Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft
File:                     iIhNTUp18X8I3UTLqVkv5w9TnZc.mft (raw, json)
Hash identifier:          XjSJSqRugOYNhL0nbu1EuUqbIcSUVqFEl9Z4l8R32x8=
Subject key identifier:   74:F5:E0:C1:04:8A:58:81:D5:98:C5:7D:13:66:6F:F3:E9:76:96:FC
Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97
Certificate issuer:       /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97
Certificate serial:       1D88
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft
Manifest number:          1D52
Signing time:             Fri 04 Apr 2025 18:05:12 +0000
Manifest this update:     Fri 04 Apr 2025 18:05:12 +0000
Manifest next update:     Sat 05 Apr 2025 00:05:12 +0000
Files and hashes:         1: Fu_b4tel5NGHEPxYvtqzDhhAbqQ.roa (hash: skkkRa+f+zbYNJtBW9cXYGXDstm5mWfrryxHxT22Fv4=)
                          2: JvgxkMD8uDPSN5J2IBVUSXcq1CQ.roa (hash: LGZkzecS/oOZB/jgNue3M7MGauHxK1CsafE7hzqN+lM=)
                          3: UZHfKjNy_777Q9bAPY-TRRLF7JM.roa (hash: gTXt1ZXlzhAqrXd8fGYX/D/fL64eBW9l+ESGdbQgWzk=)
                          4: UwF3RRWBWBJzOKMpEgCPwJHusDQ.roa (hash: 2j9APxsIAALLNwJhqrNuF15QX7EES49mUdK4GoYHWms=)
                          5: cREs8hmh_CmOnkUd4fU9j_ntn0w.roa (hash: CP7BSCAsooYTWgzemNYrDx/XFHt9xqP+ChJ75EbH+cE=)
                          6: eOnWlmCuBcB2z-k-1EvXoZmhDzo.roa (hash: PvsnJd+w8p2xQdrIuCBq16T7Z7QhAuuf+Nw8Pr9uF6A=)
                          7: eYu8i8WLsCDl0cpHYV0xiV9KgPk.roa (hash: Hgl/czQiJR245QlSg4cy6iaWEpWFiq9ORvftoROwGWQ=)
                          8: eZah-AngLzb8qFPY5nps7k990bY.roa (hash: ZrAWhkudRJM4vRG6Jn9b9j7Vh7eTCG04BPZTFrJzppk=)
                          9: ftFMs_-GIzFOKfuDr7xm-R24Kr8.roa (hash: gUV9DW32VKoXS9w9FeSdsgysPfhlzoba3d+Ijnrdcuo=)
                          10: iIhNTUp18X8I3UTLqVkv5w9TnZc.crl (hash: XEWoolRAoxKS2J7FNQ1UAUwFTivrdfEpflRJBqUJpjI=)
                          11: kDW1cRo86YzzeBsDbuuqb0TPbSY.roa (hash: zH0Bb/tnJndPjBUYLdvYRyQIrO9oLPTeV3JZ/lVlA58=)
                          12: oCfS0hIaiNsPZD9_Byqu1CoJ8VI.roa (hash: Hy+566HgUdo7tAmvKq5D06v1xyoGXDvCRugVB0yhFmw=)
                          13: w3pt5ET1tvSm7d0RqvtpQaSbUSg.roa (hash: TdLS3FpjQ1UPLqz5X5rwpVpfmm+7VwjlrlPBgwGcC0E=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7560 (0x1d88)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97
        Validity
            Not Before: Apr  4 18:05:12 2025 GMT
            Not After : Apr  3 08:00:09 2026 GMT
        Subject: CN=74F5E0C1048A5881D598C57D13666FF3E97696FC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:eb:32:99:d6:89:fc:17:87:10:91:62:9d:93:
                    13:df:f3:4a:1a:d6:2a:11:5d:bc:89:f6:f1:76:45:
                    46:6f:ea:e7:36:37:dd:df:2f:d2:80:4b:b4:4a:e9:
                    08:55:03:97:db:d6:db:2b:11:8d:dd:f3:de:ef:44:
                    4e:7a:b7:b9:ad:30:ee:04:fa:44:5a:ae:43:f7:28:
                    fa:7d:14:8f:de:e7:50:bc:24:31:fc:53:4a:21:00:
                    ab:ed:61:8a:aa:12:9e:39:18:17:0e:a7:27:8a:a7:
                    3a:1a:87:d9:32:bf:02:11:06:fb:95:03:88:3c:04:
                    22:9e:58:89:e0:84:6c:56:9e:26:a2:28:0d:fd:64:
