Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft
File: zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft (raw, json)
Hash identifier: 0ktk34I/pQNKgMbCOtShMxckEFad9XGFiCnCZqcHSLA=
Subject key identifier: D9:0F:49:1C:61:59:31:CF:27:C8:24:A9:36:F3:B6:68:54:9D:CB:5A
Authority key identifier: CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34
Certificate issuer: /CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434
Certificate serial: 1A59
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft
Manifest number: 1A46
Signing time: Wed 05 Nov 2025 10:16:06 +0000
Manifest this update: Wed 05 Nov 2025 10:16:06 +0000
Manifest next update: Wed 05 Nov 2025 16:16:06 +0000
Files and hashes: 1: 4h-LRt98vDXOaWTvbULeZ6UN1Bo.roa (hash: ok9VRiaU8zGdubEx8U4bFwcbntxv+qOMj38yML8Z3+4=)
2: RlRL4KZJS1S-LvgS5fqfgwnlzBM.roa (hash: UrlXEeAgie4ovsfXf8HEj900Xbst7Ejer/YtzxZsYB4=)
3: x5QVZDphAkH7CzFBCzLgL2MjOd0.roa (hash: 6A34zx0W2QnUlb/xF7z1XN5nspBMkkv6MUauraQMbQQ=)
4: zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl (hash: HKjT0UVFJJZ/pDRcb3i7lUbqWFNM3dxiw7DojrbPqbs=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6745 (0x1a59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CE0A9CB02937B57DCE66A17FB84216D7ABE76434
Validity
Not Before: Nov 5 10:16:06 2025 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=D90F491C615931CF27C824A936F3B668549DCB5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d1:3e:5a:ef:50:5a:1d:e9:df:e4:0a:b7:2a:
45:ed:fd:04:a8:d5:a9:7d:29:4c:81:11:c0:d7:7d:
41:02:eb:96:ff:7e:da:03:56:0c:33:37:34:88:32:
a0:11:1a:fe:a2:b0:00:b8:64:0e:e6:69:2d:b5:fe:
39:19:18:9f:72:e1:f3:94:29:a8:8c:38:3d:32:af:
42:5b:b8:a2:9b:1b:5a:59:4b:d5:b7:58:3f:b8:55:
5b:1a:47:8b:16:29:24:22:ae:d0:08:9c:d3:fd:be:
77:4e:c5:e8:bd:60:8b:2c:76:93:92:b0:c7:e7:d0:
30:fc:6b:fe:24:2f:00:59:7b:b8:fc:34:ef:ec:b0:
12:f9:0b:5c:e3:ab:a5:d2:04:c1:f8:02:e7:c7:45:
42:17:c4:26:bb:03:1d:e3:a7:6f:1d:b0:52:b4:61:
c3:45:17:5a:4e:40:de:02:17:cc:37:e7:fe:fb:2d:
d8:97:70:9e:8c:2c:67:ac:ee:01:df:d4:4d:35:cf:
de:19:5f:05:b4:c2:67:7c:e8:3f:2d:54:51:fe:8f:
90:c2:9b:2d:e2:8a:d8:b5:f7:f8:68:6f:ef:6e:f8:
a7:50:1d:92:0c:f7:8b:2a:04:6d:0b:43:0e:e5:ad:
86:c9:ea:2f:4a:15:f8:ff:e8:6d:f2:de:67:ed:76:
15:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:0F:49:1C:61:59:31:CF:27:C8:24:A9:36:F3:B6:68:54:9D:CB:5A
X509v3 Authority Key Identifier:
keyid:CE:0A:9C:B0:29:37:B5:7D:CE:66:A1:7F:B8:42:16:D7:AB:E7:64:34
