Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3305/DPxgVxKdypoWDypZIndlqeZ0lLs.mft
File:                     DPxgVxKdypoWDypZIndlqeZ0lLs.mft (raw, json)
Hash identifier:          OUJY49h4q9zudrkZxtXcCeVr5PZQGFsfHpoaS9hNwjc=
Subject key identifier:   0A:11:9F:57:AC:C0:37:70:F8:6C:2A:86:F0:21:7E:60:FD:C1:4A:96
Authority key identifier: 0C:FC:60:57:12:9D:CA:9A:16:0F:2A:59:22:77:65:A9:E6:74:94:BB
Certificate issuer:       /CN=0CFC6057129DCA9A160F2A59227765A9E67494BB
Certificate serial:       0728
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DPxgVxKdypoWDypZIndlqeZ0lLs.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3305/DPxgVxKdypoWDypZIndlqeZ0lLs.mft
Manifest number:          0728
Signing time:             Sun 20 Jul 2025 11:41:50 +0000
Manifest this update:     Sun 20 Jul 2025 11:41:50 +0000
Manifest next update:     Sun 20 Jul 2025 17:41:50 +0000
Files and hashes:         1: DPxgVxKdypoWDypZIndlqeZ0lLs.crl (hash: wIPkA5h5yRS4tMxPa/b1Ezr7ebXF05CCxQMhBdJ2uUg=)
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3305/DPxgVxKdypoWDypZIndlqeZ0lLs.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3305/DPxgVxKdypoWDypZIndlqeZ0lLs.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DPxgVxKdypoWDypZIndlqeZ0lLs.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 20 Jul 2025 13:43:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1832 (0x728)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0CFC6057129DCA9A160F2A59227765A9E67494BB
        Validity
            Not Before: Jul 20 11:41:50 2025 GMT
            Not After : Apr  3 08:00:09 2026 GMT
        Subject: CN=0A119F57ACC03770F86C2A86F0217E60FDC14A96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:20:1e:6b:8d:42:0c:34:04:f0:b7:a9:65:fc:
                    8d:7b:cf:4a:42:07:b3:5e:79:c5:a2:e5:77:99:f0:
                    18:22:f5:e0:40:8e:0e:d0:4b:21:f5:5d:d4:be:8d:
                    35:69:f2:59:18:69:fb:16:2f:11:47:30:4b:12:8f:
                    6c:15:4c:8a:dd:9c:38:96:d2:f0:b9:5c:73:2f:63:
                    e0:90:89:d0:72:bf:15:60:ea:9d:59:7e:b9:04:d8:
                    c2:99:f1:ba:c1:1c:c4:b9:64:b6:d1:c5:8c:df:ad:
                    88:2c:3e:e2:b6:07:94:5d:f6:fa:30:21:82:60:4c:
                    f0:5d:4e:8b:7f:99:77:77:d7:2a:fb:1b:5f:7d:a9:
                    27:ab:9b:67:b8:c5:ce:cc:f2:84:5f:9d:cc:63:7a:
                    b4:20:b0:d2:03:2c:de:1b:b9:2e:1e:08:4e:ec:2e:
                    77:dd:2e:74:33:21:78:39:ef:54:1b:89:9b:e0:2e:
                    1a:eb:63:0d:b0:e2:c1:8b:4e:10:a8:70:a3:d6:cd:
                    02:5a:8b:f0:af:4d:ef:e9:1f:4f:f2:a0:34:23:6d:
                    60:d5:1d:fd:8e:a5:c0:e2:45:9f:df:58:dc:68:96:
                    c4:b7:ed:cb:b4:7f:61:b7:ad:e4:3b:ee:9e:f5:08:
                    fb:44:26:8f:28:8d:9d:d4:4b:0b:14:d1:24:cf:fc:
                    b4:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:11:9F:57:AC:C0:37:70:F8:6C:2A:86:F0:21:7E:60:FD:C1:4A:96
