Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft
File:                     Lowd4ZR0A1y-pngFS22U9a-lM2E.mft (raw, json)
Hash identifier:          AOyRmrapGe/RaZmnmlAImSf0kGGnn73bHKj3rxHPF/E=
Subject key identifier:   FF:93:2E:42:5E:06:0B:53:CC:63:EE:F8:B4:2B:91:6D:B3:C0:1C:6C
Authority key identifier: 2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61
Certificate issuer:       /CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
Certificate serial:       2094
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft
Manifest number:          2082
Signing time:             Wed 18 Mar 2026 00:59:48 +0000
Manifest this update:     Wed 18 Mar 2026 00:59:48 +0000
Manifest next update:     Wed 18 Mar 2026 06:59:48 +0000
Files and hashes:         1: -Mm11tejrqk61wSAldRhB69HTQA.roa (hash: lRVxJ7t0/AkOywuPuigCifvcZhUs87v2Uh4KWM90fFc=)
                          2: 450N7fwLv8pQflKVuwsapP8RTas.roa (hash: v1E9iG1FEaxd+t/wnGLaGAbJ4H6g39idwuIVRcR48QM=)
                          3: 6lgNokrHquzfMY4o0Ue-xILR_FM.roa (hash: bnnFnI4gkAVdY9+fYPbtHDBHofbyD67V5npIc05vTNI=)
                          4: Af3TYKyAmWG3f3wRT4FwONVWh0E.roa (hash: WIpuVfkuPz+LipchXzs38odxTKr63ACk4GOPFnDDDQY=)
                          5: CdYSPaqTjHDQqoFZJ5vmPkQNpY8.roa (hash: 2hSUzzrrHhoV+leHgGGXhH0H0eP//nQX8tn6HCyCUeA=)
                          6: Lowd4ZR0A1y-pngFS22U9a-lM2E.crl (hash: vTv2s1QNePk1OxQ6JeJsW7YD2U7FvmeA5NqKJdhQWUA=)
                          7: M8L4ONjaKBoFJOwyFIfN_QL2Tn4.roa (hash: 6JL10RiuFvg5F0bZseuVtZv3iY+6VEd+5IItQvVfiV8=)
                          8: S4wFMhuxShBISoepIMT7J0pKx3k.roa (hash: U7UiWrQkJelvyopRtRqGDW0g4Pu1C0z06V7voETr1Pc=)
                          9: lwkVdD9XADeiD0DPl7lvqM4ItpQ.roa (hash: YYmUXAYWXwrCBJM5y0kPQOh2qDNOuJxksVsvgzTPY7s=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8340 (0x2094)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
        Validity
            Not Before: Mar 18 00:59:48 2026 GMT
            Not After : Oct 23 03:01:03 2026 GMT
        Subject: CN=FF932E425E060B53CC63EEF8B42B916DB3C01C6C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ce:ca:10:5a:c9:8f:d2:27:85:80:bb:25:3e:
                    26:96:85:3f:5b:51:fb:24:48:0d:d4:0d:5e:91:18:
                    04:52:77:b0:2d:d3:78:33:73:59:ab:3d:50:93:aa:
                    29:dd:c9:6d:31:6a:60:fb:17:57:f1:b6:f3:a5:bf:
                    ce:7d:00:da:c1:8f:9c:11:a4:28:73:44:98:bd:2f:
                    63:2c:f2:d6:d5:1f:e7:f0:e8:6f:42:ec:2c:4a:d4:
                    53:f8:f3:4e:f4:bb:5c:01:19:43:9f:2b:b4:3c:cd:
                    8e:20:5d:b4:f1:30:b7:0d:be:35:06:12:30:a0:cb:
                    80:f1:c0:44:2c:b2:20:c8:53:66:f2:2c:36:d1:53:
                    f6:aa:45:78:6d:b6:9c:13:2d:81:42:14:e2:e9:3d:
                    76:92:3a:5d:98:cc:7b:db:66:b1:88:a1:47:2b:1d:
                    41:d5:b1:0c:78:bb:83:ca:f7:02:ff:e7:5f:d5:53:
                    f0:0b:95:fc:83:77:e4:a3:ff:19:71:e2:0a:73:a5:
