Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft
File:                     iIhNTUp18X8I3UTLqVkv5w9TnZc.mft (raw, json)
Hash identifier:          cMZfHagkVpDMVuFbe2Cm7Krbs/6XW3k8hvNdYocssWs=
Subject key identifier:   74:F5:E0:C1:04:8A:58:81:D5:98:C5:7D:13:66:6F:F3:E9:76:96:FC
Authority key identifier: 88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97
Certificate issuer:       /CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97
Certificate serial:       1DF4
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft
Manifest number:          1DBE
Signing time:             Sat 26 Apr 2025 06:06:17 +0000
Manifest this update:     Sat 26 Apr 2025 06:06:17 +0000
Manifest next update:     Sat 26 Apr 2025 12:06:17 +0000
Files and hashes:         1: Fu_b4tel5NGHEPxYvtqzDhhAbqQ.roa (hash: skkkRa+f+zbYNJtBW9cXYGXDstm5mWfrryxHxT22Fv4=)
                          2: JvgxkMD8uDPSN5J2IBVUSXcq1CQ.roa (hash: LGZkzecS/oOZB/jgNue3M7MGauHxK1CsafE7hzqN+lM=)
                          3: UZHfKjNy_777Q9bAPY-TRRLF7JM.roa (hash: gTXt1ZXlzhAqrXd8fGYX/D/fL64eBW9l+ESGdbQgWzk=)
                          4: UwF3RRWBWBJzOKMpEgCPwJHusDQ.roa (hash: 2j9APxsIAALLNwJhqrNuF15QX7EES49mUdK4GoYHWms=)
                          5: cREs8hmh_CmOnkUd4fU9j_ntn0w.roa (hash: CP7BSCAsooYTWgzemNYrDx/XFHt9xqP+ChJ75EbH+cE=)
                          6: eOnWlmCuBcB2z-k-1EvXoZmhDzo.roa (hash: PvsnJd+w8p2xQdrIuCBq16T7Z7QhAuuf+Nw8Pr9uF6A=)
                          7: eYu8i8WLsCDl0cpHYV0xiV9KgPk.roa (hash: Hgl/czQiJR245QlSg4cy6iaWEpWFiq9ORvftoROwGWQ=)
                          8: eZah-AngLzb8qFPY5nps7k990bY.roa (hash: ZrAWhkudRJM4vRG6Jn9b9j7Vh7eTCG04BPZTFrJzppk=)
                          9: ftFMs_-GIzFOKfuDr7xm-R24Kr8.roa (hash: gUV9DW32VKoXS9w9FeSdsgysPfhlzoba3d+Ijnrdcuo=)
                          10: iIhNTUp18X8I3UTLqVkv5w9TnZc.crl (hash: 5khzb/eAKgFJ11EemTzk9CHiY7R9dPCnIB1InMHVanI=)
                          11: kDW1cRo86YzzeBsDbuuqb0TPbSY.roa (hash: zH0Bb/tnJndPjBUYLdvYRyQIrO9oLPTeV3JZ/lVlA58=)
                          12: oCfS0hIaiNsPZD9_Byqu1CoJ8VI.roa (hash: Hy+566HgUdo7tAmvKq5D06v1xyoGXDvCRugVB0yhFmw=)
                          13: w3pt5ET1tvSm7d0RqvtpQaSbUSg.roa (hash: TdLS3FpjQ1UPLqz5X5rwpVpfmm+7VwjlrlPBgwGcC0E=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7668 (0x1df4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88884D4D4A75F17F08DD44CBA9592FE70F539D97
        Validity
            Not Before: Apr 26 06:06:17 2025 GMT
            Not After : Apr  3 08:00:09 2026 GMT
        Subject: CN=74F5E0C1048A5881D598C57D13666FF3E97696FC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:eb:32:99:d6:89:fc:17:87:10:91:62:9d:93:
                    13:df:f3:4a:1a:d6:2a:11:5d:bc:89:f6:f1:76:45:
                    46:6f:ea:e7:36:37:dd:df:2f:d2:80:4b:b4:4a:e9:
                    08:55:03:97:db:d6:db:2b:11:8d:dd:f3:de:ef:44:
                    4e:7a:b7:b9:ad:30:ee:04:fa:44:5a:ae:43:f7:28:
                    fa:7d:14:8f:de:e7:50:bc:24:31:fc:53:4a:21:00:
                    ab:ed:61:8a:aa:12:9e:39:18:17:0e:a7:27:8a:a7:
                    3a:1a:87:d9:32:bf:02:11:06:fb:95:03:88:3c:04:
                    22:9e:58:89:e0:84:6c:56:9e:26:a2:28:0d:fd:64:
                    21:d1:5f:a4:d8:17:82:af:90:96:fd:64:09:13:7d:
                    04:5b:f3:72:f8:c8:b8:13:33:21:7c:7d:74:85:82:
                    47:21:79:a0:dc:d4:7a:5d:66:a8:51:b7:cf:fd:2a:
                    b4:59:17:9b:59:bf:88:ce:64:5b:44:5b:57:36:71:
                    f9:cd:89:d9:2b:e3:1a:00:80:47:fb:ae:cf:e2:94:
                    1c:e3:35:45:45:ac:c1:ff:61:8c:b5:fd:ae:ca:bd:
                    be:01:1c:1e:1f:30:76:2b:41:35:42:a6:52:7b:b8:
                    fb:54:64:72:ee:3f:c2:a8:e4:bc:dc:33:73:d5:c3:
                    da:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:F5:E0:C1:04:8A:58:81:D5:98:C5:7D:13:66:6F:F3:E9:76:96:FC
            X509v3 Authority Key Identifier:
                keyid:88:88:4D:4D:4A:75:F1:7F:08:DD:44:CB:A9:59:2F:E7:0F:53:9D:97

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iIhNTUp18X8I3UTLqVkv5w9TnZc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2122/iIhNTUp18X8I3UTLqVkv5w9TnZc.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         9d:50:bd:a8:eb:3d:02:9b:bc:53:e9:de:e3:a2:40:51:93:df:
         45:81:15:b9:9f:78:41:d7:b7:14:8e:e7:57:e3:4f:1e:88:51:
         6c:03:86:60:8e:93:f8:8a:38:c2:a4:b5:28:8c:4b:93:a1:1a:
         8f:34:94:7f:c7:56:35:de:eb:d0:72:da:41:e1:a5:26:f1:27:
         c5:cf:b3:89:9e:78:86:8b:f1:86:56:ae:1e:53:91:e0:ca:ac:
         6a:fd:1e:08:17:8e:3f:e4:ed:26:7d:50:97:62:67:15:0d:e2:
         13:c0:fc:99:88:7a:36:82:d1:d1:e4:e9:22:da:f4:87:74:5f:
         54:99:4c:58:51:d4:c1:5b:a8:b6:7c:62:52:05:b4:4b:c8:11:
         1f:b2:d7:7b:69:2e:62:59:83:8a:b0:57:a8:98:c6:14:60:2e:
         e4:de:c7:23:31:88:3d:e1:b3:50:93:48:c4:67:9c:b7:35:81:
         31:87:5f:6e:cd:e7:9a:aa:a0:b6:3a:e1:e9:d9:57:7b:4b:58:
         69:f0:60:06:eb:61:65:eb:c3:00:d5:51:e7:fa:a6:6a:e9:ce:
         88:ea:c3:e9:39:84:ef:45:37:c0:ae:97:66:28:5e:ff:7b:8d:
         f3:76:e0:63:af:41:bb:14:56:4e:f8:79:e5:66:a5:f5:e5:45:
         62:6f:24:a9
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICHfQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODg4
ODRENEQ0QTc1RjE3RjA4REQ0NENCQTk1OTJGRTcwRjUzOUQ5NzAeFw0yNTA0MjYw
NjA2MTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDc0RjVFMEMxMDQ4QTU4
ODFENTk4QzU3RDEzNjY2RkYzRTk3Njk2RkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCx6zKZ1on8F4cQkWKdkxPf80oa1ioRXbyJ9vF2RUZv6uc2N93f
L9KAS7RK6QhVA5fb1tsrEY3d897vRE56t7mtMO4E+kRarkP3KPp9FI/e51C8JDH8
U0ohAKvtYYqqEp45GBcOpyeKpzoah9kyvwIRBvuVA4g8BCKeWInghGxWniaiKA39
ZCHRX6TYF4KvkJb9ZAkTfQRb83L4yLgTMyF8fXSFgkcheaDc1HpdZqhRt8/9KrRZ
F5tZv4jOZFtEW1c2cfnNidkr4xoAgEf7rs/ilBzjNUVFrMH/YYy1/a7Kvb4BHB4f
MHYrQTVCplJ7uPtUZHLuP8Ko5LzcM3PVw9q1AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUdPXgwQSKWIHVmMV9E2Zv8+l2lvwwHwYDVR0jBBgwFoAUiIhNTUp18X8I3UTL
qVkv5w9TnZcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjEy
Mi9pSWhOVFVwMThYOEkzVVRMcVZrdjV3OVRuWmMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2lJaE5UVXAxOFg4STNVVExxVmt2NXc5VG5aYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIxMjIvaUloTlRVcDE4WDhJ
M1VUTHFWa3Y1dzlUblpjLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAJ1QvajrPQKbvFPp3uOiQFGT30WBFbmfeEHXtxSO51fjTx6IUWwDhmCOk/iK
OMKktSiMS5OhGo80lH/HVjXe69By2kHhpSbxJ8XPs4meeIaL8YZWrh5TkeDKrGr9
HggXjj/k7SZ9UJdiZxUN4hPA/JmIejaC0dHk6SLa9Id0X1SZTFhR1MFbqLZ8YlIF
tEvIER+y13tpLmJZg4qwV6iYxhRgLuTexyMxiD3hs1CTSMRnnLc1gTGHX27N55qq
oLY64enZV3tLWGnwYAbrYWXrwwDVUef6pmrpzojqw+k5hO9FN8Cul2YoXv97jfN2
4GOvQbsUVk74eeVmpfXlRWJvJKk=
-----END CERTIFICATE-----