Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2508/-3g5E2fIrZfRqcIaNTKFrV5ojRw.mft
File:                     -3g5E2fIrZfRqcIaNTKFrV5ojRw.mft (raw, json)
Hash identifier:          naaUEM9cQBQur2XokJXN1IP85hPosbV2S+MREwI1kH8=
Subject key identifier:   42:02:F5:BE:89:7E:F9:F2:A7:97:A1:A6:D0:F6:61:A0:1D:08:D0:C9
Authority key identifier: FB:78:39:13:67:C8:AD:97:D1:A9:C2:1A:35:32:85:AD:5E:68:8D:1C
Certificate issuer:       /CN=FB78391367C8AD97D1A9C21A353285AD5E688D1C
Certificate serial:       17B3
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-3g5E2fIrZfRqcIaNTKFrV5ojRw.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2508/-3g5E2fIrZfRqcIaNTKFrV5ojRw.mft
Manifest number:          17B2
Signing time:             Thu 24 Jul 2025 09:42:18 +0000
Manifest this update:     Thu 24 Jul 2025 09:42:17 +0000
Manifest next update:     Thu 24 Jul 2025 15:42:17 +0000
Files and hashes:         1: -3g5E2fIrZfRqcIaNTKFrV5ojRw.crl (hash: HirjnxuLkZYWpZ11QuwVXUYE3CEgLlQvhlGGvndI8Ho=)
                          2: -IRe54bpv1-TQux1UjZl7eXOe8k.roa (hash: Wla7VV+qPSO8J9AN9n88AWkJuu/D49QzJW/C/8t30IQ=)
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2508/-3g5E2fIrZfRqcIaNTKFrV5ojRw.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2508/-3g5E2fIrZfRqcIaNTKFrV5ojRw.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-3g5E2fIrZfRqcIaNTKFrV5ojRw.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 24 Jul 2025 15:12:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6067 (0x17b3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB78391367C8AD97D1A9C21A353285AD5E688D1C
        Validity
            Not Before: Jul 24 09:42:17 2025 GMT
            Not After : Sep 27 02:40:14 2025 GMT
        Subject: CN=4202F5BE897EF9F2A797A1A6D0F661A01D08D0C9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:5a:aa:3f:8d:88:71:a4:d3:cb:f5:44:bd:3d:
                    ac:7a:37:61:44:ba:34:1e:3d:23:2b:f6:78:07:e7:
                    56:11:e3:cd:24:ad:03:22:cc:7a:f0:6b:5f:98:eb:
                    2c:d6:41:e7:5c:14:02:aa:3f:81:2a:08:06:28:38:
                    f7:4e:79:f2:76:8f:fc:fd:c9:5c:d0:94:a0:28:2c:
                    27:c2:50:63:87:b6:2c:ba:5f:9f:cc:99:8e:a0:8a:
                    97:25:e2:12:03:11:95:dc:cb:c9:8a:51:d2:b2:70:
                    a4:d5:5a:6b:32:be:e6:46:bc:0e:fd:4a:69:9a:4a:
                    65:29:81:73:ec:5d:b0:9a:87:0c:c9:48:c1:20:03:
                    4b:5d:ba:4e:f1:7c:f3:0a:11:8a:31:e8:58:7b:e0:
                    58:41:35:90:38:af:98:42:f2:e6:12:cb:13:35:75:
                    61:96:e4:23:ce:05:9a:8f:68:6e:a3:72:de:df:21:
                    68:db:7b:64:b7:27:79:96:f9:f1:e8:8f:ae:52:a3:
                    d4:c8:8c:73:90:aa:ce:28:ec:c8:7b:9a:1b:08:31:
                    0c:c3:36:21:a2:a4:e5:38:5a:61:84:1a:2f:d0:60:
                    25:bb:6b:fd:81:46:ab:fd:f3:58:90:36:1d:ac:c8:
                    9e:06:9f:2c:17:44:bc:2f:de:c1:fe:fe:95:ea:77:
                    70:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:02:F5:BE:89:7E:F9:F2:A7:97:A1:A6:D0:F6:61:A0:1D:08:D0:C9
