Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.mft
File: zgR4-r6RlrVNC9GqhMs5Bz1s-fk.mft (raw, json)
Hash identifier: jyJtZmjKpAKmQHBX0+Eb2Vi3xKkNQDB2R7Snl7oHq+o=
Subject key identifier: 52:5E:66:19:12:15:EC:C0:61:97:4A:DA:55:D6:26:AC:F4:E5:D5:A7
Authority key identifier: CE:04:78:FA:BE:91:96:B5:4D:0B:D1:AA:84:CB:39:07:3D:6C:F9:F9
Certificate issuer: /CN=CE0478FABE9196B54D0BD1AA84CB39073D6CF9F9
Certificate serial: 06D5
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.mft
Manifest number: 06D5
Signing time: Wed 05 Nov 2025 10:14:53 +0000
Manifest this update: Wed 05 Nov 2025 10:14:53 +0000
Manifest next update: Wed 05 Nov 2025 16:14:53 +0000
Files and hashes: 1: zgR4-r6RlrVNC9GqhMs5Bz1s-fk.crl (hash: rEjXMt/LEiJvc+BZTYkIeLFKM97Amt9g89EMsvESMNs=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1749 (0x6d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CE0478FABE9196B54D0BD1AA84CB39073D6CF9F9
Validity
Not Before: Nov 5 10:14:53 2025 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=525E66191215ECC061974ADA55D626ACF4E5D5A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:60:c6:7c:39:63:96:f1:d6:55:de:3a:6e:e7:
d5:a7:5b:44:06:e6:54:93:82:46:5a:f7:cb:3d:fb:
ba:4e:6c:47:e8:a4:84:dc:83:a3:3d:e1:bd:3d:8a:
38:9e:0c:98:eb:f0:da:e6:dd:b4:92:45:bc:c6:02:
af:25:cb:91:01:db:b9:58:b8:0b:5d:bb:d4:e4:db:
f0:02:b9:81:1c:bf:5f:d5:e4:7a:f3:fc:25:6b:76:
4d:e9:0e:72:0b:dc:f9:2b:7c:ad:d6:47:ac:ef:eb:
b4:23:5d:bb:f9:cf:ef:ce:bf:53:24:20:7a:fb:15:
02:fc:d5:bb:c6:27:8b:e2:3b:ec:2f:43:94:8e:77:
56:f5:37:17:11:33:8f:e8:6d:af:92:0d:47:5d:e5:
75:08:ac:7b:05:30:51:d1:cc:dd:6e:ca:6c:cc:e7:
7e:15:16:d8:72:24:e1:f6:aa:77:21:69:46:75:10:
3f:ca:2f:06:51:60:63:96:3b:ac:38:78:a2:a3:93:
75:72:74:9f:2b:9f:b5:cd:de:0f:62:3e:7a:ad:bb:
ac:c8:88:0d:73:ce:8b:f2:8a:96:14:28:07:91:fb:
0c:53:ee:e5:66:11:eb:40:96:72:23:8f:f5:e0:a8:
a9:ae:2e:11:e8:7f:a9:bb:af:29:7f:a3:55:9b:2a:
d3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:5E:66:19:12:15:EC:C0:61:97:4A:DA:55:D6:26:AC:F4:E5:D5:A7
X509v3 Authority Key Identifier:
keyid:CE:04:78:FA:BE:91:96:B5:4D:0B:D1:AA:84:CB:39:07:3D:6C:F9:F9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3329/zgR4-r6RlrVNC9GqhMs5Bz1s-fk.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
aa:e4:b0:97:2f:3c:cf:5d:fc:fe:a3:1a:96:d7:e6:4f:13:40:
