Manifest

$ rpki-client -vvf rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft
File:                     3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft (raw, json)
Hash identifier:          oRLr/DPy6rqJ9fBgl7tW5cnfWHeU3ruOv06x23d5M0U=
Subject key identifier:   B7:0F:13:C5:F9:8C:EC:56:F3:6E:9B:78:2B:11:9C:C5:68:67:53:8F
Authority key identifier: 3D:C3:23:89:D8:EB:00:BB:31:C6:A9:5B:34:AF:C8:57:6A:80:7A:0A
Certificate issuer:       /CN=3DC32389D8EB00BB31C6A95B34AFC8576A807A0A
Certificate serial:       58C1FD00012FF17979C7B75BAB1A92E47B76DFED
Authority info access:    rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.cer
Subject info access:      rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft
Manifest number:          C3
Signing time:             Sun 14 Jun 2026 01:12:32 +0000
Manifest this update:     Sun 14 Jun 2026 01:07:32 +0000
Manifest next update:     Mon 15 Jun 2026 02:04:32 +0000
Files and hashes:         1: 34352e3235342e32372e302f32342d3234203d3e20313532333230.roa (hash: 8ey7xc7GrXn7mmv3ISFSPmAtts9JOcGCGnrt0IYw5NA=)
                          2: 3130332e3232332e3132332e302f32342d3234203d3e20313532333230.roa (hash: BpauxASw+QwtCt0D3PSjlF+wZywrzS5unEAJDnk9hrM=)
                          3: 3130332e3232332e3132302e302f32342d3234203d3e20313532333230.roa (hash: 5HY0Ue/vWpU1LvYH7L0XmoUxw5TaIDzLdoP5LOndIDk=)
                          4: 3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.crl (hash: gfMMGcnhErUfF1m1QzA81n7kO7chBF+80koCXy6+1eM=)
                          5: 34352e3235342e32342e302f32322d3234203d3e20313532333230.roa (hash: /jlOtfFFIhy/vioYOPrruZVnaBj+JGwUse/ni91LtIM=)
                          6: 3130332e3232332e3132312e302f32342d3234203d3e20313532333230.roa (hash: wzRfwIBhTwNZEHuoPqB4pgLkBoUBXIsG3gE0j7DP/GE=)
                          7: 34352e3235342e32362e302f32342d3234203d3e20313532333230.roa (hash: zQnT6ObBiJ3XRQBU4LCMwXOfUmhlF2FqQYNCv6Fc46M=)
                          8: 3130332e3232332e3132302e302f32322d3234203d3e20313532333230.roa (hash: QDhDhO+o5EAhmJMJ47IlDxl87DbWK8fpZhIHG6UPABU=)
                          9: 34352e3235342e32352e302f32342d3234203d3e20313532333230.roa (hash: qjKwVJnGzyI/LX79Tj4cDa3KV/Elv2yjd5+GDsO75bY=)
                          10: 34352e3235342e32342e302f32342d3234203d3e20313532333230.roa (hash: HRYgKbtmr+OMYx/1qW6f1p5CaBZOf7Km54MLi7qIJYQ=)
                          11: 3130332e3232332e3132322e302f32342d3234203d3e20313532333230.roa (hash: ENw2cTESVh99EP8BLMv1kqoTtl4yUiDM0XZMs1ujX6o=)
Validation:               OK
Signature path:           rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.crl
                          rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft
                          rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.cer
                          rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.crl
                          rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/A56E872A403E7B9CEB9431A08F540401D2FBD710.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pW6HKkA-e5zrlDGgj1QEAdL71xA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 14 Jun 2026 16:02:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:c1:fd:00:01:2f:f1:79:79:c7:b7:5b:ab:1a:92:e4:7b:76:df:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3DC32389D8EB00BB31C6A95B34AFC8576A807A0A
        Validity
            Not Before: Jun 14 01:07:32 2026 GMT
            Not After : Jun 15 02:04:32 2026 GMT
        Subject: CN=B70F13C5F98CEC56F36E9B782B119CC56867538F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:95:1a:56:43:1f:b8:82:a1:c5:a5:cf:b3:00:
                    18:a3:cf:3a:e4:94:a4:c2:15:08:80:b8:e2:11:53:
                    8c:36:e9:27:23:46:fb:95:63:e8:52:a9:81:8b:be:
                    93:dd:ba:de:5e:b7:48:85:c3:e2:ec:32:71:49:06:
                    45:ff:bd:d8:70:7d:46:6a:bc:92:d9:28:15:63:55:
                    24:3d:86:fc:c2:76:ff:72:3e:27:7d:66:0c:20:2c:
                    5f:da:37:7b:b0:9a:06:f3:cd:80:a0:bc:6e:34:42:
                    9a:77:5b:f1:24:66:79:2e:b0:5a:cb:f9:a5:d4:1d:
                    02:0d:1b:11:cc:60:99:9a:db:96:34:05:b4:04:bb:
                    fc:0e:07:95:b8:31:e4:27:3a:2d:d0:ce:c0:39:5b:
                    28:6d:ad:d6:d6:d4:f7:e1:00:e6:57:bc:b4:96:02:
                    f9:b5:b1:64:70:24:8a:b7:28:47:76:65:ad:ea:c3:
                    87:c8:7a:d0:b8:f5:45:9f:b8:65:7d:a0:1d:9d:c9:
                    c7:7d:82:78:e1:09:44:4f:b5:a6:75:0d:d3:a6:98:
                    58:4f:45:d2:a6:3d:fb:f6:a5:dc:e6:e6:0a:07:10:
                    5b:94:42:8b:c8:39:65:91:d1:8f:f0:9f:e4:42:d1:
                    10:05:b2:b6:1b:f7:fa:a9:b0:92:01:98:3d:da:3c:
                    52:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:0F:13:C5:F9:8C:EC:56:F3:6E:9B:78:2B:11:9C:C5:68:67:53:8F
            X509v3 Authority Key Identifier:
                keyid:3D:C3:23:89:D8:EB:00:BB:31:C6:A9:5B:34:AF:C8:57:6A:80:7A:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.cnnic.cn/repo/A1055390775090675715/1/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.cnnic.cn/repo/A1065588553129852931/0/3DC32389D8EB00BB31C6A95B34AFC8576A807A0A.mft

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         36:5c:a8:d4:2e:38:d5:5c:93:b4:98:98:74:29:d6:25:5e:b7:
         5c:bd:47:3a:f8:b7:75:12:0b:43:3d:fa:1b:f7:32:3e:f8:7c:
         8f:69:31:dc:ff:43:ff:94:ae:7f:a0:d9:c7:95:26:04:0c:17:
         84:ae:3f:45:39:c0:83:66:aa:e4:19:0b:10:3d:48:02:3c:39:
         45:5b:1d:31:49:d9:5d:3c:03:87:ae:4a:fd:f6:12:3f:83:dd:
         6d:45:9e:b1:5c:10:49:e7:51:6a:38:20:a7:c5:6b:a9:10:cf:
         b4:21:61:ee:86:1d:f2:e9:98:66:86:d7:a5:00:d7:92:61:dc:
         7f:86:dc:33:23:25:d2:15:c1:98:cd:48:68:09:23:4a:03:1b:
         ea:17:59:af:4d:36:85:b4:88:12:c8:d2:70:66:58:40:6f:9b:
         5e:80:c1:3e:96:a5:74:e2:e1:57:49:2c:52:08:cc:79:b4:01:
         bd:11:d9:91:08:b6:6a:de:c3:de:02:04:79:81:bd:19:91:93:
         d9:71:03:2d:ae:6e:79:f9:43:5e:7a:58:44:29:08:89:d1:11:
         8b:f8:44:31:c9:e1:d9:49:44:c6:10:17:d1:d7:1c:a4:77:66:
         02:8b:bb:6b:63:93:e4:dd:92:11:eb:03:5d:3c:9c:f3:33:57:
         f5:bb:fd:ee
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUWMH9AAEv8Xl5x7dbqxqS5Ht23+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0RDMzIzODlEOEVCMDBCQjMxQzZBOTVCMzRBRkM4NTc2
QTgwN0EwQTAeFw0yNjA2MTQwMTA3MzJaFw0yNjA2MTUwMjA0MzJaMDMxMTAvBgNV
BAMTKEI3MEYxM0M1Rjk4Q0VDNTZGMzZFOUI3ODJCMTE5Q0M1Njg2NzUzOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCalRpWQx+4gqHFpc+zABijzzrk
lKTCFQiAuOIRU4w26ScjRvuVY+hSqYGLvpPdut5et0iFw+LsMnFJBkX/vdhwfUZq
vJLZKBVjVSQ9hvzCdv9yPid9ZgwgLF/aN3uwmgbzzYCgvG40Qpp3W/EkZnkusFrL
+aXUHQINGxHMYJma25Y0BbQEu/wOB5W4MeQnOi3QzsA5WyhtrdbW1PfhAOZXvLSW
Avm1sWRwJIq3KEd2Za3qw4fIetC49UWfuGV9oB2dycd9gnjhCURPtaZ1DdOmmFhP
RdKmPfv2pdzm5goHEFuUQovIOWWR0Y/wn+RC0RAFsrYb9/qpsJIBmD3aPFI1AgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQUtw8TxfmM7Fbzbpt4KxGcxWhnU48wHwYDVR0j
BBgwFoAUPcMjidjrALsxxqlbNK/IV2qAegowDgYDVR0PAQH/BAQDAgeAMHMGA1Ud
HwRsMGowaKBmoGSGYnJzeW5jOi8vcnBraS1ycHMuY25uaWMuY24vcmVwby9BMTA2
NTU4ODU1MzEyOTg1MjkzMS8wLzNEQzMyMzg5RDhFQjAwQkIzMUM2QTk1QjM0QUZD
ODU3NkE4MDdBMEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5
bmM6Ly9ycGtpLXJwcy5jbm5pYy5jbi9yZXBvL0ExMDU1MzkwNzc1MDkwNjc1NzE1
LzEvM0RDMzIzODlEOEVCMDBCQjMxQzZBOTVCMzRBRkM4NTc2QTgwN0EwQS5jZXIw
fgYIKwYBBQUHAQsEcjBwMG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2ktcnBzLmNu
bmljLmNuL3JlcG8vQTEwNjU1ODg1NTMxMjk4NTI5MzEvMC8zREMzMjM4OUQ4RUIw
MEJCMzFDNkE5NUIzNEFGQzg1NzZBODA3QTBBLm1mdDAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYI
KwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANlyo1C441VyT
tJiYdCnWJV63XL1HOvi3dRILQz36G/cyPvh8j2kx3P9D/5Suf6DZx5UmBAwXhK4/
RTnAg2aq5BkLED1IAjw5RVsdMUnZXTwDh65K/fYSP4PdbUWesVwQSedRajggp8Vr
qRDPtCFh7oYd8umYZobXpQDXkmHcf4bcMyMl0hXBmM1IaAkjSgMb6hdZr002hbSI
EsjScGZYQG+bXoDBPpaldOLhV0ksUgjMebQBvRHZkQi2at7D3gIEeYG9GZGT2XED
La5ueflDXnpYRCkIidERi/hEMcnh2UlExhAX0dccpHdmAou7a2OT5N2SEesDXTyc
8zNX9bv97g==
-----END CERTIFICATE-----
Generated at Sun Jun 14 05:46:53 2026 by rpki-client