            X509v3 Authority Key Identifier:
                keyid:FB:78:39:13:67:C8:AD:97:D1:A9:C2:1A:35:32:85:AD:5E:68:8D:1C

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2508/-3g5E2fIrZfRqcIaNTKFrV5ojRw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-3g5E2fIrZfRqcIaNTKFrV5ojRw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2508/-3g5E2fIrZfRqcIaNTKFrV5ojRw.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         60:69:59:f3:40:c3:96:5d:df:77:96:e4:72:31:59:6c:c4:3e:
         94:cd:08:e2:e4:12:26:0a:5e:32:38:15:86:eb:1c:1c:a9:0e:
         18:a7:a9:4e:76:3c:67:52:1b:f6:51:14:c9:5e:ce:b1:9e:63:
         e9:00:e5:2f:8d:3a:8f:76:e8:68:f5:d8:c7:a3:3c:40:e1:c2:
         00:13:60:a2:b8:fb:3e:d0:50:43:14:89:04:c0:1c:b1:4e:5e:
         6b:1b:1f:84:04:11:2b:67:fd:3b:21:9c:7b:52:6a:57:85:27:
         fd:d3:b5:fa:6a:00:20:05:a6:ab:d0:35:6d:21:0c:b8:c4:56:
         db:26:ca:4a:17:dd:17:dc:ef:b5:41:5c:f8:a9:d7:1e:f8:ba:
         df:eb:c7:a9:48:bd:26:ec:37:ed:e7:29:ff:ed:38:1f:17:36:
         11:53:c3:a0:8a:42:27:24:f7:84:54:72:66:29:71:ff:17:85:
         22:f6:f3:f2:08:5d:99:fe:52:79:fd:3e:a6:18:88:97:61:db:
         48:ee:59:19:87:31:28:84:34:72:75:6d:fa:e7:60:d4:e8:8a:
         ce:a1:ec:84:c5:bf:30:f6:26:5b:f1:d5:7e:d9:54:0f:6d:69:
         28:c1:20:91:3f:76:50:c2:be:ab:c5:b3:1f:6f:1d:14:a0:6e:
         d5:1c:b0:2b
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICF7MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkI3
ODM5MTM2N0M4QUQ5N0QxQTlDMjFBMzUzMjg1QUQ1RTY4OEQxQzAeFw0yNTA3MjQw
OTQyMTdaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQyMDJGNUJFODk3RUY5
RjJBNzk3QTFBNkQwRjY2MUEwMUQwOEQwQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNWqo/jYhxpNPL9US9Pax6N2FEujQePSMr9ngH51YR480krQMi
zHrwa1+Y6yzWQedcFAKqP4EqCAYoOPdOefJ2j/z9yVzQlKAoLCfCUGOHtiy6X5/M
mY6gipcl4hIDEZXcy8mKUdKycKTVWmsyvuZGvA79SmmaSmUpgXPsXbCahwzJSMEg
A0tduk7xfPMKEYox6Fh74FhBNZA4r5hC8uYSyxM1dWGW5CPOBZqPaG6jct7fIWjb
e2S3J3mW+fHoj65So9TIjHOQqs4o7Mh7mhsIMQzDNiGipOU4WmGEGi/QYCW7a/2B
Rqv981iQNh2syJ4GnywXRLwv3sH+/pXqd3CtAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUQgL1vol++fKnl6Gm0PZhoB0I0MkwHwYDVR0jBBgwFoAU+3g5E2fIrZfRqcIa
NTKFrV5ojRwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjUw
OC8tM2c1RTJmSXJaZlJxY0lhTlRLRnJWNW9qUncuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLy0zZzVFMmZJclpmUnFjSWFOVEtGclY1b2pSdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1MDgvLTNnNUUyZklyWmZS
cWNJYU5US0ZyVjVvalJ3Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAGBpWfNAw5Zd33eW5HIxWWzEPpTNCOLkEiYKXjI4FYbrHBypDhinqU52PGdS
G/ZRFMlezrGeY+kA5S+NOo926Gj12MejPEDhwgATYKK4+z7QUEMUiQTAHLFOXmsb
H4QEEStn/TshnHtSaleFJ/3TtfpqACAFpqvQNW0hDLjEVtsmykoX3Rfc77VBXPip
1x74ut/rx6lIvSbsN+3nKf/tOB8XNhFTw6CKQick94RUcmYpcf8XhSL28/IIXZn+
Unn9PqYYiJdh20juWRmHMSiENHJ1bfrnYNTois6h7ITFvzD2Jlvx1X7ZVA9taSjB
IJE/dlDCvqvFsx9vHRSgbtUcsCs=
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:19:39 2025 by rpki-client