
Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft
File: hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft (raw, json)
Hash identifier: 3idayiQoFSzdUD46DenKIX0fCwzpQU+rPxpFmw0xLqo=
Subject key identifier: 91:93:97:5D:2B:2B:7A:FF:2F:AC:85:0B:C0:F7:32:23:C6:43:CB:6F
Authority key identifier: 85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE
Certificate issuer: /CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE
Certificate serial: 19EB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft
Manifest number: 19E1
Signing time: Sun 19 Oct 2025 23:04:21 +0000
Manifest this update: Sun 19 Oct 2025 23:04:21 +0000
Manifest next update: Mon 20 Oct 2025 05:04:21 +0000
Files and hashes: 1: 2PZBYJydNYIzvnWN2B9DBKERHuA.roa (hash: N35xWba2scgGod5I4d3QUFt5nP3HuwNfl8y2anREGP0=)
2: hW2oX5qKKGtlKHDU5HY1_z0Okq4.crl (hash: UUKLjf3Dt3REkJ8Rws/kAgtHTxv/NrrNzaOk0IWbFWI=)
3: tLcmaLRL5ow6ONPLFExoGrjFXUg.roa (hash: BqOnsDlye4FTFONHzDyWPpsT/GJiiF+Nkv7UT0czVVw=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6635 (0x19eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=856DA85F9A8A286B652870D4E47635FF3D0E92AE
Validity
Not Before: Oct 19 23:04:21 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=9193975D2B2B7AFF2FAC850BC0F73223C643CB6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ff:9e:83:c4:e3:35:6d:08:ca:78:b4:1f:c8:
07:90:05:d1:6f:81:4c:22:55:89:ee:71:7f:dc:26:
e2:1e:81:79:96:1d:a4:08:e3:29:17:47:11:44:97:
b4:03:48:56:ac:47:54:54:9d:81:6f:74:9d:30:5a:
51:a1:2a:d5:80:13:c2:84:96:41:80:65:5d:9a:09:
f7:f7:39:47:2b:d3:c8:b8:aa:56:9f:1f:a7:94:ca:
e9:12:51:46:ca:30:9a:e7:4d:d3:ac:f0:39:d1:a7:
66:3b:0a:51:66:77:82:ed:52:08:c9:c5:08:9e:0c:
f4:9c:68:49:7b:ac:e8:e8:79:de:1a:1b:46:84:c0:
1d:ea:37:ff:41:d4:eb:46:03:f0:f8:5c:6a:bd:75:
d7:1f:0b:47:8a:da:1e:5d:b0:3c:c4:e1:56:3b:f5:
69:a1:dc:d5:0c:a3:5a:03:41:cf:f9:e5:81:3d:28:
d0:8b:9d:a5:41:9a:9f:32:43:93:71:bc:8f:7d:ef:
2a:65:2d:72:96:4e:ae:03:16:47:2b:91:b1:e3:62:
15:c0:f0:be:b4:a7:2b:d8:b4:8a:3d:44:02:1f:f0:
14:b0:8c:bc:69:6f:6d:41:1e:09:25:b0:df:40:c0:
bb:b8:37:90:f9:72:55:44:0f:24:5e:c4:57:03:4a:
b6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:93:97:5D:2B:2B:7A:FF:2F:AC:85:0B:C0:F7:32:23:C6:43:CB:6F
X509v3 Authority Key Identifier:
keyid:85:6D:A8:5F:9A:8A:28:6B:65:28:70:D4:E4:76:35:FF:3D:0E:92:AE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/hW2oX5qKKGtlKHDU5HY1_z0Okq4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/341/hW2oX5qKKGtlKHDU5HY1_z0Okq4.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
