Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft
File: IdyHWWXCumHR2su0je4UBVSqWu8.mft (raw, json)
Hash identifier: GekL8yPWV2d7UTzPGfMEtcb0sQLxneZl0ctL8cSBrSk=
Subject key identifier: E6:80:90:B1:B9:42:51:2A:C2:9F:64:03:96:02:39:A3:F1:F0:1B:32
Authority key identifier: 21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
Certificate issuer: /CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Certificate serial: 16E9
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft
Manifest number: 16E0
Signing time: Sat 23 Aug 2025 21:02:55 +0000
Manifest this update: Sat 23 Aug 2025 21:02:55 +0000
Manifest next update: Sun 24 Aug 2025 03:02:55 +0000
Files and hashes: 1: IdyHWWXCumHR2su0je4UBVSqWu8.crl (hash: /zbss0TSuFQyBZG25E4rfolTuwu+VHc98NnRZTpDCzw=)
2: ZuvQbTH8ZAJqK3Bv4oQXcXDGOM8.roa (hash: vBuDQxOioQeWVe9lqMaBkRts1ZbtGfixeSvj7yTqxCE=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5865 (0x16e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21DC875965C2BA61D1DACBB48DEE140554AA5AEF
Validity
Not Before: Aug 23 21:02:55 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=E68090B1B942512AC29F6403960239A3F1F01B32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:14:fa:5f:fc:6c:3b:90:84:16:c8:16:f7:1a:
76:ea:da:ef:9a:17:a6:a5:24:93:14:18:19:af:9b:
d9:0b:22:9a:b6:18:da:c0:a1:e9:13:00:79:17:fc:
d2:ee:ef:cb:cd:ae:96:d3:80:a3:b4:c7:17:a8:21:
12:20:77:ee:50:36:91:d8:34:03:07:92:b4:de:fe:
5a:79:ab:5a:34:9a:b4:79:d0:2a:dc:7d:11:95:42:
43:21:ea:0a:0e:8d:96:bc:a5:4d:af:fa:17:cc:8c:
29:38:3b:19:d1:50:21:63:69:b9:3a:02:68:6c:68:
6c:73:88:44:67:cc:ab:4f:44:45:58:b3:3c:cb:af:
6e:c9:b9:61:43:4e:8b:ec:63:3c:ce:de:71:ef:d4:
d5:b7:f7:4b:62:7d:9e:37:2b:10:99:5e:1a:49:69:
7f:b0:69:25:a8:b7:6f:3c:6d:fb:51:88:f0:1e:c6:
08:e1:bb:45:2c:d3:bf:c5:30:7e:cf:a9:4b:28:ec:
83:07:c6:ef:bd:b0:ec:f1:be:6e:57:2f:0f:46:dd:
b1:ba:43:e7:57:9d:63:12:6f:c1:fa:50:48:6e:b0:
a4:af:97:7d:57:93:2f:1c:16:6d:a6:e5:35:62:ab:
e2:46:ea:db:c8:c0:71:72:e7:d7:ee:de:0d:9a:64:
a9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:80:90:B1:B9:42:51:2A:C2:9F:64:03:96:02:39:A3:F1:F0:1B:32
X509v3 Authority Key Identifier:
keyid:21:DC:87:59:65:C2:BA:61:D1:DA:CB:B4:8D:EE:14:05:54:AA:5A:EF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/IdyHWWXCumHR2su0je4UBVSqWu8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2620/IdyHWWXCumHR2su0je4UBVSqWu8.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
