Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
File: iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft (raw, json)
Hash identifier: p2fdDdnes1ofvCzup3P5umm6q6tCACzuW1/FHRzVOc4=
Subject key identifier: 5A:CA:5A:E6:10:3E:84:98:34:5B:CB:AB:D4:7A:44:3A:C0:93:C2:5A
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: F5C3
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
Manifest number: 4F02
Signing time: Sun 01 Mar 2026 21:28:47 +0000
Manifest this update: Sun 01 Mar 2026 21:28:46 +0000
Manifest next update: Mon 02 Mar 2026 03:28:46 +0000
Files and hashes: 1: 1pGP6piO9t8jbUERzDx-O4nhtLM.roa (hash: LgsHYyRchdYhJU6IjYfSwzPXfyeBNXFC/3oEFZaxr5E=)
2: 4wXgRujYTKfihSIvwuLg9rUOP1c.roa (hash: LPoTrqNW+wAwUy8l+OsMAuRG7zGEUq/hKav9nV2a/XY=)
3: 6wu7C6LJRgzw0YqBCypPrWvyqtk.roa (hash: Cj+QZPNg8QQ9fmyZfIpGADWCHBPEkN4OpbVPkdHjLNc=)
4: 9LZMbOJGzIWrwZIphlUZtLKBd_c.roa (hash: 2ZF77k5Fogyt6qSiuDajPcYoPcUD48QmqAkwhivvEH4=)
5: AvIoBSrNnMcpnZyXaLY_B_COOqM.roa (hash: tfuTWBj8mqfIFWkntrseawjOrEIi0ukcaV24gqQhJUE=)
6: Lzd2UazZEZK4D-Vi_LM5PwLTTJw.roa (hash: RYhKyfjdDrdFS+vtO7CbGxUt9WkZpShCr4z/pVEDnNo=)
7: No7gvAe0HiqMlWPX1eORii_qHNg.roa (hash: fsHInzrmBhxkqHfoeln8hYzxASuDDoDSJJ6xYdeYcAY=)
8: OfvtK6UGD_bVKz8pj9fgFWb6zgM.roa (hash: 40esanXG/apJXlFMV+hzoWKw+5KjI8h/fUEMtsSTOfI=)
9: PZulO6TyppqWWuGzO34PYYz5Uo0.roa (hash: yxbl0kEI9vox9RiEQxUPGxMV7cLiY2SO7AtRn6kT6eA=)
10: QD7THVmiGOcCiQQPVumiDRR-d7I.roa (hash: BeWz4UxSBqt/CJdq0rqcX/Y2LZaQqSYTg9P3zaCSJy8=)
11: TzZbUoNGLOmB6mnJiaNAHR2oE9c.roa (hash: BweYJDm2QhqDgPj1ChzAIBwgj2kCBYjRI7BD0uiJCsI=)
12: XsbnPodlNkVFgCzTwYVVRKP-GEQ.roa (hash: yacvbm4gKGYgc5wCZtcaOFLtzo1EC6TxZpfMKP9mzO4=)
13: Yq-wEJdpNyrsJ5M1lXcQMx95RI0.roa (hash: C1aXVx3626w3lC0qVGmhnn9Jj9Gy3ZQ5/AtReox93tU=)
14: evHFKal_BLbftwTo5irhQaueD2U.roa (hash: 4JP/QyQZbAYdHqHseXBGNqOkAZdAPfM1lQ9PPjQdoAg=)
15: ffnzNkkLF4B5sEmRbbt-73LygMI.roa (hash: lfR0YWmJicUAI3V8hDlF+PVwpQclCZqiT/dKFEJOFIA=)
16: iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl (hash: tQ3L+7WVpmDmQm/NOfuuTxxltAQKOR3gKnQlSx3Gw64=)
17: jgjN0IxKws8jDdNRAOYX1CdHt1k.roa (hash: T74oJ4uT1nguMzcsxBkKWMEPcQYXZBdgwGGLqKFQyh4=)
18: qe20gAZbuwVu_t2cnfTPZkvTqlA.roa (hash: rEzVYj2gFODsMAGdxG3xTH2suYUBY7xxuVYE2eGkAMI=)
19: vQGMLXKuPigq7LZo-Pr7Y9YiM-c.roa (hash: zTk7jcBriJqG2gtlVugmX1oERrjs/CQDeKUtk6NsPUk=)
20: ywCQM1l3K43_E-WiIpSnSbWqOvE.roa (hash: hgEPrLxxvDkD6XngS/o1Hzja3xdYFuhr99lC4QpzvhQ=)
21: zWbsOJJ1UwVI5pnA1_vMfQ9v7YA.roa (hash: BBz3fH6gauC81KGSU8veCkKr25fDnWrXmEydKqB3KzU=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62915 (0xf5c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: Mar 1 21:28:46 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=5ACA5AE6103E8498345BCBABD47A443AC093C25A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f0:f9:68:52:99:6a:aa:0f:1d:28:ef:d6:32:
00:4b:4b:5b:e0:b8:b8:b9:11:b3:01:db:61:3e:66:
5e:29:0d:9d:15:62:48:a5:9a:8d:56:e4:ae:2c:e8:
d7:c7:ad:fb:37:56:a2:f7:b7:17:64:bc:75:c9:84:
df:61:26:6d:a0:94:db:60:2d:da:09:36:45:28:f1:
d9:ff:98:4e:b8:6d:f9:7d:32:b4:c8:d5:ca:98:92:
04:70:f3:f0:98:8f:66:02:98:6f:8d:f9:48:98:68:
17:4b:99:d3:16:04:49:11:32:f7:db:5b:8e:bd:6c:
8f:e9:20:b7:11:b0:c5:47:f9:69:82:e9:84:ed:8d:
