Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft
File:                     Lowd4ZR0A1y-pngFS22U9a-lM2E.mft (raw, json)
Hash identifier:          IPuI9RE+MI6fRGbjHsmVrY7fX9HcQFK4D7hS+a4Fq6Q=
Subject key identifier:   FF:93:2E:42:5E:06:0B:53:CC:63:EE:F8:B4:2B:91:6D:B3:C0:1C:6C
Authority key identifier: 2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61
Certificate issuer:       /CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
Certificate serial:       2045
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft
Manifest number:          2033
Signing time:             Sun 01 Mar 2026 21:29:25 +0000
Manifest this update:     Sun 01 Mar 2026 21:29:25 +0000
Manifest next update:     Mon 02 Mar 2026 03:29:25 +0000
Files and hashes:         1: -Mm11tejrqk61wSAldRhB69HTQA.roa (hash: lRVxJ7t0/AkOywuPuigCifvcZhUs87v2Uh4KWM90fFc=)
                          2: 450N7fwLv8pQflKVuwsapP8RTas.roa (hash: v1E9iG1FEaxd+t/wnGLaGAbJ4H6g39idwuIVRcR48QM=)
                          3: 6lgNokrHquzfMY4o0Ue-xILR_FM.roa (hash: bnnFnI4gkAVdY9+fYPbtHDBHofbyD67V5npIc05vTNI=)
                          4: Af3TYKyAmWG3f3wRT4FwONVWh0E.roa (hash: WIpuVfkuPz+LipchXzs38odxTKr63ACk4GOPFnDDDQY=)
                          5: CdYSPaqTjHDQqoFZJ5vmPkQNpY8.roa (hash: 2hSUzzrrHhoV+leHgGGXhH0H0eP//nQX8tn6HCyCUeA=)
                          6: Lowd4ZR0A1y-pngFS22U9a-lM2E.crl (hash: 9d8J3nJYEzfVO+TqnRXAhNcz8GE32mZjDOGHS/046Gw=)
                          7: M8L4ONjaKBoFJOwyFIfN_QL2Tn4.roa (hash: 6JL10RiuFvg5F0bZseuVtZv3iY+6VEd+5IItQvVfiV8=)
                          8: S4wFMhuxShBISoepIMT7J0pKx3k.roa (hash: U7UiWrQkJelvyopRtRqGDW0g4Pu1C0z06V7voETr1Pc=)
                          9: lwkVdD9XADeiD0DPl7lvqM4ItpQ.roa (hash: YYmUXAYWXwrCBJM5y0kPQOh2qDNOuJxksVsvgzTPY7s=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8261 (0x2045)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
        Validity
            Not Before: Mar  1 21:29:25 2026 GMT
            Not After : Oct 23 03:01:03 2026 GMT
        Subject: CN=FF932E425E060B53CC63EEF8B42B916DB3C01C6C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ce:ca:10:5a:c9:8f:d2:27:85:80:bb:25:3e:
                    26:96:85:3f:5b:51:fb:24:48:0d:d4:0d:5e:91:18:
                    04:52:77:b0:2d:d3:78:33:73:59:ab:3d:50:93:aa:
                    29:dd:c9:6d:31:6a:60:fb:17:57:f1:b6:f3:a5:bf:
                    ce:7d:00:da:c1:8f:9c:11:a4:28:73:44:98:bd:2f:
                    63:2c:f2:d6:d5:1f:e7:f0:e8:6f:42:ec:2c:4a:d4:
                    53:f8:f3:4e:f4:bb:5c:01:19:43:9f:2b:b4:3c:cd:
                    8e:20:5d:b4:f1:30:b7:0d:be:35:06:12:30:a0:cb:
                    80:f1:c0:44:2c:b2:20:c8:53:66:f2:2c:36:d1:53:
                    f6:aa:45:78:6d:b6:9c:13:2d:81:42:14:e2:e9:3d:
                    76:92:3a:5d:98:cc:7b:db:66:b1:88:a1:47:2b:1d:
                    41:d5:b1:0c:78:bb:83:ca:f7:02:ff:e7:5f:d5:53:
                    f0:0b:95:fc:83:77:e4:a3:ff:19:71:e2:0a:73:a5:
