Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2841/UaVmbTI7-EL2BEznEFl3PiJxsBM.mft
File: UaVmbTI7-EL2BEznEFl3PiJxsBM.mft (raw, json)
Hash identifier: I5DYVoaXfRM5iRhATlLR0VgekDgPbqOh8+6dBMoxGrM=
Subject key identifier: 65:EB:41:2A:57:F9:EB:00:92:B9:C2:CD:13:CA:C4:68:33:49:A7:06
Authority key identifier: 51:A5:66:6D:32:3B:F8:42:F6:04:4C:E7:10:59:77:3E:22:71:B0:13
Certificate issuer: /CN=51A5666D323BF842F6044CE71059773E2271B013
Certificate serial: 23AC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UaVmbTI7-EL2BEznEFl3PiJxsBM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/UaVmbTI7-EL2BEznEFl3PiJxsBM.mft
Manifest number: 239A
Signing time: Sun 01 Mar 2026 17:28:07 +0000
Manifest this update: Sun 01 Mar 2026 17:28:07 +0000
Manifest next update: Sun 01 Mar 2026 23:28:07 +0000
Files and hashes: 1: Dxf2IGNyXg9I98tAtX9uZk6GXVc.roa (hash: ONovWuC+zq8l+bwh2lQi2A19xeNKL6TpIuIc732PvrY=)
2: K6dM3LoliVMQPn-6OZ8bO8A4Ux8.roa (hash: /DWeD+5yM4Zt5ioOX6r2bUHR2V5mYF+BbU8pekEVfcQ=)
3: UaVmbTI7-EL2BEznEFl3PiJxsBM.crl (hash: JSWig4IcBeT9n1yoRW7BhtibXznWBmhTKZfHvu3Vims=)
4: ezOO06_iD-bkUiK6a-jQQGyReTA.roa (hash: ffFfC37zZTiTuY/DyHhesVn6JkVaEASjK4B14hmOzoM=)
5: qQWXGEqmaabu6rR7VtaHiAiwOSg.roa (hash: CaxhdE2ToO1BsO0P9BXP8buuK40zGyoXTIP3IN4keuQ=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9132 (0x23ac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51A5666D323BF842F6044CE71059773E2271B013
Validity
Not Before: Mar 1 17:28:07 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=65EB412A57F9EB0092B9C2CD13CAC4683349A706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b9:9a:b1:09:93:4a:bd:56:41:8e:50:8f:f5:
68:28:a1:9a:d7:87:53:1f:cc:0d:43:df:d4:16:0a:
c9:ba:f3:e3:46:94:1d:ff:cc:fc:8b:72:39:9e:46:
48:00:a2:34:96:f7:cf:e2:da:6c:75:8c:58:12:3d:
f3:e6:df:b7:b7:54:eb:06:f0:b4:53:f5:2b:eb:b4:
0e:0a:f3:20:3f:c4:0c:56:33:c5:12:42:61:02:bb:
9c:98:1f:02:99:d7:64:9d:23:47:7f:f9:4d:b8:0d:
01:97:74:f5:1f:e4:9e:df:95:b5:d3:70:15:be:f6:
7a:3c:c2:a9:bc:ed:3b:16:a7:7e:4d:82:b9:45:90:
d7:2f:47:fa:a7:22:b6:06:3c:1c:ea:ff:5a:be:a8:
41:c3:6d:01:56:a0:a7:6a:4c:48:82:4a:02:fc:ce:
08:ae:21:32:8a:6a:d0:21:63:71:8e:48:c0:1b:d8:
62:2a:74:f9:14:0a:ab:f6:b7:3b:8e:2a:cd:3b:fc:
e0:26:15:73:e5:36:60:32:0b:bb:b7:2d:56:77:5e:
df:4b:e2:8b:c8:91:65:e1:fe:c1:f1:55:64:9e:58:
26:45:f7:db:5c:0b:c7:e5:5f:c6:98:1c:e0:96:a3:
26:37:d4:05:69:d4:f0:92:14:76:7c:50:a4:36:da:
8a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:EB:41:2A:57:F9:EB:00:92:B9:C2:CD:13:CA:C4:68:33:49:A7:06
X509v3 Authority Key Identifier:
keyid:51:A5:66:6D:32:3B:F8:42:F6:04:4C:E7:10:59:77:3E:22:71:B0:13
