Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.mft
File: vcTZgftYN_Id2VEGP1m0dd1WJTY.mft (raw, json)
Hash identifier: da0/56Vv4wwloLaYaYXm72uhQTeCPgDAneQGprvsfuo=
Subject key identifier: 48:ED:2D:04:59:DF:0F:E7:68:E6:07:DA:7C:6D:13:70:A3:01:41:9D
Authority key identifier: BD:C4:D9:81:FB:58:37:F2:1D:D9:51:06:3F:59:B4:75:DD:56:25:36
Certificate issuer: /CN=BDC4D981FB5837F21DD951063F59B475DD562536
Certificate serial: 0217
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vcTZgftYN_Id2VEGP1m0dd1WJTY.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.mft
Manifest number: 0216
Signing time: Sat 23 Aug 2025 21:02:20 +0000
Manifest this update: Sat 23 Aug 2025 21:02:20 +0000
Manifest next update: Sun 24 Aug 2025 03:02:20 +0000
Files and hashes: 1: ihz4sFLDfkN7Fk9DCBqiadh-ivQ.roa (hash: gR5LOmN4JF2dPB94elxL+UoXokAkI2kc2RKlgGd4ebs=)
2: vcTZgftYN_Id2VEGP1m0dd1WJTY.crl (hash: mYX09LVE3hZzuVm7HhEIVwJc4JRag12mNCpg2ku7XME=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 535 (0x217)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDC4D981FB5837F21DD951063F59B475DD562536
Validity
Not Before: Aug 23 21:02:20 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=48ED2D0459DF0FE768E607DA7C6D1370A301419D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:85:01:25:5d:b3:c7:08:4c:9d:8f:fb:8d:cc:
f4:c4:07:1f:79:ca:fb:0d:18:3a:55:90:e8:6d:a6:
53:ed:b3:73:02:97:4d:46:3f:52:7d:2d:2a:9d:29:
b0:92:90:d8:01:f3:25:ad:1f:dd:a1:17:0a:a4:69:
d7:2e:a6:d1:2e:45:7b:ba:09:2d:c0:77:aa:d0:f5:
cb:a3:50:a9:2f:7e:5a:a0:11:0b:96:c6:ff:49:78:
79:e4:59:a5:e2:b2:d0:82:37:69:da:01:40:4c:89:
3a:d1:c2:0b:d7:ea:5d:3e:7f:92:ed:ad:2b:b7:3e:
ec:a9:b1:0e:34:16:c0:a2:8e:2f:c3:a0:06:0e:c6:
29:0e:62:a9:6a:9a:85:d9:32:83:51:7e:a0:e6:ab:
8d:e8:c2:45:7b:a1:94:9d:a5:04:29:32:a7:77:16:
8f:c7:e8:38:70:3f:43:8c:97:de:e7:3d:0e:e3:5d:
e0:7d:70:c8:11:4d:16:a1:67:c6:94:11:6b:7e:c1:
a6:1e:5a:43:06:58:74:49:a9:6f:b0:eb:54:ff:c2:
ce:2e:61:27:de:29:59:21:92:1c:54:04:69:8b:70:
76:85:e4:83:21:38:3e:69:af:de:0e:9e:cb:27:a7:
40:06:b7:03:05:3f:3d:55:56:b3:44:b9:fc:2e:41:
58:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:ED:2D:04:59:DF:0F:E7:68:E6:07:DA:7C:6D:13:70:A3:01:41:9D
X509v3 Authority Key Identifier:
keyid:BD:C4:D9:81:FB:58:37:F2:1D:D9:51:06:3F:59:B4:75:DD:56:25:36
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vcTZgftYN_Id2VEGP1m0dd1WJTY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
