Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft
File: H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft (raw, json)
Hash identifier: 7w6dXYgmnmSqnoh52WtbVmEa7YPc1HE8x4hyoR/h4KY=
Subject key identifier: DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50
Authority key identifier: 1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72
Certificate issuer: /CN=1FCAD722567791FD73A091FE891C948F1914D672
Certificate serial: 0C0E
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft
Manifest number: 0BF8
Signing time: Thu 05 Mar 2026 18:58:35 +0000
Manifest this update: Thu 05 Mar 2026 18:58:35 +0000
Manifest next update: Fri 06 Mar 2026 00:58:35 +0000
Files and hashes: 1: 6Ox9vYEkQ0kauWeF3ci5J0DCnyY.roa (hash: 7JH9vYwSOtQSmbNbZ1sNn45vDXImlBZc/Di0RUGYK+w=)
2: H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl (hash: LZZElVA9kNlLaCiO+g0NOm+Fq/wYKD64J5npAzWwGBc=)
3: JSD6su-8GmSdAloMCdElkEvt0AM.roa (hash: byIajotq4oMDlZPGW2paVqqfxYBJgKLLUDwL6wPkwLA=)
4: VboEPjdm3B9tpkGKHcEJa1gcG54.roa (hash: Bd9t5IO7ldMac3QGg6dlL68DuVE/YizSDPaV1MMd6Fg=)
5: a-C0ZcbMEIueflbcZASicAD8he0.roa (hash: j0QlysAnrzL+WWQvVGQm8SUA6f3yOOh++yMn2DzuE1Q=)
6: ac9zn1KZz8GSplsJ7n3whpOXZ6Y.roa (hash: MxCG7/kDUHT7A7/tLKuXfkqQIyrHEPkO+54grftcmBg=)
7: qOLyqTgKKgxRxyxeuJhc3_cZGQ4.roa (hash: anm9VRDFQVYzPYFRpltgoGJtk4c3JmQwvUl1Lz2LLYU=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3086 (0xc0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1FCAD722567791FD73A091FE891C948F1914D672
Validity
Not Before: Mar 5 18:58:35 2026 GMT
Not After : Oct 23 03:01:03 2026 GMT
Subject: CN=DC8B89B1D53CAB990135B7A9A719938DDB783050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:44:cb:45:b2:c5:2f:03:6c:6a:0c:af:3d:a8:
6f:3f:89:56:60:42:17:3b:2c:ef:61:bd:97:10:61:
71:3e:a1:78:4c:87:b3:24:8d:42:42:ce:26:38:be:
1f:46:01:f5:6a:ad:d9:48:b0:22:d7:f4:93:f3:b9:
3c:f8:b9:1b:cb:3b:9e:20:41:23:05:6f:c7:34:76:
a1:dd:9d:e2:8a:2c:d6:12:6f:6a:53:ba:09:36:cd:
fd:80:df:e7:1e:b7:55:4f:8d:01:9e:6f:0f:e8:d0:
d9:9f:c6:7a:af:a5:71:7c:15:45:18:6d:c6:01:4b:
2f:22:8d:af:e6:b8:03:93:3e:de:39:f0:79:83:f7:
b0:9e:96:e5:da:a1:98:5e:a2:9f:d9:64:39:8a:15:
f0:c4:23:f4:15:f8:04:a7:7f:6b:ae:af:76:d2:7b:
67:e3:6a:5e:0b:d9:d4:98:51:cc:83:e0:c6:82:52:
b3:84:f1:64:96:bc:d6:bf:d7:21:b2:82:23:6f:68:
1d:a4:a0:c9:de:1c:48:94:18:9d:05:86:cc:4e:2f:
92:93:3a:44:45:35:3f:1e:b5:52:3f:2e:36:cc:ea:
d3:13:04:7a:08:4c:f4:ce:ed:9c:97:23:6d:ca:59:
f9:33:63:ee:84:98:58:1a:4d:ae:a2:19:d4:57:a4:
16:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50
X509v3 Authority Key Identifier:
keyid:1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
a0:b8:c1:2a:84:fe:28:ad:97:7f:f8:10:d3:41:4c:f5:d8:70:
63:17:df:34:c0:12:3b:f4:ea:b4:be:89:4c:82:74:eb:66:99:
11:38:02:f9:00:28:c1:8f:14:d0:34:72:42:24:35:c9:1c:4a:
60:44:6c:23:10:49:1b:93:4a:c9:ce:06:04:ef:24:72:49:99:
87:f5:26:2c:a4:41:48:91:e4:87:d5:83:67:c1:c2:a7:7e:c8:
a0:b6:3d:9f:f0:14:bd:0c:35:08:a9:d1:50:5f:72:f3:72:17:
5d:ce:24:94:5f:b8:32:f5:7d:7b:54:d8:e9:22:47:fd:d4:44:
8c:00:cd:da:f2:9c:0a:bc:d2:e2:ca:ef:27:f2:6d:d8:14:1d:
56:c9:1a:30:e9:d2:02:b1:f0:98:f7:d4:51:c1:29:7e:e2:82:
a9:24:9b:a5:e3:9d:cd:f4:46:98:7b:91:25:38:a7:62:24:5e:
f6:e3:29:ab:19:c9:19:bb:25:43:29:27:25:88:13:76:53:7c:
fe:06:1e:65:f4:78:16:7a:33:1e:95:01:1c:b3:14:e2:16:17:
43:f7:d2:01:2c:4c:65:ea:58:68:e6:f4:f6:bb:c2:7f:80:34:
1a:36:7c:68:a5:f7:4b:79:52:d3:6f:c5:67:4c:00:da:98:fc:
02:72:59:f6
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICDA4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUZD
QUQ3MjI1Njc3OTFGRDczQTA5MUZFODkxQzk0OEYxOTE0RDY3MjAeFw0yNjAzMDUx
ODU4MzVaFw0yNjEwMjMwMzAxMDNaMDMxMTAvBgNVBAMTKERDOEI4OUIxRDUzQ0FC
OTkwMTM1QjdBOUE3MTk5MzhEREI3ODMwNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwRMtFssUvA2xqDK89qG8/iVZgQhc7LO9hvZcQYXE+oXhMh7Mk
jUJCziY4vh9GAfVqrdlIsCLX9JPzuTz4uRvLO54gQSMFb8c0dqHdneKKLNYSb2pT
ugk2zf2A3+cet1VPjQGebw/o0NmfxnqvpXF8FUUYbcYBSy8ija/muAOTPt458HmD
97CeluXaoZheop/ZZDmKFfDEI/QV+ASnf2uur3bSe2fjal4L2dSYUcyD4MaCUrOE
8WSWvNa/1yGygiNvaB2koMneHEiUGJ0FhsxOL5KTOkRFNT8etVI/LjbM6tMTBHoI
TPTO7ZyXI23KWfkzY+6EmFgaTa6iGdRXpBa7AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQU3IuJsdU8q5kBNbeppxmTjdt4MFAwHwYDVR0jBBgwFoAUH8rXIlZ3kf1zoJH+
iRyUjxkU1nIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgx
NS9IOHJYSWxaM2tmMXpvSkgtaVJ5VWp4a1UxbkkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0g4clhJbFoza2Yxem9KSC1pUnlVanhrVTFuSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MTUvSDhyWElsWjNrZjF6
b0pILWlSeVVqeGtVMW5JLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAKC4wSqE/iitl3/4ENNBTPXYcGMX3zTAEjv06rS+iUyCdOtmmRE4AvkAKMGP
FNA0ckIkNckcSmBEbCMQSRuTSsnOBgTvJHJJmYf1JiykQUiR5IfVg2fBwqd+yKC2
PZ/wFL0MNQip0VBfcvNyF13OJJRfuDL1fXtU2OkiR/3URIwAzdrynAq80uLK7yfy
bdgUHVbJGjDp0gKx8Jj31FHBKX7igqkkm6Xjnc30Rph7kSU4p2IkXvbjKasZyRm7
JUMpJyWIE3ZTfP4GHmX0eBZ6Mx6VARyzFOIWF0P30gEsTGXqWGjm9Pa7wn+ANBo2
fGil90t5UtNvxWdMANqY/AJyWfY=
-----END CERTIFICATE-----
Generated at Fri Mar 6 00:59:57 2026 by rpki-client