Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft
File:                     s7pq7zuPouXZteQ0OOACDUJqHso.mft (raw, json)
Hash identifier:          8nzxsL/kTVwyKnaK60GbXFROjJepNt37u7oto+a9kgY=
Subject key identifier:   C7:40:47:DB:46:31:A4:74:E1:19:9E:E6:1A:2B:3A:FC:7A:1A:B9:54
Authority key identifier: B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA
Certificate issuer:       /CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA
Certificate serial:       1092
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft
Manifest number:          108E
Signing time:             Tue 18 Jun 2024 02:56:26 +0000
Manifest this update:     Tue 18 Jun 2024 02:56:26 +0000
Manifest next update:     Tue 18 Jun 2024 08:56:26 +0000
Files and hashes:         1: N9betOYlP4dNSg1zfLZLz93Cf3k.roa (hash: Rd6KBqpzSRX6UnLF4hTCvmBudUM77ktYpRmBV4KnlB0=)
                          2: s7pq7zuPouXZteQ0OOACDUJqHso.crl (hash: 9cBermKirH5q8nxrJ/wAB3rfx3aaf3WsFYDvuK6kh0A=)

Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 18 Jun 2024 08:56:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4242 (0x1092)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B3BA6AEF3B8FA2E5D9B5E43438E0020D426A1ECA
        Validity
            Not Before: Jun 18 02:56:26 2024 GMT
            Not After : Jan 31 01:13:46 2025 GMT
        Subject: CN=C74047DB4631A474E1199EE61A2B3AFC7A1AB954
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:4e:b3:10:31:ca:b7:57:21:7d:b3:22:cc:ab:
                    67:13:04:00:35:46:88:7b:b5:52:d0:0d:61:b1:09:
                    f9:24:ce:3c:72:16:fe:d8:3d:4f:94:c7:94:47:c1:
                    58:bc:0a:cb:f8:68:bb:fd:2a:78:61:3e:da:11:1c:
                    fa:5c:bb:21:ab:6d:d3:1c:57:a0:2f:ba:aa:a8:bf:
                    19:1b:6c:cc:2d:6e:b2:af:17:92:11:a1:00:86:99:
                    12:8d:77:06:24:cd:a8:0d:ea:82:71:66:5b:7b:e2:
                    c7:34:44:1e:aa:59:6b:97:30:c5:f8:06:d3:a1:34:
                    90:4b:f4:f8:0e:a5:c2:e7:78:88:45:fd:aa:d2:d9:
                    46:93:1d:52:a2:15:b5:c8:f6:a8:75:e4:ee:23:18:
                    59:82:17:87:60:3f:63:1d:89:20:9a:7e:74:b8:a0:
                    04:13:9a:0c:b0:b4:a8:d8:d8:a0:4e:25:b2:9c:fb:
                    37:c4:23:43:07:a9:3e:24:7d:14:c5:af:07:33:84:
                    d1:dd:af:e2:72:fb:41:a0:a8:6a:b0:9a:80:b1:48:
                    1d:f4:71:6c:94:fb:7d:36:c4:c0:5e:1b:ee:bd:fc:
                    7a:03:dc:e4:5d:96:82:5c:2d:13:80:9d:ff:f3:85:
                    8b:04:d7:f0:0d:31:6b:e2:86:15:46:0b:dc:e4:ea:
                    ae:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:40:47:DB:46:31:A4:74:E1:19:9E:E6:1A:2B:3A:FC:7A:1A:B9:54
            X509v3 Authority Key Identifier:
                keyid:B3:BA:6A:EF:3B:8F:A2:E5:D9:B5:E4:34:38:E0:02:0D:42:6A:1E:CA