                    18:c1:12:1c:c9:77:90:c4:05:91:12:72:b2:af:fa:
                    f4:c1:eb:93:09:a5:4b:fb:0a:49:d4:2d:00:f4:ac:
                    02:11:35:44:af:04:83:7d:28:49:09:f4:8a:c5:84:
                    fd:3c:9a:04:0b:e6:34:60:9f:20:19:e6:a5:85:96:
                    45:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:93:2E:42:5E:06:0B:53:CC:63:EE:F8:B4:2B:91:6D:B3:C0:1C:6C
            X509v3 Authority Key Identifier:
                keyid:2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         3c:70:c2:8b:e2:13:f3:4b:89:e6:6e:cb:52:e7:b5:df:d6:0c:
         9c:94:17:50:2f:e1:87:c7:a7:df:f0:a1:e5:24:1b:fa:da:bd:
         ea:0e:3c:7b:86:53:59:33:17:af:f8:44:4c:6a:63:8e:74:42:
         2e:36:92:2c:71:6d:92:2c:ec:8e:00:7f:8b:22:00:f0:0a:05:
         17:ee:1d:7c:a4:3d:d8:a7:ef:63:7a:e9:80:75:0a:1b:e5:97:
         11:e9:8c:45:e5:a2:f1:de:a4:7c:82:39:2c:e3:dc:ec:a5:ff:
         de:35:c1:b8:5c:d0:79:6b:e0:fa:4c:07:3e:0b:c4:b0:d7:d1:
         61:5d:d4:ec:c7:79:3f:55:c9:23:ad:90:24:37:3e:02:d9:81:
         2f:ae:d1:fd:b9:57:00:04:97:77:49:2f:61:98:df:cb:64:12:
         f1:f5:b5:c8:97:c0:ff:80:6d:be:dd:d4:8a:a8:89:fa:c4:5a:
         22:62:3a:dd:91:dc:5f:f6:60:af:0c:fa:ae:b2:77:67:f2:b7:
         6f:c6:47:99:d1:d7:77:15:a8:ad:a7:af:07:ea:97:a5:97:e3:
         46:37:c7:4d:50:7e:99:19:10:7d:76:32:a8:3d:b1:82:e4:db:
         c2:74:1c:27:da:40:ff:2a:04:08:8a:72:c1:dc:3e:48:93:fd:
         bf:b7:c9:1a
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICIJQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4
QzFERTE5NDc0MDM1Q0JFQTY3ODA1NEI2RDk0RjVBRkE1MzM2MTAeFw0yNjAzMTgw
MDU5NDhaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEZGOTMyRTQyNUUwNjBC
NTNDQzYzRUVGOEI0MkI5MTZEQjNDMDFDNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1zsoQWsmP0ieFgLslPiaWhT9bUfskSA3UDV6RGARSd7At03gz
c1mrPVCTqindyW0xamD7F1fxtvOlv859ANrBj5wRpChzRJi9L2Ms8tbVH+fw6G9C
7CxK1FP48070u1wBGUOfK7Q8zY4gXbTxMLcNvjUGEjCgy4DxwEQssiDIU2byLDbR
U/aqRXhttpwTLYFCFOLpPXaSOl2YzHvbZrGIoUcrHUHVsQx4u4PK9wL/51/VU/AL
lfyDd+Sj/xlx4gpzpRjBEhzJd5DEBZEScrKv+vTB65MJpUv7CknULQD0rAIRNUSv
BIN9KEkJ9IrFhP08mgQL5jRgnyAZ5qWFlkUvAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQU/5MuQl4GC1PMY+74tCuRbbPAHGwwHwYDVR0jBBgwFoAULowd4ZR0A1y+pngF
S22U9a+lM2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3
L0xvd2Q0WlIwQTF5LXBuZ0ZTMjJVOWEtbE0yRS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTG93ZDRaUjBBMXktcG5nRlMyMlU5YS1sTTJFLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3L0xvd2Q0WlIwQTF5LXBu
Z0ZTMjJVOWEtbE0yRS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQA8cMKL4hPzS4nmbstS57Xf1gyclBdQL+GHx6ff8KHlJBv62r3qDjx7hlNZMxev
+ERMamOOdEIuNpIscW2SLOyOAH+LIgDwCgUX7h18pD3Yp+9jeumAdQob5ZcR6YxF
5aLx3qR8gjks49zspf/eNcG4XNB5a+D6TAc+C8Sw19FhXdTsx3k/VckjrZAkNz4C
2YEvrtH9uVcABJd3SS9hmN/LZBLx9bXIl8D/gG2+3dSKqIn6xFoiYjrdkdxf9mCv
DPqusndn8rdvxkeZ0dd3Faitp68H6pell+NGN8dNUH6ZGRB9djKoPbGC5NvCdBwn
2kD/KgQIinLB3D5Ik/2/t8ka
-----END CERTIFICATE-----