Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft
File: Lowd4ZR0A1y-pngFS22U9a-lM2E.mft (raw, json)
Hash identifier: okDZSX+uliHXaBCxLHCGE9HiDJ9QG661ajVlGBE28tk=
Subject key identifier: FF:93:2E:42:5E:06:0B:53:CC:63:EE:F8:B4:2B:91:6D:B3:C0:1C:6C
Authority key identifier: 2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61
Certificate issuer: /CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
Certificate serial: 1A49
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft
Manifest number: 1A3F
Signing time: Sat 26 Apr 2025 11:07:20 +0000
Manifest this update: Sat 26 Apr 2025 11:07:20 +0000
Manifest next update: Sat 26 Apr 2025 17:07:20 +0000
Files and hashes: 1: IYkJ5FCKNtKSqqAO-jf5CgFrRyo.roa (hash: iyH8j7lARJGiKTyNhZuxwAzL7RSAxkLDiciZi2qy3S0=)
2: Lowd4ZR0A1y-pngFS22U9a-lM2E.crl (hash: pEi7HuNek6n8e7o+Tl8T3SNhU7k6290Nnpoq3vKKX/Y=)
3: fioZ3GbSWc8xCxZSX5xMaJKL5Kw.roa (hash: kSZPAF+X3T3iZ+QjAo6L0K9L6zaSBOEvFL86EZHGiME=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6729 (0x1a49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2E8C1DE19474035CBEA678054B6D94F5AFA53361
Validity
Not Before: Apr 26 11:07:20 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=FF932E425E060B53CC63EEF8B42B916DB3C01C6C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ce:ca:10:5a:c9:8f:d2:27:85:80:bb:25:3e:
26:96:85:3f:5b:51:fb:24:48:0d:d4:0d:5e:91:18:
04:52:77:b0:2d:d3:78:33:73:59:ab:3d:50:93:aa:
29:dd:c9:6d:31:6a:60:fb:17:57:f1:b6:f3:a5:bf:
ce:7d:00:da:c1:8f:9c:11:a4:28:73:44:98:bd:2f:
63:2c:f2:d6:d5:1f:e7:f0:e8:6f:42:ec:2c:4a:d4:
53:f8:f3:4e:f4:bb:5c:01:19:43:9f:2b:b4:3c:cd:
8e:20:5d:b4:f1:30:b7:0d:be:35:06:12:30:a0:cb:
80:f1:c0:44:2c:b2:20:c8:53:66:f2:2c:36:d1:53:
f6:aa:45:78:6d:b6:9c:13:2d:81:42:14:e2:e9:3d:
76:92:3a:5d:98:cc:7b:db:66:b1:88:a1:47:2b:1d:
41:d5:b1:0c:78:bb:83:ca:f7:02:ff:e7:5f:d5:53:
f0:0b:95:fc:83:77:e4:a3:ff:19:71:e2:0a:73:a5:
18:c1:12:1c:c9:77:90:c4:05:91:12:72:b2:af:fa:
f4:c1:eb:93:09:a5:4b:fb:0a:49:d4:2d:00:f4:ac:
02:11:35:44:af:04:83:7d:28:49:09:f4:8a:c5:84:
fd:3c:9a:04:0b:e6:34:60:9f:20:19:e6:a5:85:96:
45:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:93:2E:42:5E:06:0B:53:CC:63:EE:F8:B4:2B:91:6D:B3:C0:1C:6C
X509v3 Authority Key Identifier:
keyid:2E:8C:1D:E1:94:74:03:5C:BE:A6:78:05:4B:6D:94:F5:AF:A5:33:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Lowd4ZR0A1y-pngFS22U9a-lM2E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/187/Lowd4ZR0A1y-pngFS22U9a-lM2E.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
