Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft
File: MtXsFcXlZORw7HsUzUfeLYYqzoM.mft (raw, json)
Hash identifier: GiLROx2A3mnNw+XTq0ARsl05qwbOirhMAYzxt62LT50=
Subject key identifier: 47:AC:34:6E:7B:3A:C1:3D:A6:6F:B2:2D:EB:39:6C:0E:E0:42:F7:C3
Authority key identifier: 32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83
Certificate issuer: /CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83
Certificate serial: 0470
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft
Manifest number: 046C
Signing time: Sun 22 Jun 2025 16:18:03 +0000
Manifest this update: Sun 22 Jun 2025 16:18:03 +0000
Manifest next update: Sun 22 Jun 2025 22:18:03 +0000
Files and hashes: 1: JLQYInniMmjrZ1vFfNGSmRm-nvs.roa (hash: QlXwsqHXts+1fdHKwVf4SHuTfyC0wOTsCK0g1e5FrpE=)
2: MtXsFcXlZORw7HsUzUfeLYYqzoM.crl (hash: RTFffrjHPq58+3CdGB3Dwx/vXZHgotEQ9XxkYRwABOU=)
3: RdzlYXdrkIlz5zdq_uky2869UaM.roa (hash: Zrtno3SiPYmnE7VIpxd3/w1CoF3rH7IuIaaCg+DwPAU=)
4: dhForz2_NrloVzISJkp8QaFMXCs.roa (hash: /umIRMrhIJaUfWsHQfs27h7od4A6sDNvV6muipplBvw=)
5: phU4YJh5EUs8U1V3CbndmrNmfO0.roa (hash: CZhyDj2FMIi+v5w3tJPQMA4talNR9mcJmi9qREPZn/A=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1136 (0x470)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83
Validity
Not Before: Jun 22 16:18:03 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=47AC346E7B3AC13DA66FB22DEB396C0EE042F7C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:06:ad:80:a7:c7:cb:d9:7d:75:2c:0c:3f:cd:
c2:0d:d0:0f:94:80:71:80:08:b7:0d:13:d2:22:2e:
1f:69:28:26:a3:1f:7b:5b:82:d2:b7:18:d1:6b:dc:
dd:7a:40:ed:ab:f0:fa:0b:60:77:af:60:f3:87:e8:
42:da:79:19:1c:dc:e1:96:7a:b5:cd:15:32:74:d9:
78:00:f9:ed:c6:df:84:c8:58:88:9a:91:31:55:c1:
21:2d:57:8c:47:bf:a1:ce:cc:9b:dd:07:18:30:67:
a2:a9:94:4c:69:ea:53:21:88:d6:5c:10:c3:f1:a7:
b4:90:07:76:2e:23:65:d9:ee:4a:48:ab:82:aa:20:
49:96:56:a2:82:28:70:db:75:f7:51:7d:82:16:97:
b5:05:af:af:f5:ea:ee:ec:4a:e0:12:d8:ba:30:1b:
11:b3:aa:d5:db:a9:3d:12:36:63:cd:09:e9:b8:b4:
4d:cc:4b:d0:a9:a2:d2:e9:66:a0:cd:7a:e6:1c:b2:
09:c2:0c:7a:5e:5c:13:94:b5:64:28:13:c3:a6:c1:
02:5f:67:c7:b0:62:2a:2e:00:c8:15:04:d7:4f:59:
e8:8c:7f:84:b6:f2:3d:50:37:04:31:c8:8a:88:b6:
4a:77:c9:be:89:01:e8:ca:76:2c:05:d7:91:52:25:
fb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:AC:34:6E:7B:3A:C1:3D:A6:6F:B2:2D:EB:39:6C:0E:E0:42:F7:C3
X509v3 Authority Key Identifier:
keyid:32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
