Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.mft
File: OCdChXYoqbKyIFmuiEdvIwYL6tA.mft (raw, json)
Hash identifier: p5cDedhHCVdAcHALt2aGW02sCAm2+ZLPeatMe+hT5MY=
Subject key identifier: 28:21:5B:26:84:B2:51:CB:C1:6E:81:F4:5A:46:65:8D:87:98:73:05
Authority key identifier: 38:27:42:85:76:28:A9:B2:B2:20:59:AE:88:47:6F:23:06:0B:EA:D0
Certificate issuer: /CN=382742857628A9B2B22059AE88476F23060BEAD0
Certificate serial: 042F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OCdChXYoqbKyIFmuiEdvIwYL6tA.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.mft
Manifest number: 042F
Signing time: Thu 19 Jun 2025 10:14:47 +0000
Manifest this update: Thu 19 Jun 2025 10:14:47 +0000
Manifest next update: Thu 19 Jun 2025 16:14:47 +0000
Files and hashes: 1: OCdChXYoqbKyIFmuiEdvIwYL6tA.crl (hash: BXnazwcuP8oyHVk9Vd0VxXIFW2gTIBLL+V+YeVU4w6E=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1071 (0x42f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=382742857628A9B2B22059AE88476F23060BEAD0
Validity
Not Before: Jun 19 10:14:47 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=28215B2684B251CBC16E81F45A46658D87987305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:26:72:d5:94:16:40:a9:56:11:27:83:ad:c9:
ac:73:2e:26:c8:68:e4:37:1c:e2:b9:5d:8a:dc:5d:
52:91:42:3b:2e:de:b3:6e:fb:38:6c:62:43:f2:65:
fe:2d:44:45:7d:02:5c:fb:a1:47:11:13:de:41:4b:
e9:61:23:81:c1:3c:01:8c:a8:0c:1b:2b:47:6e:19:
76:95:78:de:65:db:39:ce:e0:22:0e:f5:e1:af:50:
40:ed:f6:61:24:bf:62:9f:a0:eb:d9:b4:02:f1:ea:
85:d3:3d:5e:85:3b:d0:19:a7:a5:e5:cc:a8:12:69:
a0:7b:a1:8b:61:e3:bc:89:4a:5e:8a:2b:eb:9c:90:
c5:6c:a9:6b:a7:08:2b:86:ba:2e:62:d7:77:ef:ab:
37:a1:fa:a1:c6:27:4e:8f:b0:83:bb:7a:98:51:bd:
d9:c4:aa:06:f2:99:ec:0a:ac:d2:44:d7:21:1d:80:
f3:d8:6a:3f:70:e1:2f:01:12:2e:8c:85:b2:f7:0e:
f7:d9:ae:c6:09:03:cd:cd:05:0b:24:bb:11:96:78:
38:bb:bd:68:67:78:5d:33:a8:1e:f6:97:cc:61:ec:
a5:11:dc:9e:e2:70:3c:31:72:f5:59:be:13:fe:f5:
5c:38:80:94:e7:6d:06:32:ca:d6:37:3a:eb:b5:19:
b9:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:21:5B:26:84:B2:51:CB:C1:6E:81:F4:5A:46:65:8D:87:98:73:05
X509v3 Authority Key Identifier:
keyid:38:27:42:85:76:28:A9:B2:B2:20:59:AE:88:47:6F:23:06:0B:EA:D0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OCdChXYoqbKyIFmuiEdvIwYL6tA.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3328/OCdChXYoqbKyIFmuiEdvIwYL6tA.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
