Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.mft
File: OLYZ9BoGgZD-7QQul78QRCJYnkE.mft (raw, json)
Hash identifier: Urw3z8peYyMnmJfZRmn8c20Ld9oTv3NN0kH8BdhYBZ8=
Subject key identifier: 79:5B:12:F4:8C:5A:66:12:2D:A2:1C:C6:79:9E:22:6B:D9:9D:7B:6F
Authority key identifier: 38:B6:19:F4:1A:06:81:90:FE:ED:04:2E:97:BF:10:44:22:58:9E:41
Certificate issuer: /CN=38B619F41A068190FEED042E97BF104422589E41
Certificate serial: 0A45
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OLYZ9BoGgZD-7QQul78QRCJYnkE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.mft
Manifest number: 0A45
Signing time: Sun 19 Oct 2025 23:04:20 +0000
Manifest this update: Sun 19 Oct 2025 23:04:20 +0000
Manifest next update: Mon 20 Oct 2025 05:04:20 +0000
Files and hashes: 1: OLYZ9BoGgZD-7QQul78QRCJYnkE.crl (hash: jC5R0M1ZsapezjM2dI/3sjWib57zJv4BabOy/lUnBoY=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2629 (0xa45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38B619F41A068190FEED042E97BF104422589E41
Validity
Not Before: Oct 19 23:04:20 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=795B12F48C5A66122DA21CC6799E226BD99D7B6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:31:a1:70:f2:c2:e8:60:d9:f8:60:61:8c:fd:
09:ca:51:3a:d4:1d:00:9b:34:cc:42:ae:a0:59:dd:
40:63:ea:9f:e8:62:43:e8:68:88:5e:59:10:59:8c:
a1:70:97:ef:1e:59:b7:0e:53:b6:61:f3:d2:c5:a2:
37:26:ec:43:c3:a2:c6:ce:10:50:49:f1:fd:a0:72:
1b:b7:3c:d8:12:97:fc:de:82:28:93:d7:1d:21:cb:
f1:ad:44:d0:04:65:89:c1:84:17:28:76:fd:14:13:
c9:aa:03:56:ad:8b:85:e8:19:5a:c4:e4:0c:3b:2c:
07:c5:20:78:0b:7d:58:fe:72:4a:37:56:80:37:63:
c3:d1:9c:eb:9b:e9:49:84:bf:9a:65:fb:3c:6a:37:
93:f5:68:62:03:50:8b:f1:0d:83:6f:24:35:2e:4f:
0c:25:8b:a7:9d:4e:52:28:60:b1:d9:9d:f6:11:55:
b5:97:69:15:cc:1c:4f:86:6e:06:c5:1f:43:59:95:
15:16:d3:f2:65:8b:9a:f0:ee:c9:25:84:61:43:34:
e3:0b:6e:43:a0:82:0f:e2:92:5e:e5:fd:a9:28:4a:
da:e0:af:4d:ff:70:5e:8c:39:53:6f:37:65:60:ad:
24:c3:04:74:55:1f:9e:34:1c:ad:3a:7f:96:6b:a3:
5f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:5B:12:F4:8C:5A:66:12:2D:A2:1C:C6:79:9E:22:6B:D9:9D:7B:6F
X509v3 Authority Key Identifier:
keyid:38:B6:19:F4:1A:06:81:90:FE:ED:04:2E:97:BF:10:44:22:58:9E:41
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OLYZ9BoGgZD-7QQul78QRCJYnkE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3265/OLYZ9BoGgZD-7QQul78QRCJYnkE.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