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/s7pq7zuPouXZteQ0OOACDUJqHso.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/s7pq7zuPouXZteQ0OOACDUJqHso.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         17:77:d3:18:5e:63:51:81:e6:13:87:5f:4f:a9:b8:71:6c:c8:
         43:e1:bd:ac:25:0f:a5:00:62:f5:c8:e4:47:d3:e0:73:9c:11:
         7d:01:8f:e3:1b:0e:fe:e5:a4:5e:c9:51:b0:a3:ac:13:ca:e6:
         63:4b:dc:40:04:9c:7a:2b:54:c5:31:5f:62:0d:d4:7b:32:c0:
         d0:9a:81:5a:e6:42:a6:fe:d9:35:14:e8:5a:65:76:d8:cc:cb:
         90:08:89:03:de:9e:5c:ad:fb:32:2a:1e:16:cd:75:eb:88:d8:
         18:91:eb:2e:fa:06:01:8b:13:67:ad:f5:9f:94:0b:fe:5e:b9:
         ba:7f:c1:16:79:2b:70:30:26:99:23:5a:7b:eb:4d:fa:4c:72:
         e3:d2:18:bd:c2:0f:65:87:e2:78:04:4a:0c:e9:66:25:3c:74:
         be:c4:01:a9:7d:7e:60:ba:f5:ba:cd:90:87:a9:ff:f3:67:e6:
         68:82:6d:7b:ae:5d:e8:81:9c:46:9d:fc:f3:3c:4d:36:a2:c8:
         a0:17:f2:2b:20:c3:29:72:60:bc:2f:bd:69:45:80:dd:b0:a1:
         7c:b0:21:f5:27:21:f7:5f:a8:59:a2:5f:39:92:cb:a0:a1:4a:
         68:6a:8d:7b:8e:e9:59:28:4c:f5:7d:30:be:13:94:15:aa:48:
         e3:d2:ee:e7
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICEJIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjNC
QTZBRUYzQjhGQTJFNUQ5QjVFNDM0MzhFMDAyMEQ0MjZBMUVDQTAeFw0yNDA2MTgw
MjU2MjZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEM3NDA0N0RCNDYzMUE0
NzRFMTE5OUVFNjFBMkIzQUZDN0ExQUI5NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDATrMQMcq3VyF9syLMq2cTBAA1Roh7tVLQDWGxCfkkzjxyFv7Y
PU+Ux5RHwVi8Csv4aLv9KnhhPtoRHPpcuyGrbdMcV6AvuqqovxkbbMwtbrKvF5IR
oQCGmRKNdwYkzagN6oJxZlt74sc0RB6qWWuXMMX4BtOhNJBL9PgOpcLneIhF/arS
2UaTHVKiFbXI9qh15O4jGFmCF4dgP2MdiSCafnS4oAQTmgywtKjY2KBOJbKc+zfE
I0MHqT4kfRTFrwczhNHdr+Jy+0GgqGqwmoCxSB30cWyU+302xMBeG+69/HoD3ORd
loJcLROAnf/zhYsE1/ANMWvihhVGC9zk6q5fAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQUx0BH20YxpHThGZ7mGis6/HoauVQwHwYDVR0jBBgwFoAUs7pq7zuPouXZteQ0
OOACDUJqHsowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3
L3M3cHE3enVQb3VYWnRlUTBPT0FDRFVKcUhzby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvczdwcTd6dVBvdVhadGVRME9PQUNEVUpxSHNvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L3M3cHE3enVQb3VYWnRl
UTBPT0FDRFVKcUhzby5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQAXd9MYXmNRgeYTh19PqbhxbMhD4b2sJQ+lAGL1yORH0+BznBF9AY/jGw7+5aRe
yVGwo6wTyuZjS9xABJx6K1TFMV9iDdR7MsDQmoFa5kKm/tk1FOhaZXbYzMuQCIkD
3p5crfsyKh4WzXXriNgYkesu+gYBixNnrfWflAv+Xrm6f8EWeStwMCaZI1p76036
THLj0hi9wg9lh+J4BEoM6WYlPHS+xAGpfX5guvW6zZCHqf/zZ+Zogm17rl3ogZxG
nfzzPE02osigF/IrIMMpcmC8L71pRYDdsKF8sCH1JyH3X6hZol85ksugoUpoao17
julZKEz1fTC+E5QVqkjj0u7n
-----END CERTIFICATE-----
Generated at Tue Jun 18 07:26:36 2024 by rpki-client on console-fra.rpki-client.org