Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft
File: -ta0PAnQSQoN9_iR359jtSDPIQ8.mft (raw, json)
Hash identifier: dkd+IrFvG9xZcT5Z2RioGtP6nY5UEh8nN8hRXAnkT58=
Subject key identifier: 4B:CC:44:71:84:49:7A:8F:AE:B3:76:9A:D7:67:F2:E2:87:1D:2E:AC
Authority key identifier: FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F
Certificate issuer: /CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F
Certificate serial: 0F29
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft
Manifest number: 0F21
Signing time: Tue 03 Jun 2025 18:09:11 +0000
Manifest this update: Tue 03 Jun 2025 18:09:11 +0000
Manifest next update: Wed 04 Jun 2025 00:09:11 +0000
Files and hashes: 1: -ta0PAnQSQoN9_iR359jtSDPIQ8.crl (hash: GjbbagcniaP+JNW4fm98/juLyGwPBr6ZfSj46J1Xbc4=)
2: jZYYEWocgaa7kE62wHrtcbhmeqg.roa (hash: imxvfDsgpwHiKGk2ShLZNPp9PfRPBN6EzLl65EE3xwI=)
3: quj3JK30OXbnje-5SHznSVufOkU.roa (hash: QFco1R1nZco2MXFS8wJ24/UVjY0SEkcS4e5JbGrfWNA=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3881 (0xf29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FAD6B43C09D0490A0DF7F891DF9F63B520CF210F
Validity
Not Before: Jun 3 18:09:11 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=4BCC447184497A8FAEB3769AD767F2E2871D2EAC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:48:ee:2b:68:e0:56:e6:b1:31:28:fd:47:ec:
4f:11:cb:57:24:26:ab:d1:62:af:be:7f:2a:fc:e0:
a6:ca:09:fa:df:39:bf:1a:4d:ee:e7:d2:04:13:4c:
ac:e2:0e:1e:ad:f4:e7:66:10:72:a4:dc:dc:58:0b:
2b:30:18:84:09:a9:c2:92:f5:48:0c:e0:c7:e2:e8:
76:37:fe:e1:0b:b8:b7:cc:b4:a7:1c:f6:f0:00:a2:
4c:88:c2:0d:1c:77:ee:ed:5e:1b:ab:6c:63:b1:fc:
b8:42:c7:dc:5d:96:72:b1:a2:f2:ab:6d:8b:6e:f6:
28:87:66:1f:a9:05:09:e7:13:7d:9d:7e:49:b9:35:
62:13:98:cc:ad:e2:3f:3e:50:3a:6d:ad:48:06:a3:
4d:d0:25:33:71:7f:f4:45:31:2e:da:ea:70:d2:f2:
bb:86:d1:7d:04:a2:98:b1:ca:26:25:9b:b7:84:56:
af:f6:ae:d6:85:b8:1a:b5:78:24:84:58:57:60:b1:
ed:e2:3f:f0:d1:fa:4c:57:30:15:22:fa:37:8b:f8:
10:fd:c8:f7:0a:50:d3:19:f8:15:cd:0d:b4:c8:b6:
35:e0:c2:1d:71:28:31:3d:05:53:bd:9f:f7:f2:c8:
51:e0:c9:cb:a8:e3:82:d0:1e:9e:d2:83:a2:44:6e:
5c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:CC:44:71:84:49:7A:8F:AE:B3:76:9A:D7:67:F2:E2:87:1D:2E:AC
X509v3 Authority Key Identifier:
keyid:FA:D6:B4:3C:09:D0:49:0A:0D:F7:F8:91:DF:9F:63:B5:20:CF:21:0F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/-ta0PAnQSQoN9_iR359jtSDPIQ8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2741/-ta0PAnQSQoN9_iR359jtSDPIQ8.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