3b:04:a3:b8:aa:00:37:17:6e:07:fa:98:d8:37:80:b5:20:a9:
0a:e7:91:59:ab:46:10:50:d7:00:08:5e:b4:42:ea:a4:73:28:
eb:91:63:35:53:27:cb:16:ac:6a:57:fc:28:52:82:e8:45:6f:
5b:f0:6e:e6:8c:f4:13:72:f7:2c:cf:a3:bc:24:94:19:38:c8:
c5:86:33:6f:01:e8:1b:3d:0e:d1:0b:92:07:41:e9:de:4f:59:
98:26:4d:d7:eb:d2:c5:95:a8:f7:82:9d:67:15:63:0e:09:23:
12:2f:e1:05:f0:53:45:03:b2:79:b7:3a:42:27:d9:28:b7:04:
71:73:6e:27:5b:1d:c1:71:01:b4:09:7c:b5:46:db:41:b5:43:
b3:ef:3e:b8:d4:3d:41:c5:81:bf:3c:e5:46:52:3c:d7:d8:fe:
ea:58:65:c4:af:a6:bf:ec:71:97:96:e3:27:55:ff:79:34:1e:
5f:0b:da:ee:1a:a7:57:0f:f6:15:cb:c8:25:6e:61:a9:c6:1b:
b0:d2:63:14:38:d6:50:63:c7:86:86:50:25:c7:e1:54:9a:04:
e5:59:70:92:c2:b1:fb:6d:76:4d:9b:3a:7d:56:c7:2a:c8:66:
98:a7:36:5f:4c:ec:d7:69:1d:bf:66:23:81:32:ff:71:8d:36:
15:08:af:d0
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICCkUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzhC
NjE5RjQxQTA2ODE5MEZFRUQwNDJFOTdCRjEwNDQyMjU4OUU0MTAeFw0yNTEwMTky
MzA0MjBaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDc5NUIxMkY0OEM1QTY2
MTIyREEyMUNDNjc5OUUyMjZCRDk5RDdCNkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8MaFw8sLoYNn4YGGM/QnKUTrUHQCbNMxCrqBZ3UBj6p/oYkPo
aIheWRBZjKFwl+8eWbcOU7Zh89LFojcm7EPDosbOEFBJ8f2gchu3PNgSl/zegiiT
1x0hy/GtRNAEZYnBhBcodv0UE8mqA1ati4XoGVrE5Aw7LAfFIHgLfVj+cko3VoA3
Y8PRnOub6UmEv5pl+zxqN5P1aGIDUIvxDYNvJDUuTwwli6edTlIoYLHZnfYRVbWX
aRXMHE+GbgbFH0NZlRUW0/Jli5rw7sklhGFDNOMLbkOggg/ikl7l/akoStrgr03/
cF6MOVNvN2VgrSTDBHRVH540HK06f5Zro187AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUeVsS9IxaZhItohzGeZ4ia9mde28wHwYDVR0jBBgwFoAUOLYZ9BoGgZD+7QQu
l78QRCJYnkEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2
NS9PTFlaOUJvR2daRC03UVF1bDc4UVJDSllua0UuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09MWVo5Qm9HZ1pELTdRUXVsNzhRUkNKWW5rRS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjUvT0xZWjlCb0dnWkQt
N1FRdWw3OFFSQ0pZbmtFLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBADsEo7iqADcXbgf6mNg3gLUgqQrnkVmrRhBQ1wAIXrRC6qRzKOuRYzVTJ8sW
rGpX/ChSguhFb1vwbuaM9BNy9yzPo7wklBk4yMWGM28B6Bs9DtELkgdB6d5PWZgm
Tdfr0sWVqPeCnWcVYw4JIxIv4QXwU0UDsnm3OkIn2Si3BHFzbidbHcFxAbQJfLVG
20G1Q7PvPrjUPUHFgb885UZSPNfY/upYZcSvpr/scZeW4ydV/3k0Hl8L2u4ap1cP
9hXLyCVuYanGG7DSYxQ41lBjx4aGUCXH4VSaBOVZcJLCsfttdk2bOn1WxyrIZpin
Nl9M7NdpHb9mI4Ey/3GNNhUIr9A=
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:53:10 2025 by rpki-client