46:2e:a3:90:74:d5:31:bc:f7:36:b9:26:77:39:bb:
0f:c7:e2:59:11:83:9b:c8:41:1d:4c:cc:1f:5a:13:
99:ba:9a:1b:70:9d:f1:5e:88:99:c5:73:23:eb:c3:
8f:0b:61:f0:8d:d7:54:84:5a:9f:93:5a:c3:22:fa:
c0:7a:0c:ee:bb:c9:34:3d:82:18:5f:52:96:8f:e1:
e9:1f:4e:be:5b:ad:e5:88:61:79:9c:22:91:1f:64:
62:5b:6f:0e:0b:c8:6a:9d:34:03:13:56:2b:5f:36:
b6:75:4f:d2:79:06:ae:67:e0:7f:59:46:9c:66:2e:
22:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:CA:5A:E6:10:3E:84:98:34:5B:CB:AB:D4:7A:44:3A:C0:93:C2:5A
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
4e:c4:14:30:f2:9b:c0:af:1c:2b:89:9f:90:91:eb:90:fd:9e:
f5:d9:43:41:5e:2a:c3:01:fa:d3:80:f1:77:8a:75:00:41:32:
21:6c:70:3b:f6:94:54:58:4a:5f:e8:a9:8c:72:5d:58:ab:92:
c3:0b:73:28:aa:ac:a6:b0:2e:11:df:95:85:eb:17:89:8a:f1:
09:f5:f0:c7:bd:a4:9c:0d:df:f3:e1:99:c8:bc:bd:c0:a3:ef:
e4:29:9b:f9:1b:be:70:88:24:94:5d:b9:05:8a:d2:67:d3:a0:
ac:90:bd:21:59:d1:21:d3:bc:b4:82:41:dc:cc:93:82:46:a6:
2c:ce:40:b0:1d:4e:64:f3:39:cf:02:45:a7:d4:a6:12:55:9b:
f9:0c:44:86:0c:d0:8a:81:ba:4f:15:5e:dc:37:a1:00:b1:7b:
c2:6e:77:38:a1:05:57:b4:31:6f:cb:d6:f1:29:fa:c1:a6:86:
2e:eb:75:2c:6b:3d:2d:40:04:9c:a3:11:d0:db:60:8b:99:74:
2b:3f:08:0f:97:c5:6e:c4:27:01:54:03:a6:64:bb:e4:1e:30:
7b:03:e3:5b:cb:29:8d:33:5f:e1:9d:d9:a9:84:28:92:7b:61:
8e:b7:2c:33:c9:1e:f1:c0:6c:1d:d8:3c:15:1e:f4:51:f4:a9:
8c:b4:b7:bb
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDAPXDMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhB
RTRDRjc4QjQ5REYwQjJDMUQyOUQzMkU0OEE5NDNBRTRGNDFBQ0MwHhcNMjYwMzAx
MjEyODQ2WhcNMjcwMTA5MDgyMzE4WjAzMTEwLwYDVQQDEyg1QUNBNUFFNjEwM0U4
NDk4MzQ1QkNCQUJENDdBNDQzQUMwOTNDMjVBMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2/D5aFKZaqoPHSjv1jIAS0tb4Li4uRGzAdthPmZeKQ2dFWJI
pZqNVuSuLOjXx637N1ai97cXZLx1yYTfYSZtoJTbYC3aCTZFKPHZ/5hOuG35fTK0
yNXKmJIEcPPwmI9mAphvjflImGgXS5nTFgRJETL321uOvWyP6SC3EbDFR/lpgumE
7Y1GLqOQdNUxvPc2uSZ3ObsPx+JZEYObyEEdTMwfWhOZupobcJ3xXoiZxXMj68OP
C2HwjddUhFqfk1rDIvrAegzuu8k0PYIYX1KWj+HpH06+W63liGF5nCKRH2RiW28O
C8hqnTQDE1YrXza2dU/SeQauZ+B/WUacZi4iuwIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFFrKWuYQPoSYNFvLq9R6RDrAk8JaMB8GA1UdIwQYMBaAFIrkz3i0nfCywdKd
MuSKlDrk9BrMMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwXQYDVR0fBFYwVDBS
oFCgToZMcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2
NjMvaXVUUGVMU2Q4TExCMHAweTVJcVVPdVQwR3N3LmNybDBjBggrBgEFBQcBAQRX
MFUwUwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY2VyMA4GA1UdDwEB
/wQEAwIHgDCBnQYIKwYBBQUHAQsEgZAwgY0wWAYIKwYBBQUHMAuGTHJzeW5jOi8v
cnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xNjYzL2l1VFBlTFNkOExM
QjBwMHk1SXFVT3VUMEdzdy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5j
bm5pYy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAh
BggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUA
A4IBAQBOxBQw8pvArxwriZ+QkeuQ/Z712UNBXirDAfrTgPF3inUAQTIhbHA79pRU
WEpf6KmMcl1Yq5LDC3MoqqymsC4R35WF6xeJivEJ9fDHvaScDd/z4ZnIvL3Ao+/k
KZv5G75wiCSUXbkFitJn06CskL0hWdEh07y0gkHczJOCRqYszkCwHU5k8znPAkWn
1KYSVZv5DESGDNCKgbpPFV7cN6EAsXvCbnc4oQVXtDFvy9bxKfrBpoYu63Usaz0t
QAScoxHQ22CLmXQrPwgPl8VuxCcBVAOmZLvkHjB7A+NbyymNM1/hndmphCiSe2GO
tywzyR7xwGwd2DwVHvRR9KmMtLe7
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:20:58 2026 by rpki-client