Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft
File: aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft (raw, json)
Hash identifier: 6lutd2vSbFUzWVNaBdrbCXZYeCCx9/In39sTY7wfv0s=
Subject key identifier: 39:55:E7:D7:82:24:F2:A8:E7:87:38:1F:C7:8A:F1:5C:0D:D9:62:94
Authority key identifier: 6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77
Certificate issuer: /CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177
Certificate serial: 1E31
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft
Manifest number: 1E1D
Signing time: Sat 17 May 2025 13:13:28 +0000
Manifest this update: Sat 17 May 2025 13:13:28 +0000
Manifest next update: Sat 17 May 2025 19:13:28 +0000
Files and hashes: 1: SfhRhUwxRQYhsLOpiAKyS2q9hsY.roa (hash: Lssgwg/LDS2Gc0apDKaxQyM7zkkn1Wrj9+vmCV3/eVQ=)
2: YvxJMlGBtdhPwCe99e-TBRWSmno.roa (hash: U4S+JHkc2/dz4XfdQdt/8ojCwq7JqsXN3uR74WyZ1Sc=)
3: aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl (hash: sw6asLbHAYJ0+kHdZn1He2Bado8XD+D5LIFsivCxUIU=)
4: j_kpTNBSK3t7GObLuJuO84r6yXg.roa (hash: 92qu/6Pnh10gXsJpooRaqzuk+tEHFKZQlp45GGTTNME=)
5: vsCb1gfzCZQSeph_HdAeeNgF874.roa (hash: 1uUbExkvMNjyRg7sRiwkOs40dB1SMw82GaAUU552bRc=)
6: yWrpRzy-pXo5DqN4ghePjg83Q5s.roa (hash: sxKoArpcodf1XhHERSuGUAuqoIJ+zjBluNq+X0Glo5I=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7729 (0x1e31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177
Validity
Not Before: May 17 13:13:28 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=3955E7D78224F2A8E787381FC78AF15C0DD96294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d4:eb:44:e8:67:f1:ba:df:7b:27:01:02:81:
0f:fa:f1:5a:0b:8c:4b:38:05:f2:f4:01:74:33:ab:
85:c5:39:b8:f9:22:5c:56:85:6c:e8:4b:29:e6:64:
71:a1:98:ce:44:3d:6e:68:b4:85:f2:38:e9:ea:8a:
ca:38:5a:8e:4c:24:40:da:76:37:8d:bf:ef:79:bf:
44:40:85:d0:92:6a:11:e3:30:06:d0:fe:79:fa:f8:
94:97:c7:16:ae:d6:1f:30:5e:47:12:20:cb:c6:47:
f8:52:f4:a8:37:4c:b3:a0:26:74:05:a3:e1:72:a3:
54:8e:0a:78:25:0e:02:a7:d3:80:17:96:47:b8:f0:
a3:4a:c8:95:9e:a5:ed:50:61:52:08:61:33:74:ec:
82:f2:f0:f7:05:06:9f:0e:9c:c9:e1:96:cf:f1:6a:
67:73:ac:d5:5a:e8:74:c2:22:76:1d:0d:de:1f:30:
f2:b2:77:25:1d:ec:45:55:27:f3:20:fc:0c:73:d1:
21:15:54:91:2f:2e:80:6f:08:06:d9:0a:45:fd:d8:
40:38:a6:41:05:a2:30:5e:54:20:a2:2c:26:95:71:
e9:60:59:12:15:cf:0b:b6:61:ec:f1:5c:5b:0a:4b:
86:b1:97:98:f6:cc:ec:e4:56:f6:cf:d4:3c:13:a4:
8a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:55:E7:D7:82:24:F2:A8:E7:87:38:1F:C7:8A:F1:5C:0D:D9:62:94
