Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft
File: zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft (raw, json)
Hash identifier: q4kPCgCjrLHF+brkPb7oBQJaw/ctseyxRE82+G5QEV4=
Subject key identifier: 21:38:FF:FC:8A:F5:9D:1A:AB:0D:F9:2B:BB:31:E2:3E:8A:CC:52:93
Authority key identifier: CC:A3:A7:1D:32:66:EE:BF:E6:F1:89:DE:EE:42:9E:A9:E0:43:A4:E7
Certificate issuer: /CN=CCA3A71D3266EEBFE6F189DEEE429EA9E043A4E7
Certificate serial: 1597
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft
Manifest number: 1597
Signing time: Sat 21 Jun 2025 06:13:10 +0000
Manifest this update: Sat 21 Jun 2025 06:13:10 +0000
Manifest next update: Sat 21 Jun 2025 12:13:10 +0000
Files and hashes: 1: zKOnHTJm7r_m8Yne7kKeqeBDpOc.crl (hash: 1hYnhoeNDYiUJHdyTzAZ+G1f8lFDe2ZTb0Np4oK+EJs=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5527 (0x1597)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCA3A71D3266EEBFE6F189DEEE429EA9E043A4E7
Validity
Not Before: Jun 21 06:13:10 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=2138FFFC8AF59D1AAB0DF92BBB31E23E8ACC5293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:23:a3:31:f7:55:c2:81:3d:f1:f6:5d:15:b4:
1c:43:09:ec:a0:49:5e:74:40:a7:c8:4a:c8:bb:71:
1b:db:d5:a9:40:3b:f9:7a:60:6a:bb:84:8c:51:9c:
fe:7a:94:61:a4:f6:5f:c7:c6:5e:9d:97:39:8a:71:
be:e4:c6:0d:a5:d1:de:2a:1c:c3:56:fa:da:29:1a:
fe:fb:49:f9:53:27:ee:40:8d:5b:50:2b:d7:af:3e:
4a:d9:36:ac:b3:f0:62:77:a9:2e:7e:07:bb:41:bd:
b5:35:4a:bc:bd:78:35:13:4a:3e:15:d6:9e:13:58:
bc:70:dd:fe:d2:ae:58:24:09:50:97:95:3f:53:4f:
07:dd:0e:e6:d8:14:4e:01:94:d5:4b:a4:ad:da:e6:
a7:e6:9f:1c:ca:47:f9:1f:38:a2:fe:ff:a1:f0:41:
91:c9:8f:e5:07:9c:e9:49:33:3b:53:d7:d0:ef:91:
64:53:a6:d6:e4:9f:a7:52:cd:51:5a:b8:4f:eb:b6:
da:9a:d3:f9:4d:de:9b:43:04:d8:ad:ed:50:c6:ff:
08:c4:a6:24:7e:4a:cb:72:5f:cf:6d:5c:8b:e4:34:
6e:1b:86:20:29:b7:e2:91:7f:ec:20:48:d0:e2:45:
4a:96:bf:b9:46:31:0f:1c:8b:b0:fe:e5:42:eb:fc:
2a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:38:FF:FC:8A:F5:9D:1A:AB:0D:F9:2B:BB:31:E2:3E:8A:CC:52:93
X509v3 Authority Key Identifier:
keyid:CC:A3:A7:1D:32:66:EE:BF:E6:F1:89:DE:EE:42:9E:A9:E0:43:A4:E7
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zKOnHTJm7r_m8Yne7kKeqeBDpOc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/473/zKOnHTJm7r_m8Yne7kKeqeBDpOc.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