ad:93:86:78:7c:9d:b2:6a:f1:06:5b:e8:f8:3f:d1:af:8a:25:
19:4a:ed:a4:77:31:fd:bd:c5:6a:4c:c1:c7:45:8f:71:9f:e6:
40:1f:21:41:85:cf:81:7b:8f:6c:ae:7a:e0:bf:a5:ea:6c:94:
b1:31:e4:20:99:6f:0d:b8:8b:a1:6a:fd:93:8b:b0:7b:9a:0b:
bc:4f:4e:6c:29:9f:87:27:30:dc:77:d1:cf:d0:b9:4b:37:b2:
ff:6e:bc:a5:06:37:63:f4:e8:bd:e9:b4:4c:01:6e:a2:8b:a8:
f5:21:48:1e:5b:eb:8f:e6:dd:f2:49:f7:a0:69:8d:8b:c8:6c:
ee:c2:d2:c7:ae:8d:17:da:cc:03:33:56:45:26:73:ad:8d:51:
3e:99:38:f0:a2:da:e4:08:89:f7:f2:06:8d:d1:67:af:cd:36:
44:48:c9:e3:5f:17:74:66:62:e0:b7:d9:8c:80:73:9f:85:7a:
35:c1:a3:10:22:de:13:ce:4e:b8:a9:be:f1:99:e4:4b:3d:39:
75:34:ed:62:b5:49:ce:c7:32:31:23:26:f8:15:17:b5:ae:af:
15:f6:63:b4:7e:31:37:e2:fb:f0:73:b3:d3:9e:33:04:10:a7:
2c:93:9c:87:bb:e3:af:4f:0b:9f:60:1e:05:a2:24:10:db:b1:
3d:97:27:ad
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICFukwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjFE
Qzg3NTk2NUMyQkE2MUQxREFDQkI0OERFRTE0MDU1NEFBNUFFRjAeFw0yNTA4MjMy
MTAyNTVaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKEU2ODA5MEIxQjk0MjUx
MkFDMjlGNjQwMzk2MDIzOUEzRjFGMDFCMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCSFPpf/Gw7kIQWyBb3Gnbq2u+aF6alJJMUGBmvm9kLIpq2GNrA
oekTAHkX/NLu78vNrpbTgKO0xxeoIRIgd+5QNpHYNAMHkrTe/lp5q1o0mrR50Crc
fRGVQkMh6goOjZa8pU2v+hfMjCk4OxnRUCFjabk6AmhsaGxziERnzKtPREVYszzL
r27JuWFDTovsYzzO3nHv1NW390tifZ43KxCZXhpJaX+waSWot288bftRiPAexgjh
u0Us07/FMH7PqUso7IMHxu+9sOzxvm5XLw9G3bG6Q+dXnWMSb8H6UEhusKSvl31X
ky8cFm2m5TViq+JG6tvIwHFy59fu3g2aZKkHAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQU5oCQsblCUSrCn2QDlgI5o/HwGzIwHwYDVR0jBBgwFoAUIdyHWWXCumHR2su0
je4UBVSqWu8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjYy
MC9JZHlIV1dYQ3VtSFIyc3UwamU0VUJWU3FXdTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0lkeUhXV1hDdW1IUjJzdTBqZTRVQlZTcVd1OC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2MjAvSWR5SFdXWEN1bUhS
MnN1MGplNFVCVlNxV3U4Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAK2Thnh8nbJq8QZb6Pg/0a+KJRlK7aR3Mf29xWpMwcdFj3Gf5kAfIUGFz4F7
j2yueuC/pepslLEx5CCZbw24i6Fq/ZOLsHuaC7xPTmwpn4cnMNx30c/QuUs3sv9u
vKUGN2P06L3ptEwBbqKLqPUhSB5b64/m3fJJ96BpjYvIbO7C0seujRfazAMzVkUm
c62NUT6ZOPCi2uQIiffyBo3RZ6/NNkRIyeNfF3RmYuC32YyAc5+FejXBoxAi3hPO
TripvvGZ5Es9OXU07WK1Sc7HMjEjJvgVF7WurxX2Y7R+MTfi+/Bzs9OeMwQQpyyT
nIe7469PC59gHgWiJBDbsT2XJ60=
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:38:30 2025 by rpki-client