Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.mft
File: vcTZgftYN_Id2VEGP1m0dd1WJTY.mft (raw, json)
Hash identifier: sV9UJdJSmpSFlPVpqL66a5MOpsWWLqL7qOkBOGidGfE=
Subject key identifier: 48:ED:2D:04:59:DF:0F:E7:68:E6:07:DA:7C:6D:13:70:A3:01:41:9D
Authority key identifier: BD:C4:D9:81:FB:58:37:F2:1D:D9:51:06:3F:59:B4:75:DD:56:25:36
Certificate issuer: /CN=BDC4D981FB5837F21DD951063F59B475DD562536
Certificate serial: D5
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vcTZgftYN_Id2VEGP1m0dd1WJTY.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.mft
Manifest number: D4
Signing time: Thu 19 Jun 2025 10:10:52 +0000
Manifest this update: Thu 19 Jun 2025 10:10:52 +0000
Manifest next update: Thu 19 Jun 2025 16:10:52 +0000
Files and hashes: 1: ihz4sFLDfkN7Fk9DCBqiadh-ivQ.roa (hash: gR5LOmN4JF2dPB94elxL+UoXokAkI2kc2RKlgGd4ebs=)
2: vcTZgftYN_Id2VEGP1m0dd1WJTY.crl (hash: yff5K9OP69d+08pgDeMGv9+sOPmIYJJlv545FrMnsZg=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213 (0xd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDC4D981FB5837F21DD951063F59B475DD562536
Validity
Not Before: Jun 19 10:10:52 2025 GMT
Not After : May 8 11:58:22 2026 GMT
Subject: CN=48ED2D0459DF0FE768E607DA7C6D1370A301419D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:85:01:25:5d:b3:c7:08:4c:9d:8f:fb:8d:cc:
f4:c4:07:1f:79:ca:fb:0d:18:3a:55:90:e8:6d:a6:
53:ed:b3:73:02:97:4d:46:3f:52:7d:2d:2a:9d:29:
b0:92:90:d8:01:f3:25:ad:1f:dd:a1:17:0a:a4:69:
d7:2e:a6:d1:2e:45:7b:ba:09:2d:c0:77:aa:d0:f5:
cb:a3:50:a9:2f:7e:5a:a0:11:0b:96:c6:ff:49:78:
79:e4:59:a5:e2:b2:d0:82:37:69:da:01:40:4c:89:
3a:d1:c2:0b:d7:ea:5d:3e:7f:92:ed:ad:2b:b7:3e:
ec:a9:b1:0e:34:16:c0:a2:8e:2f:c3:a0:06:0e:c6:
29:0e:62:a9:6a:9a:85:d9:32:83:51:7e:a0:e6:ab:
8d:e8:c2:45:7b:a1:94:9d:a5:04:29:32:a7:77:16:
8f:c7:e8:38:70:3f:43:8c:97:de:e7:3d:0e:e3:5d:
e0:7d:70:c8:11:4d:16:a1:67:c6:94:11:6b:7e:c1:
a6:1e:5a:43:06:58:74:49:a9:6f:b0:eb:54:ff:c2:
ce:2e:61:27:de:29:59:21:92:1c:54:04:69:8b:70:
76:85:e4:83:21:38:3e:69:af:de:0e:9e:cb:27:a7:
40:06:b7:03:05:3f:3d:55:56:b3:44:b9:fc:2e:41:
58:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:ED:2D:04:59:DF:0F:E7:68:E6:07:DA:7C:6D:13:70:A3:01:41:9D
X509v3 Authority Key Identifier:
keyid:BD:C4:D9:81:FB:58:37:F2:1D:D9:51:06:3F:59:B4:75:DD:56:25:36
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vcTZgftYN_Id2VEGP1m0dd1WJTY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2662/vcTZgftYN_Id2VEGP1m0dd1WJTY.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
