Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft
File: 2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft (raw, json)
Hash identifier: boAzNgQiG4AwI2Ae0jUJcXMZyylIV8kci96GKrEoQPk=
Subject key identifier: DB:95:FB:87:37:A8:81:A6:96:B5:CD:C7:2C:C2:88:90:8B:E4:1D:50
Authority key identifier: DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1
Certificate issuer: /CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1
Certificate serial: 086B
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft
Manifest number: 0854
Signing time: Sun 01 Mar 2026 16:29:14 +0000
Manifest this update: Sun 01 Mar 2026 16:29:14 +0000
Manifest next update: Sun 01 Mar 2026 22:29:14 +0000
Files and hashes: 1: 0ER4jMdxaZc8TtHdyMtb0Tt8wH4.roa (hash: OyqTw7UdQe7wf3n+Uzbs30m7FnEu/Oyfl7FMQebch84=)
2: 1QD9kVjRPFCJatRIwWROIBy8kVA.roa (hash: 8yUL/WPq3yLWhpQ6U2I4iSZV3rfZD+tNqromWAbFU2A=)
3: 2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl (hash: odbI5WGxr+zonWJxmenahIAh8WoLZ7UysMT+zfWJhAw=)
4: 4h8nPy8hJOHOAa-6OIJFbGy0Y3s.roa (hash: DB7h2YUI+Oio0qI5Nqa3BL07cl+qYyI5JCXOvTAAIKA=)
5: C6K3jC5XM9ASI6FKufijhi7adTg.roa (hash: u3XsDQJkYk2HyM52oU60Q0OQDYgDvEqy89GCu9/wm1o=)
6: DJTGjsyfob-daem2cuBLKXMPXu4.roa (hash: M4E1GeUXPpycDhV5NP95GP5xj7vcM1t0QAwwd9IHOtA=)
7: F9-agplvYbReLwEVvLXqsxs3-aE.roa (hash: wWH2qISgzTmkfxLxaoXYzF2y6aKSWvCtcm+iTvXKCgI=)
8: FsNjJzs1Yu8J3RzTy5_mOby8TFw.roa (hash: 6r4baApbFlPunzlUjPwIrxGY8Ee79UnFpHBGgAOA+To=)
9: HRTwxgISQAmHmdsgldlFy9VsDfE.roa (hash: g6WGfqvUj1zzde8Rhwh8PepCNVDdY2F4smGEucl/PgY=)
10: HVWLPpvTveXfFw_tmXwJ2SYZ4Y4.roa (hash: qdU4Yq4NVuIp5c9Pca8DjLQ7oTJyTbwH9SDB0ouV5VU=)
11: I2TJPU72SpSJBAm_wQfPP-piEeg.roa (hash: 6pXkzBsFD6PhVp7wOtmgLqSyacRrKRLWCWMnHXBLGW8=)
12: UgW99oa8FvERx8BX7lrm-6FWEOE.roa (hash: w1HTgwfnTWC81wVgKs+vXq8ga2BzDZ9rHWI5XJm9mvk=)
13: Y8kgU48kiNGqzq2nK5O5WiksDSk.roa (hash: 07wZbAajdfbJQDwAmVTQXXjUMgif2AwVmPfdEekWRyA=)
14: aV7Ri-lUYzB8dhFblTd71eGtEEg.roa (hash: CFuKIxDGpbjtt0HUmXbA/K6k/ZpYa3Z3aMgKu5AtAPY=)
15: ckh1WTl4f1_gVSLhSUBk8RsfFi4.roa (hash: 5queQWpVBXn7exbHvpky1MLt+h9a11+sZq2dFGFxGkw=)
16: nbePnKzqWYXckdwHzmenc50MYCw.roa (hash: C7r8zvcAPxto9wXb2DRqahJYPDZzJ5zBLJ1sGPIzvcA=)
17: qW6Bv7uoL_195H1MB_jChMWMSvo.roa (hash: AnbkRBuOTQcpm4hcUi0EemyrsDvNd2UATJd1hS1A14Q=)
18: tKqDxDPGtgTgElv65DlcSr-X_T4.roa (hash: cHCd9pprNMNd8KhcFuXBWl+YG4k0Bv7a9xzKCVTOqlg=)
19: wAnT0H3Exwuh0puPOa84PkUo7jw.roa (hash: 9bqRSUm0pia4VbU9iB77Hvh6P5hej4AYTWlO3ngwdEw=)
20: zCAu8bQkxhNq1UyLI-UHPkMUgi0.roa (hash: rkNIbIaIMcy8iXZo7RC1Aj8Owgsiv0QiyLgPgoyEC/k=)
21: zDsF_ocr-Vhn7g0PuK3Nfa0PpnQ.roa (hash: ACjLAHtSQnr5lM2TkMPAk5riK/6jJk80g1efX+v02Dw=)
22: zr0OFwbZ2F5cmZc-6VFRH2avvFg.roa (hash: PVklNp9GSoeIuS+Ad4ZbIw0p9RPoglbHk2bAgL58PbU=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2155 (0x86b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1
Validity
Not Before: Mar 1 16:29:14 2026 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=DB95FB8737A881A696B5CDC72CC288908BE41D50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e9:7d:c0:59:21:5f:82:8b:b4:e8:c7:3a:d8:
ad:f4:27:ab:b2:5e:43:7d:45:18:3d:70:51:e1:fc:
6c:0e:7d:48:91:30:42:39:d5:ce:a6:ff:f9:8f:60:
b1:49:8d:39:1e:f1:4e:54:f5:2c:ee:3c:bb:8d:11:
17:af:8f:ce:09:4c:47:59:d5:a6:35:73:48:c7:5e:
33:39:dc:c0:64:58:a1:eb:5f:d5:67:6a:58:9e:37:
34:57:4d:d8:ec:a3:a4:51:85:f4:ba:18:f6:0d:98:
bf:0e:d3:2a:22:ed:ce:5d:ee:71:18:80:ae:9d:a2:
9c:dc:58:bc:a9:2f:83:e5:b6:b7:3e:aa:ad:db:85:
2a:c2:f6:a6:b7:98:11:91:e4:6e:9b:ea:02:52:10:
e7:f8:4a:cd:91:9b:47:0f:3c:aa:88:25:be:d2:12:
90:3f:ce:f8:a1:cd:d4:0c:a0:54:0b:71:59:1b:88:
b3:91:84:2c:2a:67:68:5d:7b:4f:dd:5f:05:bc:74:
42:b9:73:00:90:c5:44:0e:c9:66:4b:90:75:50:6c:
d2:29:c5:48:85:ff:bf:87:81:fb:6f:ac:61:cc:e1:
b4:5e:a4:1d:a4:d6:57:55:9b:68:0b:67:8a:05:e6:
ac:19:ec:7d:9b:51:c9:52:1d:aa:e3:54:71:23:61:
49:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:95:FB:87:37:A8:81:A6:96:B5:CD:C7:2C:C2:88:90:8B:E4:1D:50
X509v3 Authority Key Identifier:
keyid:DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
06:be:cc:ba:e3:41:41:a1:ad:b6:98:66:a3:b9:ec:10:f9:10:
10:86:c0:ec:4a:f1:01:2e:12:b6:c7:b4:9e:c9:47:17:da:ca:
11:22:68:4f:49:e1:97:84:f5:df:ad:d7:64:a0:33:ff:f6:dd:
d9:43:a8:8b:bc:00:51:2e:54:f4:d2:17:35:5f:69:44:fa:a1:
13:09:8f:ca:02:08:ce:d3:95:56:72:80:26:c1:23:68:a8:c8:
75:7c:c5:0f:22:7a:63:41:d1:df:05:ea:ac:1f:47:96:e3:7b:
fc:dd:73:0c:52:61:12:2d:5e:36:a6:82:64:52:30:21:ee:ce:
d0:51:e5:3a:b6:e3:1c:52:b6:16:ff:a9:b3:88:3f:e6:e1:9c:
b8:c0:e8:ff:30:29:bf:2c:e9:d8:9a:8c:55:5d:b4:b4:d9:d6:
e6:bb:04:5a:5f:11:2f:8a:2e:40:92:72:12:da:cd:24:64:e4:
2d:e6:ee:a8:c9:20:ee:a8:5c:1d:b4:84:72:d0:97:4b:be:83:
95:11:b8:15:8b:68:da:1a:00:46:bd:d1:2e:1e:fa:26:58:bd:
2e:ec:4f:28:9a:f1:05:dc:43:0a:f2:f4:b3:57:ad:bf:dd:1c:
b2:55:ed:dd:63:59:04:30:be:f4:81:89:07:87:4e:05:22:4f:
37:c5:b0:78
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgICCGswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREEx
REFCRUNGMTk0NURGRjUzQjYyMEUwQjZDNDEwRTkxRTQ0NzFCMTAeFw0yNjAzMDEx
NjI5MTRaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKERCOTVGQjg3MzdBODgx
QTY5NkI1Q0RDNzJDQzI4ODkwOEJFNDFENTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH6X3AWSFfgou06Mc62K30J6uyXkN9RRg9cFHh/GwOfUiRMEI5
1c6m//mPYLFJjTke8U5U9SzuPLuNERevj84JTEdZ1aY1c0jHXjM53MBkWKHrX9Vn
alieNzRXTdjso6RRhfS6GPYNmL8O0yoi7c5d7nEYgK6dopzcWLypL4Pltrc+qq3b
hSrC9qa3mBGR5G6b6gJSEOf4Ss2Rm0cPPKqIJb7SEpA/zvihzdQMoFQLcVkbiLOR
hCwqZ2hde0/dXwW8dEK5cwCQxUQOyWZLkHVQbNIpxUiF/7+HgftvrGHM4bRepB2k
1ldVm2gLZ4oF5qwZ7H2bUclSHarjVHEjYUm7AgMBAAGjggIIMIICBDAdBgNVHQ4E
FgQU25X7hzeogaaWtc3HLMKIkIvkHVAwHwYDVR0jBBgwFoAU2h2r7PGUXf9TtiDg
tsQQ6R5EcbEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTIv
MmgycjdQR1VYZjlUdGlEZ3RzUVE2UjVFY2JFLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC8yaDJyN1BHVVhmOVR0aURndHNRUTZSNUVjYkUuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81Mi8yaDJyN1BHVVhmOVR0aURn
dHNRUTZSNUVjYkUubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYIKwYB
BQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOCAQEA
Br7MuuNBQaGttphmo7nsEPkQEIbA7ErxAS4Stse0nslHF9rKESJoT0nhl4T1363X
ZKAz//bd2UOoi7wAUS5U9NIXNV9pRPqhEwmPygIIztOVVnKAJsEjaKjIdXzFDyJ6
Y0HR3wXqrB9HluN7/N1zDFJhEi1eNqaCZFIwIe7O0FHlOrbjHFK2Fv+ps4g/5uGc
uMDo/zApvyzp2JqMVV20tNnW5rsEWl8RL4ouQJJyEtrNJGTkLebuqMkg7qhcHbSE
ctCXS76DlRG4FYto2hoARr3RLh76Jli9LuxPKJrxBdxDCvL0s1etv90cslXt3WNZ
BDC+9IGJB4dOBSJPN8WweA==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:56:04 2026 by rpki-client