            X509v3 Authority Key Identifier:
                keyid:0C:FC:60:57:12:9D:CA:9A:16:0F:2A:59:22:77:65:A9:E6:74:94:BB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3305/DPxgVxKdypoWDypZIndlqeZ0lLs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DPxgVxKdypoWDypZIndlqeZ0lLs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3305/DPxgVxKdypoWDypZIndlqeZ0lLs.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         bb:7d:ce:fe:87:91:da:22:14:9b:5e:b0:c2:2b:84:ad:31:6b:
         ec:49:d1:fc:dd:3d:4b:5b:8a:86:08:b9:6d:82:47:63:a3:67:
         63:9e:90:b1:cf:f9:ee:9d:9d:44:85:17:ee:ca:3e:2a:5f:e1:
         7b:ea:eb:cf:21:6f:b4:ad:d3:86:dd:43:e8:cd:4f:23:e2:37:
         62:2c:77:ef:90:ed:75:50:79:6e:18:6c:b7:e3:7a:5f:20:06:
         e9:3e:ac:88:a7:f8:de:84:4e:69:d8:37:4b:fa:5a:6a:ed:b0:
         d5:83:38:a0:06:3c:70:e7:7f:26:aa:b1:c3:d9:9f:5f:16:b0:
         58:23:b7:0f:e6:36:f2:fc:16:ea:10:ed:43:82:ce:5a:3c:62:
         06:c9:cf:72:32:21:dc:6e:30:de:32:2b:20:3a:8d:f3:0b:75:
         30:a3:03:59:17:c9:45:0d:ac:d4:0f:bc:54:53:23:7c:f4:e0:
         bd:28:03:7d:99:17:b9:33:91:f9:0e:aa:ba:1d:88:13:67:36:
         77:17:3c:12:57:05:84:9d:95:86:97:9a:a7:c7:ee:e0:ab:49:
         c7:e4:18:2f:4b:85:0d:16:1f:9c:ac:ab:b8:54:59:dc:9f:35:
         9e:44:16:7e:58:d4:99:fe:cd:eb:d2:76:55:04:45:93:d1:56:
         d3:77:79:39
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICBygwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMENG
QzYwNTcxMjlEQ0E5QTE2MEYyQTU5MjI3NzY1QTlFNjc0OTRCQjAeFw0yNTA3MjAx
MTQxNTBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDBBMTE5RjU3QUNDMDM3
NzBGODZDMkE4NkYwMjE3RTYwRkRDMTRBOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8IB5rjUIMNATwt6ll/I17z0pCB7NeecWi5XeZ8Bgi9eBAjg7Q
SyH1XdS+jTVp8lkYafsWLxFHMEsSj2wVTIrdnDiW0vC5XHMvY+CQidByvxVg6p1Z
frkE2MKZ8brBHMS5ZLbRxYzfrYgsPuK2B5Rd9vowIYJgTPBdTot/mXd31yr7G199
qSerm2e4xc7M8oRfncxjerQgsNIDLN4buS4eCE7sLnfdLnQzIXg571QbiZvgLhrr
Yw2w4sGLThCocKPWzQJai/CvTe/pH0/yoDQjbWDVHf2OpcDiRZ/fWNxolsS37cu0
f2G3reQ77p71CPtEJo8ojZ3USwsU0STP/LTnAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUChGfV6zAN3D4bCqG8CF+YP3BSpYwHwYDVR0jBBgwFoAUDPxgVxKdypoWDypZ
IndlqeZ0lLswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMw
NS9EUHhnVnhLZHlwb1dEeXBaSW5kbHFlWjBsTHMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0RQeGdWeEtkeXBvV0R5cFpJbmRscWVaMGxMcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMDUvRFB4Z1Z4S2R5cG9X
RHlwWkluZGxxZVowbExzLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBALt9zv6HkdoiFJtesMIrhK0xa+xJ0fzdPUtbioYIuW2CR2OjZ2OekLHP+e6d
nUSFF+7KPipf4Xvq688hb7St04bdQ+jNTyPiN2Isd++Q7XVQeW4YbLfjel8gBuk+
rIin+N6ETmnYN0v6WmrtsNWDOKAGPHDnfyaqscPZn18WsFgjtw/mNvL8FuoQ7UOC
zlo8YgbJz3IyIdxuMN4yKyA6jfMLdTCjA1kXyUUNrNQPvFRTI3z04L0oA32ZF7kz
kfkOqrodiBNnNncXPBJXBYSdlYaXmqfH7uCrScfkGC9LhQ0WH5ysq7hUWdyfNZ5E
Fn5Y1Jn+zevSdlUERZPRVtN3eTk=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:48:34 2025 by rpki-client