Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft
File:                     OrqLQlIyvliWg5beMqjrWgXuplg.mft (raw, json)
Hash identifier:          l/7ZHx5bxut51oDtMFiAA3nXp7qUtqdJJj6CAcvISxM=
Subject key identifier:   EE:3D:61:32:5F:A4:15:8F:6D:D8:75:32:51:AA:A0:A4:34:31:9D:AF
Authority key identifier: 3A:BA:8B:42:52:32:BE:58:96:83:96:DE:32:A8:EB:5A:05:EE:A6:58
Certificate issuer:       /CN=3ABA8B425232BE58968396DE32A8EB5A05EEA658
Certificate serial:       23C2
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft
Manifest number:          23AA
Signing time:             Mon 02 Mar 2026 02:28:13 +0000
Manifest this update:     Mon 02 Mar 2026 02:28:13 +0000
Manifest next update:     Mon 02 Mar 2026 08:28:13 +0000
Files and hashes:         1: -BD1ScZ1qtVml1mtGMCl0VXuWnQ.roa (hash: Y4RnHF0olQOkJZCOgplKy6V5W3l+yjTdRv7vuxuxt/Y=)
                          2: 3XFAM1LR8bXrQO9-4KxTBRR6oUM.roa (hash: p3HTFnAwoQUplrWD0lDFeQnn6TtUf3uSH5E930q9wmY=)
                          3: 5gBAgORrLJ1HOd2UJI9VuTgWXLw.roa (hash: BzXsg9YDlLmZBk4wjszn8ron+o/kdkRGz8/J4E7WxpE=)
                          4: 7fQbZDA8tyj5MEHYs8eECTQqEJ4.roa (hash: oBOqnJZox1co4VueK7P6UmPhiXBxYSVNzp0LyLTBDng=)
                          5: Koq88Hkeq0z1orOFOt3sXUP1i7s.roa (hash: cUkd0p+vM60SjplpcTha44ZE3PZE50mAlZ76hhRNkkw=)
                          6: NS8ld6_e8jjTJ5NSmZlXmrsytmg.roa (hash: ue62yQ5UfjmW3GmSVVDJ5m+vcixMEBmN2imHAbo0koI=)
                          7: NeXIOaCZIioOy7ziawSIyD4woWg.roa (hash: ZqTBe0guzD9KLaSCWJGTcCkPLsZkZYyc2ZL6bz7lxFE=)
                          8: OrqLQlIyvliWg5beMqjrWgXuplg.crl (hash: GNJSDmy1nvU6LDgbQurwTvz9vhleCXiX4ktfYuCaRuk=)
                          9: Z4ucuIoDOQ7ECal5D-VY1DrScvE.roa (hash: BdUnvquZvHpYLIFBwlsMwX3JdDiI48uDaE8PxvIMH+c=)
                          10: osUjb5gBSaQor-TU3i_rb5Up6_g.roa (hash: GbQSg+jIionWUDPH2Aacq0jFbjplc9PH4PJqqNZpw3g=)
                          11: rOLZuyZPB6j0aMAFjGGcCvT-Xks.roa (hash: pvA5LjRYZubqawi/TZBz+Jnw6EaTAjSubqty4ug9Fa4=)
                          12: xoiU_cNHrC9XYfowMsmLFuzbCUU.roa (hash: +3jAWysUr7r4XUdqqPf705TWZpvCt2uP+nwWgTNxgcA=)
                          13: zlUos4_Lnxtl0Za76SDtV7roYEg.roa (hash: 3gPFe9nQupimS5NzDb4pfhh3cdXZ3WndW8yV7WyaFm8=)
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9154 (0x23c2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3ABA8B425232BE58968396DE32A8EB5A05EEA658
        Validity
            Not Before: Mar  2 02:28:13 2026 GMT
            Not After : Oct 23 03:01:03 2026 GMT
        Subject: CN=EE3D61325FA4158F6DD8753251AAA0A434319DAF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:4a:bf:c1:b3:f6:44:ba:99:72:56:cb:1f:b3:
                    33:33:73:4e:03:34:6d:68:51:d4:2e:d3:f3:99:db:
                    a5:47:b5:52:24:59:1f:31:c9:99:f2:42:a3:78:6b:
                    29:d6:70:26:97:8c:3d:d1:bf:0c:04:01:6e:72:9f:
                    9b:41:14:eb:2d:bc:db:b6:ab:ed:2b:5f:1b:a6:f1:
                    56:0b:6e:15:69:89:4b:3e:1f:d3:ce:ae:90:48:ab:
                    fd:07:de:04:40:7a:ef:52:20:c2:c1:bd:b8:2e:19:
                    11:71:82:24:72:ad:09:42:84:cf:0a:ac:7e:6a:f4:
                    93:5e:20:86:65:82:6a:7a:15:fd:29:8e:59:74:0d:
                    0f:73:3f:78:d7:3b:11:e6:7c:af:e1:75:1b:58:82:
