Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3307/USN2g1L_1eSeSpn0-TWAPoNb35Y.mft
File: USN2g1L_1eSeSpn0-TWAPoNb35Y.mft (raw, json)
Hash identifier: 7n6V14gGaD8Jh09JruRAsAjFaz47XkGlhU+q6xHiwEM=
Subject key identifier: 7E:9E:E0:90:3F:FE:91:E9:63:B2:B8:E8:9E:D7:23:94:AA:68:A5:31
Authority key identifier: 51:23:76:83:52:FF:D5:E4:9E:4A:99:F4:F9:35:80:3E:83:5B:DF:96
Certificate issuer: /CN=5123768352FFD5E49E4A99F4F935803E835BDF96
Certificate serial: 08FC
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/USN2g1L_1eSeSpn0-TWAPoNb35Y.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3307/USN2g1L_1eSeSpn0-TWAPoNb35Y.mft
Manifest number: 08FC
Signing time: Wed 05 Nov 2025 10:12:46 +0000
Manifest this update: Wed 05 Nov 2025 10:12:46 +0000
Manifest next update: Wed 05 Nov 2025 16:12:46 +0000
Files and hashes: 1: USN2g1L_1eSeSpn0-TWAPoNb35Y.crl (hash: 58rM+qtlBlEMtsgE+Ge4oXAHk0wpH7uutcYTNnbGf4I=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2300 (0x8fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5123768352FFD5E49E4A99F4F935803E835BDF96
Validity
Not Before: Nov 5 10:12:46 2025 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=7E9EE0903FFE91E963B2B8E89ED72394AA68A531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:9a:9d:f9:db:d7:5e:9b:ea:09:7d:fd:85:6b:
77:8b:7d:07:20:7a:11:87:2d:f3:bf:be:bf:15:ee:
a2:cc:b0:df:f3:19:de:42:46:1f:de:67:d8:f2:14:
53:b7:3b:0d:71:63:82:c7:e2:02:20:d3:74:e2:81:
2d:7c:66:6d:e0:e4:bd:5e:3a:5d:76:8e:71:ef:56:
87:4e:e3:f9:4a:df:2b:19:54:82:dd:71:4a:4d:65:
b2:99:ee:4d:b7:36:b2:89:d9:38:0c:de:58:7e:e6:
e2:93:b0:e5:64:3c:ee:7e:5c:86:00:57:20:29:60:
0b:76:9d:c7:6c:82:3e:5c:7a:09:5d:6e:77:72:18:
e6:76:03:2e:e3:1a:82:90:82:5e:2c:ef:8f:8a:30:
24:92:d1:7a:4e:3c:88:d7:73:31:0b:d8:d9:20:95:
61:73:11:aa:c4:6d:b4:d6:70:7a:18:90:b3:4e:d4:
01:72:fa:b6:35:73:11:ea:af:78:c1:b7:1d:fe:4e:
ba:92:c8:62:f6:8b:21:09:b8:57:2b:48:02:de:af:
1d:67:46:03:b9:5d:5f:f5:94:e5:ca:0d:d9:b4:4c:
4c:cf:13:98:47:fe:4f:e0:89:0a:2e:89:78:02:3b:
b4:82:a1:ed:2e:8d:ad:d3:c6:a4:af:d3:b2:a3:6e:
11:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:9E:E0:90:3F:FE:91:E9:63:B2:B8:E8:9E:D7:23:94:AA:68:A5:31
X509v3 Authority Key Identifier:
keyid:51:23:76:83:52:FF:D5:E4:9E:4A:99:F4:F9:35:80:3E:83:5B:DF:96
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3307/USN2g1L_1eSeSpn0-TWAPoNb35Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/USN2g1L_1eSeSpn0-TWAPoNb35Y.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3307/USN2g1L_1eSeSpn0-TWAPoNb35Y.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
