Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft
File: KCAlirZf9h_V1m2Vlk9I76NdzIY.mft (raw, json)
Hash identifier: oCLCS4QAi95YES0jqlf/qY4lEuBMLWysFomLUm0+zS4=
Subject key identifier: F2:2C:52:B9:00:B8:80:02:2A:92:10:A6:86:FE:1A:80:06:C4:DA:EB
Authority key identifier: 28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86
Certificate issuer: /CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86
Certificate serial: 174A
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft
Manifest number: 1745
Signing time: Wed 05 Nov 2025 15:12:40 +0000
Manifest this update: Wed 05 Nov 2025 15:12:40 +0000
Manifest next update: Wed 05 Nov 2025 21:12:40 +0000
Files and hashes: 1: I9uSXffH-pwTghGYA_o9PiW31PU.roa (hash: nwRRWYa9JDWQiBl3beIie/BcmhzWO1BFjAfKhqo9ItM=)
2: KCAlirZf9h_V1m2Vlk9I76NdzIY.crl (hash: rOnkDPnZV+PNYUmPa/1BpWVWOr7hu6Z5/L3uP13dZ9g=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5962 (0x174a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2820258AB65FF61FD5D66D95964F48EFA35DCC86
Validity
Not Before: Nov 5 15:12:40 2025 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=F22C52B900B880022A9210A686FE1A8006C4DAEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:00:01:ef:f8:9d:ec:b2:12:09:20:58:1f:f3:
bd:ff:df:54:3b:c9:ac:13:5f:ac:3e:9a:f0:59:2a:
74:83:21:ab:51:13:b2:13:63:81:d9:61:f8:5e:72:
60:1f:12:b1:10:b8:dc:7a:b2:56:21:d0:fb:d7:f2:
aa:49:63:be:c8:7f:19:56:97:04:da:4e:53:1c:16:
c3:31:42:cb:b6:b8:63:dc:61:e5:98:a1:85:70:f3:
67:09:3e:d7:5d:db:ba:22:5d:14:68:44:54:17:ce:
af:66:c2:4f:e8:75:a9:e8:cc:15:f5:4e:86:ae:4d:
bd:6c:c9:56:d8:e9:b3:55:b2:0b:eb:a7:5b:fb:a0:
b1:ff:b0:ab:0f:f4:d2:07:47:cb:2c:90:1f:0e:ef:
ef:7f:4a:20:a2:34:ae:d9:44:8f:d9:a7:52:23:ad:
22:31:a4:2d:eb:05:2e:7a:97:20:23:ab:b8:dc:74:
6e:b5:ef:14:54:01:f8:0d:d1:90:ef:1f:be:ed:99:
aa:81:f8:f5:48:90:4c:c3:2c:07:cd:df:be:58:06:
0f:72:e1:81:bf:f1:58:33:a0:10:5c:bc:6c:0d:34:
36:2e:f3:d8:1a:b3:bd:d0:1b:c2:fa:72:fd:13:9f:
ab:9b:01:90:e8:66:7d:12:2b:b9:80:20:93:cb:4f:
3f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2C:52:B9:00:B8:80:02:2A:92:10:A6:86:FE:1A:80:06:C4:DA:EB
X509v3 Authority Key Identifier:
keyid:28:20:25:8A:B6:5F:F6:1F:D5:D6:6D:95:96:4F:48:EF:A3:5D:CC:86
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/KCAlirZf9h_V1m2Vlk9I76NdzIY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1212/KCAlirZf9h_V1m2Vlk9I76NdzIY.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
