Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft
File:                     aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft (raw, json)
Hash identifier:          Di24S+00G0Oz5e368wb60ULDVPZrfXfDqX0O/snekVc=
Subject key identifier:   39:55:E7:D7:82:24:F2:A8:E7:87:38:1F:C7:8A:F1:5C:0D:D9:62:94
Authority key identifier: 6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77
Certificate issuer:       /CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177
Certificate serial:       1F87
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft
Manifest number:          1F73
Signing time:             Fri 25 Jul 2025 18:45:26 +0000
Manifest this update:     Fri 25 Jul 2025 18:45:26 +0000
Manifest next update:     Sat 26 Jul 2025 00:45:26 +0000
Files and hashes:         1: SfhRhUwxRQYhsLOpiAKyS2q9hsY.roa (hash: Lssgwg/LDS2Gc0apDKaxQyM7zkkn1Wrj9+vmCV3/eVQ=)
                          2: YvxJMlGBtdhPwCe99e-TBRWSmno.roa (hash: U4S+JHkc2/dz4XfdQdt/8ojCwq7JqsXN3uR74WyZ1Sc=)
                          3: aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl (hash: 5QLsjsdJcGf+ywgaXYsjlwzrpJaBFoIl5r9eB/lggFk=)
                          4: j_kpTNBSK3t7GObLuJuO84r6yXg.roa (hash: 92qu/6Pnh10gXsJpooRaqzuk+tEHFKZQlp45GGTTNME=)
                          5: vsCb1gfzCZQSeph_HdAeeNgF874.roa (hash: 1uUbExkvMNjyRg7sRiwkOs40dB1SMw82GaAUU552bRc=)
                          6: yWrpRzy-pXo5DqN4ghePjg83Q5s.roa (hash: sxKoArpcodf1XhHERSuGUAuqoIJ+zjBluNq+X0Glo5I=)
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 26 Jul 2025 00:45:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8071 (0x1f87)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177
        Validity
            Not Before: Jul 25 18:45:26 2025 GMT
            Not After : Apr  3 08:00:09 2026 GMT
        Subject: CN=3955E7D78224F2A8E787381FC78AF15C0DD96294
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:d4:eb:44:e8:67:f1:ba:df:7b:27:01:02:81:
                    0f:fa:f1:5a:0b:8c:4b:38:05:f2:f4:01:74:33:ab:
                    85:c5:39:b8:f9:22:5c:56:85:6c:e8:4b:29:e6:64:
                    71:a1:98:ce:44:3d:6e:68:b4:85:f2:38:e9:ea:8a:
                    ca:38:5a:8e:4c:24:40:da:76:37:8d:bf:ef:79:bf:
                    44:40:85:d0:92:6a:11:e3:30:06:d0:fe:79:fa:f8:
                    94:97:c7:16:ae:d6:1f:30:5e:47:12:20:cb:c6:47:
                    f8:52:f4:a8:37:4c:b3:a0:26:74:05:a3:e1:72:a3:
                    54:8e:0a:78:25:0e:02:a7:d3:80:17:96:47:b8:f0:
                    a3:4a:c8:95:9e:a5:ed:50:61:52:08:61:33:74:ec:
                    82:f2:f0:f7:05:06:9f:0e:9c:c9:e1:96:cf:f1:6a:
                    67:73:ac:d5:5a:e8:74:c2:22:76:1d:0d:de:1f:30:
                    f2:b2:77:25:1d:ec:45:55:27:f3:20:fc:0c:73:d1:
                    21:15:54:91:2f:2e:80:6f:08:06:d9:0a:45:fd:d8:
                    40:38:a6:41:05:a2:30:5e:54:20:a2:2c:26:95:71:
