Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.mft
File: 1JQPURo42VRNSLTFxsObBYH4kf4.mft (raw, json)
Hash identifier: p6K4pJnW7Mr8i8kwqIee/ZO+M3iVMmYWqK13h3CS9Q8=
Subject key identifier: 14:AB:6B:DC:F1:DE:B6:17:49:DD:01:29:29:6C:74:EC:90:D5:45:97
Authority key identifier: D4:94:0F:51:1A:38:D9:54:4D:48:B4:C5:C6:C3:9B:05:81:F8:91:FE
Certificate issuer: /CN=D4940F511A38D9544D48B4C5C6C39B0581F891FE
Certificate serial: 03D1
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1JQPURo42VRNSLTFxsObBYH4kf4.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.mft
Manifest number: 03CF
Signing time: Wed 18 Mar 2026 01:00:45 +0000
Manifest this update: Wed 18 Mar 2026 01:00:45 +0000
Manifest next update: Wed 18 Mar 2026 07:00:45 +0000
Files and hashes: 1: 1JQPURo42VRNSLTFxsObBYH4kf4.crl (hash: IuFn+G7zqoBdQITjahR9OtjKm7Lb+SJ7l70xxo79pI0=)
2: XlNquY_uQ_6rZ2JhVM3vRqciRe8.roa (hash: i76OhCIwCGUrBdnZ6U6M1/woB4YGh0bDGaiEq4xZxAA=)
3: o0yhMvDIOHV-tmQVctXjhUcSRiI.roa (hash: SLL3IhXfo60djFS/eMKmcoL3aMmfcJgrvUvuHnpcZXg=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 977 (0x3d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4940F511A38D9544D48B4C5C6C39B0581F891FE
Validity
Not Before: Mar 18 01:00:45 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=14AB6BDCF1DEB61749DD0129296C74EC90D54597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e8:68:2c:b2:b8:bc:c5:b5:48:c0:a1:a5:53:
9f:cd:0b:3c:dc:35:37:92:98:86:ac:f8:a1:a5:c5:
4a:2c:d0:75:56:67:8b:bc:33:ed:9a:28:d5:16:83:
ef:b0:a5:10:c1:44:98:da:c5:c0:75:ec:ed:72:f2:
ce:1f:3f:23:0e:e6:a8:8e:88:ed:9a:62:30:f9:93:
4f:48:b2:8f:68:48:69:ad:c5:c8:f0:de:dd:60:19:
e5:26:c7:52:54:f9:1f:31:43:12:1f:25:0c:53:0a:
e8:16:c7:0b:30:67:70:d9:d0:a0:74:3e:df:fe:51:
1e:e9:1f:2b:20:a2:0e:89:18:ad:53:ec:08:0f:7f:
67:74:05:81:b5:11:8c:d3:8f:fa:d8:93:cb:61:5d:
f0:a5:47:44:4b:5a:b0:25:5e:93:63:79:3c:51:cd:
3d:54:2d:1e:c6:4c:f5:11:65:65:95:b1:7b:9d:c7:
63:bd:ae:ec:11:16:fd:8a:30:ed:3c:8d:6f:3b:69:
56:d4:a2:c0:5a:a9:a8:13:ef:c5:36:22:86:71:65:
31:16:9b:2d:a1:29:d0:9f:46:b4:1c:be:0b:8a:05:
d0:45:05:d4:52:62:a0:5d:96:af:ee:e6:e6:3d:51:
7d:b3:0e:67:82:3b:20:cc:ac:c2:fb:a8:36:36:2a:
b2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:AB:6B:DC:F1:DE:B6:17:49:DD:01:29:29:6C:74:EC:90:D5:45:97
X509v3 Authority Key Identifier:
keyid:D4:94:0F:51:1A:38:D9:54:4D:48:B4:C5:C6:C3:9B:05:81:F8:91:FE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1JQPURo42VRNSLTFxsObBYH4kf4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2688/1JQPURo42VRNSLTFxsObBYH4kf4.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