X509v3 Authority Key Identifier:
keyid:6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
6d:29:e9:f3:f4:5f:69:c6:2d:ab:b4:08:66:5e:2e:cf:b6:99:
5a:ce:35:61:f7:ea:d2:82:c6:15:f0:f1:75:87:be:c4:f0:a7:
4d:bd:8a:d4:46:3a:5e:0f:5b:f0:21:ed:81:fa:5b:3f:03:08:
68:8f:14:35:29:cb:ba:57:4b:2b:01:28:c1:27:83:1a:6a:4a:
aa:0e:67:1b:a3:70:c2:de:d1:2d:95:32:32:8c:53:2b:12:af:
36:f8:47:cc:a7:34:90:93:54:de:61:75:ff:27:df:61:05:52:
c6:e5:69:7f:4b:23:50:0a:55:4b:55:44:98:d6:47:4d:92:6f:
88:02:e1:88:e6:b2:bd:0d:e5:17:7c:97:90:97:78:65:22:03:
7f:00:be:04:10:0a:0e:26:89:c4:55:b0:70:78:c2:08:58:6a:
25:c3:39:11:67:f1:2d:c9:2b:89:90:5a:0c:1f:5f:1f:f6:b1:
3d:d8:c4:ad:3b:c2:45:8d:4c:bf:32:53:4b:af:3c:bd:7c:24:
0c:6a:7a:ea:f4:22:ab:3b:e8:17:9f:38:22:91:72:aa:9c:6f:
e1:43:3e:53:c4:8a:45:6c:84:ff:7a:c5:d9:67:24:28:75:9d:
27:6f:49:9a:1c:e3:ff:f3:0b:37:56:06:e6:79:09:0e:5d:a8:
75:4e:5d:bb
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICHjEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEy
MUExMUFBQzRFQUUwQTYzMDY1OUIzMUEyMzBCMDhENkI1ODE3NzAeFw0yNTA1MTcx
MzEzMjhaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDM5NTVFN0Q3ODIyNEYy
QThFNzg3MzgxRkM3OEFGMTVDMEREOTYyOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq1OtE6Gfxut97JwECgQ/68VoLjEs4BfL0AXQzq4XFObj5IlxW
hWzoSynmZHGhmM5EPW5otIXyOOnqiso4Wo5MJEDadjeNv+95v0RAhdCSahHjMAbQ
/nn6+JSXxxau1h8wXkcSIMvGR/hS9Kg3TLOgJnQFo+Fyo1SOCnglDgKn04AXlke4
8KNKyJWepe1QYVIIYTN07ILy8PcFBp8OnMnhls/xamdzrNVa6HTCInYdDd4fMPKy
dyUd7EVVJ/Mg/Axz0SEVVJEvLoBvCAbZCkX92EA4pkEFojBeVCCiLCaVcelgWRIV
zwu2YezxXFsKS4axl5j2zOzkVvbP1DwTpIqpAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUOVXn14Ik8qjnhzgfx4rxXA3ZYpQwHwYDVR0jBBgwFoAUaiGhGqxOrgpjBlmz
GiMLCNa1gXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU2
NC9haUdoR3F4T3JncGpCbG16R2lNTENOYTFnWGMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2FpR2hHcXhPcmdwakJsbXpHaU1MQ05hMWdYYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NjQvYWlHaEdxeE9yZ3Bq
QmxtekdpTUxDTmExZ1hjLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAG0p6fP0X2nGLau0CGZeLs+2mVrONWH36tKCxhXw8XWHvsTwp029itRGOl4P
W/Ah7YH6Wz8DCGiPFDUpy7pXSysBKMEngxpqSqoOZxujcMLe0S2VMjKMUysSrzb4
R8ynNJCTVN5hdf8n32EFUsblaX9LI1AKVUtVRJjWR02Sb4gC4Yjmsr0N5Rd8l5CX
eGUiA38AvgQQCg4micRVsHB4wghYaiXDORFn8S3JK4mQWgwfXx/2sT3YxK07wkWN
TL8yU0uvPL18JAxqeur0Iqs76BefOCKRcqqcb+FDPlPEikVshP96xdlnJCh1nSdv
SZoc4//zCzdWBuZ5CQ5dqHVOXbs=
-----END CERTIFICATE-----
Generated at Sat May 17 19:37:41 2025 by rpki-client