Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/715/ehQ2ihcE3eKwKNJtVNg718g0fOM.mft
File: ehQ2ihcE3eKwKNJtVNg718g0fOM.mft (raw, json)
Hash identifier: 0mnWsSNSHEaEqQW1s8LTkdCUBZgLnbovHpQXhRNYnAQ=
Subject key identifier: 4B:EF:53:D0:EA:53:37:4A:1D:5C:A7:34:25:8A:B7:81:95:75:AE:5C
Authority key identifier: 7A:14:36:8A:17:04:DD:E2:B0:28:D2:6D:54:D8:3B:D7:C8:34:7C:E3
Certificate issuer: /CN=7A14368A1704DDE2B028D26D54D83BD7C8347CE3
Certificate serial: 0321
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ehQ2ihcE3eKwKNJtVNg718g0fOM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/715/ehQ2ihcE3eKwKNJtVNg718g0fOM.mft
Manifest number: 031E
Signing time: Sun 19 Oct 2025 18:06:23 +0000
Manifest this update: Sun 19 Oct 2025 18:06:23 +0000
Manifest next update: Mon 20 Oct 2025 00:06:23 +0000
Files and hashes: 1: HfBEtTqWTSkAtipWavXVR-y9-jo.roa (hash: 3hFDbCdIfL+OLtSS0OXYLw7zBn+k/fXqDRXMxteGY5E=)
2: OURKKMBERp6fhyznG4QUV7I1fU8.roa (hash: tEDAKCve4qFLWqxZlyva9GdzhXGBXId4jj4unjkX/zM=)
3: ehQ2ihcE3eKwKNJtVNg718g0fOM.crl (hash: 3219kLM/tC914W1l7erOUuPeaXFBS0D/+1WwCnkBLuY=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 801 (0x321)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7A14368A1704DDE2B028D26D54D83BD7C8347CE3
Validity
Not Before: Oct 19 18:06:23 2025 GMT
Not After : Aug 3 08:44:40 2026 GMT
Subject: CN=4BEF53D0EA53374A1D5CA734258AB7819575AE5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0b:c6:32:b6:77:89:30:3d:05:9e:c2:db:5d:
45:51:28:85:3d:87:d8:4f:bc:c4:91:ab:1e:22:5b:
7d:3a:77:2d:fc:42:da:d3:d4:44:38:0d:4a:a6:08:
35:c9:d7:ca:04:4e:61:04:1b:a8:78:c5:e9:a2:d1:
5a:c5:a3:a4:82:a3:1b:83:18:bc:6d:45:bd:ac:46:
86:4c:bb:f1:9a:83:3c:ce:7c:55:9b:2e:e3:77:1c:
c1:11:eb:48:ad:7d:89:39:0c:8e:1e:34:08:fe:c8:
1c:e9:1e:fc:c9:e0:64:af:1d:23:6c:78:4b:9e:1d:
b3:32:0d:37:66:e5:97:ea:9b:05:38:23:9b:48:d6:
6e:9c:ee:9e:a2:0e:fc:ed:89:c7:9b:76:25:42:31:
7c:f3:b5:84:0e:72:a3:e3:9d:cc:50:86:1b:a8:07:
01:94:66:83:44:8c:23:07:b8:72:77:2b:40:a5:31:
15:7d:70:84:d9:6c:c5:76:dd:2d:96:69:b0:75:76:
d1:45:75:f4:47:3a:c2:1b:e2:51:ad:e3:a5:e1:e5:
c6:79:0e:97:62:2a:f1:c8:46:7b:de:97:1b:8c:41:
77:9f:8b:f0:4d:3b:00:f3:15:6d:27:5c:3f:f7:d4:
f6:ad:e9:da:1c:c8:af:37:46:cf:60:1d:14:34:82:
0a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:EF:53:D0:EA:53:37:4A:1D:5C:A7:34:25:8A:B7:81:95:75:AE:5C
X509v3 Authority Key Identifier:
keyid:7A:14:36:8A:17:04:DD:E2:B0:28:D2:6D:54:D8:3B:D7:C8:34:7C:E3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/715/ehQ2ihcE3eKwKNJtVNg718g0fOM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/ehQ2ihcE3eKwKNJtVNg718g0fOM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/715/ehQ2ihcE3eKwKNJtVNg718g0fOM.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
35:67:01:12:fd:02:46:14:84:ff:f9:dc:13:0d:16:8b:e7:c4:
8d:85:17:93:6a:88:a1:d1:e4:0f:05:f3:a5:83:3e:08:05:8a:
26:45:6e:9d:89:43:dd:f7:57:6f:08:aa:8f:c8:e5:7d:c4:9d:
34:b4:1c:41:40:1f:68:ec:fc:7f:e5:5b:1f:98:e4:c2:d4:ee:
67:35:66:77:7d:94:dd:82:79:9f:4f:31:50:bf:d6:c2:be:80:
5d:e1:51:fd:a4:ee:9d:89:37:9a:75:68:7c:bd:a4:f5:35:1f:
7c:98:b8:23:f7:b5:0a:60:1f:64:05:9a:bb:79:65:15:aa:61:
74:0d:63:07:c6:f5:50:49:76:20:ae:df:20:ee:09:1d:45:94:
f4:25:cb:0b:a0:fe:92:a1:c8:d2:91:d6:b1:51:2f:0a:0f:2d:
ce:e1:55:2f:84:19:cc:2a:07:be:b9:96:8e:ce:e0:5e:2e:e6:
15:db:b7:30:1f:d4:49:f1:77:28:38:1e:4c:ed:a5:c5:16:b1:
3e:23:d4:83:61:95:45:e2:7d:b9:2f:e2:39:a3:7a:38:5a:2a:
a2:6e:e7:45:65:95:3e:b5:1e:48:bd:f6:8e:a7:aa:dc:ce:73:
e3:21:e8:a1:6d:ce:61:61:ba:0f:d9:a0:10:89:d4:99:16:82:
0a:cd:cb:fc
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICAyEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0Ex
NDM2OEExNzA0RERFMkIwMjhEMjZENTREODNCRDdDODM0N0NFMzAeFw0yNTEwMTkx
ODA2MjNaFw0yNjA4MDMwODQ0NDBaMDMxMTAvBgNVBAMTKDRCRUY1M0QwRUE1MzM3
NEExRDVDQTczNDI1OEFCNzgxOTU3NUFFNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJC8YytneJMD0FnsLbXUVRKIU9h9hPvMSRqx4iW306dy38QtrT
1EQ4DUqmCDXJ18oETmEEG6h4xemi0VrFo6SCoxuDGLxtRb2sRoZMu/GagzzOfFWb
LuN3HMER60itfYk5DI4eNAj+yBzpHvzJ4GSvHSNseEueHbMyDTdm5ZfqmwU4I5tI
1m6c7p6iDvzticebdiVCMXzztYQOcqPjncxQhhuoBwGUZoNEjCMHuHJ3K0ClMRV9
cITZbMV23S2WabB1dtFFdfRHOsIb4lGt46Xh5cZ5DpdiKvHIRnvelxuMQXefi/BN
OwDzFW0nXD/31Pat6docyK83Rs9gHRQ0ggpjAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQUS+9T0OpTN0odXKc0JYq3gZV1rlwwHwYDVR0jBBgwFoAUehQ2ihcE3eKwKNJt
VNg718g0fOMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzE1
L2VoUTJpaGNFM2VLd0tOSnRWTmc3MThnMGZPTS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZWhRMmloY0UzZUt3S05KdFZOZzcxOGcwZk9NLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzE1L2VoUTJpaGNFM2VLd0tO
SnRWTmc3MThnMGZPTS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQA1ZwES/QJGFIT/+dwTDRaL58SNhReTaoih0eQPBfOlgz4IBYomRW6diUPd91dv
CKqPyOV9xJ00tBxBQB9o7Px/5VsfmOTC1O5nNWZ3fZTdgnmfTzFQv9bCvoBd4VH9
pO6diTeadWh8vaT1NR98mLgj97UKYB9kBZq7eWUVqmF0DWMHxvVQSXYgrt8g7gkd
RZT0JcsLoP6SocjSkdaxUS8KDy3O4VUvhBnMKge+uZaOzuBeLuYV27cwH9RJ8Xco
OB5M7aXFFrE+I9SDYZVF4n25L+I5o3o4WiqibudFZZU+tR5IvfaOp6rcznPjIeih
bc5hYboP2aAQidSZFoIKzcv8
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:20:43 2025 by rpki-client