mo1W5K4s6NfHrfs3VqL3txdkvHXJhN9hJm2glNtgLdoJNkUo8dn/mE64bfl9MrTI
1cqYkgRw8/CYj2YCmG+N+UiYaBdLmdMWBEkRMvfbW469bI/pILcRsMVH+WmC6YTt
jUYuo5B01TG89za5Jnc5uw/H4lkRg5vIQR1MzB9aE5m6mhtwnfFeiJnFcyPrw48L
YfCN11SEWp+TWsMi+sB6DO67yTQ9ghhfUpaP4ekfTr5breWIYXmcIpEfZGJbbw4L
yGqdNAMTVitfNrZ1T9J5Bq5n4H9ZRpxmLiK7AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUWspa5hA+hJg0W8ur1HpEOsCTwlowHwYDVR0jBBgwFoAUiuTPeLSd8LLB0p0y
5IqUOuT0GswwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTY2
My9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2l1VFBlTFNkOExMQjBwMHk1SXFVT3VUMEdzdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2NjMvaXVUUGVMU2Q4TExC
MHAweTVJcVVPdVQwR3N3Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAFoW8GdpShpGyZc4wVJBpuc3ah2Si3vsBrTH9K/HMREbkYHpUZN2wiCdQl4C
Y0zN3lpZ6rLtTe0hWgHMPDhnDkOaK+sQustEw8L9sZMWhEK2v8cfQplUCtLcFv++
UxgXutA6L/QziXe6bbF9YTlqazZBjYE8lmLvkMNEeCwlDC7d4yzoSxx+iy3RlSTL
bWgrfR3sG6VbFWwDIFWHWxHjbTAy1AZwDZ2A/U3kab0Wm5ntE+NEa3Fyv7trdp5o
SQeBK5zK5dAk4JU99xnnxA8BnNxJ2/qEY8EREfFqtKHjkFc+fPJq76oLDljWjo5y
mzCLf2UjLewhEe3dRM5ZYwG9YAw=
-----END CERTIFICATE-----
Generated at Mon Jul 21 03:30:12 2025 by rpki-client