Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft
File: NxT4EtSpDicn7ABvXkzukIk0r3g.mft (raw, json)
Hash identifier: shnAsKHb3newAMcfpZj3wn0YPTJSpo0zHi0j35EaZH4=
Subject key identifier: D4:72:7B:D1:54:0D:F9:B6:C4:FC:C1:74:C4:0A:00:22:80:30:2B:DA
Authority key identifier: 37:14:F8:12:D4:A9:0E:27:27:EC:00:6F:5E:4C:EE:90:89:34:AF:78
Certificate issuer: /CN=3714F812D4A90E2727EC006F5E4CEE908934AF78
Certificate serial: 1C7B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NxT4EtSpDicn7ABvXkzukIk0r3g.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft
Manifest number: 1C7B
Signing time: Sat 26 Apr 2025 06:36:53 +0000
Manifest this update: Sat 26 Apr 2025 06:36:53 +0000
Manifest next update: Sat 26 Apr 2025 12:36:53 +0000
Files and hashes: 1: NxT4EtSpDicn7ABvXkzukIk0r3g.crl (hash: VTkW6Vu8BqArKY9at41xueiGr5/yf8RSY4wbGKTW+uY=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7291 (0x1c7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3714F812D4A90E2727EC006F5E4CEE908934AF78
Validity
Not Before: Apr 26 06:36:53 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=D4727BD1540DF9B6C4FCC174C40A002280302BDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:90:3b:6c:95:b3:19:b9:3c:7f:39:15:f1:fd:
b5:9a:0d:ba:0a:83:cf:0b:a9:32:4a:ca:fd:8f:1b:
6f:47:00:29:45:8d:60:ee:28:18:fd:d7:fb:7f:64:
ef:7e:1a:0a:cf:8c:34:ba:5b:61:b5:06:1f:0b:0d:
e3:bc:71:9b:9c:a1:a8:2c:7b:f9:40:62:42:f9:7a:
bb:ef:ee:7b:87:00:71:3b:9d:88:82:03:e1:31:35:
45:68:19:50:53:82:cf:b2:98:1d:7d:9b:ea:4e:fd:
e0:a5:fc:fc:e8:78:8f:1e:bc:32:20:2e:38:36:d5:
9b:80:27:94:10:10:57:d4:8f:1e:eb:a2:1e:a4:4e:
25:cf:74:bb:2f:a0:63:d9:e0:46:f0:ea:a8:3f:0f:
a6:15:6a:18:76:b1:18:10:34:b2:12:65:9a:8e:24:
55:5c:e4:42:15:ac:20:09:ac:fd:4c:d9:e4:ae:f9:
cf:6d:24:a6:9e:58:90:f9:7c:bf:53:a1:79:36:b5:
b6:5f:4d:61:ac:0b:4e:c0:02:8d:ed:02:71:78:51:
30:c9:c9:fe:b6:8c:43:03:1e:8c:21:e5:3a:c1:50:
8e:02:c4:07:e4:5a:c2:d7:3e:c3:0d:16:fd:ef:36:
d7:b2:a6:7c:43:3b:d4:c0:9e:5d:4e:17:63:ec:3a:
b3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:72:7B:D1:54:0D:F9:B6:C4:FC:C1:74:C4:0A:00:22:80:30:2B:DA
X509v3 Authority Key Identifier:
keyid:37:14:F8:12:D4:A9:0E:27:27:EC:00:6F:5E:4C:EE:90:89:34:AF:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/NxT4EtSpDicn7ABvXkzukIk0r3g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2330/NxT4EtSpDicn7ABvXkzukIk0r3g.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
