Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3286/Um3mirHCXqVTIWuhLuNonNVrlkU.mft
File:                     Um3mirHCXqVTIWuhLuNonNVrlkU.mft (raw, json)
Hash identifier:          pVnKOlbOkYR21rZuO402+oDZWUW/v/ABlrDJkVkf4QQ=
Subject key identifier:   7C:42:1E:2B:98:95:EB:7D:14:57:6D:3B:48:EC:0F:A2:E3:BA:01:C9
Authority key identifier: 52:6D:E6:8A:B1:C2:5E:A5:53:21:6B:A1:2E:E3:68:9C:D5:6B:96:45
Certificate issuer:       /CN=526DE68AB1C25EA553216BA12EE3689CD56B9645
Certificate serial:       0816
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Um3mirHCXqVTIWuhLuNonNVrlkU.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3286/Um3mirHCXqVTIWuhLuNonNVrlkU.mft
Manifest number:          0816
Signing time:             Sun 20 Jul 2025 07:41:14 +0000
Manifest this update:     Sun 20 Jul 2025 07:41:14 +0000
Manifest next update:     Sun 20 Jul 2025 13:41:14 +0000
Files and hashes:         1: Um3mirHCXqVTIWuhLuNonNVrlkU.crl (hash: 2OL3la12xLnfAgQ659KhznG49kgfOi9pY4EZULb23Ds=)
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3286/Um3mirHCXqVTIWuhLuNonNVrlkU.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3286/Um3mirHCXqVTIWuhLuNonNVrlkU.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Um3mirHCXqVTIWuhLuNonNVrlkU.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 20 Jul 2025 13:41:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2070 (0x816)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=526DE68AB1C25EA553216BA12EE3689CD56B9645
        Validity
            Not Before: Jul 20 07:41:14 2025 GMT
            Not After : Apr  3 08:00:09 2026 GMT
        Subject: CN=7C421E2B9895EB7D14576D3B48EC0FA2E3BA01C9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:85:48:fa:6f:7f:9c:68:9e:ca:02:0a:ce:7e:
                    95:59:ba:0a:78:73:7e:a0:23:91:0e:2d:74:82:1b:
                    57:27:cc:a6:8a:8f:ac:fa:a0:f2:15:9c:5f:5b:8c:
                    cf:cb:4e:ac:90:39:ad:b2:bd:41:9d:de:08:a6:34:
                    bf:36:b4:1e:cc:9a:af:9e:81:a8:ae:29:e8:03:14:
                    d8:e9:04:5b:50:a8:a7:db:b5:b2:63:80:d6:5f:f0:
                    95:90:2f:8b:e2:eb:ee:8b:32:1f:d0:9c:cd:d6:93:
                    12:04:6f:a5:82:bd:15:aa:a9:b0:a7:8f:fb:f9:50:
                    0b:0a:e6:74:93:a3:6e:d6:8a:a6:09:69:d1:74:5d:
                    79:40:a7:1b:1b:e9:32:c5:46:60:c2:29:ca:7a:8f:
                    a2:f3:48:a9:41:78:af:91:80:ab:9e:f0:c5:e4:8f:
                    6d:d5:4f:55:03:27:11:d2:05:3b:78:be:31:3b:a7:
                    9a:ba:0b:38:f8:f9:e5:51:e8:1e:f4:1a:3d:90:17:
                    36:0e:2b:0c:42:e3:9e:39:d3:9c:c0:04:54:07:8e:
                    86:d3:d2:da:db:24:1c:6f:52:e2:34:89:3b:e7:1e:
                    4c:93:76:27:ed:f0:a4:20:fd:a9:24:7c:f4:71:ec:
                    a0:31:c9:dc:af:5c:a5:fd:aa:f6:e8:0b:36:df:0d:
                    97:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:42:1E:2B:98:95:EB:7D:14:57:6D:3B:48:EC:0F:A2:E3:BA:01:C9
