Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft
File:                     2GueAukE5bR2WU2yt5eONcp8HW4.mft (raw, json)
Hash identifier:          ArmDleBQpLZnOGjMuPTR58pFHPxd8v5SKYTfKOE8XO8=
Subject key identifier:   63:61:AC:F5:C7:06:11:74:05:73:5D:A1:DB:C1:45:84:1F:E7:E8:CF
Authority key identifier: D8:6B:9E:02:E9:04:E5:B4:76:59:4D:B2:B7:97:8E:35:CA:7C:1D:6E
Certificate issuer:       /CN=D86B9E02E904E5B476594DB2B7978E35CA7C1D6E
Certificate serial:       044E
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2GueAukE5bR2WU2yt5eONcp8HW4.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft
Manifest number:          044E
Signing time:             Wed 13 Aug 2025 16:05:28 +0000
Manifest this update:     Wed 13 Aug 2025 16:05:28 +0000
Manifest next update:     Wed 13 Aug 2025 22:05:28 +0000
Files and hashes:         1: 2GueAukE5bR2WU2yt5eONcp8HW4.crl (hash: mIF0Yl6q9jvQfP7KY2i6Hebd2PxB5VvRERxof/n/L+o=)
Validation:               OK
Signature path:           rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2GueAukE5bR2WU2yt5eONcp8HW4.cer
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
                          rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 13 Aug 2025 20:00:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1102 (0x44e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D86B9E02E904E5B476594DB2B7978E35CA7C1D6E
        Validity
            Not Before: Aug 13 16:05:28 2025 GMT
            Not After : Aug  3 08:44:40 2026 GMT
        Subject: CN=6361ACF5C706117405735DA1DBC145841FE7E8CF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:6d:e1:1e:1c:50:f8:51:6d:8b:dd:6b:57:64:
                    02:42:4e:11:f9:95:bd:ef:6b:7c:45:0b:94:45:98:
                    60:af:b4:58:f3:95:57:ec:e9:f3:ef:7f:be:ec:65:
                    09:bb:56:07:6b:63:d2:22:37:c8:7b:26:fc:6a:56:
                    f2:14:58:79:6d:9a:7b:0a:32:a7:bb:e9:f9:d9:3d:
                    99:2c:c4:b5:5e:98:3b:8b:0d:42:9e:dd:2b:6e:ed:
                    1a:25:c8:6b:60:d4:dc:4a:9d:31:54:c8:a4:cf:e5:
                    ba:a0:2c:59:d8:a8:fc:9c:f4:a6:62:61:cf:a1:0e:
                    ab:d6:04:30:a4:6d:a5:68:1e:71:d2:69:1e:59:ec:
                    2e:28:43:1a:4a:63:af:b8:8d:52:3e:17:4c:30:13:
                    08:98:a7:0e:83:e9:8f:e5:b7:07:33:d9:d1:e3:93:
                    43:31:e1:96:6d:00:ba:7d:94:b7:58:48:30:ec:f3:
                    3b:7c:b1:9a:bf:d9:c3:ea:b2:3f:54:ba:c0:7c:12:
                    7b:2a:64:6e:fc:6c:17:9c:21:82:4a:1a:84:47:a7:
                    fc:35:c5:77:df:81:e9:32:09:3d:c9:19:fd:9a:a2:
                    88:f3:b6:19:1b:4e:36:87:59:7f:f3:6a:ab:b4:62:
                    99:0c:ff:7a:6b:fc:bc:b9:06:81:c7:b1:35:fa:54:
                    eb:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:61:AC:F5:C7:06:11:74:05:73:5D:A1:DB:C1:45:84:1F:E7:E8:CF