75:db:10:fc:7e:c1:95:79:28:d5:30:14:62:74:e4:f0:ec:08:
5d:c7:d9:90:43:79:df:b5:86:e9:2b:db:49:67:db:d6:ff:73:
2d:5b:bc:85:38:5c:30:ab:33:c4:d7:5d:0b:bc:ca:53:e8:9b:
ae:49:d7:6f:6a:24:40:00:52:ee:21:b4:d2:78:fc:be:2b:31:
6e:22:88:5a:2d:a4:c3:33:55:36:a6:4c:76:70:cd:96:c1:94:
c3:e5:d8:35:4f:c9:26:6f:a0:ff:ad:76:c8:18:da:6e:82:04:
b8:fb:4a:61:9b:98:54:73:b2:d4:ea:96:b0:0e:07:1c:13:93:
45:07:07:0b:f8:88:40:e4:31:6c:8e:7a:1e:84:97:3f:31:c1:
fd:bd:38:92:7a:c7:34:d6:ed:49:77:d0:82:20:40:bd:fc:8e:
23:2d:f9:0c:79:e3:0d:1d:79:40:da:6e:1c:78:ad:6c:fb:e6:
23:7f:5d:d3:12:bb:87:ab:67:14:34:c9:3c:58:82:10:b3:dc:
f4:84:a2:0e:84:50:9e:fd:fe:70:9e:d4:8c:99:d6:aa:b2:d8:
39:62:57:52:17:49:1c:39:89:c8:6b:94:c0:95:ca:3d:4b:9b:
d1:bf:de:05:04:14:21:ba:b2:a4:33:6c:3f:af:43:c9:75:a0:
ba:cc:5b:e7
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICGeswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODU2
REE4NUY5QThBMjg2QjY1Mjg3MEQ0RTQ3NjM1RkYzRDBFOTJBRTAeFw0yNTEwMTky
MzA0MjFaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDkxOTM5NzVEMkIyQjdB
RkYyRkFDODUwQkMwRjczMjIzQzY0M0NCNkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCV/56DxOM1bQjKeLQfyAeQBdFvgUwiVYnucX/cJuIegXmWHaQI
4ykXRxFEl7QDSFasR1RUnYFvdJ0wWlGhKtWAE8KElkGAZV2aCff3OUcr08i4qlaf
H6eUyukSUUbKMJrnTdOs8DnRp2Y7ClFmd4LtUgjJxQieDPScaEl7rOjoed4aG0aE
wB3qN/9B1OtGA/D4XGq9ddcfC0eK2h5dsDzE4VY79Wmh3NUMo1oDQc/55YE9KNCL
naVBmp8yQ5NxvI997yplLXKWTq4DFkcrkbHjYhXA8L60pyvYtIo9RAIf8BSwjLxp
b21BHgklsN9AwLu4N5D5clVEDyRexFcDSra5AgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQUkZOXXSsrev8vrIULwPcyI8ZDy28wHwYDVR0jBBgwFoAUhW2oX5qKKGtlKHDU
5HY1/z0Okq4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQx
L2hXMm9YNXFLS0d0bEtIRFU1SFkxX3owT2txNC5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvaFcyb1g1cUtLR3RsS0hEVTVIWTFfejBPa3E0LmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzQxL2hXMm9YNXFLS0d0bEtI
RFU1SFkxX3owT2txNC5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQB12xD8fsGVeSjVMBRidOTw7Ahdx9mQQ3nftYbpK9tJZ9vW/3MtW7yFOFwwqzPE
110LvMpT6JuuSddvaiRAAFLuIbTSePy+KzFuIohaLaTDM1U2pkx2cM2WwZTD5dg1
T8kmb6D/rXbIGNpuggS4+0phm5hUc7LU6pawDgccE5NFBwcL+IhA5DFsjnoehJc/
McH9vTiSesc01u1Jd9CCIEC9/I4jLfkMeeMNHXlA2m4ceK1s++Yjf13TEruHq2cU
NMk8WIIQs9z0hKIOhFCe/f5wntSMmdaqstg5YldSF0kcOYnIa5TAlco9S5vRv94F
BBQhurKkM2w/r0PJdaC6zFvn
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:42:30 2025 by rpki-client