4f:7d:00:6f:ba:cc:80:6c:5a:db:34:5b:7d:a5:c2:18:37:b0:
82:e1:42:07:ea:18:92:0b:90:03:7f:34:68:0c:56:8f:f4:db:
07:bf:6a:4e:1c:7f:c2:4c:2e:dc:2a:d1:d2:d9:25:62:30:4b:
58:67:c9:2c:16:a6:56:e4:84:bd:1c:e5:9f:13:ec:36:d2:43:
4b:7f:28:01:43:42:44:03:50:90:7d:4a:bc:5b:1d:00:6b:eb:
ec:47:fd:7c:49:9d:0e:dd:50:cd:b5:fb:f7:7e:82:34:3e:e6:
24:0b:c7:71:b0:c3:8c:55:4a:36:28:a1:39:82:13:06:71:b7:
ab:44:91:2c:3d:80:35:96:75:54:20:bf:e1:82:45:45:cd:2b:
28:e5:22:e4:b5:33:e0:12:28:0d:6f:91:c5:bc:56:60:68:80:
70:cd:4e:be:80:9e:f7:88:37:51:09:64:77:f3:3c:6e:e2:40:
43:be:bb:11:1d:13:51:7d:9f:b7:2a:6d:6c:32:00:cd:1a:8e:
ba:ec:30:d4:15:bd:56:31:ad:f1:d7:1d:82:34:27:6a:65:e9:
db:11:fd:69:6c:02:68:57:c0:97:1a:bf:37:30:b2:f0:35:eb:
83:4a:c1:2c:93:9b:60:16:de:42:92:11:49:72:bb:1c:c3:44:
da:33:8a:6d
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICANUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRD
NEQ5ODFGQjU4MzdGMjFERDk1MTA2M0Y1OUI0NzVERDU2MjUzNjAeFw0yNTA2MTkx
MDEwNTJaFw0yNjA1MDgxMTU4MjJaMDMxMTAvBgNVBAMTKDQ4RUQyRDA0NTlERjBG
RTc2OEU2MDdEQTdDNkQxMzcwQTMwMTQxOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDShQElXbPHCEydj/uNzPTEBx95yvsNGDpVkOhtplPts3MCl01G
P1J9LSqdKbCSkNgB8yWtH92hFwqkadcuptEuRXu6CS3Ad6rQ9cujUKkvflqgEQuW
xv9JeHnkWaXistCCN2naAUBMiTrRwgvX6l0+f5LtrSu3PuypsQ40FsCiji/DoAYO
xikOYqlqmoXZMoNRfqDmq43owkV7oZSdpQQpMqd3Fo/H6DhwP0OMl97nPQ7jXeB9
cMgRTRahZ8aUEWt+waYeWkMGWHRJqW+w61T/ws4uYSfeKVkhkhxUBGmLcHaF5IMh
OD5pr94Onssnp0AGtwMFPz1VVrNEufwuQVgNAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUSO0tBFnfD+do5gfafG0TcKMBQZ0wHwYDVR0jBBgwFoAUvcTZgftYN/Id2VEG
P1m0dd1WJTYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY2
Mi92Y1RaZ2Z0WU5fSWQyVkVHUDFtMGRkMVdKVFkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3ZjVFpnZnRZTl9JZDJWRUdQMW0wZGQxV0pUWS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2NjIvdmNUWmdmdFlOX0lk
MlZFR1AxbTBkZDFXSlRZLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAE99AG+6zIBsWts0W32lwhg3sILhQgfqGJILkAN/NGgMVo/02we/ak4cf8JM
Ltwq0dLZJWIwS1hnySwWplbkhL0c5Z8T7DbSQ0t/KAFDQkQDUJB9SrxbHQBr6+xH
/XxJnQ7dUM21+/d+gjQ+5iQLx3Gww4xVSjYooTmCEwZxt6tEkSw9gDWWdVQgv+GC
RUXNKyjlIuS1M+ASKA1vkcW8VmBogHDNTr6AnveIN1EJZHfzPG7iQEO+uxEdE1F9
n7cqbWwyAM0ajrrsMNQVvVYxrfHXHYI0J2pl6dsR/WlsAmhXwJcavzcwsvA164NK
wSyTm2AW3kKSEUlyuxzDRNozim0=
-----END CERTIFICATE-----
Generated at Thu Jun 19 17:06:58 2025 by rpki-client