Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/27/OeR4mSSTJdtJm_xpEJGdLzYAPpo.mft
File: OeR4mSSTJdtJm_xpEJGdLzYAPpo.mft (raw, json)
Hash identifier: c2MDn5CwCqdDNNABSBsB+GvYF2rF4qNdb4QzmSWHyQ4=
Subject key identifier: D5:C0:84:64:B4:0A:63:4F:DB:E6:79:1A:74:15:94:0B:79:FA:BB:61
Authority key identifier: 39:E4:78:99:24:93:25:DB:49:9B:FC:69:10:91:9D:2F:36:00:3E:9A
Certificate issuer: /CN=39E47899249325DB499BFC6910919D2F36003E9A
Certificate serial: 22CB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OeR4mSSTJdtJm_xpEJGdLzYAPpo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27/OeR4mSSTJdtJm_xpEJGdLzYAPpo.mft
Manifest number: 22B9
Signing time: Sun 01 Mar 2026 22:28:17 +0000
Manifest this update: Sun 01 Mar 2026 22:28:17 +0000
Manifest next update: Mon 02 Mar 2026 04:28:17 +0000
Files and hashes: 1: 8h30GBA3h4n0nrMTSP0xr0y7b_o.roa (hash: 9cfhHU+BjNybxApiI/hSLUqpXkVi5pN6Lvjf+RUUdws=)
2: OeR4mSSTJdtJm_xpEJGdLzYAPpo.crl (hash: MTfmk4DxHSLbo4A3sTp3L/JvzvRHbdYoQVTXzFPg62U=)
3: aVTN-qNwRozZt36ArshpmDXx0vM.roa (hash: CYQAt9Bb/xP653vpZ4vy+xW+gUj2bdrDgCV5WzAbI34=)
4: vvJwb1gYnGrBw5xA1UrXbiG1jGk.roa (hash: Xd/UqKRCspic2JRT51UsT5/47rtxoF0+T2yGguQfGw0=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8907 (0x22cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39E47899249325DB499BFC6910919D2F36003E9A
Validity
Not Before: Mar 1 22:28:17 2026 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=D5C08464B40A634FDBE6791A7415940B79FABB61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d9:98:90:78:55:2c:20:cb:a2:b3:29:ed:dc:
f3:25:4d:a0:36:42:42:0f:12:8f:41:e4:92:79:28:
84:9f:f0:80:bd:6c:22:33:42:6e:fc:44:b4:49:8f:
14:81:bb:94:ba:44:58:be:45:f2:81:20:e0:88:86:
58:f8:ad:ad:97:46:6f:b0:8c:5f:7a:6a:df:94:a1:
cc:aa:33:73:1b:a0:87:17:0f:f7:16:c5:a6:a2:b6:
e2:f5:77:47:fb:37:85:e0:6c:83:fe:25:4d:9c:4d:
02:dd:6d:c4:91:58:3c:bf:a1:0b:f4:d7:35:e8:a6:
fd:f8:37:5d:de:04:60:5d:c1:e5:eb:80:48:8c:6a:
bc:f0:e8:37:54:ae:35:c7:dc:f8:98:71:d8:aa:f4:
e8:7a:ac:f6:b9:1e:60:c3:db:b9:ee:fc:9b:a5:24:
ae:78:51:b8:98:d7:6d:18:41:40:3b:4a:45:11:b6:
90:9f:78:54:34:31:c5:83:ce:a7:50:63:d3:97:f2:
ad:96:fa:ef:21:6a:0f:ac:00:2b:0d:93:44:b8:cb:
2f:57:49:37:96:0a:93:28:e3:64:ce:4e:56:bf:41:
4f:2e:1a:12:a2:6c:a4:f6:8b:bd:4b:12:88:50:0f:
e4:70:20:4c:5e:f0:84:70:4a:c6:9e:69:1a:39:8c:
8d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C0:84:64:B4:0A:63:4F:DB:E6:79:1A:74:15:94:0B:79:FA:BB:61
X509v3 Authority Key Identifier:
keyid:39:E4:78:99:24:93:25:DB:49:9B:FC:69:10:91:9D:2F:36:00:3E:9A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27/OeR4mSSTJdtJm_xpEJGdLzYAPpo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OeR4mSSTJdtJm_xpEJGdLzYAPpo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/27/OeR4mSSTJdtJm_xpEJGdLzYAPpo.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
5b:3c:3a:69:34:26:2e:ce:af:b3:fe:8c:ba:08:0a:15:8b:e0:
2c:64:47:93:bb:e8:9d:59:59:b9:8e:d2:d4:24:ba:ae:02:d3:
4f:61:61:50:d8:ea:80:65:4d:2f:72:fd:b3:87:8f:93:03:03:
7c:25:82:de:fe:70:b6:15:04:d3:b5:d0:26:f5:26:a1:dc:15:
e1:47:51:a1:2c:ad:10:f4:aa:7d:7a:e8:b3:53:fd:c6:c6:2b:
33:1a:20:de:3f:0f:84:4c:15:9e:67:3e:ca:5f:a1:8e:d8:73:
6a:e5:b7:e5:53:5d:9f:ec:04:09:1c:fa:68:fe:4b:81:5f:e4:
b6:f2:2f:a6:6f:b7:ac:9f:97:de:76:2d:8e:85:ad:5b:44:92:
1d:b5:c6:fc:b6:01:ef:51:3a:a3:af:01:ee:26:5d:da:8e:44:
4b:75:ec:b4:fb:22:10:df:87:29:f3:28:aa:de:dd:58:c8:d2:
1b:1b:b7:aa:21:a0:9f:3b:6c:c3:ab:58:68:5b:a1:44:a3:c3:
8b:25:71:0a:cb:82:f0:41:0f:c2:df:a1:76:4e:72:8e:ac:9a:
88:f3:12:75:db:28:dd:95:85:b0:fd:47:b6:5b:aa:ac:66:44:
d4:fc:c9:50:a5:fe:d4:ea:a4:f2:9c:ea:74:fc:b5:71:a2:a0:
e9:78:a2:4f
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgICIsswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzlF
NDc4OTkyNDkzMjVEQjQ5OUJGQzY5MTA5MTlEMkYzNjAwM0U5QTAeFw0yNjAzMDEy
MjI4MTdaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEQ1QzA4NDY0QjQwQTYz
NEZEQkU2NzkxQTc0MTU5NDBCNzlGQUJCNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG2ZiQeFUsIMuisynt3PMlTaA2QkIPEo9B5JJ5KISf8IC9bCIz
Qm78RLRJjxSBu5S6RFi+RfKBIOCIhlj4ra2XRm+wjF96at+UocyqM3MboIcXD/cW
xaaituL1d0f7N4XgbIP+JU2cTQLdbcSRWDy/oQv01zXopv34N13eBGBdweXrgEiM
arzw6DdUrjXH3PiYcdiq9Oh6rPa5HmDD27nu/JulJK54UbiY120YQUA7SkURtpCf
eFQ0McWDzqdQY9OX8q2W+u8hag+sACsNk0S4yy9XSTeWCpMo42TOTla/QU8uGhKi
bKT2i71LEohQD+RwIExe8IRwSsaeaRo5jI2LAgMBAAGjggIIMIICBDAdBgNVHQ4E
FgQU1cCEZLQKY0/b5nkadBWUC3n6u2EwHwYDVR0jBBgwFoAUOeR4mSSTJdtJm/xp
EJGdLzYAPpowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjcv
T2VSNG1TU1RKZHRKbV94cEVKR2RMellBUHBvLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC9PZVI0bVNTVEpkdEptX3hwRUpHZEx6WUFQcG8uY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8yNy9PZVI0bVNTVEpkdEptX3hw
RUpHZEx6WUFQcG8ubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYIKwYB
BQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOCAQEA
Wzw6aTQmLs6vs/6MuggKFYvgLGRHk7vonVlZuY7S1CS6rgLTT2FhUNjqgGVNL3L9
s4ePkwMDfCWC3v5wthUE07XQJvUmodwV4UdRoSytEPSqfXros1P9xsYrMxog3j8P
hEwVnmc+yl+hjthzauW35VNdn+wECRz6aP5LgV/ktvIvpm+3rJ+X3nYtjoWtW0SS
HbXG/LYB71E6o68B7iZd2o5ES3XstPsiEN+HKfMoqt7dWMjSGxu3qiGgnztsw6tY
aFuhRKPDiyVxCsuC8EEPwt+hdk5yjqyaiPMSddso3ZWFsP1HtluqrGZE1PzJUKX+
1Oqk8pzqdPy1caKg6XiiTw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:15:28 2026 by rpki-client