00:eb:5d:f0:ec:cd:60:10:9e:81:ba:69:21:45:6c:3d:25:68:
18:3c:2e:15:a3:2b:52:68:a8:1a:d0:06:78:f9:4a:0c:c1:a0:
ca:8e:c8:1e:29:aa:3d:6e:4a:e2:93:0a:f5:46:09:b6:0c:a3:
9a:d3:c9:87:fd:93:5f:83:52:82:75:bd:c4:b9:fe:5a:26:63:
05:05:af:bb:e4:7b:7f:c8:08:1d:ce:31:23:87:55:96:74:d7:
13:dc:3b:0d:8b:9b:f5:a7:4a:0a:e3:d9:49:96:59:86:7d:e5:
c1:5d:9f:ac:2f:ba:ad:25:af:3f:15:4b:d6:aa:e8:dd:c5:ae:
68:93:56:5e:8e:04:5b:90:55:a2:3b:7a:ec:87:0d:51:16:dd:
69:8c:af:1a:6e:7b:3e:68:ac:35:0e:70:46:88:9d:a4:ac:c6:
a8:83:06:ff:87:6d:12:fd:80:68:12:9f:47:7a:5c:21:9c:29:
82:1d:d1:f1:54:69:ac:26:02:58:9b:36:f4:70:73:1a:bf:d1:
c0:c5:34:94:dc:78:c1:90:51:35:ca:dc:7f:88:c7:0d:9a:c4:
b8:1c:42:ce:20:c7:35:7a:3f:3a:54:0d:6b:d0:c3:77:e3:66:
f1:2f:c0:8d:6d:b4:c1:29:56:64:14:46:81:cc:d4:3b:00:c8:
70:31:8b:7e
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICDykwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkFE
NkI0M0MwOUQwNDkwQTBERjdGODkxREY5RjYzQjUyMENGMjEwRjAeFw0yNTA2MDMx
ODA5MTFaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDRCQ0M0NDcxODQ0OTdB
OEZBRUIzNzY5QUQ3NjdGMkUyODcxRDJFQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhSO4raOBW5rExKP1H7E8Ry1ckJqvRYq++fyr84KbKCfrfOb8a
Te7n0gQTTKziDh6t9OdmEHKk3NxYCyswGIQJqcKS9UgM4Mfi6HY3/uELuLfMtKcc
9vAAokyIwg0cd+7tXhurbGOx/LhCx9xdlnKxovKrbYtu9iiHZh+pBQnnE32dfkm5
NWITmMyt4j8+UDptrUgGo03QJTNxf/RFMS7a6nDS8ruG0X0EopixyiYlm7eEVq/2
rtaFuBq1eCSEWFdgse3iP/DR+kxXMBUi+jeL+BD9yPcKUNMZ+BXNDbTItjXgwh1x
KDE9BVO9n/fyyFHgycuo44LQHp7Sg6JEblyVAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUS8xEcYRJeo+us3aa12fy4ocdLqwwHwYDVR0jBBgwFoAU+ta0PAnQSQoN9/iR
359jtSDPIQ8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjc0
MS8tdGEwUEFuUVNRb045X2lSMzU5anRTRFBJUTguY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwLy10YTBQQW5RU1FvTjlfaVIzNTlqdFNEUElROC5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI3NDEvLXRhMFBBblFTUW9O
OV9pUjM1OWp0U0RQSVE4Lm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAADrXfDszWAQnoG6aSFFbD0laBg8LhWjK1JoqBrQBnj5SgzBoMqOyB4pqj1u
SuKTCvVGCbYMo5rTyYf9k1+DUoJ1vcS5/lomYwUFr7vke3/ICB3OMSOHVZZ01xPc
Ow2Lm/WnSgrj2UmWWYZ95cFdn6wvuq0lrz8VS9aq6N3FrmiTVl6OBFuQVaI7euyH
DVEW3WmMrxpuez5orDUOcEaInaSsxqiDBv+HbRL9gGgSn0d6XCGcKYId0fFUaawm
AlibNvRwcxq/0cDFNJTceMGQUTXK3H+Ixw2axLgcQs4gxzV6PzpUDWvQw3fjZvEv
wI1ttMEpVmQURoHM1DsAyHAxi34=
-----END CERTIFICATE-----
Generated at Wed Jun 4 01:13:53 2025 by rpki-client