Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3292/LcO_WKfD4suVkd5E2HmTwNP3MnM.mft
File: LcO_WKfD4suVkd5E2HmTwNP3MnM.mft (raw, json)
Hash identifier: N35DN4D7I9n2HOgzpCVb6+yhAoXQ+en+ZOoMe+61mjU=
Subject key identifier: 36:74:07:F6:67:E8:B7:FA:6A:B4:E4:16:F4:85:B0:12:C3:A3:1C:C4
Authority key identifier: 2D:C3:BF:58:A7:C3:E2:CB:95:91:DE:44:D8:79:93:C0:D3:F7:32:73
Certificate issuer: /CN=2DC3BF58A7C3E2CB9591DE44D87993C0D3F73273
Certificate serial: 0684
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LcO_WKfD4suVkd5E2HmTwNP3MnM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3292/LcO_WKfD4suVkd5E2HmTwNP3MnM.mft
Manifest number: 0684
Signing time: Sat 17 May 2025 13:10:07 +0000
Manifest this update: Sat 17 May 2025 13:10:07 +0000
Manifest next update: Sat 17 May 2025 19:10:07 +0000
Files and hashes: 1: LcO_WKfD4suVkd5E2HmTwNP3MnM.crl (hash: n0JbA8sp9+JAGYZgomHAK3GDYV+Xkse8nW8CHVqlV5g=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1668 (0x684)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DC3BF58A7C3E2CB9591DE44D87993C0D3F73273
Validity
Not Before: May 17 13:10:07 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=367407F667E8B7FA6AB4E416F485B012C3A31CC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:43:b9:90:a7:b9:1c:e8:12:8a:e5:8c:fb:aa:
6e:31:ee:eb:e5:b8:70:28:bd:51:a0:e3:9f:2a:d0:
77:8d:76:61:8b:9f:17:31:84:33:50:66:8a:09:bf:
fa:99:0d:10:db:88:7e:b5:43:0c:12:1f:a7:fb:49:
3d:3f:c9:c4:0b:d4:a8:68:3f:82:bb:59:5a:b0:47:
27:a5:35:11:a1:ce:9a:12:83:1c:5c:81:e7:e8:70:
d0:7a:ce:72:da:f7:6a:54:19:7c:d8:3c:c6:d5:21:
fd:9d:fe:7e:b1:2a:ff:b3:ba:e7:e4:9d:5a:64:98:
cb:25:63:14:3f:58:b6:f1:bf:80:c0:17:5d:98:c6:
3d:4e:f5:83:4e:be:e0:a7:74:13:93:92:9d:8d:0f:
2c:a0:b1:cb:c9:3d:55:83:4b:93:28:17:68:0b:19:
b6:73:45:2d:61:38:c0:0a:e2:20:7f:57:ab:66:b8:
30:62:e6:dc:bd:28:4e:19:81:fb:31:92:b4:d5:46:
3a:56:52:c7:8c:ee:55:1c:b9:53:22:5e:23:da:23:
43:d1:4e:d5:9b:42:ab:50:2a:dc:bc:bf:5e:9a:36:
47:dc:38:18:a2:52:e4:b8:9a:20:cf:aa:af:a2:05:
4d:01:7b:f0:9d:72:5b:ff:b4:8c:08:33:ed:ee:6b:
36:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:74:07:F6:67:E8:B7:FA:6A:B4:E4:16:F4:85:B0:12:C3:A3:1C:C4
X509v3 Authority Key Identifier:
keyid:2D:C3:BF:58:A7:C3:E2:CB:95:91:DE:44:D8:79:93:C0:D3:F7:32:73
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3292/LcO_WKfD4suVkd5E2HmTwNP3MnM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/LcO_WKfD4suVkd5E2HmTwNP3MnM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3292/LcO_WKfD4suVkd5E2HmTwNP3MnM.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
