Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
File: iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft (raw, json)
Hash identifier: zUT0ffm5DqoAMGYwwzSeD5cZw5X006OxZM7LZJKjIJw=
Subject key identifier: 5A:CA:5A:E6:10:3E:84:98:34:5B:CB:AB:D4:7A:44:3A:C0:93:C2:5A
Authority key identifier: 8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
Certificate issuer: /CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Certificate serial: F5D6
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
Manifest number: 4F15
Signing time: Thu 05 Mar 2026 18:59:10 +0000
Manifest this update: Thu 05 Mar 2026 18:59:09 +0000
Manifest next update: Fri 06 Mar 2026 00:59:09 +0000
Files and hashes: 1: 1pGP6piO9t8jbUERzDx-O4nhtLM.roa (hash: LgsHYyRchdYhJU6IjYfSwzPXfyeBNXFC/3oEFZaxr5E=)
2: 4wXgRujYTKfihSIvwuLg9rUOP1c.roa (hash: LPoTrqNW+wAwUy8l+OsMAuRG7zGEUq/hKav9nV2a/XY=)
3: 6wu7C6LJRgzw0YqBCypPrWvyqtk.roa (hash: Cj+QZPNg8QQ9fmyZfIpGADWCHBPEkN4OpbVPkdHjLNc=)
4: 9LZMbOJGzIWrwZIphlUZtLKBd_c.roa (hash: 2ZF77k5Fogyt6qSiuDajPcYoPcUD48QmqAkwhivvEH4=)
5: AvIoBSrNnMcpnZyXaLY_B_COOqM.roa (hash: tfuTWBj8mqfIFWkntrseawjOrEIi0ukcaV24gqQhJUE=)
6: Lzd2UazZEZK4D-Vi_LM5PwLTTJw.roa (hash: RYhKyfjdDrdFS+vtO7CbGxUt9WkZpShCr4z/pVEDnNo=)
7: No7gvAe0HiqMlWPX1eORii_qHNg.roa (hash: fsHInzrmBhxkqHfoeln8hYzxASuDDoDSJJ6xYdeYcAY=)
8: OfvtK6UGD_bVKz8pj9fgFWb6zgM.roa (hash: 40esanXG/apJXlFMV+hzoWKw+5KjI8h/fUEMtsSTOfI=)
9: PZulO6TyppqWWuGzO34PYYz5Uo0.roa (hash: yxbl0kEI9vox9RiEQxUPGxMV7cLiY2SO7AtRn6kT6eA=)
10: QD7THVmiGOcCiQQPVumiDRR-d7I.roa (hash: BeWz4UxSBqt/CJdq0rqcX/Y2LZaQqSYTg9P3zaCSJy8=)
11: TzZbUoNGLOmB6mnJiaNAHR2oE9c.roa (hash: BweYJDm2QhqDgPj1ChzAIBwgj2kCBYjRI7BD0uiJCsI=)
12: XsbnPodlNkVFgCzTwYVVRKP-GEQ.roa (hash: yacvbm4gKGYgc5wCZtcaOFLtzo1EC6TxZpfMKP9mzO4=)
13: Yq-wEJdpNyrsJ5M1lXcQMx95RI0.roa (hash: C1aXVx3626w3lC0qVGmhnn9Jj9Gy3ZQ5/AtReox93tU=)
14: evHFKal_BLbftwTo5irhQaueD2U.roa (hash: 4JP/QyQZbAYdHqHseXBGNqOkAZdAPfM1lQ9PPjQdoAg=)
15: ffnzNkkLF4B5sEmRbbt-73LygMI.roa (hash: lfR0YWmJicUAI3V8hDlF+PVwpQclCZqiT/dKFEJOFIA=)
16: iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl (hash: m5Tp8QadCEnndFT5I4UC0cg+ZPM3JJV9fK6F1yIiEKI=)
17: jgjN0IxKws8jDdNRAOYX1CdHt1k.roa (hash: T74oJ4uT1nguMzcsxBkKWMEPcQYXZBdgwGGLqKFQyh4=)