                    21:d1:5f:a4:d8:17:82:af:90:96:fd:64:09:13:7d:
                    04:5b:f3:72:f8:c8:b8:13:33:21:7c:7d:74:85:82:
                    47:21:79:a0:dc:d4:7a:5d:66:a8:51:b7:cf:fd:2a:
                    b4:59:17:9b:59:bf:88:ce:64:5b:44:5b:57:36:71:
                    f9:cd:89:d9:2b:e3:1a:00:80:47:fb:ae:cf:e2:94:
                    1c:e3:35:45:45:ac:c1:ff:61:8c:b5:fd:ae:ca:bd:
                    be:01:1c:1e:1f:30:76:2b:41:35:42:a6:52:7b:b8:
                    fb:54:64:72:ee:3f:c2:a8:e4:bc:dc:33:73:d5:c3:
                    da:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:F5:E0:C1:04:8A:58:81:D5:98:C5:7D:13:66:6F:F3:E9:76:96:FC
            X509v3 Authority Key Identifier:
                keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         4f:87:30:2b:ac:49:df:15:15:09:e1:42:87:73:95:c7:61:ca:
         94:32:18:82:70:74:31:c4:34:be:8b:1b:83:a8:6d:96:4d:9f:
         4a:94:48:4e:13:58:0e:0f:38:2b:f3:64:07:6b:23:29:6d:b1:
         6e:39:96:14:c9:28:39:e3:2a:40:ab:5c:2c:c7:6b:ca:d3:98:
         65:50:e0:67:60:d4:37:4e:7a:56:76:f6:8d:29:dd:e2:9e:fe:
         fe:38:12:56:66:4c:66:c5:ba:c8:d6:9e:5a:7b:47:9d:ef:cf:
         d4:9f:b5:0d:cd:ba:f9:12:ee:05:85:b0:d9:d9:4d:54:b4:c7:
         73:a4:58:0c:43:97:1e:e9:f3:c9:d1:1b:3f:cd:b8:6e:e3:3c:
         5e:59:dc:67:00:65:7d:79:7d:82:60:73:64:02:56:37:2a:84:
         72:16:72:da:8e:bd:5a:78:49:6c:70:a3:30:bf:68:c9:db:eb:
         c2:b9:2e:ed:46:39:af:38:15:f2:24:f0:93:f7:65:98:46:62:
         e9:5b:3f:68:75:eb:10:c1:d7:f6:72:28:c6:72:1d:e1:b4:7c:
         34:3f:8d:c4:6d:fc:7b:eb:2b:3a:9a:7a:a0:4a:b1:e0:ea:ef:
         37:8b:a2:1f:00:4b:82:e4:bc:e4:bd:e3:4c:3c:ce:2d:bc:c2:
         7d:23:dc:9b
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICHYgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4
ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNTA0MDQx
ODA1MTJaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDc0RjVFMEMxMDQ4QTU4
ODFENTk4QzU3RDEzNjY2RkYzRTk3Njk2RkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCx6zKZ1on8F4cQkWKdkxPf80oa1ioRXbyJ9vF2RUZv6uc2N93f
L9KAS7RK6QhVA5fb1tsrEY3d897vRE56t7mtMO4E+kRarkP3KPp9FI/e51C8JDH8
U0ohAKvtYYqqEp45GBcOpyeKpzoah9kyvwIRBvuVA4g8BCKeWInghGxWniaiKA39
ZCHRX6TYF4KvkJb9ZAkTfQRb83L4yLgTMyF8fXSFgkcheaDc1HpdZqhRt8/9KrRZ
F5tZv4jOZFtEW1c2cfnNidkr4xoAgEf7rs/ilBzjNUVFrMH/YYy1/a7Kvb4BHB4f
MHYrQTVCplJ7uPtUZHLuP8Ko5LzcM3PVw9q1AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUdPXgwQSKWIHVmMV9E2Zv8+l2lvwwHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL
qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy
Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIvaUloTlRVcDE4WDhJ
M1VUTHFWa3Y1dzlUblpjLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAE+HMCusSd8VFQnhQodzlcdhypQyGIJwdDHENL6LG4OobZZNn0qUSE4TWA4P
OCvzZAdrIyltsW45lhTJKDnjKkCrXCzHa8rTmGVQ4Gdg1DdOelZ29o0p3eKe/v44
ElZmTGbFusjWnlp7R53vz9SftQ3NuvkS7gWFsNnZTVS0x3OkWAxDlx7p88nRGz/N
uG7jPF5Z3GcAZX15fYJgc2QCVjcqhHIWctqOvVp4SWxwozC/aMnb68K5Lu1GOa84
FfIk8JP3ZZhGYulbP2h16xDB1/ZyKMZyHeG0fDQ/jcRt/HvrKzqaeqBKseDq7zeL
oh8AS4LkvOS940w8zi28wn0j3Js=
-----END CERTIFICATE-----