Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft
File: fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft (raw, json)
Hash identifier: UeLMucBSplxw/e8i0rNaoXVdrc3pgQvRZskCUDue2os=
Subject key identifier: EC:D1:84:15:3C:40:20:3B:AB:D9:6D:98:CF:4D:A7:4F:5A:41:A1:0E
Authority key identifier: 7E:40:AE:90:01:00:E2:B9:7B:31:CE:00:69:02:F3:1E:7D:1D:2A:F2
Certificate issuer: /CN=7E40AE900100E2B97B31CE006902F31E7D1D2AF2
Certificate serial: 1EF1
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft
Manifest number: 1EDF
Signing time: Sun 22 Jun 2025 01:17:36 +0000
Manifest this update: Sun 22 Jun 2025 01:17:36 +0000
Manifest next update: Sun 22 Jun 2025 07:17:36 +0000
Files and hashes: 1: 1D2UmyE5-gCb0damhvuEDH8YtAY.roa (hash: AMmfBM3qaK1itXqyZ4SgnT4JGnqlgrL/Gh5C0EIxR5E=)
2: CiBAH9JduuLsmuuCF8EVZqj7e_Y.roa (hash: bd7DjAkds7VcKmf/Fltkc6yJTfqF8NsglOW0Ic2RF7A=)
3: fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl (hash: gJj0D98gWM9C4eanixtoaoK5YBD8wIl2IF2WapBVV80=)
4: i1vcqehnPWMsGkHyBt_JD5k4A6s.roa (hash: 7Vby9l7O2UfOHc1jCfza0GDpjmXF68GhT4vaR2Ve+lE=)
5: imU9bcBr7hgyeXFqfTZmnAeJlhU.roa (hash: PY4enp06hDmmPvbNRcj0KK93xTkmT6kRWJIbjK/rHGs=)
6: ql9qcTEflj32Qvouuf74e7XIVH0.roa (hash: J5GlJW+RyK4nchWDPsGIHuSYVc8CVW/wpZ54lJLJtnA=)
7: xhyJQ6fLIljnRE3vjXjVdtzD-60.roa (hash: pw3KaKc1CqxoWC2rbY7xD+pjw8LfXPIJcNclxnFFohI=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7921 (0x1ef1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7E40AE900100E2B97B31CE006902F31E7D1D2AF2
Validity
Not Before: Jun 22 01:17:36 2025 GMT
Not After : Apr 9 06:40:34 2026 GMT
Subject: CN=ECD184153C40203BABD96D98CF4DA74F5A41A10E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:46:8a:79:8e:44:18:25:d7:0b:96:bf:57:a5:
15:1a:7b:81:3e:c9:c4:7b:f4:40:ec:ed:3f:05:e5:
44:ec:31:55:56:2a:65:a2:aa:0b:5d:8b:8c:1f:b1:
b1:78:46:3d:1c:4d:7f:02:bb:8a:f0:a5:25:f5:59:
22:91:d6:a4:03:2d:ac:54:d7:2d:9b:3f:a1:15:5f:
be:f7:c0:1b:04:54:f4:e7:6a:e4:00:53:38:62:31:
2f:32:8c:b4:a6:cd:58:f3:aa:1d:97:9b:e5:2b:a4:
bd:42:98:18:08:dc:a2:fd:d0:80:41:98:8c:0c:97:
0c:3e:7c:6c:1f:0d:c3:71:ad:89:37:b7:a9:01:93:
4a:33:57:5a:44:6d:9c:bd:cd:63:9f:7b:a1:65:09:
34:c1:93:8f:6e:67:6e:4d:07:4a:dc:d1:4a:40:b4:
d7:e3:41:cc:00:a3:b3:e5:3e:e8:0f:e1:0a:74:02:
d6:79:f9:00:37:ea:8a:33:1a:42:4d:a5:c4:a5:e1:
21:3e:e3:bf:5b:4d:89:84:f1:9e:63:8a:a6:80:e5:
9c:46:da:9c:18:75:98:07:de:d8:58:27:f3:34:d7:
c3:c9:14:65:5d:3a:e7:30:f7:b6:fb:66:76:9c:86:
30:7c:9b:fc:ba:4f:9a:2f:ec:04:48:50:1f:36:d7:
44:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D1:84:15:3C:40:20:3B:AB:D9:6D:98:CF:4D:A7:4F:5A:41:A1:0E
X509v3 Authority Key Identifier:
keyid:7E:40:AE:90:01:00:E2:B9:7B:31:CE:00:69:02:F3:1E:7D:1D:2A:F2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fkCukAEA4rl7Mc4AaQLzHn0dKvI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/497/fkCukAEA4rl7Mc4AaQLzHn0dKvI.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
bf:dd:c2:3a:ab:72:94:9b:89:1f:46:fc:35:df:d3:65:95:b4:
43:31:06:57:72:52:c5:c2:9d:c2:f9:d7:ac:58:46:7d:ff:a2:
25:dc:d6:2f:a6:29:6f:79:18:46:05:8e:13:68:d2:24:e7:ac:
5c:a6:d5:b1:9a:b8:32:47:88:e2:1a:2f:8d:8c:f7:4e:e1:18:
ae:e2:bd:37:04:c1:b8:bf:5b:d6:ed:45:0e:5d:83:fc:0e:c6:
4b:7e:a2:60:e4:b8:49:9f:9e:a3:08:b6:d3:55:1e:85:78:19:
90:2c:c9:46:ef:b1:d4:34:b6:40:ab:d9:0c:4d:25:2f:3e:cd:
41:7b:56:84:6e:9d:b9:5d:2a:d3:2e:8c:ca:86:bc:16:d2:a3:
5e:2f:98:6e:1d:1f:18:50:bf:b4:ce:d9:19:a8:e8:ff:8c:15:
2c:42:28:7b:0b:7b:cc:a5:36:0b:ef:93:75:14:00:e7:76:2d:
47:88:88:2f:b9:43:fe:89:ff:e9:43:8f:bf:86:03:9b:de:97:
06:ec:b8:e9:e9:5e:d5:6c:79:9b:06:92:4c:e0:af:4c:95:cb:
f5:41:c0:2e:c6:65:15:32:b7:6d:72:fa:eb:38:df:b3:bb:97:
d2:cf:74:1c:9d:d7:3c:76:ae:73:a7:c6:e6:f7:a8:2c:89:29:
2d:07:02:df
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICHvEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0U0
MEFFOTAwMTAwRTJCOTdCMzFDRTAwNjkwMkYzMUU3RDFEMkFGMjAeFw0yNTA2MjIw
MTE3MzZaFw0yNjA0MDkwNjQwMzRaMDMxMTAvBgNVBAMTKEVDRDE4NDE1M0M0MDIw
M0JBQkQ5NkQ5OENGNERBNzRGNUE0MUExMEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcRop5jkQYJdcLlr9XpRUae4E+ycR79EDs7T8F5UTsMVVWKmWi
qgtdi4wfsbF4Rj0cTX8Cu4rwpSX1WSKR1qQDLaxU1y2bP6EVX773wBsEVPTnauQA
UzhiMS8yjLSmzVjzqh2Xm+UrpL1CmBgI3KL90IBBmIwMlww+fGwfDcNxrYk3t6kB
k0ozV1pEbZy9zWOfe6FlCTTBk49uZ25NB0rc0UpAtNfjQcwAo7PlPugP4Qp0AtZ5
+QA36oozGkJNpcSl4SE+479bTYmE8Z5jiqaA5ZxG2pwYdZgH3thYJ/M018PJFGVd
Oucw97b7ZnachjB8m/y6T5ov7ARIUB8210TzAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQU7NGEFTxAIDur2W2Yz02nT1pBoQ4wHwYDVR0jBBgwFoAUfkCukAEA4rl7Mc4A
aQLzHn0dKvIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3
L2ZrQ3VrQUVBNHJsN01jNEFhUUx6SG4wZEt2SS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvZmtDdWtBRUE0cmw3TWM0QWFRTHpIbjBkS3ZJLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDk3L2ZrQ3VrQUVBNHJsN01j
NEFhUUx6SG4wZEt2SS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQC/3cI6q3KUm4kfRvw139NllbRDMQZXclLFwp3C+desWEZ9/6Il3NYvpilveRhG
BY4TaNIk56xcptWxmrgyR4jiGi+NjPdO4Riu4r03BMG4v1vW7UUOXYP8DsZLfqJg
5LhJn56jCLbTVR6FeBmQLMlG77HUNLZAq9kMTSUvPs1Be1aEbp25XSrTLozKhrwW
0qNeL5huHR8YUL+0ztkZqOj/jBUsQih7C3vMpTYL75N1FADndi1HiIgvuUP+if/p
Q4+/hgOb3pcG7Ljp6V7VbHmbBpJM4K9Mlcv1QcAuxmUVMrdtcvrrON+zu5fSz3Qc
ndc8dq5zp8bm96gsiSktBwLf
-----END CERTIFICATE-----
Generated at Sun Jun 22 05:04:29 2025 by rpki-client