Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft
File: OrqLQlIyvliWg5beMqjrWgXuplg.mft (raw, json)
Hash identifier: ziyG3BzCIIdhLXPUqhFM92t8mne8CBfw9jO/+TA7Gto=
Subject key identifier: EE:3D:61:32:5F:A4:15:8F:6D:D8:75:32:51:AA:A0:A4:34:31:9D:AF
Authority key identifier: 3A:BA:8B:42:52:32:BE:58:96:83:96:DE:32:A8:EB:5A:05:EE:A6:58
Certificate issuer: /CN=3ABA8B425232BE58968396DE32A8EB5A05EEA658
Certificate serial: 2412
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft
Manifest number: 23FA
Signing time: Wed 18 Mar 2026 00:58:55 +0000
Manifest this update: Wed 18 Mar 2026 00:58:55 +0000
Manifest next update: Wed 18 Mar 2026 06:58:55 +0000
Files and hashes: 1: -BD1ScZ1qtVml1mtGMCl0VXuWnQ.roa (hash: Y4RnHF0olQOkJZCOgplKy6V5W3l+yjTdRv7vuxuxt/Y=)
2: 3XFAM1LR8bXrQO9-4KxTBRR6oUM.roa (hash: p3HTFnAwoQUplrWD0lDFeQnn6TtUf3uSH5E930q9wmY=)
3: 5gBAgORrLJ1HOd2UJI9VuTgWXLw.roa (hash: BzXsg9YDlLmZBk4wjszn8ron+o/kdkRGz8/J4E7WxpE=)
4: 7fQbZDA8tyj5MEHYs8eECTQqEJ4.roa (hash: oBOqnJZox1co4VueK7P6UmPhiXBxYSVNzp0LyLTBDng=)
5: Koq88Hkeq0z1orOFOt3sXUP1i7s.roa (hash: cUkd0p+vM60SjplpcTha44ZE3PZE50mAlZ76hhRNkkw=)
6: NS8ld6_e8jjTJ5NSmZlXmrsytmg.roa (hash: ue62yQ5UfjmW3GmSVVDJ5m+vcixMEBmN2imHAbo0koI=)
7: NeXIOaCZIioOy7ziawSIyD4woWg.roa (hash: ZqTBe0guzD9KLaSCWJGTcCkPLsZkZYyc2ZL6bz7lxFE=)
8: OrqLQlIyvliWg5beMqjrWgXuplg.crl (hash: Hn13TQLedQyN2slFkRtDiX4rb1dqXbvw4QHRhr+dZdE=)
9: Z4ucuIoDOQ7ECal5D-VY1DrScvE.roa (hash: BdUnvquZvHpYLIFBwlsMwX3JdDiI48uDaE8PxvIMH+c=)
10: osUjb5gBSaQor-TU3i_rb5Up6_g.roa (hash: GbQSg+jIionWUDPH2Aacq0jFbjplc9PH4PJqqNZpw3g=)
11: rOLZuyZPB6j0aMAFjGGcCvT-Xks.roa (hash: pvA5LjRYZubqawi/TZBz+Jnw6EaTAjSubqty4ug9Fa4=)
12: xoiU_cNHrC9XYfowMsmLFuzbCUU.roa (hash: +3jAWysUr7r4XUdqqPf705TWZpvCt2uP+nwWgTNxgcA=)
13: zlUos4_Lnxtl0Za76SDtV7roYEg.roa (hash: 3gPFe9nQupimS5NzDb4pfhh3cdXZ3WndW8yV7WyaFm8=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9234 (0x2412)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ABA8B425232BE58968396DE32A8EB5A05EEA658
Validity
Not Before: Mar 18 00:58:55 2026 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=EE3D61325FA4158F6DD8753251AAA0A434319DAF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4a:bf:c1:b3:f6:44:ba:99:72:56:cb:1f:b3:
33:33:73:4e:03:34:6d:68:51:d4:2e:d3:f3:99:db:
a5:47:b5:52:24:59:1f:31:c9:99:f2:42:a3:78:6b:
29:d6:70:26:97:8c:3d:d1:bf:0c:04:01:6e:72:9f:
9b:41:14:eb:2d:bc:db:b6:ab:ed:2b:5f:1b:a6:f1:
56:0b:6e:15:69:89:4b:3e:1f:d3:ce:ae:90:48:ab:
fd:07:de:04:40:7a:ef:52:20:c2:c1:bd:b8:2e:19:
11:71:82:24:72:ad:09:42:84:cf:0a:ac:7e:6a:f4:
93:5e:20:86:65:82:6a:7a:15:fd:29:8e:59:74:0d:
0f:73:3f:78:d7:3b:11:e6:7c:af:e1:75:1b:58:82:
89:37:b1:c9:6a:b8:11:00:35:25:51:ff:81:2d:9b:
80:d6:88:03:10:90:f7:49:06:81:1f:ca:b1:fc:4c:
29:f1:db:4c:ca:e2:47:0d:52:28:cb:a5:9c:a0:09:
2d:ea:c8:95:1a:a0:bd:2e:93:af:0c:f6:c2:d2:89:
66:bc:0a:82:9d:2b:6d:40:29:8c:68:8b:06:85:7f:
b7:85:1e:05:92:30:d7:7c:86:66:cb:9a:41:a4:52:
7b:e7:f9:ab:be:06:f1:8a:48:85:23:b5:45:f7:6f:
ea:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:3D:61:32:5F:A4:15:8F:6D:D8:75:32:51:AA:A0:A4:34:31:9D:AF
X509v3 Authority Key Identifier:
keyid:3A:BA:8B:42:52:32:BE:58:96:83:96:DE:32:A8:EB:5A:05:EE:A6:58
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OrqLQlIyvliWg5beMqjrWgXuplg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1375/OrqLQlIyvliWg5beMqjrWgXuplg.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
4c:3f:b4:1b:d2:f6:82:d4:e7:7e:a5:f3:58:ac:bd:b4:7d:19:
f0:dc:ce:a8:86:71:a7:77:7b:0c:53:58:b7:d7:ed:5e:11:25:
27:52:cc:7c:ab:5d:6c:e3:f5:23:cf:b2:42:b4:79:29:d9:0b:
ce:5a:c1:a9:4f:e7:96:02:c3:52:dc:e3:66:dc:71:b0:ac:bd:
f1:51:c3:e5:8f:49:ab:92:7c:71:02:db:cc:1e:e8:04:86:ef:
96:d2:71:6a:b4:25:f3:e4:1c:70:8a:db:69:7f:f7:a9:7d:85:
77:72:50:ee:2f:ca:88:13:f2:7e:39:6b:9e:94:2a:f2:ad:40:
22:c7:80:81:41:6e:d0:cb:a0:de:01:c4:1e:05:73:cd:20:f4:
cc:d0:57:20:f3:14:eb:30:c5:da:21:95:2f:f9:68:a1:e3:6b:
1e:54:06:c4:f6:fe:86:2e:55:a0:29:a4:53:4c:2c:ea:75:6c:
23:0a:e1:96:15:84:18:e4:15:71:02:ac:35:a6:20:14:b0:2a:
15:1c:86:ed:3b:ed:35:89:d2:c2:bf:f3:3f:17:25:4e:bb:04:
03:fd:45:e8:60:9d:cb:0b:f2:6f:ac:1d:4f:30:8e:dc:e2:12:
3d:eb:67:51:f4:f6:26:ab:b3:76:64:59:17:60:82:ec:04:c1:
c2:f2:30:54
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICJBIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FC
QThCNDI1MjMyQkU1ODk2ODM5NkRFMzJBOEVCNUEwNUVFQTY1ODAeFw0yNjAzMTgw
MDU4NTVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKEVFM0Q2MTMyNUZBNDE1
OEY2REQ4NzUzMjUxQUFBMEE0MzQzMTlEQUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8Sr/Bs/ZEuplyVssfszMzc04DNG1oUdQu0/OZ26VHtVIkWR8x
yZnyQqN4aynWcCaXjD3RvwwEAW5yn5tBFOstvNu2q+0rXxum8VYLbhVpiUs+H9PO
rpBIq/0H3gRAeu9SIMLBvbguGRFxgiRyrQlChM8KrH5q9JNeIIZlgmp6Ff0pjll0
DQ9zP3jXOxHmfK/hdRtYgok3sclquBEANSVR/4Etm4DWiAMQkPdJBoEfyrH8TCnx
20zK4kcNUijLpZygCS3qyJUaoL0uk68M9sLSiWa8CoKdK21AKYxoiwaFf7eFHgWS
MNd8hmbLmkGkUnvn+au+BvGKSIUjtUX3b+o3AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQU7j1hMl+kFY9t2HUyUaqgpDQxna8wHwYDVR0jBBgwFoAUOrqLQlIyvliWg5be
MqjrWgXuplgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
NS9PcnFMUWxJeXZsaVdnNWJlTXFqcldnWHVwbGcuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09ycUxRbEl5dmxpV2c1YmVNcWpyV2dYdXBsZy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEzNzUvT3JxTFFsSXl2bGlX
ZzViZU1xanJXZ1h1cGxnLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAEw/tBvS9oLU536l81isvbR9GfDczqiGcad3ewxTWLfX7V4RJSdSzHyrXWzj
9SPPskK0eSnZC85awalP55YCw1Lc42bccbCsvfFRw+WPSauSfHEC28we6ASG75bS
cWq0JfPkHHCK22l/96l9hXdyUO4vyogT8n45a56UKvKtQCLHgIFBbtDLoN4BxB4F
c80g9MzQVyDzFOswxdohlS/5aKHjax5UBsT2/oYuVaAppFNMLOp1bCMK4ZYVhBjk
FXECrDWmIBSwKhUchu077TWJ0sK/8z8XJU67BAP9RehgncsL8m+sHU8wjtziEj3r
Z1H09iars3ZkWRdgguwEwcLyMFQ=
-----END CERTIFICATE-----
Generated at Thu Apr 16 11:10:10 2026 by rpki-client