Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft
File: aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft (raw, json)
Hash identifier: y6MXsOrEc5RNyhXiUmgN7b9AQGw3vRv9/XL01Z9QVWk=
Subject key identifier: 39:55:E7:D7:82:24:F2:A8:E7:87:38:1F:C7:8A:F1:5C:0D:D9:62:94
Authority key identifier: 6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77
Certificate issuer: /CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177
Certificate serial: 2410
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft
Manifest number: 23F9
Signing time: Wed 18 Mar 2026 00:58:49 +0000
Manifest this update: Wed 18 Mar 2026 00:58:49 +0000
Manifest next update: Wed 18 Mar 2026 06:58:49 +0000
Files and hashes: 1: 9CSLI04QulnrnQ-UHevGHlqHnr8.roa (hash: uGu60xHP16pqv9mEC7avI6PBAyJp8zIpilllX2olr3g=)
2: YvxJMlGBtdhPwCe99e-TBRWSmno.roa (hash: U4S+JHkc2/dz4XfdQdt/8ojCwq7JqsXN3uR74WyZ1Sc=)
3: aP6HMIRMVaJb-HQCxP3ZEw8fy-c.roa (hash: fXEKdM5uTD2uZfbp7AsKEXmMlsEMvfXlWleKalWUB0Q=)
4: aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl (hash: iohRwrllfE+luQGnafPxJYJU9nnAgy/5NAyG5tL/bF4=)
5: j_kpTNBSK3t7GObLuJuO84r6yXg.roa (hash: 92qu/6Pnh10gXsJpooRaqzuk+tEHFKZQlp45GGTTNME=)
6: nsp1rCOyDgJcD6k5-03F0QZ3Gm0.roa (hash: VhCcjfeCfFFgpxPE8AvWfMfxwpMmlFBb5Au0JqK9qQE=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9232 (0x2410)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6A21A11AAC4EAE0A630659B31A230B08D6B58177
Validity
Not Before: Mar 18 00:58:49 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=3955E7D78224F2A8E787381FC78AF15C0DD96294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d4:eb:44:e8:67:f1:ba:df:7b:27:01:02:81:
0f:fa:f1:5a:0b:8c:4b:38:05:f2:f4:01:74:33:ab:
85:c5:39:b8:f9:22:5c:56:85:6c:e8:4b:29:e6:64:
71:a1:98:ce:44:3d:6e:68:b4:85:f2:38:e9:ea:8a:
ca:38:5a:8e:4c:24:40:da:76:37:8d:bf:ef:79:bf:
44:40:85:d0:92:6a:11:e3:30:06:d0:fe:79:fa:f8:
94:97:c7:16:ae:d6:1f:30:5e:47:12:20:cb:c6:47:
f8:52:f4:a8:37:4c:b3:a0:26:74:05:a3:e1:72:a3:
54:8e:0a:78:25:0e:02:a7:d3:80:17:96:47:b8:f0:
a3:4a:c8:95:9e:a5:ed:50:61:52:08:61:33:74:ec:
82:f2:f0:f7:05:06:9f:0e:9c:c9:e1:96:cf:f1:6a:
67:73:ac:d5:5a:e8:74:c2:22:76:1d:0d:de:1f:30:
f2:b2:77:25:1d:ec:45:55:27:f3:20:fc:0c:73:d1:
21:15:54:91:2f:2e:80:6f:08:06:d9:0a:45:fd:d8:
40:38:a6:41:05:a2:30:5e:54:20:a2:2c:26:95:71:
e9:60:59:12:15:cf:0b:b6:61:ec:f1:5c:5b:0a:4b:
86:b1:97:98:f6:cc:ec:e4:56:f6:cf:d4:3c:13:a4:
8a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:55:E7:D7:82:24:F2:A8:E7:87:38:1F:C7:8A:F1:5C:0D:D9:62:94
X509v3 Authority Key Identifier:
keyid:6A:21:A1:1A:AC:4E:AE:0A:63:06:59:B3:1A:23:0B:08:D6:B5:81:77