                    e9:60:59:12:15:cf:0b:b6:61:ec:f1:5c:5b:0a:4b:
                    86:b1:97:98:f6:cc:ec:e4:56:f6:cf:d4:3c:13:a4:
                    8a:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:55:E7:D7:82:24:F2:A8:E7:87:38:1F:C7:8A:F1:5C:0D:D9:62:94
            X509v3 Authority Key Identifier:
                keyid:6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         32:e0:dd:5f:cd:d5:b3:a9:39:43:b8:6b:b6:6e:9c:15:52:73:
         ca:fb:f6:9b:e4:39:5e:7b:10:a7:c9:b5:1f:62:2b:ec:0a:fa:
         e0:59:9a:1d:24:42:f9:72:c7:92:70:13:9b:16:ee:0e:79:58:
         f0:ff:10:e9:02:87:a9:34:35:55:f5:cb:7b:06:3c:ed:fd:72:
         81:d2:89:62:bf:99:6c:45:83:1b:09:90:71:6c:57:f0:80:b7:
         18:fb:a7:eb:27:23:a4:56:c3:46:1f:96:41:18:f2:49:5f:f6:
         73:25:30:ac:d5:f6:09:55:8c:86:35:a1:f3:29:94:24:d3:35:
         85:49:ea:5c:76:03:cf:ab:48:d0:88:59:a3:78:b5:85:be:cf:
         27:6e:3e:5f:9d:e7:34:02:a3:dd:c8:50:24:9f:b4:71:86:60:
         1a:d6:77:e9:b8:16:99:80:07:c6:90:bc:c3:34:cc:8a:a2:ff:
         33:cc:a1:a5:7a:02:a0:9a:65:2b:84:56:24:5e:3e:9d:fb:b5:
         e9:ed:ca:3d:28:f7:9d:e3:62:1d:d0:48:a5:84:8d:51:59:30:
         d5:5f:9c:33:46:ba:a8:d9:7d:42:32:2d:1b:6c:a9:ec:b0:ae:
         d4:3c:15:5d:d2:e0:b7:cb:f8:26:33:78:a3:49:9a:88:c7:37:
         67:b7:b3:b3
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICH4cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEy
MUExMUFBQzRFQUUwQTYzMDY1OUIzMUEyMzBCMDhENkI1ODE3NzAeFw0yNTA3MjUx
ODQ1MjZaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDM5NTVFN0Q3ODIyNEYy
QThFNzg3MzgxRkM3OEFGMTVDMEREOTYyOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq1OtE6Gfxut97JwECgQ/68VoLjEs4BfL0AXQzq4XFObj5IlxW
hWzoSynmZHGhmM5EPW5otIXyOOnqiso4Wo5MJEDadjeNv+95v0RAhdCSahHjMAbQ
/nn6+JSXxxau1h8wXkcSIMvGR/hS9Kg3TLOgJnQFo+Fyo1SOCnglDgKn04AXlke4
8KNKyJWepe1QYVIIYTN07ILy8PcFBp8OnMnhls/xamdzrNVa6HTCInYdDd4fMPKy
dyUd7EVVJ/Mg/Axz0SEVVJEvLoBvCAbZCkX92EA4pkEFojBeVCCiLCaVcelgWRIV
zwu2YezxXFsKS4axl5j2zOzkVvbP1DwTpIqpAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUOVXn14Ik8qjnhzgfx4rxXA3ZYpQwHwYDVR0jBBgwFoAUaiGhGqxOrgpjBlmz
GiMLCNa1gXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU2
NC9haUdoR3F4T3JncGpCbG16R2lNTENOYTFnWGMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2FpR2hHcXhPcmdwakJsbXpHaU1MQ05hMWdYYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NjQvYWlHaEdxeE9yZ3Bq
QmxtekdpTUxDTmExZ1hjLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBADLg3V/N1bOpOUO4a7ZunBVSc8r79pvkOV57EKfJtR9iK+wK+uBZmh0kQvly
x5JwE5sW7g55WPD/EOkCh6k0NVX1y3sGPO39coHSiWK/mWxFgxsJkHFsV/CAtxj7
p+snI6RWw0YflkEY8klf9nMlMKzV9glVjIY1ofMplCTTNYVJ6lx2A8+rSNCIWaN4
tYW+zyduPl+d5zQCo93IUCSftHGGYBrWd+m4FpmAB8aQvMM0zIqi/zPMoaV6AqCa
ZSuEViRePp37tentyj0o953jYh3QSKWEjVFZMNVfnDNGuqjZfUIyLRtsqeywrtQ8
FV3S4LfL+CYzeKNJmojHN2e3s7M=
-----END CERTIFICATE-----
Generated at Sat Jul 26 00:36:39 2025 by rpki-client