Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft
File: MtXsFcXlZORw7HsUzUfeLYYqzoM.mft (raw, json)
Hash identifier: 6umbslqogCCEP3ruLrs9eOiXGltWm2nM08OUGhpb4os=
Subject key identifier: 47:AC:34:6E:7B:3A:C1:3D:A6:6F:B2:2D:EB:39:6C:0E:E0:42:F7:C3
Authority key identifier: 32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83
Certificate issuer: /CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83
Certificate serial: 094E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft
Manifest number: 0946
Signing time: Mon 02 Mar 2026 02:28:25 +0000
Manifest this update: Mon 02 Mar 2026 02:28:25 +0000
Manifest next update: Mon 02 Mar 2026 08:28:25 +0000
Files and hashes: 1: HP2pPWqilKqEwxxLYf1Bc0eNRZ8.roa (hash: nzM/sVo6T3wrJOKA8s9C/r1i/A+SHE4RxkcR9ZuDMqw=)
2: MtXsFcXlZORw7HsUzUfeLYYqzoM.crl (hash: jSEeFRjMgXhPw9OxT35weuhZtn6Goal2lan9avE8pC8=)
3: bC40d1-ghgM21ALWbp1O1UkgkdU.roa (hash: 9yTQDJvjPR2trUFfN17YffGLD8jC8nwJrrCPuFbW2Vc=)
4: dj52fO6wCS8Lsoe-ihgKdkrnwnE.roa (hash: 7aICgRrTtrePB+0YhNu9XutmrrOoUeqPXvBeqh7Qv/Y=)
5: mrsHKrTmE4mOslEo5lBsb9iRJlk.roa (hash: a/F6thmLhHVyrowSSbW9el8yqJWv7IOkNKEtetCNUq8=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2382 (0x94e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83
Validity
Not Before: Mar 2 02:28:25 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=47AC346E7B3AC13DA66FB22DEB396C0EE042F7C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:06:ad:80:a7:c7:cb:d9:7d:75:2c:0c:3f:cd:
c2:0d:d0:0f:94:80:71:80:08:b7:0d:13:d2:22:2e:
1f:69:28:26:a3:1f:7b:5b:82:d2:b7:18:d1:6b:dc:
dd:7a:40:ed:ab:f0:fa:0b:60:77:af:60:f3:87:e8:
42:da:79:19:1c:dc:e1:96:7a:b5:cd:15:32:74:d9:
78:00:f9:ed:c6:df:84:c8:58:88:9a:91:31:55:c1:
21:2d:57:8c:47:bf:a1:ce:cc:9b:dd:07:18:30:67:
a2:a9:94:4c:69:ea:53:21:88:d6:5c:10:c3:f1:a7:
b4:90:07:76:2e:23:65:d9:ee:4a:48:ab:82:aa:20:
49:96:56:a2:82:28:70:db:75:f7:51:7d:82:16:97:
b5:05:af:af:f5:ea:ee:ec:4a:e0:12:d8:ba:30:1b:
11:b3:aa:d5:db:a9:3d:12:36:63:cd:09:e9:b8:b4:
4d:cc:4b:d0:a9:a2:d2:e9:66:a0:cd:7a:e6:1c:b2:
09:c2:0c:7a:5e:5c:13:94:b5:64:28:13:c3:a6:c1:
02:5f:67:c7:b0:62:2a:2e:00:c8:15:04:d7:4f:59:
e8:8c:7f:84:b6:f2:3d:50:37:04:31:c8:8a:88:b6:
4a:77:c9:be:89:01:e8:ca:76:2c:05:d7:91:52:25:
fb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:AC:34:6E:7B:3A:C1:3D:A6:6F:B2:2D:EB:39:6C:0E:E0:42:F7:C3
X509v3 Authority Key Identifier:
keyid:32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