1a:84:62:87:09:39:82:d6:c8:ac:6e:e8:aa:a6:21:33:c8:d4:
20:1c:bd:a3:c1:96:a9:e7:3a:99:b2:2b:39:3b:14:04:74:f6:
59:ff:bc:57:72:0e:37:6f:45:bd:57:b8:7f:60:4f:86:90:46:
87:1b:19:75:e1:d0:b9:83:5f:ef:b8:82:58:53:ed:c2:4c:19:
08:80:e1:de:eb:9f:1c:ab:5f:99:dd:76:2a:5b:21:36:bf:61:
0e:81:ad:bd:ce:94:75:46:5b:eb:9b:de:cf:6e:9b:89:3d:ae:
63:40:b7:a7:ee:9a:67:fd:c9:6b:8b:d0:db:e3:7c:51:ff:0e:
de:b6:46:3f:e5:53:83:1a:f9:88:fc:54:13:d1:eb:51:58:97:
24:f9:c0:98:96:06:89:ee:7c:75:4d:ac:da:76:c7:25:be:71:
67:9d:cd:20:01:0e:32:18:82:75:92:9b:4d:ea:5d:28:14:40:
03:db:0f:65:91:ac:dd:58:ab:c2:46:da:97:2b:a3:dc:16:71:
33:ea:51:05:8f:e9:ff:e2:f3:e8:7c:d8:7a:7b:93:20:ac:5a:
39:53:5e:e7:20:de:1b:51:36:81:8a:b4:e7:de:c1:41:e6:8e:
f0:7f:12:5c:e7:9d:fc:c3:1e:6b:67:30:fa:e4:df:f5:c7:fc:
5e:de:2c:32
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICCPwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
Mzc2ODM1MkZGRDVFNDlFNEE5OUY0RjkzNTgwM0U4MzVCREY5NjAeFw0yNTExMDUx
MDEyNDZaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDdFOUVFMDkwM0ZGRTkx
RTk2M0IyQjhFODlFRDcyMzk0QUE2OEE1MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcmp3529dem+oJff2Fa3eLfQcgehGHLfO/vr8V7qLMsN/zGd5C
Rh/eZ9jyFFO3Ow1xY4LH4gIg03TigS18Zm3g5L1eOl12jnHvVodO4/lK3ysZVILd
cUpNZbKZ7k23NrKJ2TgM3lh+5uKTsOVkPO5+XIYAVyApYAt2ncdsgj5cegldbndy
GOZ2Ay7jGoKQgl4s74+KMCSS0XpOPIjXczEL2NkglWFzEarEbbTWcHoYkLNO1AFy
+rY1cxHqr3jBtx3+TrqSyGL2iyEJuFcrSALerx1nRgO5XV/1lOXKDdm0TEzPE5hH
/k/giQouiXgCO7SCoe0uja3TxqSv07KjbhG3AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUfp7gkD/+keljsrjontcjlKpopTEwHwYDVR0jBBgwFoAUUSN2g1L/1eSeSpn0
+TWAPoNb35YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMw
Ny9VU04yZzFMXzFlU2VTcG4wLVRXQVBvTmIzNVkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL1VTTjJnMUxfMWVTZVNwbjAtVFdBUG9OYjM1WS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMDcvVVNOMmcxTF8xZVNl
U3BuMC1UV0FQb05iMzVZLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBABqEYocJOYLWyKxu6KqmITPI1CAcvaPBlqnnOpmyKzk7FAR09ln/vFdyDjdv
Rb1XuH9gT4aQRocbGXXh0LmDX++4glhT7cJMGQiA4d7rnxyrX5nddipbITa/YQ6B
rb3OlHVGW+ub3s9um4k9rmNAt6fummf9yWuL0NvjfFH/Dt62Rj/lU4Ma+Yj8VBPR
61FYlyT5wJiWBonufHVNrNp2xyW+cWedzSABDjIYgnWSm03qXSgUQAPbD2WRrN1Y
q8JG2pcro9wWcTPqUQWP6f/i8+h82Hp7kyCsWjlTXucg3htRNoGKtOfewUHmjvB/
ElznnfzDHmtnMPrk3/XH/F7eLDI=
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:28:18 2025 by rpki-client