13:8e:db:bb:72:be:1d:63:20:ca:b7:b2:37:33:8f:49:12:5d:
4d:fc:99:d6:db:a3:46:3d:32:d8:18:07:52:92:71:c7:9d:26:
d2:ca:cd:f0:fb:d9:c4:cb:db:b2:ae:f7:ab:d8:86:af:99:1c:
13:47:ad:0f:18:38:95:a5:2d:64:2b:43:27:59:55:97:8a:d3:
b0:bc:ce:18:cc:cb:0d:e6:23:ad:51:de:5d:ad:d9:b5:98:ba:
30:a3:1d:c3:67:20:54:31:f6:1c:bc:e4:08:40:1d:05:05:34:
c2:9f:7e:f0:23:d7:0e:43:80:c8:82:01:e4:cb:78:23:7d:cc:
86:7b:f0:52:fc:80:e6:31:5e:97:f0:5b:7d:55:b3:08:8f:21:
8c:af:e8:8d:52:f6:f0:87:00:fd:d3:ca:b3:11:60:8e:4a:27:
7e:df:8a:73:f3:d6:e9:73:60:ab:da:e6:0f:18:bb:3f:c9:ae:
bb:51:78:a6:db:ee:ab:60:03:1f:00:34:f0:c4:1b:a3:85:c0:
02:9e:9d:e5:66:28:2c:91:a6:af:e6:a8:12:2b:7e:75:0b:75:
1b:d0:67:fa:b3:a5:4c:b7:00:c5:f2:79:f2:df:a1:79:f5:32:
5f:45:32:9e:d0:ca:ba:ef:05:19:95:18:52:3f:69:6b:cd:b4:
ce:ca:20:57
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICFZcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NB
M0E3MUQzMjY2RUVCRkU2RjE4OURFRUU0MjlFQTlFMDQzQTRFNzAeFw0yNTA2MjEw
NjEzMTBaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDIxMzhGRkZDOEFGNTlE
MUFBQjBERjkyQkJCMzFFMjNFOEFDQzUyOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaI6Mx91XCgT3x9l0VtBxDCeygSV50QKfISsi7cRvb1alAO/l6
YGq7hIxRnP56lGGk9l/Hxl6dlzmKcb7kxg2l0d4qHMNW+topGv77SflTJ+5AjVtQ
K9evPkrZNqyz8GJ3qS5+B7tBvbU1Sry9eDUTSj4V1p4TWLxw3f7SrlgkCVCXlT9T
TwfdDubYFE4BlNVLpK3a5qfmnxzKR/kfOKL+/6HwQZHJj+UHnOlJMztT19DvkWRT
ptbkn6dSzVFauE/rttqa0/lN3ptDBNit7VDG/wjEpiR+SstyX89tXIvkNG4bhiAp
t+KRf+wgSNDiRUqWv7lGMQ8ci7D+5ULr/CpfAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQUITj//Ir1nRqrDfkruzHiPorMUpMwHwYDVR0jBBgwFoAUzKOnHTJm7r/m8Yne
7kKeqeBDpOcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDcz
L3pLT25IVEptN3JfbThZbmU3a0tlcWVCRHBPYy5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvektPbkhUSm03cl9tOFluZTdrS2VxZUJEcE9jLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDczL3pLT25IVEptN3JfbThZ
bmU3a0tlcWVCRHBPYy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQATjtu7cr4dYyDKt7I3M49JEl1N/JnW26NGPTLYGAdSknHHnSbSys3w+9nEy9uy
rver2IavmRwTR60PGDiVpS1kK0MnWVWXitOwvM4YzMsN5iOtUd5drdm1mLowox3D
ZyBUMfYcvOQIQB0FBTTCn37wI9cOQ4DIggHky3gjfcyGe/BS/IDmMV6X8Ft9VbMI
jyGMr+iNUvbwhwD908qzEWCOSid+34pz89bpc2Cr2uYPGLs/ya67UXim2+6rYAMf
ADTwxBujhcACnp3lZigskaav5qgSK351C3Ub0Gf6s6VMtwDF8nny36F59TJfRTKe
0Mq67wUZlRhSP2lrzbTOyiBX
-----END CERTIFICATE-----
Generated at Sat Jun 21 12:57:51 2025 by rpki-client