18: qe20gAZbuwVu_t2cnfTPZkvTqlA.roa (hash: rEzVYj2gFODsMAGdxG3xTH2suYUBY7xxuVYE2eGkAMI=)
19: vQGMLXKuPigq7LZo-Pr7Y9YiM-c.roa (hash: zTk7jcBriJqG2gtlVugmX1oERrjs/CQDeKUtk6NsPUk=)
20: ywCQM1l3K43_E-WiIpSnSbWqOvE.roa (hash: hgEPrLxxvDkD6XngS/o1Hzja3xdYFuhr99lC4QpzvhQ=)
21: zWbsOJJ1UwVI5pnA1_vMfQ9v7YA.roa (hash: BBz3fH6gauC81KGSU8veCkKr25fDnWrXmEydKqB3KzU=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62934 (0xf5d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8AE4CF78B49DF0B2C1D29D32E48A943AE4F41ACC
Validity
Not Before: Mar 5 18:59:09 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=5ACA5AE6103E8498345BCBABD47A443AC093C25A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f0:f9:68:52:99:6a:aa:0f:1d:28:ef:d6:32:
00:4b:4b:5b:e0:b8:b8:b9:11:b3:01:db:61:3e:66:
5e:29:0d:9d:15:62:48:a5:9a:8d:56:e4:ae:2c:e8:
d7:c7:ad:fb:37:56:a2:f7:b7:17:64:bc:75:c9:84:
df:61:26:6d:a0:94:db:60:2d:da:09:36:45:28:f1:
d9:ff:98:4e:b8:6d:f9:7d:32:b4:c8:d5:ca:98:92:
04:70:f3:f0:98:8f:66:02:98:6f:8d:f9:48:98:68:
17:4b:99:d3:16:04:49:11:32:f7:db:5b:8e:bd:6c:
8f:e9:20:b7:11:b0:c5:47:f9:69:82:e9:84:ed:8d:
46:2e:a3:90:74:d5:31:bc:f7:36:b9:26:77:39:bb:
0f:c7:e2:59:11:83:9b:c8:41:1d:4c:cc:1f:5a:13:
99:ba:9a:1b:70:9d:f1:5e:88:99:c5:73:23:eb:c3:
8f:0b:61:f0:8d:d7:54:84:5a:9f:93:5a:c3:22:fa:
c0:7a:0c:ee:bb:c9:34:3d:82:18:5f:52:96:8f:e1:
e9:1f:4e:be:5b:ad:e5:88:61:79:9c:22:91:1f:64:
62:5b:6f:0e:0b:c8:6a:9d:34:03:13:56:2b:5f:36:
b6:75:4f:d2:79:06:ae:67:e0:7f:59:46:9c:66:2e:
22:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:CA:5A:E6:10:3E:84:98:34:5B:CB:AB:D4:7A:44:3A:C0:93:C2:5A
X509v3 Authority Key Identifier:
keyid:8A:E4:CF:78:B4:9D:F0:B2:C1:D2:9D:32:E4:8A:94:3A:E4:F4:1A:CC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1663/iuTPeLSd8LLB0p0y5IqUOuT0Gsw.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
42:0f:8a:ef:3f:9f:fc:2d:af:c2:2e:64:6c:23:78:93:e4:28:
da:98:14:7c:5c:d0:53:4f:ff:11:1e:1a:40:4b:63:ce:5b:d7:
d5:e8:9e:3f:fb:c8:8d:ae:f0:fd:0c:8c:3d:d5:e3:f0:63:09:
59:12:24:ba:62:40:73:97:10:28:bc:96:a0:66:99:e0:5a:e6:
4b:d6:41:d5:7f:70:49:49:f5:9c:31:de:fc:74:fb:e6:b1:49:
da:48:0e:df:d6:33:40:dc:1b:fa:fc:bc:60:7a:56:ec:97:7e:
a2:3b:3c:ce:b1:94:2c:d4:83:0c:00:c9:d8:4d:38:aa:67:a8:
62:8a:4c:8e:8d:8a:9a:a9:95:da:e7:00:24:8d:c3:06:00:47:
9e:7a:df:a7:2f:6c:5c:c4:eb:87:86:3e:b2:9a:b4:43:83:d0:
83:44:35:50:de:be:5c:40:fb:09:72:c7:46:93:ae:24:37:58:
d1:12:25:02:f0:c2:52:7b:f3:fc:c5:c2:e9:59:0a:eb:86:35:
16:4c:94:7b:6f:c4:78:c0:6b:38:5b:8d:14:08:d9:d9:65:ff:
a7:45:d5:db:33:3a:a6:70:98:88:e8:c0:c9:57:b4:81:b6:52:
7e:a6:79:a8:25:a0:1d:06:1d:35:6d:21:c5:1e:9a:d7:be:19:
7c:af:1c:23
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDAPXWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDhB
RTRDRjc4QjQ5REYwQjJDMUQyOUQzMkU0OEE5NDNBRTRGNDFBQ0MwHhcNMjYwMzA1
MTg1OTA5WhcNMjcwMTA5MDgyMzE4WjAzMTEwLwYDVQQDEyg1QUNBNUFFNjEwM0U4
NDk4MzQ1QkNCQUJENDdBNDQzQUMwOTNDMjVBMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2/D5aFKZaqoPHSjv1jIAS0tb4Li4uRGzAdthPmZeKQ2dFWJI
pZqNVuSuLOjXx637N1ai97cXZLx1yYTfYSZtoJTbYC3aCTZFKPHZ/5hOuG35fTK0
yNXKmJIEcPPwmI9mAphvjflImGgXS5nTFgRJETL321uOvWyP6SC3EbDFR/lpgumE
7Y1GLqOQdNUxvPc2uSZ3ObsPx+JZEYObyEEdTMwfWhOZupobcJ3xXoiZxXMj68OP
C2HwjddUhFqfk1rDIvrAegzuu8k0PYIYX1KWj+HpH06+W63liGF5nCKRH2RiW28O
C8hqnTQDE1YrXza2dU/SeQauZ+B/WUacZi4iuwIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFFrKWuYQPoSYNFvLq9R6RDrAk8JaMB8GA1UdIwQYMBaAFIrkz3i0nfCywdKd
MuSKlDrk9BrMMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwXQYDVR0fBFYwVDBS
oFCgToZMcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzE2
NjMvaXVUUGVMU2Q4TExCMHAweTVJcVVPdVQwR3N3LmNybDBjBggrBgEFBQcBAQRX
MFUwUwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC9pdVRQZUxTZDhMTEIwcDB5NUlxVU91VDBHc3cuY2VyMA4GA1UdDwEB
/wQEAwIHgDCBnQYIKwYBBQUHAQsEgZAwgY0wWAYIKwYBBQUHMAuGTHJzeW5jOi8v
cnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC8xNjYzL2l1VFBlTFNkOExM
QjBwMHk1SXFVT3VUMEdzdy5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5j
bm5pYy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAh
BggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUA
A4IBAQBCD4rvP5/8La/CLmRsI3iT5CjamBR8XNBTT/8RHhpAS2POW9fV6J4/+8iN
rvD9DIw91ePwYwlZEiS6YkBzlxAovJagZpngWuZL1kHVf3BJSfWcMd78dPvmsUna
SA7f1jNA3Bv6/Lxgelbsl36iOzzOsZQs1IMMAMnYTTiqZ6hiikyOjYqaqZXa5wAk
jcMGAEeeet+nL2xcxOuHhj6ymrRDg9CDRDVQ3r5cQPsJcsdGk64kN1jREiUC8MJS
e/P8xcLpWQrrhjUWTJR7b8R4wGs4W40UCNnZZf+nRdXbMzqmcJiI6MDJV7SBtlJ+
pnmoJaAdBh01bSHFHprXvhl8rxwj
-----END CERTIFICATE-----
Generated at Fri Mar 6 01:08:38 2026 by rpki-client