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/aiGhGqxOrgpjBlmzGiMLCNa1gXc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2564/aiGhGqxOrgpjBlmzGiMLCNa1gXc.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
8c:5e:fd:27:c2:b4:76:96:b2:fe:22:c7:b4:54:95:ff:7c:12:
5d:2d:84:a2:38:24:49:ca:e6:cc:54:0e:68:d1:3f:e5:73:69:
01:4e:30:92:2d:4f:af:14:c2:26:17:99:53:77:66:e4:2c:4e:
60:35:56:e2:b7:b2:5e:db:30:b3:d7:38:36:6f:ac:5f:f7:9a:
42:ee:64:26:92:c4:7a:fd:6a:32:58:fa:d1:b2:9d:47:bc:61:
e7:7a:12:25:da:a7:e8:cf:d5:4f:d1:3a:89:80:c7:8d:47:25:
ff:93:df:b9:1d:41:ba:b5:c6:00:3b:34:a2:9a:d9:ac:32:fa:
d4:ca:4e:c1:df:92:c8:d6:7e:6c:c5:53:b8:74:d5:cb:0b:ba:
23:3c:2a:75:9a:51:1e:4b:35:24:0a:01:1a:e3:85:82:5b:da:
e5:2f:f4:f3:d4:c1:c0:d9:65:7b:a9:3d:1b:05:af:08:2a:37:
70:6a:c0:cb:8a:60:45:0b:5f:11:1c:72:52:de:9d:ba:a4:40:
86:16:b2:80:06:11:1d:0c:6b:af:7d:ac:22:cd:72:10:51:e8:
e2:9b:cc:25:ce:1c:3d:b8:b5:68:97:b2:9e:d6:b2:8e:b5:36:
9c:96:46:0e:b4:e4:b7:1f:2a:35:10:bb:8b:f6:d0:d0:b4:e6:
eb:05:ed:76
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICJBAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEy
MUExMUFBQzRFQUUwQTYzMDY1OUIzMUEyMzBCMDhENkI1ODE3NzAeFw0yNjAzMTgw
MDU4NDlaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDM5NTVFN0Q3ODIyNEYy
QThFNzg3MzgxRkM3OEFGMTVDMEREOTYyOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq1OtE6Gfxut97JwECgQ/68VoLjEs4BfL0AXQzq4XFObj5IlxW
hWzoSynmZHGhmM5EPW5otIXyOOnqiso4Wo5MJEDadjeNv+95v0RAhdCSahHjMAbQ
/nn6+JSXxxau1h8wXkcSIMvGR/hS9Kg3TLOgJnQFo+Fyo1SOCnglDgKn04AXlke4
8KNKyJWepe1QYVIIYTN07ILy8PcFBp8OnMnhls/xamdzrNVa6HTCInYdDd4fMPKy
dyUd7EVVJ/Mg/Axz0SEVVJEvLoBvCAbZCkX92EA4pkEFojBeVCCiLCaVcelgWRIV
zwu2YezxXFsKS4axl5j2zOzkVvbP1DwTpIqpAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUOVXn14Ik8qjnhzgfx4rxXA3ZYpQwHwYDVR0jBBgwFoAUaiGhGqxOrgpjBlmz
GiMLCNa1gXcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU2
NC9haUdoR3F4T3JncGpCbG16R2lNTENOYTFnWGMuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2FpR2hHcXhPcmdwakJsbXpHaU1MQ05hMWdYYy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NjQvYWlHaEdxeE9yZ3Bq
QmxtekdpTUxDTmExZ1hjLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAIxe/SfCtHaWsv4ix7RUlf98El0thKI4JEnK5sxUDmjRP+VzaQFOMJItT68U
wiYXmVN3ZuQsTmA1VuK3sl7bMLPXODZvrF/3mkLuZCaSxHr9ajJY+tGynUe8Yed6
EiXap+jP1U/ROomAx41HJf+T37kdQbq1xgA7NKKa2awy+tTKTsHfksjWfmzFU7h0
1csLuiM8KnWaUR5LNSQKARrjhYJb2uUv9PPUwcDZZXupPRsFrwgqN3BqwMuKYEUL
XxEcclLenbqkQIYWsoAGER0Ma699rCLNchBR6OKbzCXOHD24tWiXsp7Wso61NpyW
Rg605LcfKjUQu4v20NC05usF7XY=
-----END CERTIFICATE-----
Generated at Thu Apr 16 11:10:03 2026 by rpki-client