                    89:37:b1:c9:6a:b8:11:00:35:25:51:ff:81:2d:9b:
                    80:d6:88:03:10:90:f7:49:06:81:1f:ca:b1:fc:4c:
                    29:f1:db:4c:ca:e2:47:0d:52:28:cb:a5:9c:a0:09:
                    2d:ea:c8:95:1a:a0:bd:2e:93:af:0c:f6:c2:d2:89:
                    66:bc:0a:82:9d:2b:6d:40:29:8c:68:8b:06:85:7f:
                    b7:85:1e:05:92:30:d7:7c:86:66:cb:9a:41:a4:52:
                    7b:e7:f9:ab:be:06:f1:8a:48:85:23:b5:45:f7:6f:
                    ea:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:3D:61:32:5F:A4:15:8F:6D:D8:75:32:51:AA:A0:A4:34:31:9D:AF
            X509v3 Authority Key Identifier:
                keyid:3A:BA:8B:42:52:32:BE:58:96:83:96:DE:32:A8:EB:5A:05:EE:A6:58

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         ab:f8:35:ca:91:4c:76:c9:95:e1:d8:9c:12:ed:56:60:39:45:
         21:34:65:7a:14:15:f8:5f:63:4c:bc:87:9e:09:cf:7f:df:d1:
         1e:42:7c:75:a3:79:a4:39:2e:13:29:4e:e9:45:d8:50:03:9c:
         4c:20:db:ee:bc:b0:7a:c5:b4:e9:4a:12:81:90:e5:14:57:97:
         8a:21:9c:3a:a6:d3:95:1b:06:7c:f0:1f:8f:ae:39:90:fd:5a:
         84:0f:cc:90:43:e5:ef:a9:4e:a1:06:76:aa:94:9e:01:ee:1c:
         d2:9a:a6:b9:91:c3:66:47:88:04:73:8e:45:37:21:88:89:ae:
         dd:4d:82:ec:8f:e2:09:0b:96:16:d3:67:96:4d:6e:2e:ad:ed:
         11:19:fe:ca:e9:3d:ad:bd:57:be:08:89:86:44:74:dc:be:3e:
         3f:31:8f:53:95:42:7d:8f:9e:d9:40:fd:75:81:32:41:12:b8:
         ed:dd:32:c7:c1:ba:68:8c:49:d5:f5:29:89:6a:bb:ce:b6:ef:
         2c:47:e7:d1:7b:c4:d8:ca:d3:c2:fa:53:81:7b:24:f8:49:57:
         42:cf:0c:5d:df:ba:29:a4:9e:92:ef:86:96:91:09:33:9b:a5:
         a1:13:1a:66:3c:8b:af:ed:f5:35:d6:ad:2e:db:e0:5d:f5:41:
         fd:aa:92:1a
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICI8IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FC
QThCNDI1MjMyQkU1ODk2ODM5NkRFMzJBOEVCNUEwNUVFQTY1ODAeFw0yNjAzMDIw
MjI4MTNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEVFM0Q2MTMyNUZBNDE1
OEY2REQ4NzUzMjUxQUFBMEE0MzQzMTlEQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8Sr/Bs/ZEuplyVssfszMzc04DNG1oUdQu0/OZ26VHtVIkWR8x
yZnyQqN4aynWcCaXjD3RvwwEAW5yn5tBFOstvNu2q+0rXxum8VYLbhVpiUs+H9PO
rpBIq/0H3gRAeu9SIMLBvbguGRFxgiRyrQlChM8KrH5q9JNeIIZlgmp6Ff0pjll0
DQ9zP3jXOxHmfK/hdRtYgok3sclquBEANSVR/4Etm4DWiAMQkPdJBoEfyrH8TCnx
20zK4kcNUijLpZygCS3qyJUaoL0uk68M9sLSiWa8CoKdK21AKYxoiwaFf7eFHgWS
MNd8hmbLmkGkUnvn+au+BvGKSIUjtUX3b+o3AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQU7j1hMl+kFY9t2HUyUaqgpDQxna8wHwYDVR0jBBgwFoAUOrqLQlIyvliWg5be
MqjrWgXuplgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
NS9PcnFMUWxJeXZsaVdnNWJlTXFqcldnWHVwbGcuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09ycUxRbEl5dmxpV2c1YmVNcWpyV2dYdXBsZy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEzNzUvT3JxTFFsSXl2bGlX
ZzViZU1xanJXZ1h1cGxnLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAKv4NcqRTHbJleHYnBLtVmA5RSE0ZXoUFfhfY0y8h54Jz3/f0R5CfHWjeaQ5
LhMpTulF2FADnEwg2+68sHrFtOlKEoGQ5RRXl4ohnDqm05UbBnzwH4+uOZD9WoQP
zJBD5e+pTqEGdqqUngHuHNKaprmRw2ZHiARzjkU3IYiJrt1NguyP4gkLlhbTZ5ZN
bi6t7REZ/srpPa29V74IiYZEdNy+Pj8xj1OVQn2PntlA/XWBMkESuO3dMsfBumiM
SdX1KYlqu8627yxH59F7xNjK08L6U4F7JPhJV0LPDF3fuimknpLvhpaRCTObpaET
GmY8i6/t9TXWrS7b4F31Qf2qkho=
-----END CERTIFICATE-----