Manifest

$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft
File:                     fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft (raw, json)
Hash identifier:          TM7wMusIDTgygaM7CDUtMkSTiH9PEF3PyQpTdHlJcb4=
Subject key identifier:   EC:D1:84:15:3C:40:20:3B:AB:D9:6D:98:CF:4D:A7:4F:5A:41:A1:0E
Authority key identifier: 7E:40:AE:90:01:00:E2:B9:7B:31:CE:00:69:02:F3:1E:7D:1D:2A:F2
Certificate issuer:       /CN=7E40AE900100E2B97B31CE006902F31E7D1D2AF2
Certificate serial:       23CA
Authority info access:    rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer
Subject info access:      rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft
Manifest number:          23B8
Signing time:             Sun 01 Mar 2026 16:29:36 +0000
Manifest this update:     Sun 01 Mar 2026 16:29:36 +0000
Manifest next update:     Sun 01 Mar 2026 22:29:36 +0000
Files and hashes:         1: 1D2UmyE5-gCb0damhvuEDH8YtAY.roa (hash: AMmfBM3qaK1itXqyZ4SgnT4JGnqlgrL/Gh5C0EIxR5E=)
                          2: CiBAH9JduuLsmuuCF8EVZqj7e_Y.roa (hash: bd7DjAkds7VcKmf/Fltkc6yJTfqF8NsglOW0Ic2RF7A=)
                          3: fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl (hash: zmwuCFzIbMLvW0sEqflIukb7mKZVv2YB2GO88Hxy9Xw=)
                          4: i1vcqehnPWMsGkHyBt_JD5k4A6s.roa (hash: 7Vby9l7O2UfOHc1jCfza0GDpjmXF68GhT4vaR2Ve+lE=)
                          5: imU9bcBr7hgyeXFqfTZmnAeJlhU.roa (hash: PY4enp06hDmmPvbNRcj0KK93xTkmT6kRWJIbjK/rHGs=)
                          6: ql9qcTEflj32Qvouuf74e7XIVH0.roa (hash: J5GlJW+RyK4nchWDPsGIHuSYVc8CVW/wpZ54lJLJtnA=)
                          7: xhyJQ6fLIljnRE3vjXjVdtzD-60.roa (hash: pw3KaKc1CqxoWC2rbY7xD+pjw8LfXPIJcNclxnFFohI=)
Validation:               Failed, CRL has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9162 (0x23ca)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7E40AE900100E2B97B31CE006902F31E7D1D2AF2
        Validity
            Not Before: Mar  1 16:29:36 2026 GMT
            Not After : Jan  9 08:23:18 2027 GMT
        Subject: CN=ECD184153C40203BABD96D98CF4DA74F5A41A10E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:46:8a:79:8e:44:18:25:d7:0b:96:bf:57:a5:
                    15:1a:7b:81:3e:c9:c4:7b:f4:40:ec:ed:3f:05:e5:
                    44:ec:31:55:56:2a:65:a2:aa:0b:5d:8b:8c:1f:b1:
                    b1:78:46:3d:1c:4d:7f:02:bb:8a:f0:a5:25:f5:59:
                    22:91:d6:a4:03:2d:ac:54:d7:2d:9b:3f:a1:15:5f:
                    be:f7:c0:1b:04:54:f4:e7:6a:e4:00:53:38:62:31:
                    2f:32:8c:b4:a6:cd:58:f3:aa:1d:97:9b:e5:2b:a4:
                    bd:42:98:18:08:dc:a2:fd:d0:80:41:98:8c:0c:97:
                    0c:3e:7c:6c:1f:0d:c3:71:ad:89:37:b7:a9:01:93:
                    4a:33:57:5a:44:6d:9c:bd:cd:63:9f:7b:a1:65:09:
                    34:c1:93:8f:6e:67:6e:4d:07:4a:dc:d1:4a:40:b4:
                    d7:e3:41:cc:00:a3:b3:e5:3e:e8:0f:e1:0a:74:02:
                    d6:79:f9:00:37:ea:8a:33:1a:42:4d:a5:c4:a5:e1:
                    21:3e:e3:bf:5b:4d:89:84:f1:9e:63:8a:a6:80:e5:
