Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft
File: GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft (raw, json)
Hash identifier: w+Xz30TRtggtQrxwqMtSb5pwT8LnA7as+W3WhL25Pdw=
Subject key identifier: 85:7A:D4:30:56:F6:EE:38:F2:F2:39:E3:64:77:97:B7:30:33:92:7C
Authority key identifier: 19:35:19:DD:77:3C:40:D0:4F:64:1C:C4:45:58:D3:46:12:97:B0:03
Certificate issuer: /CN=193519DD773C40D04F641CC44558D3461297B003
Certificate serial: 1FD8
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft
Manifest number: 1FD2
Signing time: Sat 23 Aug 2025 21:03:43 +0000
Manifest this update: Sat 23 Aug 2025 21:03:43 +0000
Manifest next update: Sun 24 Aug 2025 03:03:43 +0000
Files and hashes: 1: GTUZ3Xc8QNBPZBzERVjTRhKXsAM.crl (hash: +ooJbCpv2xaTFeIZfP594wgjFeU82S5g4a3g0dRskJA=)
2: ofWDTuZdBsoEHdpdD-hMueJn7lQ.roa (hash: mtF01OQZB4FrXLC5rgApOcnJP5/2xm8KbS60Erj6vHw=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8152 (0x1fd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=193519DD773C40D04F641CC44558D3461297B003
Validity
Not Before: Aug 23 21:03:43 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=857AD43056F6EE38F2F239E3647797B73033927C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:11:dd:56:1b:93:a0:3a:ef:10:8b:28:0a:3b:
80:72:e5:0d:2a:45:a7:77:3b:65:87:c9:2d:77:ed:
19:66:30:f1:eb:74:54:4d:1f:99:1b:08:56:fa:bd:
45:26:25:3f:ea:1e:22:30:c6:39:ef:5f:39:67:0f:
7b:f7:c5:76:98:2e:bf:f4:a0:ea:b6:8a:f1:39:ba:
1a:02:bf:57:62:fc:c2:15:54:66:9c:d6:d0:09:60:
49:68:ab:0d:24:71:44:d1:4f:86:86:c2:40:15:43:
e3:95:ef:92:6b:18:82:77:e5:b8:b0:1f:4f:7e:52:
f1:86:79:05:3c:90:f5:35:c7:b7:68:ca:97:18:4d:
79:51:4a:a6:76:fa:62:a1:a7:5e:87:6d:87:a2:81:
6d:c5:f3:40:f6:96:1e:98:22:d3:ba:9d:31:07:c8:
9e:fc:0f:48:05:65:cc:45:fe:76:5c:44:a5:67:45:
98:37:83:95:6b:cf:66:f6:7b:ee:43:87:a3:7e:21:
b8:85:e6:0b:74:04:ba:bd:d2:e8:79:54:61:df:ee:
bd:16:41:6f:aa:a8:37:a4:0e:35:2e:e0:46:f0:12:
ba:76:89:8c:f8:67:89:92:22:24:11:1c:8d:d6:31:
01:18:43:1b:0f:0d:2d:93:eb:78:47:3f:5a:57:52:
82:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:7A:D4:30:56:F6:EE:38:F2:F2:39:E3:64:77:97:B7:30:33:92:7C
X509v3 Authority Key Identifier:
keyid:19:35:19:DD:77:3C:40:D0:4F:64:1C:C4:45:58:D3:46:12:97:B0:03
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2903/GTUZ3Xc8QNBPZBzERVjTRhKXsAM.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
45:42:d7:1a:64:c5:34:a0:b1:7f:8b:c1:bf:0d:92:2c:60:41:
89:84:22:84:7c:02:f7:52:68:66:91:d9:4a:5b:7b:73:b2:b4:
91:39:87:ce:04:76:94:19:8a:ed:7e:5b:86:10:6f:99:c9:bb:
eb:fd:ed:66:e1:92:37:8f:3f:60:f6:8c:80:3f:17:e4:ed:5c:
ac:8f:b7:55:b5:96:ab:d9:88:ec:95:db:cd:52:9e:a6:a7:c5:
59:ef:96:29:a3:2d:6d:e3:ee:90:4a:21:83:ec:a9:5f:a4:fd:
0d:f2:65:8e:1d:80:b7:a1:dc:2c:74:4b:ac:22:31:4d:41:91:
17:48:f3:8c:5c:ef:44:54:ed:36:66:eb:73:95:c9:c3:13:07:
ee:0e:09:9b:38:88:c3:ea:d2:f9:9b:7d:18:f9:e3:30:3c:ad:
09:98:e7:a0:1b:0d:8c:ef:7d:d5:65:4d:01:ef:04:96:08:99:
f9:64:c8:e6:a1:99:55:69:d3:ce:b2:64:59:26:d7:b1:20:07:
e8:b9:25:d4:7d:40:5b:98:61:17:da:cc:7f:34:23:39:e5:02:
94:24:1b:ac:86:eb:5c:1c:a7:83:02:27:5f:28:a8:05:75:72:
da:ae:de:65:14:51:63:62:ed:93:ce:61:33:8a:95:ae:27:38:
75:7d:72:10
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICH9gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTkz
NTE5REQ3NzNDNDBEMDRGNjQxQ0M0NDU1OEQzNDYxMjk3QjAwMzAeFw0yNTA4MjMy
MTAzNDNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDg1N0FENDMwNTZGNkVF
MzhGMkYyMzlFMzY0Nzc5N0I3MzAzMzkyN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPEd1WG5OgOu8QiygKO4By5Q0qRad3O2WHyS137RlmMPHrdFRN
H5kbCFb6vUUmJT/qHiIwxjnvXzlnD3v3xXaYLr/0oOq2ivE5uhoCv1di/MIVVGac
1tAJYEloqw0kcUTRT4aGwkAVQ+OV75JrGIJ35biwH09+UvGGeQU8kPU1x7doypcY
TXlRSqZ2+mKhp16HbYeigW3F80D2lh6YItO6nTEHyJ78D0gFZcxF/nZcRKVnRZg3
g5Vrz2b2e+5Dh6N+IbiF5gt0BLq90uh5VGHf7r0WQW+qqDekDjUu4EbwErp2iYz4
Z4mSIiQRHI3WMQEYQxsPDS2T63hHP1pXUoLZAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUhXrUMFb27jjy8jnjZHeXtzAzknwwHwYDVR0jBBgwFoAUGTUZ3Xc8QNBPZBzE
RVjTRhKXsAMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjkw
My9HVFVaM1hjOFFOQlBaQnpFUlZqVFJoS1hzQU0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0dUVVozWGM4UU5CUFpCekVSVmpUUmhLWHNBTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI5MDMvR1RVWjNYYzhRTkJQ
WkJ6RVJWalRSaEtYc0FNLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAEVC1xpkxTSgsX+Lwb8NkixgQYmEIoR8AvdSaGaR2Upbe3OytJE5h84EdpQZ
iu1+W4YQb5nJu+v97WbhkjePP2D2jIA/F+TtXKyPt1W1lqvZiOyV281SnqanxVnv
limjLW3j7pBKIYPsqV+k/Q3yZY4dgLeh3Cx0S6wiMU1BkRdI84xc70RU7TZm63OV
ycMTB+4OCZs4iMPq0vmbfRj54zA8rQmY56AbDYzvfdVlTQHvBJYImflkyOahmVVp
086yZFkm17EgB+i5JdR9QFuYYRfazH80IznlApQkG6yG61wcp4MCJ18oqAV1ctqu
3mUUUWNi7ZPOYTOKla4nOHV9chA=
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:35:20 2025 by rpki-client