            X509v3 Authority Key Identifier:
                keyid:52:6D:E6:8A:B1:C2:5E:A5:53:21:6B:A1:2E:E3:68:9C:D5:6B:96:45

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3286/Um3mirHCXqVTIWuhLuNonNVrlkU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Um3mirHCXqVTIWuhLuNonNVrlkU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3286/Um3mirHCXqVTIWuhLuNonNVrlkU.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         5e:62:73:d4:d5:ce:0d:b4:17:95:cb:db:6f:ef:ed:8e:18:fa:
         97:c9:ba:a4:47:fa:a3:02:1f:34:6a:ef:48:1c:56:66:55:e0:
         0a:2e:c0:18:dd:87:98:d0:3c:55:f0:d4:a5:a2:b5:5b:68:d4:
         bc:19:50:64:02:80:94:6b:df:5c:01:64:05:27:2e:32:42:b8:
         13:e2:8a:64:76:35:e3:d5:5d:dd:69:ea:c2:69:d8:6d:17:8a:
         7a:f3:08:97:01:3b:94:78:6c:66:fd:4b:7f:3d:0a:95:45:5b:
         17:a0:9f:e7:bc:e7:e5:39:cb:a2:b8:89:d1:61:b7:74:33:d8:
         dd:55:89:2a:63:28:6b:14:8c:2a:1b:31:38:78:05:0d:26:f2:
         d8:9d:13:9c:39:90:94:ae:7f:45:07:de:95:90:d2:a4:3a:23:
         0c:b8:7e:1c:58:5e:9f:d5:b3:be:cc:cd:4b:a9:30:30:2e:a7:
         c8:ed:01:7d:cb:cb:ad:c3:0e:39:77:42:26:1b:76:e2:ad:7b:
         35:da:af:3e:c1:1d:25:d3:96:9c:8e:fb:e4:33:f8:d7:a3:af:
         47:65:aa:f4:39:bc:75:e5:44:58:10:d0:c3:79:91:85:44:80:
         bd:fd:33:92:2c:f9:57:a4:6e:78:72:67:41:e8:4f:16:06:aa:
         af:89:29:1c
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICCBYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTI2
REU2OEFCMUMyNUVBNTUzMjE2QkExMkVFMzY4OUNENTZCOTY0NTAeFw0yNTA3MjAw
NzQxMTRaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDdDNDIxRTJCOTg5NUVC
N0QxNDU3NkQzQjQ4RUMwRkEyRTNCQTAxQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHhUj6b3+caJ7KAgrOfpVZugp4c36gI5EOLXSCG1cnzKaKj6z6
oPIVnF9bjM/LTqyQOa2yvUGd3gimNL82tB7Mmq+egaiuKegDFNjpBFtQqKfbtbJj
gNZf8JWQL4vi6+6LMh/QnM3WkxIEb6WCvRWqqbCnj/v5UAsK5nSTo27WiqYJadF0
XXlApxsb6TLFRmDCKcp6j6LzSKlBeK+RgKue8MXkj23VT1UDJxHSBTt4vjE7p5q6
Czj4+eVR6B70Gj2QFzYOKwxC454505zABFQHjobT0trbJBxvUuI0iTvnHkyTdift
8KQg/akkfPRx7KAxydyvXKX9qvboCzbfDZejAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUfEIeK5iV630UV207SOwPouO6AckwHwYDVR0jBBgwFoAUUm3mirHCXqVTIWuh
LuNonNVrlkUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4
Ni9VbTNtaXJIQ1hxVlRJV3VoTHVOb25OVnJsa1UuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1VtM21pckhDWHFWVElXdWhMdU5vbk5WcmxrVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyODYvVW0zbWlySENYcVZU
SVd1aEx1Tm9uTlZybGtVLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAF5ic9TVzg20F5XL22/v7Y4Y+pfJuqRH+qMCHzRq70gcVmZV4AouwBjdh5jQ
PFXw1KWitVto1LwZUGQCgJRr31wBZAUnLjJCuBPiimR2NePVXd1p6sJp2G0Xinrz
CJcBO5R4bGb9S389CpVFWxegn+e85+U5y6K4idFht3Qz2N1ViSpjKGsUjCobMTh4
BQ0m8tidE5w5kJSuf0UH3pWQ0qQ6Iwy4fhxYXp/Vs77MzUupMDAup8jtAX3Ly63D
Djl3QiYbduKtezXarz7BHSXTlpyO++Qz+Nejr0dlqvQ5vHXlRFgQ0MN5kYVEgL39
M5Is+VekbnhyZ0HoTxYGqq+JKRw=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:48:41 2025 by rpki-client