Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1239/kZiaAq0NE2kvy29vluo2LX3c-ks.mft
File: kZiaAq0NE2kvy29vluo2LX3c-ks.mft (raw, json)
Hash identifier: IawFfbGHDoN780Ds/dUMAMGIxW4+nbd5I6lvyHvfYWU=
Subject key identifier: 21:A1:AD:F1:7D:D3:07:4C:32:3E:47:4C:AF:59:99:72:A1:39:C0:C3
Authority key identifier: 91:98:9A:02:AD:0D:13:69:2F:CB:6F:6F:96:EA:36:2D:7D:DC:FA:4B
Certificate issuer: /CN=91989A02AD0D13692FCB6F6F96EA362D7DDCFA4B
Certificate serial: E1
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kZiaAq0NE2kvy29vluo2LX3c-ks.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/kZiaAq0NE2kvy29vluo2LX3c-ks.mft
Manifest number: DF
Signing time: Wed 18 Mar 2026 01:28:54 +0000
Manifest this update: Wed 18 Mar 2026 01:28:54 +0000
Manifest next update: Wed 18 Mar 2026 07:28:54 +0000
Files and hashes: 1: kZiaAq0NE2kvy29vluo2LX3c-ks.crl (hash: sOzvgIaA/hyhHsEE0m6IDUWGj4S+kQRLe9zCsC2RP9k=)
2: r4ApDfaFdlnKaS2-FwXztqp4xcw.roa (hash: u0nhu3X/tvvx1t+8HCJa+r5wOjhNwq5HLFn3Gp4fR0c=)
3: yby75Yhz2kAq1cMvZ1uHmR3qXZo.roa (hash: OElGPcvv7JxSRuJ4J/Exx2xKwqcIQ/jbMHPNKhzIwvs=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 225 (0xe1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91989A02AD0D13692FCB6F6F96EA362D7DDCFA4B
Validity
Not Before: Mar 18 01:28:54 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=21A1ADF17DD3074C323E474CAF599972A139C0C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:57:0b:e0:88:c7:51:0b:07:c3:e7:48:25:9c:
a3:d6:e2:60:a4:b8:c5:46:61:30:bb:b9:55:07:39:
3a:77:86:c3:38:9f:6a:c7:2f:63:d2:c6:04:ca:d0:
62:1d:4a:40:41:f2:1a:3e:e6:a8:ce:61:07:bc:ec:
2c:c4:0d:e5:43:6d:4a:7e:62:1c:72:de:e4:96:7f:
c8:e3:37:9f:39:fd:6f:cd:27:bb:46:9e:75:15:51:
e6:71:66:ce:3f:38:47:be:e9:81:bf:ad:1f:6f:12:
03:90:69:28:53:12:44:38:e8:26:dc:40:fd:93:7d:
91:92:37:7c:c4:79:a1:8b:58:e7:ba:2c:4a:35:e9:
34:be:51:6c:ff:6c:30:42:f2:a8:bb:6d:c4:c8:57:
5d:b8:50:01:6a:5c:be:96:5d:a9:94:2f:14:c7:5d:
1d:aa:d0:c1:dd:98:dd:a1:6a:2c:37:3e:63:b5:be:
4a:f9:1e:77:05:8f:a0:71:5f:d3:fe:73:df:d2:84:
a4:cc:e1:62:d7:45:73:f3:fc:f3:6d:08:a8:37:43:
3d:40:74:48:f7:dc:bf:06:61:56:b3:ea:e4:10:2c:
25:5e:23:34:a5:69:a3:98:9e:22:5e:be:e5:08:6b:
e7:09:38:dc:bb:be:93:0e:17:e5:78:0d:4c:67:3a:
9b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A1:AD:F1:7D:D3:07:4C:32:3E:47:4C:AF:59:99:72:A1:39:C0:C3
X509v3 Authority Key Identifier:
keyid:91:98:9A:02:AD:0D:13:69:2F:CB:6F:6F:96:EA:36:2D:7D:DC:FA:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/kZiaAq0NE2kvy29vluo2LX3c-ks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/kZiaAq0NE2kvy29vluo2LX3c-ks.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1239/kZiaAq0NE2kvy29vluo2LX3c-ks.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