54:56:64:63:71:30:e7:6f:0e:7a:50:75:09:40:7f:5b:37:b3:
d0:21:7c:5e:90:48:1c:48:3d:17:ec:d8:de:10:21:34:cb:9c:
5b:16:b9:48:92:12:e2:79:c7:ba:a7:4f:25:a8:63:81:39:65:
f9:92:de:50:65:c8:74:e8:da:76:eb:8d:86:78:d3:8d:6a:d0:
28:01:e2:d7:37:8d:7d:2c:9a:6a:62:44:6b:3f:0b:6f:e4:ce:
ba:76:ef:18:cc:44:56:a9:2b:8a:66:5e:c1:3b:fa:88:92:ec:
01:eb:43:b1:1f:5b:c6:c3:b6:8d:cb:b4:fe:c1:2c:a2:f1:e2:
39:ac:52:ec:32:c6:af:ba:39:8d:33:c7:59:23:0e:18:89:53:
5b:7a:78:2b:4a:a5:24:47:b7:70:39:73:6f:e2:27:c9:d9:e4:
c2:28:af:08:36:7e:0a:79:fd:33:57:6b:0c:bb:af:c3:ee:a4:
9b:68:fb:51:34:a1:b2:3d:69:f4:72:c8:8d:85:a0:a1:f2:ef:
8a:6f:75:c2:50:b8:48:5e:8c:3c:9e:16:d2:f3:29:f8:cf:14:
93:3c:fc:8c:e8:b6:d7:2f:b4:92:5a:b2:85:b9:87:1f:f1:bd:
00:fa:c4:00:3b:3f:1d:53:e5:25:40:cb:b8:77:01:64:4e:18:
c7:ca:89:89
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICGkkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkU4
QzFERTE5NDc0MDM1Q0JFQTY3ODA1NEI2RDk0RjVBRkE1MzM2MTAeFw0yNTA0MjYx
MTA3MjBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEZGOTMyRTQyNUUwNjBC
NTNDQzYzRUVGOEI0MkI5MTZEQjNDMDFDNkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1zsoQWsmP0ieFgLslPiaWhT9bUfskSA3UDV6RGARSd7At03gz
c1mrPVCTqindyW0xamD7F1fxtvOlv859ANrBj5wRpChzRJi9L2Ms8tbVH+fw6G9C
7CxK1FP48070u1wBGUOfK7Q8zY4gXbTxMLcNvjUGEjCgy4DxwEQssiDIU2byLDbR
U/aqRXhttpwTLYFCFOLpPXaSOl2YzHvbZrGIoUcrHUHVsQx4u4PK9wL/51/VU/AL
lfyDd+Sj/xlx4gpzpRjBEhzJd5DEBZEScrKv+vTB65MJpUv7CknULQD0rAIRNUSv
BIN9KEkJ9IrFhP08mgQL5jRgnyAZ5qWFlkUvAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQU/5MuQl4GC1PMY+74tCuRbbPAHGwwHwYDVR0jBBgwFoAULowd4ZR0A1y+pngF
S22U9a+lM2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3
L0xvd2Q0WlIwQTF5LXBuZ0ZTMjJVOWEtbE0yRS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvTG93ZDRaUjBBMXktcG5nRlMyMlU5YS1sTTJFLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTg3L0xvd2Q0WlIwQTF5LXBu
Z0ZTMjJVOWEtbE0yRS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQBUVmRjcTDnbw56UHUJQH9bN7PQIXxekEgcSD0X7NjeECE0y5xbFrlIkhLiece6
p08lqGOBOWX5kt5QZch06Np2642GeNONatAoAeLXN419LJpqYkRrPwtv5M66du8Y
zERWqSuKZl7BO/qIkuwB60OxH1vGw7aNy7T+wSyi8eI5rFLsMsavujmNM8dZIw4Y
iVNbengrSqUkR7dwOXNv4ifJ2eTCKK8INn4Kef0zV2sMu6/D7qSbaPtRNKGyPWn0
csiNhaCh8u+Kb3XCULhIXow8nhbS8yn4zxSTPPyM6LbXL7SSWrKFuYcf8b0A+sQA
Oz8dU+UlQMu4dwFkThjHyomJ
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:22:46 2025 by rpki-client