Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft
File: DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft (raw, json)
Hash identifier: nhavpwmi7lUAKtMh0oetke2J14oY1W7319C53cJEcYM=
Subject key identifier: 5C:64:82:33:F6:74:8F:CB:AC:F1:42:D4:6B:E9:6E:4F:03:96:2A:68
Authority key identifier: 0D:4A:3B:62:14:07:8C:A4:8E:66:F3:B8:C5:4F:1C:5F:DB:C9:DE:74
Certificate issuer: /CN=0D4A3B6214078CA48E66F3B8C54F1C5FDBC9DE74
Certificate serial: 219F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft
Manifest number: 219F
Signing time: Sun 01 Mar 2026 16:28:51 +0000
Manifest this update: Sun 01 Mar 2026 16:28:51 +0000
Manifest next update: Sun 01 Mar 2026 22:28:51 +0000
Files and hashes: 1: DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl (hash: owxWltRsm6tEc3NXl8UC1m4/Oz+GgyOX3JqjNbp93jc=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8607 (0x219f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0D4A3B6214078CA48E66F3B8C54F1C5FDBC9DE74
Validity
Not Before: Mar 1 16:28:51 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=5C648233F6748FCBACF142D46BE96E4F03962A68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:fe:be:28:bc:e8:92:51:ab:b2:1b:df:f9:86:
30:13:3c:b6:06:e1:aa:a8:65:99:2d:88:d4:d5:a3:
2c:7b:4d:1d:c6:03:6e:7b:0a:f9:be:24:d6:f4:e1:
6e:b9:73:f2:b9:37:30:dd:bc:a8:a5:ab:65:f0:72:
ce:42:40:b2:e4:57:09:70:ba:f6:02:ea:c4:5b:d3:
78:b0:f9:45:c2:43:eb:e5:6f:6f:ac:b9:71:a8:5f:
86:fb:bc:5a:40:fc:e7:34:21:96:7f:e9:53:a3:49:
69:21:42:4d:0e:f2:ec:b0:48:6c:4f:93:67:97:fc:
45:86:cd:e4:3b:13:a9:a7:46:9a:32:8c:44:3f:84:
21:18:21:86:30:e6:71:31:cc:47:0d:d7:8b:7c:a8:
9e:7d:70:74:56:4b:6c:92:9d:51:24:b9:7f:61:7f:
28:b6:69:8b:fe:29:be:33:2f:2a:87:b1:e5:76:a7:
8f:a3:72:7f:6d:e1:bf:8d:71:1b:dd:91:73:92:16:
3b:17:a6:7c:eb:47:39:aa:2b:65:0f:d0:94:82:33:
90:37:f4:32:d0:8c:72:86:17:12:4b:74:82:9b:32:
07:93:12:3b:c7:c5:84:c2:2f:71:47:aa:af:cc:4d:
17:7d:17:2f:12:e8:cb:84:ed:de:fd:d4:e1:03:45:
7b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:64:82:33:F6:74:8F:CB:AC:F1:42:D4:6B:E9:6E:4F:03:96:2A:68
X509v3 Authority Key Identifier:
keyid:0D:4A:3B:62:14:07:8C:A4:8E:66:F3:B8:C5:4F:1C:5F:DB:C9:DE:74
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
11:a3:9c:19:a0:59:96:93:e7:85:d1:89:90:50:cc:7f:de:10:
5b:d0:1c:da:0c:1a:7e:c4:fd:b9:a9:70:18:a9:72:d4:c0:73:
99:e4:e6:d5:24:f0:6b:58:f1:de:cb:40:77:a9:5e:e4:10:79:
b3:4f:fb:b7:e7:23:d7:2b:06:df:9a:46:af:99:c2:ae:5f:60:
de:6d:3f:35:23:e9:59:78:99:18:b4:6f:e6:0a:f6:76:1a:7c:
d5:e8:da:4a:65:89:08:81:c3:ab:56:d9:37:69:99:32:2b:f7:
81:b8:db:50:ba:93:9a:d8:3d:b7:a0:9b:cf:01:d0:ca:ac:f2:
d3:c6:c8:88:11:3a:4d:d4:26:99:7e:9d:85:e4:2f:63:fe:71:
08:a5:9f:3c:54:bd:bb:a5:83:1e:dc:3f:36:43:37:86:14:cc:
4e:99:b6:45:ae:95:ab:1d:c0:3f:d1:35:52:c8:a0:6a:1c:da:
e6:d0:96:d5:64:9a:89:c8:17:b8:9b:97:38:dc:61:a8:cd:66:
4f:e3:00:48:6a:59:55:2f:24:d6:18:e7:18:5c:3e:7d:7d:d2:
c7:87:c8:43:8d:b9:71:ab:f4:22:1a:e4:4f:e5:62:b8:0c:4f:
e3:2c:8b:da:66:11:5f:2c:39:e2:27:2e:9a:9d:63:29:44:4d:
8b:39:f6:c6
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICIZ8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEQ0
QTNCNjIxNDA3OENBNDhFNjZGM0I4QzU0RjFDNUZEQkM5REU3NDAeFw0yNjAzMDEx
NjI4NTFaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDVDNjQ4MjMzRjY3NDhG
Q0JBQ0YxNDJENDZCRTk2RTRGMDM5NjJBNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDe/r4ovOiSUauyG9/5hjATPLYG4aqoZZktiNTVoyx7TR3GA257
Cvm+JNb04W65c/K5NzDdvKilq2Xwcs5CQLLkVwlwuvYC6sRb03iw+UXCQ+vlb2+s
uXGoX4b7vFpA/Oc0IZZ/6VOjSWkhQk0O8uywSGxPk2eX/EWGzeQ7E6mnRpoyjEQ/
hCEYIYYw5nExzEcN14t8qJ59cHRWS2ySnVEkuX9hfyi2aYv+Kb4zLyqHseV2p4+j
cn9t4b+NcRvdkXOSFjsXpnzrRzmqK2UP0JSCM5A39DLQjHKGFxJLdIKbMgeTEjvH
xYTCL3FHqq/MTRd9Fy8S6MuE7d791OEDRXvdAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQUXGSCM/Z0j8us8ULUa+luTwOWKmgwHwYDVR0jBBgwFoAUDUo7YhQHjKSOZvO4
xU8cX9vJ3nQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1
L0RVbzdZaFFIaktTT1p2TzR4VThjWDl2SjNuUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvRFVvN1loUUhqS1NPWnZPNHhVOGNYOXZKM25RLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1L0RVbzdZaFFIaktTT1p2
TzR4VThjWDl2SjNuUS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQARo5wZoFmWk+eF0YmQUMx/3hBb0BzaDBp+xP25qXAYqXLUwHOZ5ObVJPBrWPHe
y0B3qV7kEHmzT/u35yPXKwbfmkavmcKuX2DebT81I+lZeJkYtG/mCvZ2GnzV6NpK
ZYkIgcOrVtk3aZkyK/eBuNtQupOa2D23oJvPAdDKrPLTxsiIETpN1CaZfp2F5C9j
/nEIpZ88VL27pYMe3D82QzeGFMxOmbZFrpWrHcA/0TVSyKBqHNrm0JbVZJqJyBe4
m5c43GGozWZP4wBIallVLyTWGOcYXD59fdLHh8hDjblxq/QiGuRP5WK4DE/jLIva
ZhFfLDniJy6anWMpRE2LOfbG
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:55:34 2026 by rpki-client