11:ec:70:5f:f1:02:49:2a:76:58:0e:05:c1:5b:75:52:e4:ea:
c6:81:2e:3b:ea:0c:29:cf:80:9e:a2:12:ec:94:d4:7e:30:00:
0b:7a:79:86:98:92:0d:59:1a:a2:2b:33:4f:f9:f4:00:cf:f2:
ad:45:da:6c:9c:28:45:88:42:5b:de:00:ac:5e:97:7e:61:ae:
0b:1f:17:1b:93:a7:b4:75:7c:4b:c3:a9:5c:8e:37:59:f9:35:
87:25:41:4f:1c:41:40:89:ff:1d:1f:fa:0e:de:b6:91:79:c7:
52:d7:bd:26:3c:5b:6d:99:50:a9:70:e1:c2:15:49:6c:8a:cb:
a5:69:d4:4c:42:68:1d:6d:3d:10:00:6f:e3:30:87:f4:67:62:
2f:f3:33:de:cb:c3:c6:3b:42:f8:29:ba:e0:ed:e7:90:dd:15:
df:d5:53:33:7a:23:8a:ad:3b:5d:83:17:af:8c:2c:a4:cd:82:
e7:ea:b0:f4:2c:b8:8d:60:f3:39:b8:a4:5b:3c:21:8f:7e:dd:
60:c1:d1:30:a2:91:c4:0d:b7:cf:75:b6:e2:ee:c2:8c:98:3d:
b5:82:0b:a1:a7:d8:81:97:3c:a7:ec:f8:e2:fc:4f:26:58:3d:
7c:24:3c:2c:73:46:1a:4f:58:45:16:11:31:1f:10:e1:b8:ce:
f7:be:5f:b1
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICA9EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDQ5
NDBGNTExQTM4RDk1NDRENDhCNEM1QzZDMzlCMDU4MUY4OTFGRTAeFw0yNjAzMTgw
MTAwNDVaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDE0QUI2QkRDRjFERUI2
MTc0OUREMDEyOTI5NkM3NEVDOTBENTQ1OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB6Ggssri8xbVIwKGlU5/NCzzcNTeSmIas+KGlxUos0HVWZ4u8
M+2aKNUWg++wpRDBRJjaxcB17O1y8s4fPyMO5qiOiO2aYjD5k09Iso9oSGmtxcjw
3t1gGeUmx1JU+R8xQxIfJQxTCugWxwswZ3DZ0KB0Pt/+UR7pHysgog6JGK1T7AgP
f2d0BYG1EYzTj/rYk8thXfClR0RLWrAlXpNjeTxRzT1ULR7GTPURZWWVsXudx2O9
ruwRFv2KMO08jW87aVbUosBaqagT78U2IoZxZTEWmy2hKdCfRrQcvguKBdBFBdRS
YqBdlq/u5uY9UX2zDmeCOyDMrML7qDY2KrLPAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUFKtr3PHethdJ3QEpKWx07JDVRZcwHwYDVR0jBBgwFoAU1JQPURo42VRNSLTF
xsObBYH4kf4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjY4
OC8xSlFQVVJvNDJWUk5TTFRGeHNPYkJZSDRrZjQuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLzFKUVBVUm80MlZSTlNMVEZ4c09iQllINGtmNC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI2ODgvMUpRUFVSbzQyVlJO
U0xURnhzT2JCWUg0a2Y0Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBABHscF/xAkkqdlgOBcFbdVLk6saBLjvqDCnPgJ6iEuyU1H4wAAt6eYaYkg1Z
GqIrM0/59ADP8q1F2mycKEWIQlveAKxel35hrgsfFxuTp7R1fEvDqVyON1n5NYcl
QU8cQUCJ/x0f+g7etpF5x1LXvSY8W22ZUKlw4cIVSWyKy6Vp1ExCaB1tPRAAb+Mw
h/RnYi/zM97Lw8Y7QvgpuuDt55DdFd/VUzN6I4qtO12DF6+MLKTNgufqsPQsuI1g
8zm4pFs8IY9+3WDB0TCikcQNt891tuLuwoyYPbWCC6Gn2IGXPKfs+OL8TyZYPXwk
PCxzRhpPWEUWETEfEOG4zve+X7E=
-----END CERTIFICATE-----
Generated at Mon Jun 22 06:37:18 2026 by rpki-client