            X509v3 Authority Key Identifier:
                keyid:D8:6B:9E:02:E9:04:E5:B4:76:59:4D:B2:B7:97:8E:35:CA:7C:1D:6E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2GueAukE5bR2WU2yt5eONcp8HW4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3346/2GueAukE5bR2WU2yt5eONcp8HW4.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         91:ba:8e:0e:55:cd:96:b8:a1:18:13:94:48:27:b2:d9:dc:eb:
         38:04:20:9a:f7:da:24:e5:02:cd:59:16:3f:f6:b7:19:11:df:
         09:ff:c3:63:52:9e:c0:5d:47:60:00:61:22:58:09:43:4b:25:
         31:0b:d3:c9:c2:52:a9:d6:42:41:c6:0e:ed:61:71:52:f0:82:
         04:7f:ab:29:57:9d:ad:51:f8:19:a1:50:03:68:09:a6:81:b6:
         c1:b8:13:ff:ae:a2:f2:b1:33:ba:e9:dc:1a:65:83:d1:ad:6d:
         36:35:f7:37:e1:54:a0:43:22:36:df:5e:d5:00:9c:9a:e6:0f:
         52:15:36:a9:4c:a8:e4:40:c1:d9:9a:9b:26:fd:d9:bd:49:0c:
         ff:2d:63:89:ab:36:7c:10:d2:57:6f:eb:27:de:9e:d0:1c:b3:
         28:9c:89:8a:95:81:6b:49:d4:50:bc:31:32:3e:76:59:8d:6c:
         8d:9d:81:e9:30:0f:72:2a:58:16:27:c9:32:91:d9:cd:40:28:
         f2:e6:cd:7d:10:08:5e:60:54:0a:26:41:aa:3c:80:42:49:c7:
         a6:bd:e6:03:da:71:52:2d:b4:12:05:a0:3b:9e:9a:f1:f2:0d:
         46:2c:ca:58:17:dd:19:43:07:2a:87:70:b2:0a:a2:ee:7a:64:
         39:16:99:9c
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICBE4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDg2
QjlFMDJFOTA0RTVCNDc2NTk0REIyQjc5NzhFMzVDQTdDMUQ2RTAeFw0yNTA4MTMx
NjA1MjhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDYzNjFBQ0Y1QzcwNjEx
NzQwNTczNURBMURCQzE0NTg0MUZFN0U4Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjbeEeHFD4UW2L3WtXZAJCThH5lb3va3xFC5RFmGCvtFjzlVfs
6fPvf77sZQm7VgdrY9IiN8h7JvxqVvIUWHltmnsKMqe76fnZPZksxLVemDuLDUKe
3Stu7RolyGtg1NxKnTFUyKTP5bqgLFnYqPyc9KZiYc+hDqvWBDCkbaVoHnHSaR5Z
7C4oQxpKY6+4jVI+F0wwEwiYpw6D6Y/ltwcz2dHjk0Mx4ZZtALp9lLdYSDDs8zt8
sZq/2cPqsj9UusB8EnsqZG78bBecIYJKGoRHp/w1xXffgekyCT3JGf2aoojzthkb
TjaHWX/zaqu0YpkM/3pr/Ly5BoHHsTX6VOsvAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUY2Gs9ccGEXQFc12h28FFhB/n6M8wHwYDVR0jBBgwFoAU2GueAukE5bR2WU2y
t5eONcp8HW4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzM0
Ni8yR3VlQXVrRTViUjJXVTJ5dDVlT05jcDhIVzQuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzJHdWVBdWtFNWJSMldVMnl0NWVPTmNwOEhXNC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzNDYvMkd1ZUF1a0U1YlIy
V1UyeXQ1ZU9OY3A4SFc0Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAJG6jg5VzZa4oRgTlEgnstnc6zgEIJr32iTlAs1ZFj/2txkR3wn/w2NSnsBd
R2AAYSJYCUNLJTEL08nCUqnWQkHGDu1hcVLwggR/qylXna1R+BmhUANoCaaBtsG4
E/+uovKxM7rp3Bplg9GtbTY19zfhVKBDIjbfXtUAnJrmD1IVNqlMqORAwdmamyb9
2b1JDP8tY4mrNnwQ0ldv6yfentAcsyiciYqVgWtJ1FC8MTI+dlmNbI2dgekwD3Iq
WBYnyTKR2c1AKPLmzX0QCF5gVAomQao8gEJJx6a95gPacVIttBIFoDuemvHyDUYs
ylgX3RlDByqHcLIKou56ZDkWmZw=
-----END CERTIFICATE-----
Generated at Wed Aug 13 19:07:10 2025 by rpki-client