7a:69:02:4f:b5:b3:40:04:b0:42:2d:75:4e:5d:ac:e2:22:e1:
12:2a:51:d0:71:21:50:54:44:31:59:c2:fa:36:81:e1:18:d5:
a0:0f:c2:11:3a:14:35:97:96:1c:53:66:71:02:67:a5:46:3a:
c9:a1:85:ef:b0:77:10:5e:49:a9:79:95:45:42:6b:7e:34:51:
17:b9:e2:4f:52:e3:80:c4:96:a5:b5:6f:0b:5a:cb:d0:98:af:
91:84:b3:11:98:d8:79:76:db:d3:09:6b:39:f6:c6:72:21:21:
3a:03:f8:86:e3:f2:01:87:f8:18:1c:e6:fb:3b:d0:71:94:41:
f1:1a:e0:db:8d:3f:35:33:d0:f3:5b:34:b0:68:ba:be:6f:73:
1e:0b:72:b3:99:5f:43:ae:fc:d8:ff:d7:0e:00:5d:0d:0e:ed:
2b:a0:2e:9e:8e:02:d7:f0:2a:fc:29:a7:eb:79:cb:83:dd:45:
99:7f:ab:f9:16:81:a6:c2:71:07:a9:d7:32:4d:f8:23:52:44:
b8:a9:a8:48:2a:26:d5:1b:72:50:20:32:e4:04:aa:c4:52:2a:
31:5e:0f:6a:87:4b:ae:58:66:6c:fd:ee:d5:ff:1d:e7:1b:e9:
d5:6a:88:1b:dc:90:04:ee:34:83:66:0f:3d:f9:f0:9d:90:31:
61:ae:55:fc
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICBHAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzJE
NUVDMTVDNUU1NjRFNDcwRUM3QjE0Q0Q0N0RFMkQ4NjJBQ0U4MzAeFw0yNTA2MjIx
NjE4MDNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDQ3QUMzNDZFN0IzQUMx
M0RBNjZGQjIyREVCMzk2QzBFRTA0MkY3QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVBq2Ap8fL2X11LAw/zcIN0A+UgHGACLcNE9IiLh9pKCajH3tb
gtK3GNFr3N16QO2r8PoLYHevYPOH6ELaeRkc3OGWerXNFTJ02XgA+e3G34TIWIia
kTFVwSEtV4xHv6HOzJvdBxgwZ6KplExp6lMhiNZcEMPxp7SQB3YuI2XZ7kpIq4Kq
IEmWVqKCKHDbdfdRfYIWl7UFr6/16u7sSuAS2LowGxGzqtXbqT0SNmPNCem4tE3M
S9CpotLpZqDNeuYcsgnCDHpeXBOUtWQoE8OmwQJfZ8ewYiouAMgVBNdPWeiMf4S2
8j1QNwQxyIqItkp3yb6JAejKdiwF15FSJfvLAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUR6w0bns6wT2mb7It6zlsDuBC98MwHwYDVR0jBBgwFoAUMtXsFcXlZORw7HsU
zUfeLYYqzoMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTAy
My9NdFhzRmNYbFpPUnc3SHNVelVmZUxZWXF6b00uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL010WHNGY1hsWk9SdzdIc1V6VWZlTFlZcXpvTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEwMjMvTXRYc0ZjWGxaT1J3
N0hzVXpVZmVMWVlxem9NLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAHppAk+1s0AEsEItdU5drOIi4RIqUdBxIVBURDFZwvo2geEY1aAPwhE6FDWX
lhxTZnECZ6VGOsmhhe+wdxBeSal5lUVCa340URe54k9S44DElqW1bwtay9CYr5GE
sxGY2Hl229MJazn2xnIhIToD+Ibj8gGH+Bgc5vs70HGUQfEa4NuNPzUz0PNbNLBo
ur5vcx4LcrOZX0Ou/Nj/1w4AXQ0O7SugLp6OAtfwKvwpp+t5y4PdRZl/q/kWgabC
cQep1zJN+CNSRLipqEgqJtUbclAgMuQEqsRSKjFeD2qHS65YZmz97tX/Hecb6dVq
iBvckATuNINmDz358J2QMWGuVfw=
-----END CERTIFICATE-----
Generated at Sun Jun 22 22:20:15 2025 by rpki-client