62:ca:44:e8:36:2e:a8:5e:08:bd:2a:1f:56:c9:d0:6a:cf:bb:
d8:9d:56:a7:32:fc:db:e6:1e:62:69:10:94:78:ba:b2:81:d9:
2a:d3:0b:e7:67:b6:cd:5d:7d:3e:e7:07:2c:55:5b:d5:4a:64:
f7:45:ba:77:b2:9a:4d:31:b4:e7:db:09:cf:8c:1a:cc:34:01:
ed:9c:9f:e4:07:1d:71:59:cc:09:dc:67:50:11:31:93:b3:91:
3c:a8:04:f3:27:c4:e4:b7:2e:3f:3b:f1:50:56:56:e1:63:cb:
c9:b4:69:4c:ee:3e:1e:54:be:01:1b:44:26:e0:6b:06:ee:cd:
ab:9a:fe:49:de:c7:a5:04:73:31:c5:75:04:e7:75:88:c1:9a:
4e:2d:fe:9c:04:b8:ba:d5:f9:7f:77:b7:57:a0:26:4e:12:90:
d7:6c:8d:d2:8f:aa:8d:ea:22:5e:fc:91:d7:5d:b3:ab:3c:1b:
e0:50:c0:89:7f:5e:29:28:4a:fe:e4:07:3c:7e:68:d8:46:5e:
b4:11:26:18:82:3a:a6:93:08:96:dc:0e:b0:52:b5:79:9a:36:
e8:43:44:e8:be:ed:26:17:8c:aa:81:7b:ce:71:f2:03:70:90:
d6:c3:74:a3:36:91:ee:06:1c:13:c5:f5:70:b6:c7:58:e3:ec:
66:d5:a7:8a
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICHHswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzcx
NEY4MTJENEE5MEUyNzI3RUMwMDZGNUU0Q0VFOTA4OTM0QUY3ODAeFw0yNTA0MjYw
NjM2NTNaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKEQ0NzI3QkQxNTQwREY5
QjZDNEZDQzE3NEM0MEEwMDIyODAzMDJCREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4kDtslbMZuTx/ORXx/bWaDboKg88LqTJKyv2PG29HAClFjWDu
KBj91/t/ZO9+GgrPjDS6W2G1Bh8LDeO8cZucoagse/lAYkL5ervv7nuHAHE7nYiC
A+ExNUVoGVBTgs+ymB19m+pO/eCl/PzoeI8evDIgLjg21ZuAJ5QQEFfUjx7roh6k
TiXPdLsvoGPZ4Ebw6qg/D6YVahh2sRgQNLISZZqOJFVc5EIVrCAJrP1M2eSu+c9t
JKaeWJD5fL9ToXk2tbZfTWGsC07AAo3tAnF4UTDJyf62jEMDHowh5TrBUI4CxAfk
WsLXPsMNFv3vNteypnxDO9TAnl1OF2PsOrNNAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQU1HJ70VQN+bbE/MF0xAoAIoAwK9owHwYDVR0jBBgwFoAUNxT4EtSpDicn7ABv
XkzukIk0r3gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjMz
MC9OeFQ0RXRTcERpY243QUJ2WGt6dWtJazByM2cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL054VDRFdFNwRGljbjdBQnZYa3p1a0lrMHIzZy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzIzMzAvTnhUNEV0U3BEaWNu
N0FCdlhrenVrSWswcjNnLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAGLKROg2LqheCL0qH1bJ0GrPu9idVqcy/NvmHmJpEJR4urKB2SrTC+dnts1d
fT7nByxVW9VKZPdFuneymk0xtOfbCc+MGsw0Ae2cn+QHHXFZzAncZ1ARMZOzkTyo
BPMnxOS3Lj878VBWVuFjy8m0aUzuPh5UvgEbRCbgawbuzaua/knex6UEczHFdQTn
dYjBmk4t/pwEuLrV+X93t1egJk4SkNdsjdKPqo3qIl78kddds6s8G+BQwIl/Xiko
Sv7kBzx+aNhGXrQRJhiCOqaTCJbcDrBStXmaNuhDROi+7SYXjKqBe85x8gNwkNbD
dKM2ke4GHBPF9XC2x1jj7GbVp4o=
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:41:44 2025 by rpki-client