Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3252/U4_HWfrs-Y7XUQyPLm3ppxj43M4.mft
File: U4_HWfrs-Y7XUQyPLm3ppxj43M4.mft (raw, json)
Hash identifier: E1dSgAV3jkClNcW+o6oepX5UUX/lBGirrK7v8/vmxw8=
Subject key identifier: CE:C9:8C:09:0F:7F:37:2A:F4:5C:A1:35:F2:A5:1E:E1:C4:CF:F0:FC
Authority key identifier: 53:8F:C7:59:FA:EC:F9:8E:D7:51:0C:8F:2E:6D:E9:A7:18:F8:DC:CE
Certificate issuer: /CN=538FC759FAECF98ED7510C8F2E6DE9A718F8DCCE
Certificate serial: 0B99
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/U4_HWfrs-Y7XUQyPLm3ppxj43M4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/U4_HWfrs-Y7XUQyPLm3ppxj43M4.mft
Manifest number: 0B95
Signing time: Sat 23 Aug 2025 21:03:38 +0000
Manifest this update: Sat 23 Aug 2025 21:03:38 +0000
Manifest next update: Sun 24 Aug 2025 03:03:38 +0000
Files and hashes: 1: U4_HWfrs-Y7XUQyPLm3ppxj43M4.crl (hash: ic7+cYEqpPqqlBvpCoJOaFzkEag8mvaymKkAKjyc5tQ=)
2: bu6hhjGdwcSVWU6ctnE5sH_9zTA.roa (hash: xFPgpcMsHTSZJADrBkrkSBA1yrEfbTxlof6jzCQ6Pfg=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2969 (0xb99)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=538FC759FAECF98ED7510C8F2E6DE9A718F8DCCE
Validity
Not Before: Aug 23 21:03:38 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=CEC98C090F7F372AF45CA135F2A51EE1C4CFF0FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:33:6c:9a:1c:63:6f:9d:13:40:1d:6f:ee:53:
9d:a4:4c:9a:b9:e4:f4:97:0c:d4:41:88:4b:be:b4:
71:86:ea:cb:70:2b:03:18:3e:87:7c:7c:2e:8e:c8:
d4:02:58:18:b8:ce:a2:1a:e3:04:15:85:7d:13:f7:
eb:4b:3c:87:7c:35:ae:f7:fb:66:3d:d2:c2:dc:22:
4b:3b:73:33:41:4c:0f:be:65:f1:04:e1:64:c6:00:
29:e0:69:d1:7b:b9:ce:3d:de:f1:4f:57:d5:2e:21:
1d:e1:ca:88:f2:ff:ed:7c:05:c5:d2:ba:56:8d:6c:
a4:6b:4c:16:71:b3:d7:8e:65:7e:17:01:99:a2:dc:
67:21:4c:96:5f:66:f8:84:54:3d:86:e5:77:bb:2e:
1c:7c:ca:3e:d5:1d:d0:d1:a0:bf:7c:d9:4e:2a:0d:
f4:35:ca:c5:41:a5:ea:73:fd:1d:5d:11:b4:cd:3a:
52:94:b5:a3:dd:cd:6f:7c:73:b4:1d:23:2a:f5:d2:
3a:8d:57:97:6a:19:c2:62:8f:69:44:9f:3c:80:e5:
2a:0a:b3:47:9f:be:9d:29:fe:c7:f0:cc:b2:c0:8b:
86:fd:e2:5b:22:d1:4c:0f:2b:6b:d5:bc:be:bc:5e:
45:f0:22:32:13:e7:42:f4:8b:af:2c:05:25:60:29:
e6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C9:8C:09:0F:7F:37:2A:F4:5C:A1:35:F2:A5:1E:E1:C4:CF:F0:FC
X509v3 Authority Key Identifier:
keyid:53:8F:C7:59:FA:EC:F9:8E:D7:51:0C:8F:2E:6D:E9:A7:18:F8:DC:CE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/U4_HWfrs-Y7XUQyPLm3ppxj43M4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/U4_HWfrs-Y7XUQyPLm3ppxj43M4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3252/U4_HWfrs-Y7XUQyPLm3ppxj43M4.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