68:0b:be:a9:b3:5f:87:a9:5b:19:01:c9:91:95:ff:28:f5:08:
9b:5c:21:ce:4a:29:49:f5:ec:99:15:03:3a:0e:9f:e4:58:63:
99:f8:18:75:7d:9b:11:f2:20:0a:8e:15:04:00:fe:1f:32:c3:
63:68:72:71:1e:e4:96:48:52:0a:d6:ba:1e:20:a0:ad:50:20:
01:dc:77:de:83:fd:b3:23:cc:c4:65:4d:ca:c2:3c:6f:ed:fb:
67:4b:98:83:dc:bc:03:86:1a:55:10:0e:71:ac:7e:b2:4c:4a:
9e:86:2c:c4:49:26:eb:17:88:ca:a1:31:02:d8:71:44:c7:bd:
53:11:d2:63:f7:36:5b:56:8e:4f:19:59:86:47:7c:92:7a:c3:
38:46:b2:16:ac:74:55:30:26:20:7b:fd:21:de:53:61:db:4b:
98:05:89:6e:78:91:c8:13:21:17:51:31:79:4a:d9:b5:b1:7a:
9a:9b:29:ab:64:d3:1b:0d:13:c1:69:0a:d5:a8:e5:54:99:1f:
e7:7e:ca:c2:75:f8:10:7d:d5:e7:f6:fe:f4:2e:a2:60:d5:78:
4e:89:09:de:fd:b9:59:08:88:99:a1:f9:b9:9c:d5:7b:b7:af:
e5:4f:6c:5e
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICBtUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Uw
NDc4RkFCRTkxOTZCNTREMEJEMUFBODRDQjM5MDczRDZDRjlGOTAeFw0yNTExMDUx
MDE0NTNaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKDUyNUU2NjE5MTIxNUVD
QzA2MTk3NEFEQTU1RDYyNkFDRjRFNUQ1QTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7YMZ8OWOW8dZV3jpu59WnW0QG5lSTgkZa98s9+7pObEfopITc
g6M94b09ijieDJjr8Nrm3bSSRbzGAq8ly5EB27lYuAtdu9Tk2/ACuYEcv1/V5Hrz
/CVrdk3pDnIL3PkrfK3WR6zv67QjXbv5z+/Ov1MkIHr7FQL81bvGJ4viO+wvQ5SO
d1b1NxcRM4/oba+SDUdd5XUIrHsFMFHRzN1uymzM534VFthyJOH2qnchaUZ1ED/K
LwZRYGOWO6w4eKKjk3VydJ8rn7XN3g9iPnqtu6zIiA1zzovyipYUKAeR+wxT7uVm
EetAlnIjj/XgqKmuLhHof6m7ryl/o1WbKtPTAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUUl5mGRIV7MBhl0raVdYmrPTl1acwHwYDVR0jBBgwFoAUzgR4+r6RlrVNC9Gq
hMs5Bz1s+fkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy
OS96Z1I0LXI2UmxyVk5DOUdxaE1zNUJ6MXMtZmsuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3pnUjQtcjZSbHJWTkM5R3FoTXM1Qnoxcy1may5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMjkvemdSNC1yNlJsclZO
QzlHcWhNczVCejFzLWZrLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAKrksJcvPM9d/P6jGpbX5k8TQGgLvqmzX4epWxkByZGV/yj1CJtcIc5KKUn1
7JkVAzoOn+RYY5n4GHV9mxHyIAqOFQQA/h8yw2NocnEe5JZIUgrWuh4goK1QIAHc
d96D/bMjzMRlTcrCPG/t+2dLmIPcvAOGGlUQDnGsfrJMSp6GLMRJJusXiMqhMQLY
cUTHvVMR0mP3NltWjk8ZWYZHfJJ6wzhGshasdFUwJiB7/SHeU2HbS5gFiW54kcgT
IRdRMXlK2bWxepqbKatk0xsNE8FpCtWo5VSZH+d+ysJ1+BB91ef2/vQuomDVeE6J
Cd79uVkIiJmh+bmc1Xu3r+VPbF4=
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:28:37 2025 by rpki-client