52:23:bc:12:b7:b6:b6:37:f3:7f:e2:15:74:6c:d3:33:34:58:
dc:65:f3:8f:3b:b0:de:f2:72:18:34:7f:d5:fa:3e:b4:2b:2d:
72:6c:49:45:16:81:06:eb:dd:2e:3d:67:6d:b9:b6:17:b7:da:
87:44:2c:4b:b1:d6:c5:31:23:99:fd:bf:f8:ec:70:06:62:fa:
b1:3a:44:32:08:45:49:d4:70:f3:36:27:2a:77:c2:d4:dc:0c:
d5:53:d7:ce:63:3c:c0:53:1f:b7:d9:3b:d0:4d:6b:56:71:2f:
2f:a4:a4:fc:18:77:db:b2:b0:f5:08:0e:cc:cb:b0:77:36:91:
ff:01:97:45:20:7d:ac:9b:15:fa:d9:c8:7a:40:46:9f:21:fc:
98:71:63:f6:6d:80:77:27:de:e8:4e:38:2d:45:f0:3d:b7:eb:
6a:28:f2:f9:7e:90:1a:da:38:41:96:cc:1f:02:f3:dc:04:98:
e9:f2:2e:cc:08:2d:16:11:98:bd:c2:39:e1:dc:86:0a:4e:60:
49:6f:da:11:d0:3b:d8:70:23:a3:9c:9f:b2:22:af:a4:5b:c5:
74:4c:ea:e5:6e:4a:84:4c:ae:3c:4c:72:47:28:13:ae:22:d3:
c8:40:1e:aa:be:b5:f9:f8:84:eb:b3:e0:ff:cf:98:02:87:03:
5b:55:d3:02
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICBoQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRD
M0JGNThBN0MzRTJDQjk1OTFERTQ0RDg3OTkzQzBEM0Y3MzI3MzAeFw0yNTA1MTcx
MzEwMDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDM2NzQwN0Y2NjdFOEI3
RkE2QUI0RTQxNkY0ODVCMDEyQzNBMzFDQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpQ7mQp7kc6BKK5Yz7qm4x7uvluHAovVGg458q0HeNdmGLnxcx
hDNQZooJv/qZDRDbiH61QwwSH6f7ST0/ycQL1KhoP4K7WVqwRyelNRGhzpoSgxxc
gefocNB6znLa92pUGXzYPMbVIf2d/n6xKv+zuufknVpkmMslYxQ/WLbxv4DAF12Y
xj1O9YNOvuCndBOTkp2NDyygscvJPVWDS5MoF2gLGbZzRS1hOMAK4iB/V6tmuDBi
5ty9KE4ZgfsxkrTVRjpWUseM7lUcuVMiXiPaI0PRTtWbQqtQKty8v16aNkfcOBii
UuS4miDPqq+iBU0Be/Cdclv/tIwIM+3uazaPAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUNnQH9mfot/pqtOQW9IWwEsOjHMQwHwYDVR0jBBgwFoAULcO/WKfD4suVkd5E
2HmTwNP3MnMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI5
Mi9MY09fV0tmRDRzdVZrZDVFMkhtVHdOUDNNbk0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0xjT19XS2ZENHN1VmtkNUUySG1Ud05QM01uTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyOTIvTGNPX1dLZkQ0c3VW
a2Q1RTJIbVR3TlAzTW5NLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAFIjvBK3trY383/iFXRs0zM0WNxl8487sN7ychg0f9X6PrQrLXJsSUUWgQbr
3S49Z225the32odELEux1sUxI5n9v/jscAZi+rE6RDIIRUnUcPM2Jyp3wtTcDNVT
185jPMBTH7fZO9BNa1ZxLy+kpPwYd9uysPUIDszLsHc2kf8Bl0UgfaybFfrZyHpA
Rp8h/JhxY/ZtgHcn3uhOOC1F8D2362oo8vl+kBraOEGWzB8C89wEmOnyLswILRYR
mL3COeHchgpOYElv2hHQO9hwI6Ocn7Iir6RbxXRM6uVuSoRMrjxMckcoE64i08hA
Hqq+tfn4hOuz4P/PmAKHA1tV0wI=
-----END CERTIFICATE-----
Generated at Sat May 17 19:35:31 2025 by rpki-client