Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft
File: MtXsFcXlZORw7HsUzUfeLYYqzoM.mft (raw, json)
Hash identifier: c1IIx7XV9ODtzCMNsOktHuwC4qvvgs+bvgtL3BVv5tk=
Subject key identifier: 47:AC:34:6E:7B:3A:C1:3D:A6:6F:B2:2D:EB:39:6C:0E:E0:42:F7:C3
Authority key identifier: 32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83
Certificate issuer: /CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83
Certificate serial: 099D
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft
Manifest number: 0995
Signing time: Wed 18 Mar 2026 03:29:06 +0000
Manifest this update: Wed 18 Mar 2026 03:29:06 +0000
Manifest next update: Wed 18 Mar 2026 09:29:06 +0000
Files and hashes: 1: HP2pPWqilKqEwxxLYf1Bc0eNRZ8.roa (hash: nzM/sVo6T3wrJOKA8s9C/r1i/A+SHE4RxkcR9ZuDMqw=)
2: MtXsFcXlZORw7HsUzUfeLYYqzoM.crl (hash: w8nQ0eYiLwm0wl+LwPiYFP0wsnudq7itNtdeInYi8g8=)
3: bC40d1-ghgM21ALWbp1O1UkgkdU.roa (hash: 9yTQDJvjPR2trUFfN17YffGLD8jC8nwJrrCPuFbW2Vc=)
4: dj52fO6wCS8Lsoe-ihgKdkrnwnE.roa (hash: 7aICgRrTtrePB+0YhNu9XutmrrOoUeqPXvBeqh7Qv/Y=)
5: mrsHKrTmE4mOslEo5lBsb9iRJlk.roa (hash: a/F6thmLhHVyrowSSbW9el8yqJWv7IOkNKEtetCNUq8=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2461 (0x99d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32D5EC15C5E564E470EC7B14CD47DE2D862ACE83
Validity
Not Before: Mar 18 03:29:06 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=47AC346E7B3AC13DA66FB22DEB396C0EE042F7C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:06:ad:80:a7:c7:cb:d9:7d:75:2c:0c:3f:cd:
c2:0d:d0:0f:94:80:71:80:08:b7:0d:13:d2:22:2e:
1f:69:28:26:a3:1f:7b:5b:82:d2:b7:18:d1:6b:dc:
dd:7a:40:ed:ab:f0:fa:0b:60:77:af:60:f3:87:e8:
42:da:79:19:1c:dc:e1:96:7a:b5:cd:15:32:74:d9:
78:00:f9:ed:c6:df:84:c8:58:88:9a:91:31:55:c1:
21:2d:57:8c:47:bf:a1:ce:cc:9b:dd:07:18:30:67:
a2:a9:94:4c:69:ea:53:21:88:d6:5c:10:c3:f1:a7:
b4:90:07:76:2e:23:65:d9:ee:4a:48:ab:82:aa:20:
49:96:56:a2:82:28:70:db:75:f7:51:7d:82:16:97:
b5:05:af:af:f5:ea:ee:ec:4a:e0:12:d8:ba:30:1b:
11:b3:aa:d5:db:a9:3d:12:36:63:cd:09:e9:b8:b4:
4d:cc:4b:d0:a9:a2:d2:e9:66:a0:cd:7a:e6:1c:b2:
09:c2:0c:7a:5e:5c:13:94:b5:64:28:13:c3:a6:c1:
02:5f:67:c7:b0:62:2a:2e:00:c8:15:04:d7:4f:59:
e8:8c:7f:84:b6:f2:3d:50:37:04:31:c8:8a:88:b6:
4a:77:c9:be:89:01:e8:ca:76:2c:05:d7:91:52:25:
fb:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:AC:34:6E:7B:3A:C1:3D:A6:6F:B2:2D:EB:39:6C:0E:E0:42:F7:C3
X509v3 Authority Key Identifier:
keyid:32:D5:EC:15:C5:E5:64:E4:70:EC:7B:14:CD:47:DE:2D:86:2A:CE:83