22:67:28:d3:53:87:97:ce:f4:f6:80:bd:b8:9e:f9:ac:86:a1:
fa:0e:50:8a:e8:a0:11:0e:8e:e0:82:85:04:7d:1b:1a:67:1a:
76:69:e9:cf:a2:49:31:3a:3a:14:5e:24:f6:03:be:3b:42:3a:
33:d4:df:8d:99:5b:c5:cd:af:ce:d0:80:f2:e9:30:a6:2e:44:
d5:90:c0:1b:8d:96:71:df:17:b3:e1:7c:3c:bd:27:32:7d:c4:
43:3c:6b:60:7a:47:d6:ae:d1:52:36:aa:e7:8f:a3:4e:15:81:
2a:c9:ba:81:62:ed:ee:35:53:90:10:f0:70:9e:f4:1a:74:b9:
9b:58:a5:23:ae:49:9f:c4:cc:61:e2:dc:d6:23:d1:d6:4a:d2:
dc:c3:ff:68:6e:16:48:9f:4c:a2:c9:63:7e:4f:dd:ca:35:57:
9c:80:33:db:a9:00:34:f9:16:ae:aa:a6:4f:1c:4c:77:61:82:
bc:18:12:8f:e7:74:bb:f0:6e:70:f1:9f:3f:8b:d6:53:b1:74:
61:0b:a7:9c:e6:ff:fb:c0:60:26:e5:c5:75:48:0b:fe:50:6b:
92:0b:dc:6a:bb:e6:30:0f:7d:cc:de:e4:26:56:5b:cd:97:f6:
06:6c:43:ab:7a:6c:c0:c1:a7:c0:13:b8:8e:ff:0a:f8:5d:66:
ac:eb:c5:26
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICC5kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTM4
RkM3NTlGQUVDRjk4RUQ3NTEwQzhGMkU2REU5QTcxOEY4RENDRTAeFw0yNTA4MjMy
MTAzMzhaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKENFQzk4QzA5MEY3RjM3
MkFGNDVDQTEzNUYyQTUxRUUxQzRDRkYwRkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9M2yaHGNvnRNAHW/uU52kTJq55PSXDNRBiEu+tHGG6stwKwMY
Pod8fC6OyNQCWBi4zqIa4wQVhX0T9+tLPId8Na73+2Y90sLcIks7czNBTA++ZfEE
4WTGACngadF7uc493vFPV9UuIR3hyojy/+18BcXSulaNbKRrTBZxs9eOZX4XAZmi
3GchTJZfZviEVD2G5Xe7Lhx8yj7VHdDRoL982U4qDfQ1ysVBpepz/R1dEbTNOlKU
taPdzW98c7QdIyr10jqNV5dqGcJij2lEnzyA5SoKs0efvp0p/sfwzLLAi4b94lsi
0UwPK2vVvL68XkXwIjIT50L0i68sBSVgKeb5AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUzsmMCQ9/Nyr0XKE18qUe4cTP8PwwHwYDVR0jBBgwFoAUU4/HWfrs+Y7XUQyP
Lm3ppxj43M4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI1
Mi9VNF9IV2Zycy1ZN1hVUXlQTG0zcHB4ajQzTTQuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1U0X0hXZnJzLVk3WFVReVBMbTNwcHhqNDNNNC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNTIvVTRfSFdmcnMtWTdY
VVF5UExtM3BweGo0M000Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBACJnKNNTh5fO9PaAvbie+ayGofoOUIrooBEOjuCChQR9GxpnGnZp6c+iSTE6
OhReJPYDvjtCOjPU342ZW8XNr87QgPLpMKYuRNWQwBuNlnHfF7PhfDy9JzJ9xEM8
a2B6R9au0VI2quePo04VgSrJuoFi7e41U5AQ8HCe9Bp0uZtYpSOuSZ/EzGHi3NYj
0dZK0tzD/2huFkifTKLJY35P3co1V5yAM9upADT5Fq6qpk8cTHdhgrwYEo/ndLvw
bnDxnz+L1lOxdGELp5zm//vAYCblxXVIC/5Qa5IL3Gq75jAPfcze5CZWW82X9gZs
Q6t6bMDBp8ATuI7/CvhdZqzrxSY=
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:24:08 2025 by rpki-client