41:90:95:59:04:14:1e:bf:8e:3a:6d:17:a9:fc:cb:51:c2:87:
7b:f6:39:e9:e3:58:79:5a:09:f5:1a:0a:e2:44:33:1d:9e:1c:
f6:11:a0:86:32:00:8f:0a:2b:f0:3c:c1:0a:a5:f3:48:f3:d5:
19:6d:b4:b7:18:47:2b:68:a7:98:a4:ba:e9:f5:92:fc:16:37:
75:e1:94:7d:6a:33:18:59:14:d7:52:45:57:3f:5e:2c:f1:2f:
d6:21:b7:df:e6:c0:05:dd:a6:13:8d:8a:b1:22:76:cc:72:df:
7c:16:e5:1f:2f:03:a5:33:56:48:46:99:67:b3:92:45:46:f6:
3e:7b:ba:d8:fc:e3:80:59:12:60:fd:0a:47:d5:72:0f:a0:15:
1a:90:50:f2:d1:96:f5:dc:eb:e5:75:24:c0:c7:84:17:c8:84:
5a:a1:a1:e5:eb:5f:0b:ed:0e:91:84:8f:ec:c0:e2:83:fe:c9:
94:6f:ab:b1:ab:d1:a4:fa:f4:ac:1f:5d:75:4a:bf:8c:d4:67:
31:2a:25:82:e9:28:2b:b4:be:bf:60:99:e7:4d:08:dc:cd:eb:
64:02:4f:f3:20:cb:c5:e8:96:f2:9d:17:7a:23:36:69:fe:44:
48:97:b9:56:09:31:5f:d1:6e:75:90:d5:cd:a6:99:a4:93:d2:
39:71:32:65
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICAhcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRD
NEQ5ODFGQjU4MzdGMjFERDk1MTA2M0Y1OUI0NzVERDU2MjUzNjAeFw0yNTA4MjMy
MTAyMjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDQ4RUQyRDA0NTlERjBG
RTc2OEU2MDdEQTdDNkQxMzcwQTMwMTQxOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDShQElXbPHCEydj/uNzPTEBx95yvsNGDpVkOhtplPts3MCl01G
P1J9LSqdKbCSkNgB8yWtH92hFwqkadcuptEuRXu6CS3Ad6rQ9cujUKkvflqgEQuW
xv9JeHnkWaXistCCN2naAUBMiTrRwgvX6l0+f5LtrSu3PuypsQ40FsCiji/DoAYO
xikOYqlqmoXZMoNRfqDmq43owkV7oZSdpQQpMqd3Fo/H6DhwP0OMl97nPQ7jXeB9
cMgRTRahZ8aUEWt+waYeWkMGWHRJqW+w61T/ws4uYSfeKVkhkhxUBGmLcHaF5IMh
OD5pr94Onssnp0AGtwMFPz1VVrNEufwuQVgNAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUSO0tBFnfD+do5gfafG0TcKMBQZ0wHwYDVR0jBBgwFoAUvcTZgftYN/Id2VEG
P1m0dd1WJTYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY2
Mi92Y1RaZ2Z0WU5fSWQyVkVHUDFtMGRkMVdKVFkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3ZjVFpnZnRZTl9JZDJWRUdQMW0wZGQxV0pUWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NjIvdmNUWmdmdFlOX0lk
MlZFR1AxbTBkZDFXSlRZLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAEGQlVkEFB6/jjptF6n8y1HCh3v2OenjWHlaCfUaCuJEMx2eHPYRoIYyAI8K
K/A8wQql80jz1RlttLcYRytop5ikuun1kvwWN3XhlH1qMxhZFNdSRVc/XizxL9Yh
t9/mwAXdphONirEidsxy33wW5R8vA6UzVkhGmWezkkVG9j57utj844BZEmD9CkfV
cg+gFRqQUPLRlvXc6+V1JMDHhBfIhFqhoeXrXwvtDpGEj+zA4oP+yZRvq7Gr0aT6
9KwfXXVKv4zUZzEqJYLpKCu0vr9gmedNCNzN62QCT/Mgy8XolvKdF3ojNmn+REiX
uVYJMV/RbnWQ1c2mmaST0jlxMmU=
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:13:04 2025 by rpki-client