14:0b:ee:88:85:88:1d:76:78:44:9d:37:8e:5c:36:14:82:d3:
ec:14:b5:ec:fe:c5:62:b8:e8:1c:25:12:f1:57:47:5c:22:ba:
a6:98:b6:32:cc:3d:be:6b:fb:7e:69:89:30:45:17:01:d4:07:
fb:b0:12:0e:f2:38:f0:df:f8:67:8e:41:3d:9b:55:61:6d:ca:
02:4f:3d:44:fe:6c:ef:f5:0a:d5:53:dd:d8:05:07:97:00:f4:
29:50:f5:9c:67:c1:8b:77:7f:5b:68:86:c9:1c:ee:6e:12:f5:
96:c9:ba:ae:93:d5:5d:94:7d:4f:61:d3:a9:82:7d:a4:48:66:
d1:2d:f1:24:93:a0:d0:5e:b4:e2:6e:e4:58:4a:7a:54:57:55:
52:4c:7a:c7:e6:54:fe:ba:f7:4c:73:4e:bd:38:ab:83:e1:9c:
c7:cf:f5:d3:15:d2:aa:d5:0b:d0:4f:7a:a6:05:42:46:ed:24:
aa:73:fc:6f:c8:4f:e7:ae:d6:5d:b1:eb:e9:a6:04:3a:18:a2:
b7:a3:06:8c:f4:df:96:b1:1d:85:65:d9:2d:6e:c2:c1:bc:8a:
ca:a0:a1:3a:e6:b4:77:b6:a8:e6:19:f1:bf:94:d2:df:b5:e8:
d3:cf:c8:71:78:24:e9:2e:2a:3d:ee:ee:32:91:01:e4:53:89:
5a:c7:e2:7d
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICCU4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzJE
NUVDMTVDNUU1NjRFNDcwRUM3QjE0Q0Q0N0RFMkQ4NjJBQ0U4MzAeFw0yNjAzMDIw
MjI4MjVaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDQ3QUMzNDZFN0IzQUMx
M0RBNjZGQjIyREVCMzk2QzBFRTA0MkY3QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVBq2Ap8fL2X11LAw/zcIN0A+UgHGACLcNE9IiLh9pKCajH3tb
gtK3GNFr3N16QO2r8PoLYHevYPOH6ELaeRkc3OGWerXNFTJ02XgA+e3G34TIWIia
kTFVwSEtV4xHv6HOzJvdBxgwZ6KplExp6lMhiNZcEMPxp7SQB3YuI2XZ7kpIq4Kq
IEmWVqKCKHDbdfdRfYIWl7UFr6/16u7sSuAS2LowGxGzqtXbqT0SNmPNCem4tE3M
S9CpotLpZqDNeuYcsgnCDHpeXBOUtWQoE8OmwQJfZ8ewYiouAMgVBNdPWeiMf4S2
8j1QNwQxyIqItkp3yb6JAejKdiwF15FSJfvLAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUR6w0bns6wT2mb7It6zlsDuBC98MwHwYDVR0jBBgwFoAUMtXsFcXlZORw7HsU
zUfeLYYqzoMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTAy
My9NdFhzRmNYbFpPUnc3SHNVelVmZUxZWXF6b00uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL010WHNGY1hsWk9SdzdIc1V6VWZlTFlZcXpvTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEwMjMvTXRYc0ZjWGxaT1J3
N0hzVXpVZmVMWVlxem9NLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBABQL7oiFiB12eESdN45cNhSC0+wUtez+xWK46BwlEvFXR1wiuqaYtjLMPb5r
+35piTBFFwHUB/uwEg7yOPDf+GeOQT2bVWFtygJPPUT+bO/1CtVT3dgFB5cA9ClQ
9ZxnwYt3f1tohskc7m4S9ZbJuq6T1V2UfU9h06mCfaRIZtEt8SSToNBetOJu5FhK
elRXVVJMesfmVP6690xzTr04q4PhnMfP9dMV0qrVC9BPeqYFQkbtJKpz/G/IT+eu
1l2x6+mmBDoYorejBoz035axHYVl2S1uwsG8isqgoTrmtHe2qOYZ8b+U0t+16NPP
yHF4JOkuKj3u7jKRAeRTiVrH4n0=
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:17:27 2026 by rpki-client