Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft
File: fPRMBtXqffDL1PaFCPFOhNoIt1I.mft (raw, json)
Hash identifier: 5lfO8Kijl/2QT+b12viQf3wRd2au/JS1f1s3mYbpYpI=
Subject key identifier: 7C:23:A7:76:81:71:4E:FB:35:C9:01:DA:63:0F:2C:52:5E:FE:19:BF
Authority key identifier: 7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52
Certificate issuer: /CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752
Certificate serial: 1C24
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft
Manifest number: 1C17
Signing time: Wed 18 Mar 2026 04:59:12 +0000
Manifest this update: Wed 18 Mar 2026 04:59:12 +0000
Manifest next update: Wed 18 Mar 2026 10:59:12 +0000
Files and hashes: 1: HIkT_nEnsLxGeI-3zJUHhtNyWj8.roa (hash: IhDC9QUQgRmJWF3Vdetq/G4pSKe6C+p+OntJsqXr45o=)
2: JysggbimOtIIYLd8H4W2mvAaKtk.roa (hash: 3dVEhqycSb5TWHE0dMoeeLFGJNYtZHoiwDeanRn76Yc=)
3: OYh5JEj0uWuUFwdKjB10pF76_pI.roa (hash: An6u7oH3sagNhBru0T5ojCoKJVfFfrmJ66mlx7PcbhI=)
4: USiwWmP7_uZv84RfFsFEk-_9H8Q.roa (hash: b7crNyxxWRj94oFuRTJxzkl+UkzfJZ2V5euQ8agMh3o=)
5: cIWlcgIlWrr7dPhvnLjAEmryGDc.roa (hash: qYlW/Je7TxRMGGbrH6KCQs+TJv0I6bBgau3xwOaOT6g=)
6: fPRMBtXqffDL1PaFCPFOhNoIt1I.crl (hash: NkKrgyrcFKTA68r1Rtleyvz6sZ5CYOYMyHee4vXIisA=)
7: gALoy-WEClG9nOagRiQccU0WnpE.roa (hash: Gmv5mtUHklFp3j+m8mMU5eiB9lpckT1KXPsOboMEr50=)
8: nlfKk31w0-JMOBpbuydpYlmgaK4.roa (hash: Pd6xFisxhVIf9N5p5BSqwtwrTZp9+Wnd5CgCa9g0/nM=)
9: r78L_jfDaGDjaH3rsP83eK4kcG4.roa (hash: u1or2If1pLNDG9eB56Xw8Z+2kHObmlhnvE4GqSl5VaQ=)
10: xB_JUhaUTOLRuggWEFRDEbGKbdA.roa (hash: MUeQ6SBwA1FY7z2svn5ifPBc7LhDADwZ7QfDARqfH+4=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7204 (0x1c24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7CF44C06D5EA7DF0CBD4F68508F14E84DA08B752
Validity
Not Before: Mar 18 04:59:12 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=7C23A77681714EFB35C901DA630F2C525EFE19BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:2a:bb:7b:59:64:df:24:f6:6c:eb:bb:11:8a:
b8:10:c4:dc:0b:39:e9:39:6c:d6:f4:fe:8e:d2:6e:
e7:2d:e0:8d:d1:3e:30:0e:e9:e9:40:0f:13:58:9a:
69:08:05:09:2f:da:e8:f6:ad:0c:58:f4:89:f1:ca:
1d:29:f9:c3:d9:7f:c6:67:52:8e:67:28:ac:e3:d8:
38:37:9d:d0:40:be:39:4c:d1:d0:16:c4:e8:ef:c9:
be:0c:de:94:15:2f:53:6a:a7:3a:00:77:42:a3:19:
af:82:30:ff:13:d5:ad:8d:1e:56:28:9f:59:a7:74:
5d:f8:3c:7e:c9:cf:96:8d:f7:12:24:92:e7:5d:da:
7a:86:6c:c4:44:4e:34:4c:12:22:b8:ae:6b:4f:21:
78:f5:ca:31:5f:72:7c:2d:16:ae:01:e0:b5:f1:52:
ae:78:6d:ac:46:c0:99:f9:ea:79:13:92:fa:7f:3e:
3b:d6:b1:98:50:b4:d0:4d:24:f2:1d:87:61:f9:75:
25:cc:b7:5f:cc:c7:a8:38:03:d3:32:d6:7a:73:37:
e7:d2:db:ab:8a:b2:86:aa:9f:8d:c0:b6:f4:6e:cf:
8d:8f:3c:69:99:b6:07:1d:af:c5:23:e0:a2:01:63:
df:7a:72:b4:89:b0:38:aa:e4:f5:97:12:29:1d:f1:
07:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:23:A7:76:81:71:4E:FB:35:C9:01:DA:63:0F:2C:52:5E:FE:19:BF
