Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft
File:                     2pk_5cBP-fIsUmJjC-w39bOngoU.mft (raw, json)
Hash identifier:          A4hL1RvTNbm4t//dhLQ/jMMLBbD7bvoNrnU+ETg5/vE=
Subject key identifier:   A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7
Authority key identifier: DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85
Certificate issuer:       /CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285
Certificate serial:       1ADD
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft
Manifest number:          1AC7
Signing time:             Wed 18 Mar 2026 01:00:57 +0000
Manifest this update:     Wed 18 Mar 2026 01:00:57 +0000
Manifest next update:     Wed 18 Mar 2026 07:00:57 +0000
Files and hashes:         1: 2pk_5cBP-fIsUmJjC-w39bOngoU.crl (hash: CeJUIkWRmvvKK8DZAA+7jJdRTrV8fyGYYuNHY5ttuN4=)
                          2: HvfqDy2hGJa-tDVDeSqEuKF3dN0.roa (hash: 2Jp6mxuujCuZIIC04F/ARmPj+su7hSsGSy1xTvc4+Qs=)
                          3: KQ-H06YzPy6rV4AqzFO-X8dibgw.roa (hash: /RpjV4HoINs3B8RP//omgR12bSPllVR3bfI79qOU30M=)
                          4: TpvO5vdeHWVXhGkTKjH84ly_vIU.roa (hash: +f0nHjtb5Rj8798V2ToE4hnOduYhYnSw9Um3wGP6CoI=)
                          5: l_MfvNTnzBZLPKSnaEcPlRuQYkE.roa (hash: g1JlaWRQx7eY93533lfTF3SPZVWvPqSI3xpvRqNIF7o=)
                          6: oNvneKkprq7Fup3AehiZivYiGcQ.roa (hash: WduhKcWHW4jd8W/irOIfT6Xtxvc/1kytp2QLDcGjP7I=)
                          7: wZLHpcvHrGz3tUiBMnBI6rIckCQ.roa (hash: 89jr9Ewq1iuL05K8GgrpOrKlq+vnC4Iu0FosUDNQP4g=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6877 (0x1add)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DA993FE5C04FF9F22C5262630BEC37F5B3A78285
        Validity
            Not Before: Mar 18 01:00:57 2026 GMT
            Not After : Jan  9 08:23:18 2027 GMT
        Subject: CN=A8880B2EBDF535B0D8D63A56238BF38A43E9A1B7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:4b:93:49:2e:47:72:6a:d8:85:17:58:f7:df:
                    75:ba:e5:b5:14:c5:d9:67:d2:2a:33:aa:cb:09:f4:
                    33:9c:2e:fc:b8:3b:59:e0:a1:0a:c5:b4:42:b0:2a:
                    7f:f1:ab:16:58:38:ed:c3:2b:4f:c3:37:8d:b2:5f:
                    18:d6:59:87:95:ea:d5:1f:cd:b4:8f:6b:d0:e6:d8:
                    fa:97:d7:4c:88:69:80:10:89:36:ae:52:ae:63:57:
                    0e:59:77:ef:b0:ab:01:fe:fc:cf:90:f9:d3:8e:7d:
                    37:2c:6a:a3:cf:c7:df:09:93:11:70:a2:f7:41:31:
                    53:04:d8:70:c3:f7:3e:14:d0:3a:4a:15:3f:6f:ff:
                    03:af:f6:5e:1f:a5:c3:d7:0f:e9:c6:ed:a1:be:e8:
                    7a:97:9a:d5:6a:75:96:e8:29:23:f3:87:2a:0a:9c:
                    d6:8f:aa:95:ed:e7:d6:e7:2d:c7:16:d9:59:93:3d:
                    05:14:a4:e2:06:d1:c9:30:ae:d2:b3:19:b3:1b:2b:
                    57:1c:77:67:d7:13:e2:ee:9f:71:d3:b6:66:1b:9c:
                    73:7c:d5:8a:c2:a6:9a:ec:ef:e7:ce:8f:4d:6f:cb:
                    bd:81:cc:93:82:3d:61:ab:61:dd:77:83:2e:8d:2d:
                    9b:07:d5:0d:13:3f:19:e6:e5:fe:84:0b:a1:2b:6d:
                    a7:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:88:0B:2E:BD:F5:35:B0:D8:D6:3A:56:23:8B:F3:8A:43:E9:A1:B7
            X509v3 Authority Key Identifier:
                keyid:DA:99:3F:E5:C0:4F:F9:F2:2C:52:62:63:0B:EC:37:F5:B3:A7:82:85

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2pk_5cBP-fIsUmJjC-w39bOngoU.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/654/2pk_5cBP-fIsUmJjC-w39bOngoU.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         1f:4b:19:19:0f:ec:d3:e9:7f:07:56:28:e4:e5:d9:83:25:5a:
         a3:27:42:45:5e:27:00:51:f4:22:08:91:9b:88:67:5d:ab:cc:
         15:f3:51:89:2c:fb:e3:a8:e2:0d:0f:6d:28:cf:00:7f:f8:57:
         0b:01:a7:91:5b:13:5b:4c:4d:e2:1c:d0:54:14:c9:06:4e:63:
         f6:b7:b8:48:0d:d5:9d:66:f8:89:32:45:b7:58:bb:ed:66:24:
         b5:a8:c9:fb:80:2c:3a:81:92:b7:89:f1:d1:71:75:92:b9:b6:
         fa:01:04:b2:08:29:bc:60:26:d2:5d:8d:24:57:99:17:42:0e:
         60:3b:8d:77:b7:db:d6:4d:8d:0e:cb:16:24:2e:f4:0d:fa:92:
         72:c5:95:5a:48:42:07:c7:d9:99:9a:5a:32:e1:ae:3c:e1:c1:
         59:62:36:d4:3d:2e:ee:98:51:1c:f5:98:b5:7b:33:17:d5:7e:
         71:a0:18:e2:5c:2f:bd:61:63:5c:36:f4:ae:21:87:8d:9c:aa:
         4c:73:b8:3c:19:53:64:fc:36:f6:96:c1:0a:d6:77:2e:b8:eb:
         4b:fa:aa:3b:22:73:5a:9b:68:cd:b8:20:03:58:81:32:dd:fc:
         49:08:31:85:3d:39:20:1f:d0:e4:37:57:f2:4c:af:9a:69:4f:
         e0:db:ae:d8
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICGt0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREE5
OTNGRTVDMDRGRjlGMjJDNTI2MjYzMEJFQzM3RjVCM0E3ODI4NTAeFw0yNjAzMTgw
MTAwNTdaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEE4ODgwQjJFQkRGNTM1
QjBEOEQ2M0E1NjIzOEJGMzhBNDNFOUExQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwS5NJLkdyatiFF1j333W65bUUxdln0iozqssJ9DOcLvy4O1ng
oQrFtEKwKn/xqxZYOO3DK0/DN42yXxjWWYeV6tUfzbSPa9Dm2PqX10yIaYAQiTau
Uq5jVw5Zd++wqwH+/M+Q+dOOfTcsaqPPx98JkxFwovdBMVME2HDD9z4U0DpKFT9v
/wOv9l4fpcPXD+nG7aG+6HqXmtVqdZboKSPzhyoKnNaPqpXt59bnLccW2VmTPQUU
pOIG0ckwrtKzGbMbK1ccd2fXE+Lun3HTtmYbnHN81YrCpprs7+fOj01vy72BzJOC
PWGrYd13gy6NLZsH1Q0TPxnm5f6EC6ErbaeVAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQUqIgLLr31NbDY1jpWI4vzikPpobcwHwYDVR0jBBgwFoAU2pk/5cBP+fIsUmJj
C+w39bOngoUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0
LzJwa181Y0JQLWZJc1VtSmpDLXczOWJPbmdvVS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvMnBrXzVjQlAtZklzVW1KakMtdzM5Yk9uZ29VLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjU0LzJwa181Y0JQLWZJc1Vt
SmpDLXczOWJPbmdvVS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQAfSxkZD+zT6X8HVijk5dmDJVqjJ0JFXicAUfQiCJGbiGddq8wV81GJLPvjqOIN
D20ozwB/+FcLAaeRWxNbTE3iHNBUFMkGTmP2t7hIDdWdZviJMkW3WLvtZiS1qMn7
gCw6gZK3ifHRcXWSubb6AQSyCCm8YCbSXY0kV5kXQg5gO413t9vWTY0OyxYkLvQN
+pJyxZVaSEIHx9mZmloy4a484cFZYjbUPS7umFEc9Zi1ezMX1X5xoBjiXC+9YWNc
NvSuIYeNnKpMc7g8GVNk/Db2lsEK1ncuuOtL+qo7InNam2jNuCADWIEy3fxJCDGF
PTkgH9DkN1fyTK+aaU/g267Y
-----END CERTIFICATE-----