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MtXsFcXlZORw7HsUzUfeLYYqzoM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1023/MtXsFcXlZORw7HsUzUfeLYYqzoM.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
5e:6b:60:3b:c7:fd:e4:50:f8:47:b2:d9:e7:ab:1d:2c:e6:40:
d0:81:60:55:b2:4d:6f:77:a6:e7:ec:bf:4f:d6:1a:de:1b:cf:
02:89:d4:c9:8f:99:d8:8d:9e:10:cb:2c:d9:9d:0c:f8:db:9d:
4b:42:ce:4c:48:15:cb:bc:b5:ba:c7:09:b5:d3:4a:f6:27:fb:
a4:0c:0c:e5:b9:fb:57:71:de:78:ac:f7:bd:5f:08:d9:ad:72:
aa:5d:81:70:0e:35:cd:e3:55:56:94:d0:94:ac:66:ed:0c:03:
5a:3c:23:91:62:58:1a:32:d6:3f:b7:8a:9e:19:26:fa:a9:c0:
65:b6:58:5b:c3:d4:19:71:4f:e0:bd:bf:9a:1d:cf:b3:7c:7c:
cb:a1:e0:76:e6:05:15:60:c7:57:0e:6f:ca:cb:20:64:d1:d5:
f2:84:c8:47:7f:cd:26:46:e7:ae:90:09:04:77:ab:2e:bf:58:
ae:01:f1:9f:eb:b1:cb:e5:22:b7:ff:61:20:54:23:5b:d7:1e:
70:ba:f6:0e:3a:7d:c8:6a:07:ee:1e:4b:d9:99:80:99:e7:1a:
59:0d:e2:1f:a5:e7:70:bc:bd:84:24:94:ce:5b:ab:09:76:5f:
f2:de:31:7e:79:99:0b:ee:9c:21:9f:c4:61:27:33:33:ec:73:
f7:bd:2b:2a
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICCZ0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzJE
NUVDMTVDNUU1NjRFNDcwRUM3QjE0Q0Q0N0RFMkQ4NjJBQ0U4MzAeFw0yNjAzMTgw
MzI5MDZaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDQ3QUMzNDZFN0IzQUMx
M0RBNjZGQjIyREVCMzk2QzBFRTA0MkY3QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVBq2Ap8fL2X11LAw/zcIN0A+UgHGACLcNE9IiLh9pKCajH3tb
gtK3GNFr3N16QO2r8PoLYHevYPOH6ELaeRkc3OGWerXNFTJ02XgA+e3G34TIWIia
kTFVwSEtV4xHv6HOzJvdBxgwZ6KplExp6lMhiNZcEMPxp7SQB3YuI2XZ7kpIq4Kq
IEmWVqKCKHDbdfdRfYIWl7UFr6/16u7sSuAS2LowGxGzqtXbqT0SNmPNCem4tE3M
S9CpotLpZqDNeuYcsgnCDHpeXBOUtWQoE8OmwQJfZ8ewYiouAMgVBNdPWeiMf4S2
8j1QNwQxyIqItkp3yb6JAejKdiwF15FSJfvLAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUR6w0bns6wT2mb7It6zlsDuBC98MwHwYDVR0jBBgwFoAUMtXsFcXlZORw7HsU
zUfeLYYqzoMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTAy
My9NdFhzRmNYbFpPUnc3SHNVelVmZUxZWXF6b00uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL010WHNGY1hsWk9SdzdIc1V6VWZlTFlZcXpvTS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEwMjMvTXRYc0ZjWGxaT1J3
N0hzVXpVZmVMWVlxem9NLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAF5rYDvH/eRQ+Eey2eerHSzmQNCBYFWyTW93pufsv0/WGt4bzwKJ1MmPmdiN
nhDLLNmdDPjbnUtCzkxIFcu8tbrHCbXTSvYn+6QMDOW5+1dx3nis971fCNmtcqpd
gXAONc3jVVaU0JSsZu0MA1o8I5FiWBoy1j+3ip4ZJvqpwGW2WFvD1BlxT+C9v5od
z7N8fMuh4HbmBRVgx1cOb8rLIGTR1fKEyEd/zSZG566QCQR3qy6/WK4B8Z/rscvl
Irf/YSBUI1vXHnC69g46fchqB+4eS9mZgJnnGlkN4h+l53C8vYQklM5bqwl2X/Le
MX55mQvunCGfxGEnMzPsc/e9Kyo=
-----END CERTIFICATE-----
Generated at Mon Jun 22 06:35:06 2026 by rpki-client