Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft
File:                     KCAlirZf9h_V1m2Vlk9I76NdzIY.mft (raw, json)
Hash identifier:          oCLCS4QAi95YES0jqlf/qY4lEuBMLWysFomLUm0+zS4=
Subject key identifier:   F2:2C:52:B9:00:B8:80:02:2A:92:10:A6:86:FE:1A:80:06:C4:DA:EB
Authority key identifier: 28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86
Certificate issuer:       /CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86
Certificate serial:       174A
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft
Manifest number:          1745
Signing time:             Wed 05 Nov 2025 15:12:40 +0000
Manifest this update:     Wed 05 Nov 2025 15:12:40 +0000
Manifest next update:     Wed 05 Nov 2025 21:12:40 +0000
Files and hashes:         1: I9uSXffH-pwTghGYA_o9PiW31PU.roa (hash: nwRRWYa9JDWQiBl3beIie/BcmhzWO1BFjAfKhqo9ItM=)
                          2: KCAlirZf9h_V1m2Vlk9I76NdzIY.crl (hash: rOnkDPnZV+PNYUmPa/1BpWVWOr7hu6Z5/L3uP13dZ9g=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5962 (0x174a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86
        Validity
            Not Before: Nov  5 15:12:40 2025 GMT
            Not After : Oct 23 03:01:03 2026 GMT
        Subject: CN=F22C52B900B880022A9210A686FE1A8006C4DAEB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:00:01:ef:f8:9d:ec:b2:12:09:20:58:1f:f3:
                    bd:ff:df:54:3b:c9:ac:13:5f:ac:3e:9a:f0:59:2a:
                    74:83:21:ab:51:13:b2:13:63:81:d9:61:f8:5e:72:
                    60:1f:12:b1:10:b8:dc:7a:b2:56:21:d0:fb:d7:f2:
                    aa:49:63:be:c8:7f:19:56:97:04:da:4e:53:1c:16:
                    c3:31:42:cb:b6:b8:63:dc:61:e5:98:a1:85:70:f3:
                    67:09:3e:d7:5d:db:ba:22:5d:14:68:44:54:17:ce:
                    af:66:c2:4f:e8:75:a9:e8:cc:15:f5:4e:86:ae:4d:
                    bd:6c:c9:56:d8:e9:b3:55:b2:0b:eb:a7:5b:fb:a0:
                    b1:ff:b0:ab:0f:f4:d2:07:47:cb:2c:90:1f:0e:ef:
                    ef:7f:4a:20:a2:34:ae:d9:44:8f:d9:a7:52:23:ad:
                    22:31:a4:2d:eb:05:2e:7a:97:20:23:ab:b8:dc:74:
                    6e:b5:ef:14:54:01:f8:0d:d1:90:ef:1f:be:ed:99:
                    aa:81:f8:f5:48:90:4c:c3:2c:07:cd:df:be:58:06:
                    0f:72:e1:81:bf:f1:58:33:a0:10:5c:bc:6c:0d:34:
                    36:2e:f3:d8:1a:b3:bd:d0:1b:c2:fa:72:fd:13:9f:
                    ab:9b:01:90:e8:66:7d:12:2b:b9:80:20:93:cb:4f:
                    3f:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F2:2C:52:B9:00:B8:80:02:2A:92:10:A6:86:FE:1A:80:06:C4:DA:EB
            X509v3 Authority Key Identifier:
                keyid:28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         29:73:ba:25:7c:91:de:67:38:90:c4:72:7b:fa:ee:36:94:44:
         42:d9:e2:af:dd:89:0b:9b:ab:da:32:4f:a9:33:45:1e:c2:6b:
         36:3f:ff:3a:c1:a2:21:67:2d:c8:6c:ed:b7:dd:f8:8b:ca:4f:
         90:66:61:d2:64:fb:36:f4:67:27:d9:0e:5a:37:63:4e:ce:2e:
         87:77:51:0d:1d:fc:c0:a0:39:3d:9a:19:f0:dc:3f:33:5e:9f:
         c5:8e:37:0d:f3:60:65:77:01:91:7b:1d:ec:55:c6:8f:75:60:
         cf:9c:c4:42:41:ba:66:24:0a:16:ad:4f:0e:ce:55:9e:52:94:
         b7:de:50:99:ae:f3:ca:63:0f:e2:84:8f:97:0b:03:7a:74:5f:
         f8:e3:fc:4a:8a:d0:79:66:a1:99:c8:d3:85:47:4d:01:7d:f4:
         f9:07:1b:dd:61:15:ee:b0:8e:f3:7c:6f:41:27:8c:46:94:9c:
         76:06:a0:03:bd:be:f5:59:eb:8c:b8:b8:70:5d:15:c5:f4:05:
         59:16:d9:8a:07:83:68:37:66:85:e0:17:53:fe:33:e3:88:33:
         fc:68:74:6e:27:9e:37:1f:63:2b:d5:98:b7:53:ba:e9:8c:53:
         1c:b6:43:e0:7e:b0:7b:fb:17:73:6f:57:4f:95:ea:4e:19:7d:
         70:5b:bc:e9
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICF0owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjgy
MDI1OEFCNjVGRjYxRkQ1RDY2RDk1OTY0RjQ4RUZBMzVEQ0M4NjAeFw0yNTExMDUx
NTEyNDBaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEYyMkM1MkI5MDBCODgw
MDIyQTkyMTBBNjg2RkUxQTgwMDZDNERBRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYAAHv+J3sshIJIFgf873/31Q7yawTX6w+mvBZKnSDIatRE7IT
Y4HZYfhecmAfErEQuNx6slYh0PvX8qpJY77IfxlWlwTaTlMcFsMxQsu2uGPcYeWY
oYVw82cJPtdd27oiXRRoRFQXzq9mwk/odanozBX1ToauTb1syVbY6bNVsgvrp1v7
oLH/sKsP9NIHR8sskB8O7+9/SiCiNK7ZRI/Zp1IjrSIxpC3rBS56lyAjq7jcdG61
7xRUAfgN0ZDvH77tmaqB+PVIkEzDLAfN375YBg9y4YG/8VgzoBBcvGwNNDYu89ga
s73QG8L6cv0Tn6ubAZDoZn0SK7mAIJPLTz83AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQU8ixSuQC4gAIqkhCmhv4agAbE2uswHwYDVR0jBBgwFoAUKCAlirZf9h/V1m2V
lk9I76NdzIYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx
Mi9LQ0FsaXJaZjloX1YxbTJWbGs5STc2TmR6SVkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0tDQWxpclpmOWhfVjFtMlZsazlJNzZOZHpJWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTIvS0NBbGlyWmY5aF9W
MW0yVmxrOUk3Nk5keklZLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAClzuiV8kd5nOJDEcnv67jaURELZ4q/diQubq9oyT6kzRR7CazY//zrBoiFn
Lchs7bfd+IvKT5BmYdJk+zb0ZyfZDlo3Y07OLod3UQ0d/MCgOT2aGfDcPzNen8WO
Nw3zYGV3AZF7HexVxo91YM+cxEJBumYkChatTw7OVZ5SlLfeUJmu88pjD+KEj5cL
A3p0X/jj/EqK0HlmoZnI04VHTQF99PkHG91hFe6wjvN8b0EnjEaUnHYGoAO9vvVZ
64y4uHBdFcX0BVkW2YoHg2g3ZoXgF1P+M+OIM/xodG4nnjcfYyvVmLdTuumMUxy2
Q+B+sHv7F3NvV0+V6k4ZfXBbvOk=
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:53:39 2025 by rpki-client