                    9c:46:da:9c:18:75:98:07:de:d8:58:27:f3:34:d7:
                    c3:c9:14:65:5d:3a:e7:30:f7:b6:fb:66:76:9c:86:
                    30:7c:9b:fc:ba:4f:9a:2f:ec:04:48:50:1f:36:d7:
                    44:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:D1:84:15:3C:40:20:3B:AB:D9:6D:98:CF:4D:A7:4F:5A:41:A1:0E
            X509v3 Authority Key Identifier:
                keyid:7E:40:AE:90:01:00:E2:B9:7B:31:CE:00:69:02:F3:1E:7D:1D:2A:F2

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft
                RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         71:91:a6:8c:c5:8f:e9:e3:75:2c:38:59:2f:75:bc:86:d7:92:
         44:9b:28:1d:d6:f2:4a:5b:fc:7c:09:db:0b:72:c3:11:1e:ca:
         e7:2c:44:e3:10:fc:63:f7:fe:ba:41:d7:a9:91:12:72:27:c1:
         3b:5d:0a:03:3e:ea:d1:e3:2e:e2:7b:d6:ed:a6:67:ee:61:74:
         44:66:e5:8b:be:c2:57:ba:f6:3f:98:0f:32:37:d2:a2:d3:ee:
         70:41:b8:a7:48:42:3b:99:55:48:33:4f:c5:37:03:77:d2:8f:
         ca:b1:e8:fe:3b:fb:03:4a:30:e1:b0:62:ee:bf:ca:98:f1:88:
         a6:64:ed:c7:82:46:30:dd:4c:cf:95:7c:ef:34:28:c7:ff:6e:
         3d:d8:9c:44:8b:b9:17:d6:69:d4:ab:92:34:94:50:bb:7b:29:
         12:5e:aa:bc:bd:30:49:27:08:68:eb:ef:4f:ff:f7:1d:f5:23:
         17:c3:c0:03:f2:0a:21:6d:9b:01:2b:72:8b:4e:ea:e0:a5:6a:
         61:c2:4d:2c:e5:c4:d4:3d:60:13:e1:48:37:1b:6f:49:e7:5f:
         52:c4:65:2a:6c:ac:40:45:8f:e7:27:6f:1e:0f:71:0c:06:d2:
         3f:c5:e3:20:19:15:80:fa:e3:1f:00:53:11:88:e7:3f:43:3f:
         df:b0:e9:af
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICI8owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0U0
MEFFOTAwMTAwRTJCOTdCMzFDRTAwNjkwMkYzMUU3RDFEMkFGMjAeFw0yNjAzMDEx
NjI5MzZaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEVDRDE4NDE1M0M0MDIw
M0JBQkQ5NkQ5OENGNERBNzRGNUE0MUExMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcRop5jkQYJdcLlr9XpRUae4E+ycR79EDs7T8F5UTsMVVWKmWi
qgtdi4wfsbF4Rj0cTX8Cu4rwpSX1WSKR1qQDLaxU1y2bP6EVX773wBsEVPTnauQA
UzhiMS8yjLSmzVjzqh2Xm+UrpL1CmBgI3KL90IBBmIwMlww+fGwfDcNxrYk3t6kB
k0ozV1pEbZy9zWOfe6FlCTTBk49uZ25NB0rc0UpAtNfjQcwAo7PlPugP4Qp0AtZ5
+QA36oozGkJNpcSl4SE+479bTYmE8Z5jiqaA5ZxG2pwYdZgH3thYJ/M018PJFGVd
Oucw97b7ZnachjB8m/y6T5ov7ARIUB8210TzAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQU7NGEFTxAIDur2W2Yz02nT1pBoQ4wHwYDVR0jBBgwFoAUfkCukAEA4rl7Mc4A
aQLzHn0dKvIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3
L2ZrQ3VrQUVBNHJsN01jNEFhUUx6SG4wZEt2SS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZmtDdWtBRUE0cmw3TWM0QWFRTHpIbjBkS3ZJLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3L2ZrQ3VrQUVBNHJsN01j
NEFhUUx6SG4wZEt2SS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQBxkaaMxY/p43UsOFkvdbyG15JEmygd1vJKW/x8CdsLcsMRHsrnLETjEPxj9/66
QdepkRJyJ8E7XQoDPurR4y7ie9btpmfuYXREZuWLvsJXuvY/mA8yN9Ki0+5wQbin
SEI7mVVIM0/FNwN30o/Ksej+O/sDSjDhsGLuv8qY8YimZO3HgkYw3UzPlXzvNCjH
/2492JxEi7kX1mnUq5I0lFC7eykSXqq8vTBJJwho6+9P//cd9SMXw8AD8gohbZsB
K3KLTurgpWphwk0s5cTUPWAT4Ug3G29J519SxGUqbKxARY/nJ28eD3EMBtI/xeMg
GRWA+uMfAFMRiOc/Qz/fsOmv
-----END CERTIFICATE-----