X509v3 Authority Key Identifier:
keyid:7C:F4:4C:06:D5:EA:7D:F0:CB:D4:F6:85:08:F1:4E:84:DA:08:B7:52
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/fPRMBtXqffDL1PaFCPFOhNoIt1I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2578/fPRMBtXqffDL1PaFCPFOhNoIt1I.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
11:ab:ce:d0:6e:3d:7b:90:e4:f2:f3:f9:15:f9:57:94:bd:1b:
db:05:83:0b:32:04:e9:51:96:69:51:57:b5:02:8e:e7:0f:59:
81:48:cc:08:d2:0c:4d:19:cd:77:20:0a:7f:55:e2:5c:c4:fe:
88:5b:65:c5:40:01:7f:8f:5c:ff:ce:a6:c4:42:c5:1f:a5:78:
c5:37:8d:0d:f3:3c:eb:84:48:b9:2e:78:f0:ab:b1:7a:fe:92:
bf:67:fe:f4:ec:2f:00:ef:35:95:94:a6:8e:62:8b:1d:1a:d5:
1f:b3:c9:a4:d8:4c:f7:5e:51:03:c7:54:de:5a:af:ee:e3:65:
7e:8b:b4:1a:fa:ee:52:df:ec:24:f0:58:af:fd:30:8c:20:f1:
d9:0a:7f:f2:40:d8:3b:7b:b0:30:41:dc:3c:c8:1c:b5:11:4a:
25:5b:33:fa:ec:ce:26:92:41:de:12:77:fc:4c:f4:49:d8:cb:
cc:36:aa:5e:95:31:27:40:c4:23:5c:f9:91:30:49:1c:d9:18:
51:06:7f:f8:82:cf:21:4f:7e:3a:1a:f2:5e:7f:34:74:10:6f:
6d:8c:48:e7:b6:29:f6:76:fe:69:ff:7b:8c:6d:08:ef:87:67:
c1:cf:7e:55:82:22:2a:24:ab:1f:85:ce:a7:69:c0:7b:ca:7c:
43:85:08:f7
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICHCQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0NG
NDRDMDZENUVBN0RGMENCRDRGNjg1MDhGMTRFODREQTA4Qjc1MjAeFw0yNjAzMTgw
NDU5MTJaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDdDMjNBNzc2ODE3MTRF
RkIzNUM5MDFEQTYzMEYyQzUyNUVGRTE5QkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDuKrt7WWTfJPZs67sRirgQxNwLOek5bNb0/o7Sbuct4I3RPjAO
6elADxNYmmkIBQkv2uj2rQxY9Inxyh0p+cPZf8ZnUo5nKKzj2Dg3ndBAvjlM0dAW
xOjvyb4M3pQVL1NqpzoAd0KjGa+CMP8T1a2NHlYon1mndF34PH7Jz5aN9xIkkudd
2nqGbMRETjRMEiK4rmtPIXj1yjFfcnwtFq4B4LXxUq54baxGwJn56nkTkvp/PjvW
sZhQtNBNJPIdh2H5dSXMt1/Mx6g4A9My1npzN+fS26uKsoaqn43AtvRuz42PPGmZ
tgcdr8Uj4KIBY996crSJsDiq5PWXEikd8QdHAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUfCOndoFxTvs1yQHaYw8sUl7+Gb8wHwYDVR0jBBgwFoAUfPRMBtXqffDL1PaF
CPFOhNoIt1IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjU3
OC9mUFJNQnRYcWZmREwxUGFGQ1BGT2hOb0l0MUkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2ZQUk1CdFhxZmZETDFQYUZDUEZPaE5vSXQxSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI1NzgvZlBSTUJ0WHFmZkRM
MVBhRkNQRk9oTm9JdDFJLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBABGrztBuPXuQ5PLz+RX5V5S9G9sFgwsyBOlRlmlRV7UCjucPWYFIzAjSDE0Z
zXcgCn9V4lzE/ohbZcVAAX+PXP/OpsRCxR+leMU3jQ3zPOuESLkuePCrsXr+kr9n
/vTsLwDvNZWUpo5iix0a1R+zyaTYTPdeUQPHVN5ar+7jZX6LtBr67lLf7CTwWK/9
MIwg8dkKf/JA2Dt7sDBB3DzIHLURSiVbM/rsziaSQd4Sd/xM9EnYy8w2ql6VMSdA
xCNc+ZEwSRzZGFEGf/iCzyFPfjoa8l5/NHQQb22MSOe2KfZ2/mn/e4xtCO+HZ8HP
flWCIiokqx+FzqdpwHvKfEOFCPc=
-----END CERTIFICATE-----
Generated at Thu Apr 16 11:04:13 2026 by rpki-client