                    18:c1:12:1c:c9:77:90:c4:05:91:12:72:b2:af:fa:
                    f4:c1:eb:93:09:a5:4b:fb:0a:49:d4:2d:00:f4:ac:
                    02:11:35:44:af:04:83:7d:28:49:09:f4:8a:c5:84:
                    fd:3c:9a:04:0b:e6:34:60:9f:20:19:e6:a5:85:96:
                    45:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:93:2E:42:5E:06:0B:53:CC:63:EE:F8:B4:2B:91:6D:B3:C0:1C:6C
            X509v3 Authority Key Identifier:
                keyid:2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         0b:3c:bf:0b:c3:98:74:10:bc:bb:1b:3f:6f:e7:88:4c:1f:fc:
         63:e2:50:49:0c:d9:77:a0:b8:87:2a:b9:f2:61:af:c6:4c:fe:
         dc:58:64:f0:06:96:ee:7d:40:6a:42:63:ad:b4:af:9f:47:28:
         80:af:c5:c2:46:5d:ec:b0:8c:9e:bc:af:8f:d8:42:26:4e:cd:
         c3:32:d4:41:e6:56:6e:2d:ab:ee:6b:e1:6e:49:62:2b:18:67:
         f2:d4:68:31:a4:37:41:7b:20:dc:1a:60:b2:d1:78:4f:44:ec:
         0c:c7:fa:bc:78:08:21:d8:91:4f:2d:e5:d9:e5:f1:64:d7:cd:
         95:f3:1a:82:1a:f5:51:92:90:e8:9d:9f:44:9c:e4:8c:75:d6:
         82:f3:4d:bb:d3:8a:d4:43:7a:22:86:8b:dc:52:c9:99:ed:2e:
         8e:c5:0f:eb:6c:02:8b:f5:99:a1:61:5e:18:69:ab:d2:31:a6:
         5c:5f:e7:27:ba:51:7e:67:67:28:13:13:d4:fe:13:e4:ae:a6:
         ec:96:40:44:aa:72:df:35:db:a5:e7:b9:e1:4f:64:b6:5e:f7:
         9f:2d:fa:56:8c:d3:eb:7a:9d:71:9d:74:71:bd:e8:8a:fc:8f:
         4a:c8:ea:d7:77:e9:f0:3e:52:72:f7:e1:6a:63:0a:7b:37:10:
         8f:d9:4e:70
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICIEUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4
QzFERTE5NDc0MDM1Q0JFQTY3ODA1NEI2RDk0RjVBRkE1MzM2MTAeFw0yNjAzMDEy
MTI5MjVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEZGOTMyRTQyNUUwNjBC
NTNDQzYzRUVGOEI0MkI5MTZEQjNDMDFDNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1zsoQWsmP0ieFgLslPiaWhT9bUfskSA3UDV6RGARSd7At03gz
c1mrPVCTqindyW0xamD7F1fxtvOlv859ANrBj5wRpChzRJi9L2Ms8tbVH+fw6G9C
7CxK1FP48070u1wBGUOfK7Q8zY4gXbTxMLcNvjUGEjCgy4DxwEQssiDIU2byLDbR
U/aqRXhttpwTLYFCFOLpPXaSOl2YzHvbZrGIoUcrHUHVsQx4u4PK9wL/51/VU/AL
lfyDd+Sj/xlx4gpzpRjBEhzJd5DEBZEScrKv+vTB65MJpUv7CknULQD0rAIRNUSv
BIN9KEkJ9IrFhP08mgQL5jRgnyAZ5qWFlkUvAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQU/5MuQl4GC1PMY+74tCuRbbPAHGwwHwYDVR0jBBgwFoAULowd4ZR0A1y+pngF
S22U9a+lM2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3
L0xvd2Q0WlIwQTF5LXBuZ0ZTMjJVOWEtbE0yRS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTG93ZDRaUjBBMXktcG5nRlMyMlU5YS1sTTJFLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3L0xvd2Q0WlIwQTF5LXBu
Z0ZTMjJVOWEtbE0yRS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQALPL8Lw5h0ELy7Gz9v54hMH/xj4lBJDNl3oLiHKrnyYa/GTP7cWGTwBpbufUBq
QmOttK+fRyiAr8XCRl3ssIyevK+P2EImTs3DMtRB5lZuLavua+FuSWIrGGfy1Ggx
pDdBeyDcGmCy0XhPROwMx/q8eAgh2JFPLeXZ5fFk182V8xqCGvVRkpDonZ9EnOSM
ddaC802704rUQ3oihovcUsmZ7S6OxQ/rbAKL9ZmhYV4YaavSMaZcX+cnulF+Z2co
ExPU/hPkrqbslkBEqnLfNdul57nhT2S2XvefLfpWjNPrep1xnXRxveiK/I9KyOrX
d+nwPlJy9+FqYwp7NxCP2U5w
-----END CERTIFICATE-----