29:73:ba:25:7c:91:de:67:38:90:c4:72:7b:fa:ee:36:94:44:
42:d9:e2:af:dd:89:0b:9b:ab:da:32:4f:a9:33:45:1e:c2:6b:
36:3f:ff:3a:c1:a2:21:67:2d:c8:6c:ed:b7:dd:f8:8b:ca:4f:
90:66:61:d2:64:fb:36:f4:67:27:d9:0e:5a:37:63:4e:ce:2e:
87:77:51:0d:1d:fc:c0:a0:39:3d:9a:19:f0:dc:3f:33:5e:9f:
c5:8e:37:0d:f3:60:65:77:01:91:7b:1d:ec:55:c6:8f:75:60:
cf:9c:c4:42:41:ba:66:24:0a:16:ad:4f:0e:ce:55:9e:52:94:
b7:de:50:99:ae:f3:ca:63:0f:e2:84:8f:97:0b:03:7a:74:5f:
f8:e3:fc:4a:8a:d0:79:66:a1:99:c8:d3:85:47:4d:01:7d:f4:
f9:07:1b:dd:61:15:ee:b0:8e:f3:7c:6f:41:27:8c:46:94:9c:
76:06:a0:03:bd:be:f5:59:eb:8c:b8:b8:70:5d:15:c5:f4:05:
59:16:d9:8a:07:83:68:37:66:85:e0:17:53:fe:33:e3:88:33:
fc:68:74:6e:27:9e:37:1f:63:2b:d5:98:b7:53:ba:e9:8c:53:
1c:b6:43:e0:7e:b0:7b:fb:17:73:6f:57:4f:95:ea:4e:19:7d:
70:5b:bc:e9
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICF0owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjgy
MDI1OEFCNjVGRjYxRkQ1RDY2RDk1OTY0RjQ4RUZBMzVEQ0M4NjAeFw0yNTExMDUx
NTEyNDBaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEYyMkM1MkI5MDBCODgw
MDIyQTkyMTBBNjg2RkUxQTgwMDZDNERBRUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYAAHv+J3sshIJIFgf873/31Q7yawTX6w+mvBZKnSDIatRE7IT
Y4HZYfhecmAfErEQuNx6slYh0PvX8qpJY77IfxlWlwTaTlMcFsMxQsu2uGPcYeWY
oYVw82cJPtdd27oiXRRoRFQXzq9mwk/odanozBX1ToauTb1syVbY6bNVsgvrp1v7
oLH/sKsP9NIHR8sskB8O7+9/SiCiNK7ZRI/Zp1IjrSIxpC3rBS56lyAjq7jcdG61
7xRUAfgN0ZDvH77tmaqB+PVIkEzDLAfN375YBg9y4YG/8VgzoBBcvGwNNDYu89ga
s73QG8L6cv0Tn6ubAZDoZn0SK7mAIJPLTz83AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQU8ixSuQC4gAIqkhCmhv4agAbE2uswHwYDVR0jBBgwFoAUKCAlirZf9h/V1m2V
lk9I76NdzIYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIx
Mi9LQ0FsaXJaZjloX1YxbTJWbGs5STc2TmR6SVkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0tDQWxpclpmOWhfVjFtMlZsazlJNzZOZHpJWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMTIvS0NBbGlyWmY5aF9W
MW0yVmxrOUk3Nk5keklZLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAClzuiV8kd5nOJDEcnv67jaURELZ4q/diQubq9oyT6kzRR7CazY//zrBoiFn
Lchs7bfd+IvKT5BmYdJk+zb0ZyfZDlo3Y07OLod3UQ0d/MCgOT2aGfDcPzNen8WO
Nw3zYGV3AZF7HexVxo91YM+cxEJBumYkChatTw7OVZ5SlLfeUJmu88pjD+KEj5cL
A3p0X/jj/EqK0HlmoZnI04VHTQF99PkHG91hFe6wjvN8b0EnjEaUnHYGoAO9vvVZ
64y4uHBdFcX0BVkW2YoHg2g3ZoXgF1P+M+OIM/xodG4nnjcfYyvVmLdTuumMUxy2
Q+B+sHv7F3NvV0+V6k4ZfXBbvOk=
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:53:39 2025 by rpki-client