99:8e:74:94:ae:c7:68:d5:78:f6:af:46:25:e9:a4:44:fa:c5:
f7:47:1d:a0:83:77:42:0a:74:e3:a6:9d:e4:6e:4f:ce:3a:22:
b3:c2:19:6a:37:78:02:8e:a0:39:51:5e:5a:a7:fc:cf:11:3f:
46:05:2f:50:d9:c0:6c:03:1f:15:c2:7c:42:82:17:a5:0a:b0:
e5:95:a2:6a:8d:d8:2e:04:27:29:3c:1a:37:fa:95:1a:0f:5a:
5c:a8:ac:9e:24:1f:e8:eb:9a:5b:01:04:9d:fb:07:ab:29:56:
8b:79:db:44:b8:28:06:53:38:6b:95:21:83:42:88:6d:95:ad:
60:fb:7c:c6:8e:f4:27:61:1d:c7:89:ff:0a:3e:db:3f:84:8a:
33:92:58:f8:cf:ad:e4:76:73:9a:1e:9d:90:71:67:a1:62:5a:
18:36:ce:f5:6f:91:94:f5:75:2e:8e:7c:1b:c6:94:ac:55:70:
45:98:d2:b2:8d:26:26:70:f0:2d:b1:b3:c8:e9:ab:36:cd:3b:
6e:8b:c1:1a:d8:91:ed:51:03:40:25:74:48:06:8f:df:b3:f4:
3b:9e:01:c1:26:27:56:45:f0:92:c4:d2:bc:0a:13:e3:bb:b6:
68:0f:d3:8f:6b:da:56:19:33:05:e6:bd:ae:18:82:d6:f7:89:
b0:18:1d:cc
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICAOEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTE5
ODlBMDJBRDBEMTM2OTJGQ0I2RjZGOTZFQTM2MkQ3RERDRkE0QjAeFw0yNjAzMTgw
MTI4NTRaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDIxQTFBREYxN0REMzA3
NEMzMjNFNDc0Q0FGNTk5OTcyQTEzOUMwQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTVwvgiMdRCwfD50glnKPW4mCkuMVGYTC7uVUHOTp3hsM4n2rH
L2PSxgTK0GIdSkBB8ho+5qjOYQe87CzEDeVDbUp+Yhxy3uSWf8jjN585/W/NJ7tG
nnUVUeZxZs4/OEe+6YG/rR9vEgOQaShTEkQ46CbcQP2TfZGSN3zEeaGLWOe6LEo1
6TS+UWz/bDBC8qi7bcTIV124UAFqXL6WXamULxTHXR2q0MHdmN2haiw3PmO1vkr5
HncFj6BxX9P+c9/ShKTM4WLXRXPz/PNtCKg3Qz1AdEj33L8GYVaz6uQQLCVeIzSl
aaOYniJevuUIa+cJONy7vpMOF+V4DUxnOpsTAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUIaGt8X3TB0wyPkdMr1mZcqE5wMMwHwYDVR0jBBgwFoAUkZiaAq0NE2kvy29v
luo2LX3c+kswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTIz
OS9rWmlhQXEwTkUya3Z5Mjl2bHVvMkxYM2Mta3MuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2taaWFBcTBORTJrdnkyOXZsdW8yTFgzYy1rcy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEyMzkva1ppYUFxME5FMmt2
eTI5dmx1bzJMWDNjLWtzLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAJmOdJSux2jVePavRiXppET6xfdHHaCDd0IKdOOmneRuT846IrPCGWo3eAKO
oDlRXlqn/M8RP0YFL1DZwGwDHxXCfEKCF6UKsOWVomqN2C4EJyk8Gjf6lRoPWlyo
rJ4kH+jrmlsBBJ37B6spVot520S4KAZTOGuVIYNCiG2VrWD7fMaO9CdhHceJ/wo+
2z+EijOSWPjPreR2c5oenZBxZ6FiWhg2zvVvkZT1dS6OfBvGlKxVcEWY0rKNJiZw
8C2xs8jpqzbNO26LwRrYke1RA0AldEgGj9+z9DueAcEmJ1ZF8JLE0rwKE+O7tmgP
049r2lYZMwXmva4Ygtb3ibAYHcw=
-----END CERTIFICATE-----
Generated at Mon Jun 22 06:33:16 2026 by rpki-client