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/UaVmbTI7-EL2BEznEFl3PiJxsBM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/UaVmbTI7-EL2BEznEFl3PiJxsBM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2841/UaVmbTI7-EL2BEznEFl3PiJxsBM.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
89:66:99:26:69:bd:88:7c:73:22:41:e6:45:25:55:fc:65:19:
23:6a:0f:87:02:91:7f:00:b7:75:48:ff:5d:d6:40:dc:44:e6:
5c:2c:23:77:4c:d2:24:e4:0d:3c:d2:7b:d4:78:48:09:da:1d:
cb:e8:44:53:36:04:2c:2d:64:60:66:ba:d2:a6:b1:9e:f5:ae:
08:eb:01:45:a2:d2:7f:95:a4:cd:86:4e:e3:06:6e:af:7b:49:
75:dd:4b:96:d6:49:8a:9e:c9:7d:c4:69:15:d9:2f:2c:96:df:
bb:fa:f0:da:57:b6:95:6f:cc:12:eb:0c:6c:ab:ad:37:75:88:
33:c0:bd:2f:f4:68:0a:5a:22:48:46:90:20:10:d1:12:dd:80:
26:d0:af:80:55:58:5c:e2:40:50:a4:2b:7c:85:05:a4:fc:5e:
ed:5e:d6:49:45:14:04:3c:4d:74:24:17:81:00:41:83:a9:81:
cd:22:c1:59:71:2a:ff:0f:95:a5:34:d3:10:c4:5c:bd:bf:10:
27:0c:09:0a:ee:52:91:98:e4:d8:5f:1e:a9:c4:f5:a6:22:84:
68:f3:db:fc:a1:b6:c4:26:a4:5b:48:f3:a7:21:08:92:2b:a0:
ca:aa:a1:8f:50:7d:35:82:3b:c7:f5:93:e2:9b:e3:89:10:3e:
87:25:a6:42
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICI6wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTFB
NTY2NkQzMjNCRjg0MkY2MDQ0Q0U3MTA1OTc3M0UyMjcxQjAxMzAeFw0yNjAzMDEx
NzI4MDdaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDY1RUI0MTJBNTdGOUVC
MDA5MkI5QzJDRDEzQ0FDNDY4MzM0OUE3MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCVuZqxCZNKvVZBjlCP9WgooZrXh1MfzA1D39QWCsm68+NGlB3/
zPyLcjmeRkgAojSW98/i2mx1jFgSPfPm37e3VOsG8LRT9SvrtA4K8yA/xAxWM8US
QmECu5yYHwKZ12SdI0d/+U24DQGXdPUf5J7flbXTcBW+9no8wqm87TsWp35NgrlF
kNcvR/qnIrYGPBzq/1q+qEHDbQFWoKdqTEiCSgL8zgiuITKKatAhY3GOSMAb2GIq
dPkUCqv2tzuOKs07/OAmFXPlNmAyC7u3LVZ3Xt9L4ovIkWXh/sHxVWSeWCZF99tc
C8flX8aYHOCWoyY31AVp1PCSFHZ8UKQ22orZAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUZetBKlf56wCSucLNE8rEaDNJpwYwHwYDVR0jBBgwFoAUUaVmbTI7+EL2BEzn
EFl3PiJxsBMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjg0
MS9VYVZtYlRJNy1FTDJCRXpuRUZsM1BpSnhzQk0uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1VhVm1iVEk3LUVMMkJFem5FRmwzUGlKeHNCTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4NDEvVWFWbWJUSTctRUwy
QkV6bkVGbDNQaUp4c0JNLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAIlmmSZpvYh8cyJB5kUlVfxlGSNqD4cCkX8At3VI/13WQNxE5lwsI3dM0iTk
DTzSe9R4SAnaHcvoRFM2BCwtZGBmutKmsZ71rgjrAUWi0n+VpM2GTuMGbq97SXXd
S5bWSYqeyX3EaRXZLyyW37v68NpXtpVvzBLrDGyrrTd1iDPAvS/0aApaIkhGkCAQ
0RLdgCbQr4BVWFziQFCkK3yFBaT8Xu1e1klFFAQ8TXQkF4EAQYOpgc0iwVlxKv8P
laU00xDEXL2/ECcMCQruUpGY5NhfHqnE9aYihGjz2/yhtsQmpFtI86chCJIroMqq
oY9QfTWCO8f1k+Kb44kQPoclpkI=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:54:50 2026 by rpki-client