Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3283/43TDfhgAlB4aNVhdEMhLffz80nA.mft
File: 43TDfhgAlB4aNVhdEMhLffz80nA.mft (raw, json)
Hash identifier: AKd/b+RVBHBTE/4n0X4YR99Ir3c/N4X2HvJsoVya8TA=
Subject key identifier: 11:52:0E:60:37:D0:A6:11:A8:27:11:98:00:48:10:55:01:88:24:E6
Authority key identifier: E3:74:C3:7E:18:00:94:1E:1A:35:58:5D:10:C8:4B:7D:FC:FC:D2:70
Certificate issuer: /CN=E374C37E1800941E1A35585D10C84B7DFCFCD270
Certificate serial: 0A5D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/43TDfhgAlB4aNVhdEMhLffz80nA.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3283/43TDfhgAlB4aNVhdEMhLffz80nA.mft
Manifest number: 0A5D
Signing time: Wed 05 Nov 2025 10:13:52 +0000
Manifest this update: Wed 05 Nov 2025 10:13:52 +0000
Manifest next update: Wed 05 Nov 2025 16:13:52 +0000
Files and hashes: 1: 43TDfhgAlB4aNVhdEMhLffz80nA.crl (hash: GUVwWYIaknSO6ArQvv9iv2pb8o06eBQVOcs14t14ZwY=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2653 (0xa5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E374C37E1800941E1A35585D10C84B7DFCFCD270
Validity
Not Before: Nov 5 10:13:52 2025 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=11520E6037D0A611A827119800481055018824E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b0:3c:14:d4:b4:c9:b8:5b:fc:8f:0f:f1:7e:
b7:3a:11:64:67:35:74:a7:b6:fa:2b:74:ad:96:63:
76:be:a2:ec:3a:10:f5:d4:d3:45:3d:6a:96:76:5d:
61:c6:3e:91:97:c9:5f:83:fa:ab:c0:ce:04:b6:f4:
4a:53:2a:72:12:28:13:c0:58:49:7e:82:7c:80:20:
22:6b:04:4e:ac:f6:31:cc:1b:e9:eb:0c:8a:65:b0:
60:1e:dd:f5:0f:a0:61:e0:9e:98:c8:1f:11:9b:2c:
62:18:5e:e4:4e:47:cc:53:a9:21:5e:b5:22:5d:a2:
84:29:fe:76:ae:f9:e2:de:a1:0f:5d:c5:09:0b:7f:
54:18:3b:c5:34:77:58:20:70:2f:61:43:0c:cd:e2:
bd:fb:c1:dc:9b:15:d4:06:15:af:bc:43:03:80:60:
87:e8:4b:aa:9c:c2:b9:e6:fb:26:0b:57:5e:c5:82:
03:bf:88:6f:dc:a9:77:f0:46:98:d3:ec:ed:d6:f2:
3c:38:4e:02:52:28:7e:23:71:79:f9:09:60:e9:70:
8f:c8:a4:96:81:9d:22:c3:5d:37:a1:b5:6c:42:53:
71:c8:0b:14:ba:1e:34:cf:60:8d:33:5e:38:77:ea:
e3:06:a5:a8:1f:36:19:61:89:e3:b1:de:3b:ec:54:
e2:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:52:0E:60:37:D0:A6:11:A8:27:11:98:00:48:10:55:01:88:24:E6
X509v3 Authority Key Identifier:
keyid:E3:74:C3:7E:18:00:94:1E:1A:35:58:5D:10:C8:4B:7D:FC:FC:D2:70
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3283/43TDfhgAlB4aNVhdEMhLffz80nA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/43TDfhgAlB4aNVhdEMhLffz80nA.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3283/43TDfhgAlB4aNVhdEMhLffz80nA.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