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zgqcsCk3tX3OZqF_uEIW16vnZDQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/357/zgqcsCk3tX3OZqF_uEIW16vnZDQ.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
64:19:ae:aa:2f:10:64:54:3b:0d:c6:16:84:55:d1:7c:f5:ae:
4c:23:d5:e7:71:ad:be:a1:2a:d6:c4:1f:ea:25:d9:52:48:57:
b8:fd:cb:01:5f:0b:7b:c7:21:6d:f8:75:cb:be:e4:9d:cd:10:
d8:68:0e:a5:09:97:d4:0c:64:51:ab:1f:43:bb:8e:99:10:3a:
1b:c5:cd:bd:8e:c6:ea:98:75:49:fd:9e:7d:7d:e6:99:57:ef:
2b:1c:a7:3e:d6:34:0d:10:8b:3e:d0:b7:72:9a:e6:e0:fb:0f:
eb:01:b6:4e:7a:0a:68:db:58:ac:0f:94:80:25:b9:cd:b9:d2:
d5:24:2c:15:87:dc:9b:37:aa:92:1e:0b:ac:37:d0:b7:7c:af:
6a:31:b0:3e:48:b1:1c:06:e3:83:b9:95:20:04:01:be:9e:ad:
90:84:e4:f4:0f:b7:51:6e:41:24:f9:9e:fd:eb:5e:00:07:10:
e7:da:15:97:5f:02:51:de:07:01:18:db:0b:2c:8e:95:91:3e:
46:cf:c4:95:92:2e:f8:6f:23:bc:90:bc:25:38:c3:e3:9e:03:
10:bb:9f:df:21:0c:40:75:82:b5:6a:6a:41:11:69:47:ee:1b:
ca:36:90:5c:39:d8:35:6b:4c:8f:37:b8:cc:67:42:8e:35:f6:
83:3c:ad:26
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICGlkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Uw
QTlDQjAyOTM3QjU3RENFNjZBMTdGQjg0MjE2RDdBQkU3NjQzNDAeFw0yNTExMDUx
MDE2MDZaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEQ5MEY0OTFDNjE1OTMx
Q0YyN0M4MjRBOTM2RjNCNjY4NTQ5RENCNUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC10T5a71BaHenf5Aq3KkXt/QSo1al9KUyBEcDXfUEC65b/ftoD
VgwzNzSIMqARGv6isAC4ZA7maS21/jkZGJ9y4fOUKaiMOD0yr0JbuKKbG1pZS9W3
WD+4VVsaR4sWKSQirtAInNP9vndOxei9YIssdpOSsMfn0DD8a/4kLwBZe7j8NO/s
sBL5C1zjq6XSBMH4AufHRUIXxCa7Ax3jp28dsFK0YcNFF1pOQN4CF8w35/77LdiX
cJ6MLGes7gHf1E01z94ZXwW0wmd86D8tVFH+j5DCmy3iiti19/hob+9u+KdQHZIM
94sqBG0LQw7lrYbJ6i9KFfj/6G3y3mftdhUJAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQU2Q9JHGFZMc8nyCSpNvO2aFSdy1owHwYDVR0jBBgwFoAUzgqcsCk3tX3OZqF/
uEIW16vnZDQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3
L3pncWNzQ2szdFgzT1pxRl91RUlXMTZ2blpEUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvemdxY3NDazN0WDNPWnFGX3VFSVcxNnZuWkRRLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzU3L3pncWNzQ2szdFgzT1px
Rl91RUlXMTZ2blpEUS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQBkGa6qLxBkVDsNxhaEVdF89a5MI9Xnca2+oSrWxB/qJdlSSFe4/csBXwt7xyFt
+HXLvuSdzRDYaA6lCZfUDGRRqx9Du46ZEDobxc29jsbqmHVJ/Z59feaZV+8rHKc+
1jQNEIs+0Ldymubg+w/rAbZOegpo21isD5SAJbnNudLVJCwVh9ybN6qSHgusN9C3
fK9qMbA+SLEcBuODuZUgBAG+nq2QhOT0D7dRbkEk+Z79614ABxDn2hWXXwJR3gcB
GNsLLI6VkT5Gz8SVki74byO8kLwlOMPjngMQu5/fIQxAdYK1ampBEWlH7hvKNpBc
Odg1a0yPN7jMZ0KONfaDPK0m
-----END CERTIFICATE-----
Generated at Wed Nov 5 15:05:18 2025 by rpki-client