Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft
File: aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft (raw, json)
Hash identifier: ABJ/bN/+QUzB/21XTqEXI4+QwNGeSm63kfRDYbXtCjo=
Subject key identifier: AA:54:C7:33:A6:46:C8:4D:43:40:0E:F5:B3:B5:FE:12:DF:33:E3:CE
Authority key identifier: 69:74:47:C3:97:D1:8C:9E:11:0B:24:E5:05:C1:14:6C:F1:3E:A8:71
Certificate issuer: /CN=697447C397D18C9E110B24E505C1146CF13EA871
Certificate serial: 02CD
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft
Manifest number: 02CC
Signing time: Sun 01 Mar 2026 21:30:38 +0000
Manifest this update: Sun 01 Mar 2026 21:30:38 +0000
Manifest next update: Mon 02 Mar 2026 03:30:38 +0000
Files and hashes: 1: BZUi2Cy-x-5xY8XLQ7H-sa3JIuI.roa (hash: r4NPIAsWOPVI4/TlBnHCHN0/vB3fsl6rRgv0C6aogiE=)
2: aXRHw5fRjJ4RCyTlBcEUbPE-qHE.crl (hash: PlG+XGPh/3tB41th0S9+cYs8UNzOGjN6NPXL17oCZf8=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 717 (0x2cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=697447C397D18C9E110B24E505C1146CF13EA871
Validity
Not Before: Mar 1 21:30:38 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=AA54C733A646C84D43400EF5B3B5FE12DF33E3CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:19:f4:45:c8:e1:99:dc:ac:f8:b0:ab:32:f1:
ec:35:60:05:c1:82:85:2a:68:82:d4:ce:52:46:71:
df:ff:e3:66:54:ed:49:c4:c0:a8:e2:b7:d5:49:a2:
f6:aa:aa:ca:24:79:c9:3f:7c:88:59:e6:b3:37:b9:
95:fb:98:63:34:0b:d2:a0:8c:b0:19:73:71:3a:bf:
a5:b8:31:77:d3:16:14:3c:4a:26:e2:ab:4b:00:d4:
ef:ae:07:ee:49:34:7c:d3:28:4c:44:47:97:7a:24:
e0:dc:e8:51:bf:1b:10:74:c1:05:45:09:11:73:9d:
40:cf:c3:82:09:97:11:12:9f:89:af:f1:9f:16:f1:
0b:6f:60:17:70:07:7f:af:9b:67:58:22:e4:13:26:
7d:42:a0:eb:48:55:9f:55:bc:0e:40:5e:aa:a0:80:
64:65:f7:c0:7e:88:55:98:8d:bd:13:90:59:54:10:
34:50:03:45:73:b3:4d:40:15:9c:28:aa:fc:88:a7:
c5:e6:35:82:8f:fc:90:48:77:d7:16:14:70:16:9d:
d7:38:43:89:0f:d7:4b:17:d5:25:53:9b:0a:6c:b2:
bd:08:f4:49:2f:16:d4:24:63:2d:9c:db:1d:56:18:
8b:bf:92:fb:e5:da:38:c1:ac:5c:a1:67:f7:e0:2f:
c8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:54:C7:33:A6:46:C8:4D:43:40:0E:F5:B3:B5:FE:12:DF:33:E3:CE
X509v3 Authority Key Identifier:
keyid:69:74:47:C3:97:D1:8C:9E:11:0B:24:E5:05:C1:14:6C:F1:3E:A8:71
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/631/aXRHw5fRjJ4RCyTlBcEUbPE-qHE.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