dc:29:5c:77:04:4d:a3:b9:c1:cd:7b:f8:a7:90:fc:b8:f6:1e:
ae:66:80:1b:bf:ab:fb:9a:e2:40:c3:2c:32:4f:52:df:7a:54:
5d:2b:98:92:ae:ec:1f:51:d1:eb:c3:e1:43:5d:bc:ea:3f:a1:
7d:13:6a:a0:43:13:97:92:5f:27:8c:de:77:3b:f2:23:89:4f:
ce:88:d5:b8:dd:c6:b0:fc:26:b1:76:26:90:db:1a:23:b1:84:
f0:bf:a3:d7:d0:39:0a:ad:2c:a1:36:13:6b:6f:91:57:a2:30:
1d:85:00:f3:5b:83:ac:68:13:cf:eb:60:9f:7a:fb:62:67:3c:
64:6f:05:59:56:77:4a:bf:99:23:0c:40:72:92:82:74:ed:81:
09:25:ae:bf:c2:e2:7e:58:a4:f1:aa:e7:a7:03:3f:71:15:4c:
15:0c:09:eb:39:c7:b5:9b:9b:46:93:c8:15:f6:f2:ce:98:95:
b5:8f:a4:13:ae:dd:9c:05:cd:b9:77:b7:64:d2:5f:50:43:f3:
60:df:c8:31:e0:07:2e:c1:43:ff:5c:35:75:3e:bf:a1:fe:3b:
ed:62:88:6a:69:41:7c:2e:26:59:dd:4c:c0:b5:e3:7c:79:af:
c9:d6:cd:1d:0e:d9:b7:d0:6b:e1:e2:04:97:97:ce:bd:12:5c:
bb:8e:d5:79
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICBC8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzgy
NzQyODU3NjI4QTlCMkIyMjA1OUFFODg0NzZGMjMwNjBCRUFEMDAeFw0yNTA2MTkx
MDE0NDdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDI4MjE1QjI2ODRCMjUx
Q0JDMTZFODFGNDVBNDY2NThEODc5ODczMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdJnLVlBZAqVYRJ4OtyaxzLibIaOQ3HOK5XYrcXVKRQjsu3rNu
+zhsYkPyZf4tREV9Alz7oUcRE95BS+lhI4HBPAGMqAwbK0duGXaVeN5l2znO4CIO
9eGvUEDt9mEkv2KfoOvZtALx6oXTPV6FO9AZp6XlzKgSaaB7oYth47yJSl6KK+uc
kMVsqWunCCuGui5i13fvqzeh+qHGJ06PsIO7ephRvdnEqgbymewKrNJE1yEdgPPY
aj9w4S8BEi6MhbL3DvfZrsYJA83NBQskuxGWeDi7vWhneF0zqB72l8xh7KUR3J7i
cDwxcvVZvhP+9Vw4gJTnbQYyytY3Ouu1Gbn9AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUKCFbJoSyUcvBboH0WkZljYeYcwUwHwYDVR0jBBgwFoAUOCdChXYoqbKyIFmu
iEdvIwYL6tAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy
OC9PQ2RDaFhZb3FiS3lJRm11aUVkdkl3WUw2dEEuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09DZENoWFlvcWJLeUlGbXVpRWR2SXdZTDZ0QS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMjgvT0NkQ2hYWW9xYkt5
SUZtdWlFZHZJd1lMNnRBLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBANwpXHcETaO5wc17+KeQ/Lj2Hq5mgBu/q/ua4kDDLDJPUt96VF0rmJKu7B9R
0evD4UNdvOo/oX0TaqBDE5eSXyeM3nc78iOJT86I1bjdxrD8JrF2JpDbGiOxhPC/
o9fQOQqtLKE2E2tvkVeiMB2FAPNbg6xoE8/rYJ96+2JnPGRvBVlWd0q/mSMMQHKS
gnTtgQklrr/C4n5YpPGq56cDP3EVTBUMCes5x7Wbm0aTyBX28s6YlbWPpBOu3ZwF
zbl3t2TSX1BD82DfyDHgBy7BQ/9cNXU+v6H+O+1iiGppQXwuJlndTMC143x5r8nW
zR0O2bfQa+HiBJeXzr0SXLuO1Xk=
-----END CERTIFICATE-----
Generated at Thu Jun 19 16:43:11 2025 by rpki-client