Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft
File:                     H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft (raw, json)
Hash identifier:          6CRUQLApzLPXANBiyJ4h+IIE3ycQ5/dcPMbAUPgLdPM=
Subject key identifier:   DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50
Authority key identifier: 1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72
Certificate issuer:       /CN=1FCAD722567791FD73A091FE891C948F1914D672
Certificate serial:       0716
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft
Manifest number:          0700
Signing time:             Sat 21 Jun 2025 06:11:16 +0000
Manifest this update:     Sat 21 Jun 2025 06:11:16 +0000
Manifest next update:     Sat 21 Jun 2025 12:11:16 +0000
Files and hashes:         1: 6Ox9vYEkQ0kauWeF3ci5J0DCnyY.roa (hash: 7JH9vYwSOtQSmbNbZ1sNn45vDXImlBZc/Di0RUGYK+w=)
                          2: H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl (hash: j18blJCZfKIVKmXy5h6rPl9nEi96l8EGYWCCIoTjTHE=)
                          3: JSD6su-8GmSdAloMCdElkEvt0AM.roa (hash: byIajotq4oMDlZPGW2paVqqfxYBJgKLLUDwL6wPkwLA=)
                          4: VboEPjdm3B9tpkGKHcEJa1gcG54.roa (hash: Bd9t5IO7ldMac3QGg6dlL68DuVE/YizSDPaV1MMd6Fg=)
                          5: a-C0ZcbMEIueflbcZASicAD8he0.roa (hash: j0QlysAnrzL+WWQvVGQm8SUA6f3yOOh++yMn2DzuE1Q=)
                          6: ac9zn1KZz8GSplsJ7n3whpOXZ6Y.roa (hash: MxCG7/kDUHT7A7/tLKuXfkqQIyrHEPkO+54grftcmBg=)
                          7: qOLyqTgKKgxRxyxeuJhc3_cZGQ4.roa (hash: anm9VRDFQVYzPYFRpltgoGJtk4c3JmQwvUl1Lz2LLYU=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1814 (0x716)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1FCAD722567791FD73A091FE891C948F1914D672
        Validity
            Not Before: Jun 21 06:11:16 2025 GMT
            Not After : Apr  9 06:41:32 2026 GMT
        Subject: CN=DC8B89B1D53CAB990135B7A9A719938DDB783050
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:44:cb:45:b2:c5:2f:03:6c:6a:0c:af:3d:a8:
                    6f:3f:89:56:60:42:17:3b:2c:ef:61:bd:97:10:61:
                    71:3e:a1:78:4c:87:b3:24:8d:42:42:ce:26:38:be:
                    1f:46:01:f5:6a:ad:d9:48:b0:22:d7:f4:93:f3:b9:
                    3c:f8:b9:1b:cb:3b:9e:20:41:23:05:6f:c7:34:76:
                    a1:dd:9d:e2:8a:2c:d6:12:6f:6a:53:ba:09:36:cd:
                    fd:80:df:e7:1e:b7:55:4f:8d:01:9e:6f:0f:e8:d0:
                    d9:9f:c6:7a:af:a5:71:7c:15:45:18:6d:c6:01:4b:
                    2f:22:8d:af:e6:b8:03:93:3e:de:39:f0:79:83:f7:
                    b0:9e:96:e5:da:a1:98:5e:a2:9f:d9:64:39:8a:15:
                    f0:c4:23:f4:15:f8:04:a7:7f:6b:ae:af:76:d2:7b:
                    67:e3:6a:5e:0b:d9:d4:98:51:cc:83:e0:c6:82:52:
                    b3:84:f1:64:96:bc:d6:bf:d7:21:b2:82:23:6f:68:
                    1d:a4:a0:c9:de:1c:48:94:18:9d:05:86:cc:4e:2f:
                    92:93:3a:44:45:35:3f:1e:b5:52:3f:2e:36:cc:ea:
                    d3:13:04:7a:08:4c:f4:ce:ed:9c:97:23:6d:ca:59:
                    f9:33:63:ee:84:98:58:1a:4d:ae:a2:19:d4:57:a4:
                    16:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50
            X509v3 Authority Key Identifier:
                keyid:1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         5b:81:16:46:2f:77:39:b2:4d:f0:13:b3:e5:ee:bd:f4:bf:98:
         2c:92:d2:ed:a4:41:74:e9:4c:7a:cd:ea:1b:e9:76:67:e7:df:
         06:a1:7a:8d:27:43:1e:c8:d1:d5:8d:19:d1:12:fc:9e:7c:b1:
         5f:4e:49:26:18:fa:40:07:ed:44:62:9d:c9:aa:36:85:57:58:
         b6:39:3c:80:d9:08:b3:ff:18:47:d6:80:de:8d:77:a2:41:17:
         ed:f0:38:0d:99:f2:df:43:9e:63:db:11:85:9c:95:80:60:35:
         dc:87:89:69:a7:f0:b7:9c:81:86:21:fd:07:8f:f7:56:f0:d8:
         f4:b2:61:c8:2d:9f:b9:0d:29:6d:c7:45:92:ba:6b:cc:a3:0f:
         15:39:bd:31:4b:ad:d7:0c:a6:f5:f5:85:29:97:22:e7:ff:f5:
         06:da:fd:c3:bd:23:9c:f0:92:91:b5:11:ed:00:30:10:58:8a:
         4b:97:8f:4a:da:00:a7:b4:34:29:38:b9:e8:ac:14:14:a5:ba:
         ba:25:58:d7:af:d3:75:cb:62:c4:c4:0d:c2:fa:b2:a8:f6:dd:
         9a:d7:e4:4b:03:e7:4e:a1:b5:d2:2c:3f:a2:c9:58:e7:eb:cd:
         c8:49:66:64:da:ef:55:0c:c7:ba:a7:c7:05:10:79:a1:87:91:
         77:1f:c7:bf
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICBxYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUZD
QUQ3MjI1Njc3OTFGRDczQTA5MUZFODkxQzk0OEYxOTE0RDY3MjAeFw0yNTA2MjEw
NjExMTZaFw0yNjA0MDkwNjQxMzJaMDMxMTAvBgNVBAMTKERDOEI4OUIxRDUzQ0FC
OTkwMTM1QjdBOUE3MTk5MzhEREI3ODMwNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwRMtFssUvA2xqDK89qG8/iVZgQhc7LO9hvZcQYXE+oXhMh7Mk
jUJCziY4vh9GAfVqrdlIsCLX9JPzuTz4uRvLO54gQSMFb8c0dqHdneKKLNYSb2pT
ugk2zf2A3+cet1VPjQGebw/o0NmfxnqvpXF8FUUYbcYBSy8ija/muAOTPt458HmD
97CeluXaoZheop/ZZDmKFfDEI/QV+ASnf2uur3bSe2fjal4L2dSYUcyD4MaCUrOE
8WSWvNa/1yGygiNvaB2koMneHEiUGJ0FhsxOL5KTOkRFNT8etVI/LjbM6tMTBHoI
TPTO7ZyXI23KWfkzY+6EmFgaTa6iGdRXpBa7AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQU3IuJsdU8q5kBNbeppxmTjdt4MFAwHwYDVR0jBBgwFoAUH8rXIlZ3kf1zoJH+
iRyUjxkU1nIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgx
NS9IOHJYSWxaM2tmMXpvSkgtaVJ5VWp4a1UxbkkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0g4clhJbFoza2Yxem9KSC1pUnlVanhrVTFuSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MTUvSDhyWElsWjNrZjF6
b0pILWlSeVVqeGtVMW5JLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAFuBFkYvdzmyTfATs+XuvfS/mCyS0u2kQXTpTHrN6hvpdmfn3waheo0nQx7I
0dWNGdES/J58sV9OSSYY+kAH7URincmqNoVXWLY5PIDZCLP/GEfWgN6Nd6JBF+3w
OA2Z8t9DnmPbEYWclYBgNdyHiWmn8LecgYYh/QeP91bw2PSyYcgtn7kNKW3HRZK6
a8yjDxU5vTFLrdcMpvX1hSmXIuf/9Qba/cO9I5zwkpG1Ee0AMBBYikuXj0raAKe0
NCk4ueisFBSlurolWNev03XLYsTEDcL6sqj23ZrX5EsD506htdIsP6LJWOfrzchJ
ZmTa71UMx7qnxwUQeaGHkXcfx78=
-----END CERTIFICATE-----