8b:a7:f5:ad:1a:04:1d:6b:93:70:29:ba:c5:47:4c:72:a5:33:
f8:89:64:ad:e1:17:0f:fb:75:11:58:ee:37:fc:ce:93:7d:f7:
9e:3f:45:14:2c:bd:ae:f8:b5:31:d3:0e:a5:55:03:22:fe:b9:
09:fa:f0:fd:ee:ae:9a:0c:06:54:ab:b8:ae:aa:fb:6a:89:0f:
97:a5:c2:7a:6d:59:e6:6b:5c:48:8c:95:af:b8:9a:65:23:92:
0a:bc:95:0d:c9:6f:87:99:7c:ca:81:1c:4e:b1:4f:31:98:50:
4e:73:dc:70:da:25:01:2b:07:7a:29:c2:2a:11:d0:09:b4:76:
04:f7:ec:de:7f:c4:0e:f8:88:d9:76:1f:5f:12:68:38:e4:82:
ef:75:9b:f2:09:d9:0d:85:c1:d1:3f:d1:02:0e:88:bd:0a:93:
ec:52:4f:2a:a2:42:84:c9:98:00:3b:12:7c:e7:94:be:34:e6:
c1:4c:a1:84:be:79:4b:0e:b7:52:61:51:70:4f:d5:de:25:c9:
54:61:95:1d:d0:ef:31:ea:ce:ab:62:69:e1:56:c4:39:6a:66:
b6:00:07:d7:95:7d:be:c0:47:9f:5f:ea:83:d5:b8:52:98:7a:
23:dc:08:59:d3:b7:18:96:06:b4:15:80:69:ff:ec:b8:b5:d2:
4c:fa:8f:4f
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICAs0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk3
NDQ3QzM5N0QxOEM5RTExMEIyNEU1MDVDMTE0NkNGMTNFQTg3MTAeFw0yNjAzMDEy
MTMwMzhaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEFBNTRDNzMzQTY0NkM4
NEQ0MzQwMEVGNUIzQjVGRTEyREYzM0UzQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIGfRFyOGZ3Kz4sKsy8ew1YAXBgoUqaILUzlJGcd//42ZU7UnE
wKjit9VJovaqqsokeck/fIhZ5rM3uZX7mGM0C9KgjLAZc3E6v6W4MXfTFhQ8Sibi
q0sA1O+uB+5JNHzTKExER5d6JODc6FG/GxB0wQVFCRFznUDPw4IJlxESn4mv8Z8W
8QtvYBdwB3+vm2dYIuQTJn1CoOtIVZ9VvA5AXqqggGRl98B+iFWYjb0TkFlUEDRQ
A0Vzs01AFZwoqvyIp8XmNYKP/JBId9cWFHAWndc4Q4kP10sX1SVTmwpssr0I9Ekv
FtQkYy2c2x1WGIu/kvvl2jjBrFyhZ/fgL8h9AgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQUqlTHM6ZGyE1DQA71s7X+Et8z484wHwYDVR0jBBgwFoAUaXRHw5fRjJ4RCyTl
BcEUbPE+qHEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjMx
L2FYUkh3NWZSako0UkN5VGxCY0VVYlBFLXFIRS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvYVhSSHc1ZlJqSjRSQ3lUbEJjRVViUEUtcUhFLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNjMxL2FYUkh3NWZSako0UkN5
VGxCY0VVYlBFLXFIRS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQCLp/WtGgQda5NwKbrFR0xypTP4iWSt4RcP+3URWO43/M6TffeeP0UULL2u+LUx
0w6lVQMi/rkJ+vD97q6aDAZUq7iuqvtqiQ+XpcJ6bVnma1xIjJWvuJplI5IKvJUN
yW+HmXzKgRxOsU8xmFBOc9xw2iUBKwd6KcIqEdAJtHYE9+zef8QO+IjZdh9fEmg4
5ILvdZvyCdkNhcHRP9ECDoi9CpPsUk8qokKEyZgAOxJ855S+NObBTKGEvnlLDrdS
YVFwT9XeJclUYZUd0O8x6s6rYmnhVsQ5ama2AAfXlX2+wEefX+qD1bhSmHoj3AhZ
07cYlga0FYBp/+y4tdJM+o9P
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:51:28 2026 by rpki-client