17:fb:cc:5c:0a:ee:61:2e:a2:bc:2e:d5:83:3f:29:4e:a2:f6:
12:ba:87:4e:fc:06:c4:fc:16:80:f9:48:c2:1b:03:47:79:f5:
c7:e2:57:e7:bc:4a:f9:7b:0f:ec:26:e8:73:99:6d:44:4d:a1:
85:0c:43:27:1f:fe:5f:c8:92:74:44:9f:68:5f:38:fb:53:1f:
42:40:37:d4:6c:e0:22:87:b6:97:0b:b3:85:b9:c1:8e:21:44:
24:21:c5:d0:16:3e:df:c2:f0:0f:81:69:09:9a:9f:c5:ea:f4:
f4:72:10:3e:f0:2b:ec:54:e0:47:3c:8e:d7:4b:75:c6:d3:59:
1d:84:60:d1:a6:20:50:ee:80:0f:e6:90:dc:cb:14:ed:e0:76:
dc:e2:45:ae:e8:eb:3f:27:98:27:3a:44:84:3c:0e:9c:14:62:
7e:12:58:b1:ee:25:25:7c:b2:06:45:30:81:20:fb:05:4a:76:
03:bd:f9:c4:0e:f7:90:bf:89:cb:c3:7d:e0:36:f5:9a:0d:3b:
e7:6b:52:4f:4c:90:bb:93:a3:26:29:be:d3:a7:ee:9b:19:7d:
72:95:aa:6f:6b:de:3f:23:6d:9b:31:f0:c2:bc:e4:07:90:51:
41:37:ea:86:e3:a8:fd:13:53:67:c2:e0:e5:3a:f9:7f:2f:c0:
c9:03:6e:07
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICCl0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTM3
NEMzN0UxODAwOTQxRTFBMzU1ODVEMTBDODRCN0RGQ0ZDRDI3MDAeFw0yNTExMDUx
MDEzNTJaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDExNTIwRTYwMzdEMEE2
MTFBODI3MTE5ODAwNDgxMDU1MDE4ODI0RTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCesDwU1LTJuFv8jw/xfrc6EWRnNXSntvordK2WY3a+ouw6EPXU
00U9apZ2XWHGPpGXyV+D+qvAzgS29EpTKnISKBPAWEl+gnyAICJrBE6s9jHMG+nr
DIplsGAe3fUPoGHgnpjIHxGbLGIYXuROR8xTqSFetSJdooQp/nau+eLeoQ9dxQkL
f1QYO8U0d1ggcC9hQwzN4r37wdybFdQGFa+8QwOAYIfoS6qcwrnm+yYLV17FggO/
iG/cqXfwRpjT7O3W8jw4TgJSKH4jcXn5CWDpcI/IpJaBnSLDXTehtWxCU3HICxS6
HjTPYI0zXjh36uMGpagfNhlhieOx3jvsVOLzAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUEVIOYDfQphGoJxGYAEgQVQGIJOYwHwYDVR0jBBgwFoAU43TDfhgAlB4aNVhd
EMhLffz80nAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI4
My80M1REZmhnQWxCNGFOVmhkRU1oTGZmejgwbkEuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzQzVERmaGdBbEI0YU5WaGRFTWhMZmZ6ODBuQS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyODMvNDNURGZoZ0FsQjRh
TlZoZEVNaExmZno4MG5BLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBABf7zFwK7mEuorwu1YM/KU6i9hK6h078BsT8FoD5SMIbA0d59cfiV+e8Svl7
D+wm6HOZbURNoYUMQycf/l/IknREn2hfOPtTH0JAN9Rs4CKHtpcLs4W5wY4hRCQh
xdAWPt/C8A+BaQman8Xq9PRyED7wK+xU4Ec8jtdLdcbTWR2EYNGmIFDugA/mkNzL
FO3gdtziRa7o6z8nmCc6RIQ8DpwUYn4SWLHuJSV8sgZFMIEg+wVKdgO9+cQO95C/
icvDfeA29ZoNO+drUk9MkLuToyYpvtOn7psZfXKVqm9r3j8jbZsx8MK85AeQUUE3
6objqP0TU2fC4OU6+X8vwMkDbgc=
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:28:20 2025 by rpki-client