Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft
File: 2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft (raw, json)
Hash identifier: GStQXZIzrFySauRvQ0sXhEJLPL7Zpf5ZG+39sa2+/u4=
Subject key identifier: DB:95:FB:87:37:A8:81:A6:96:B5:CD:C7:2C:C2:88:90:8B:E4:1D:50
Authority key identifier: DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1
Certificate issuer: /CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1
Certificate serial: 036F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft
Manifest number: 036D
Signing time: Thu 19 Jun 2025 20:23:11 +0000
Manifest this update: Thu 19 Jun 2025 20:23:11 +0000
Manifest next update: Fri 20 Jun 2025 02:23:11 +0000
Files and hashes: 1: 2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl (hash: 8eBqAqeIXzBzgBMTFsLVR5e0ipYxS6ojic6Uk3r9bUA=)
2: 4rIKi71cnPKiZ6le-I8T__5k1N4.roa (hash: tNGI77V6KgBy/gmuuKH73UZZqJT4nL9iHPvyEDnpdTU=)
3: NENwW-YjXqfqZoRO7e6IVtyfJno.roa (hash: shhp8XTqqPaxGVCmML4kyHBJcfox3b9DaUPiLypqy38=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 879 (0x36f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1
Validity
Not Before: Jun 19 20:23:11 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=DB95FB8737A881A696B5CDC72CC288908BE41D50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e9:7d:c0:59:21:5f:82:8b:b4:e8:c7:3a:d8:
ad:f4:27:ab:b2:5e:43:7d:45:18:3d:70:51:e1:fc:
6c:0e:7d:48:91:30:42:39:d5:ce:a6:ff:f9:8f:60:
b1:49:8d:39:1e:f1:4e:54:f5:2c:ee:3c:bb:8d:11:
17:af:8f:ce:09:4c:47:59:d5:a6:35:73:48:c7:5e:
33:39:dc:c0:64:58:a1:eb:5f:d5:67:6a:58:9e:37:
34:57:4d:d8:ec:a3:a4:51:85:f4:ba:18:f6:0d:98:
bf:0e:d3:2a:22:ed:ce:5d:ee:71:18:80:ae:9d:a2:
9c:dc:58:bc:a9:2f:83:e5:b6:b7:3e:aa:ad:db:85:
2a:c2:f6:a6:b7:98:11:91:e4:6e:9b:ea:02:52:10:
e7:f8:4a:cd:91:9b:47:0f:3c:aa:88:25:be:d2:12:
90:3f:ce:f8:a1:cd:d4:0c:a0:54:0b:71:59:1b:88:
b3:91:84:2c:2a:67:68:5d:7b:4f:dd:5f:05:bc:74:
42:b9:73:00:90:c5:44:0e:c9:66:4b:90:75:50:6c:
d2:29:c5:48:85:ff:bf:87:81:fb:6f:ac:61:cc:e1:
b4:5e:a4:1d:a4:d6:57:55:9b:68:0b:67:8a:05:e6:
ac:19:ec:7d:9b:51:c9:52:1d:aa:e3:54:71:23:61:
49:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:95:FB:87:37:A8:81:A6:96:B5:CD:C7:2C:C2:88:90:8B:E4:1D:50
X509v3 Authority Key Identifier:
keyid:DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
99:77:ab:51:3f:5a:63:2d:81:8b:ab:e2:d8:fc:5f:8f:55:43:
ae:e3:ab:07:30:d6:ef:ee:a2:46:bd:da:f6:56:81:61:44:15:
f2:f2:bb:a7:8c:0f:e4:da:f3:49:39:35:b3:1c:c5:d4:3c:a0:
b2:8f:40:69:23:04:85:ca:e4:b6:a6:8d:a9:20:43:ab:f4:e2:
c0:b8:3e:19:f4:c0:b7:f5:56:35:c1:bd:b7:68:1e:01:37:db:
5c:9f:d1:2f:06:50:c5:33:df:2a:a4:cb:99:37:cd:70:81:b4:
0a:d4:b0:31:a7:73:eb:a4:f2:57:d6:12:e7:47:c1:52:6a:ab:
2f:0c:da:86:ae:b7:d3:e2:21:7c:c5:8c:33:2f:f6:31:ae:9e:
ab:9b:8f:9c:30:ac:dc:73:8b:eb:29:1f:ef:48:9f:ce:43:04:
75:0a:19:5a:65:b9:36:50:2d:e3:75:46:eb:7e:3e:8e:5c:33:
6f:d4:26:08:a1:7f:53:fd:b9:1e:c8:51:b8:7e:4b:75:b1:06:
ce:a9:9e:93:46:7a:88:e1:2c:6d:8b:c6:2c:6c:6a:8b:4d:20:
f0:ca:88:ed:77:24:f1:cd:42:ba:b7:c6:1c:ce:0e:a6:22:cd:
af:1d:55:c9:cb:bc:e2:c0:df:81:74:4b:87:4e:aa:bd:af:3b:
eb:d6:2a:96
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgICA28wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREEx
REFCRUNGMTk0NURGRjUzQjYyMEUwQjZDNDEwRTkxRTQ0NzFCMTAeFw0yNTA2MTky
MDIzMTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKERCOTVGQjg3MzdBODgx
QTY5NkI1Q0RDNzJDQzI4ODkwOEJFNDFENTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH6X3AWSFfgou06Mc62K30J6uyXkN9RRg9cFHh/GwOfUiRMEI5
1c6m//mPYLFJjTke8U5U9SzuPLuNERevj84JTEdZ1aY1c0jHXjM53MBkWKHrX9Vn
alieNzRXTdjso6RRhfS6GPYNmL8O0yoi7c5d7nEYgK6dopzcWLypL4Pltrc+qq3b
hSrC9qa3mBGR5G6b6gJSEOf4Ss2Rm0cPPKqIJb7SEpA/zvihzdQMoFQLcVkbiLOR
hCwqZ2hde0/dXwW8dEK5cwCQxUQOyWZLkHVQbNIpxUiF/7+HgftvrGHM4bRepB2k
1ldVm2gLZ4oF5qwZ7H2bUclSHarjVHEjYUm7AgMBAAGjggIIMIICBDAdBgNVHQ4E
FgQU25X7hzeogaaWtc3HLMKIkIvkHVAwHwYDVR0jBBgwFoAU2h2r7PGUXf9TtiDg
tsQQ6R5EcbEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTIv
MmgycjdQR1VYZjlUdGlEZ3RzUVE2UjVFY2JFLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC8yaDJyN1BHVVhmOVR0aURndHNRUTZSNUVjYkUuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81Mi8yaDJyN1BHVVhmOVR0aURn
dHNRUTZSNUVjYkUubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYIKwYB
BQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOCAQEA
mXerUT9aYy2Bi6vi2Pxfj1VDruOrBzDW7+6iRr3a9laBYUQV8vK7p4wP5NrzSTk1
sxzF1Dygso9AaSMEhcrktqaNqSBDq/TiwLg+GfTAt/VWNcG9t2geATfbXJ/RLwZQ
xTPfKqTLmTfNcIG0CtSwMadz66TyV9YS50fBUmqrLwzahq630+IhfMWMMy/2Ma6e
q5uPnDCs3HOL6ykf70ifzkMEdQoZWmW5NlAt43VG634+jlwzb9QmCKF/U/25HshR
uH5LdbEGzqmek0Z6iOEsbYvGLGxqi00g8MqI7Xck8c1CurfGHM4OpiLNrx1Vycu8
4sDfgXRLh06qva8769Yqlg==
-----END CERTIFICATE-----
Generated at Fri Jun 20 02:58:18 2025 by rpki-client