Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft
File: H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft (raw, json)
Hash identifier: 3GqD9GIDA0t/yQqR+zTZpQTDoGHQJtSh92e1ClgRaj4=
Subject key identifier: DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50
Authority key identifier: 1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72
Certificate issuer: /CN=1FCAD722567791FD73A091FE891C948F1914D672
Certificate serial: 05EE
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft
Manifest number: 05D8
Signing time: Tue 22 Apr 2025 13:06:23 +0000
Manifest this update: Tue 22 Apr 2025 13:06:23 +0000
Manifest next update: Tue 22 Apr 2025 19:06:23 +0000
Files and hashes: 1: 6Ox9vYEkQ0kauWeF3ci5J0DCnyY.roa (hash: 7JH9vYwSOtQSmbNbZ1sNn45vDXImlBZc/Di0RUGYK+w=)
2: H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl (hash: 2YO+Ea03os2jVB9lt3z8R2YRrZFv1r+hSow7cykxXA8=)
3: JSD6su-8GmSdAloMCdElkEvt0AM.roa (hash: byIajotq4oMDlZPGW2paVqqfxYBJgKLLUDwL6wPkwLA=)
4: VboEPjdm3B9tpkGKHcEJa1gcG54.roa (hash: Bd9t5IO7ldMac3QGg6dlL68DuVE/YizSDPaV1MMd6Fg=)
5: a-C0ZcbMEIueflbcZASicAD8he0.roa (hash: j0QlysAnrzL+WWQvVGQm8SUA6f3yOOh++yMn2DzuE1Q=)
6: ac9zn1KZz8GSplsJ7n3whpOXZ6Y.roa (hash: MxCG7/kDUHT7A7/tLKuXfkqQIyrHEPkO+54grftcmBg=)
7: qOLyqTgKKgxRxyxeuJhc3_cZGQ4.roa (hash: anm9VRDFQVYzPYFRpltgoGJtk4c3JmQwvUl1Lz2LLYU=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1518 (0x5ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1FCAD722567791FD73A091FE891C948F1914D672
Validity
Not Before: Apr 22 13:06:23 2025 GMT
Not After : Apr 9 06:41:32 2026 GMT
Subject: CN=DC8B89B1D53CAB990135B7A9A719938DDB783050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:44:cb:45:b2:c5:2f:03:6c:6a:0c:af:3d:a8:
6f:3f:89:56:60:42:17:3b:2c:ef:61:bd:97:10:61:
71:3e:a1:78:4c:87:b3:24:8d:42:42:ce:26:38:be:
1f:46:01:f5:6a:ad:d9:48:b0:22:d7:f4:93:f3:b9:
3c:f8:b9:1b:cb:3b:9e:20:41:23:05:6f:c7:34:76:
a1:dd:9d:e2:8a:2c:d6:12:6f:6a:53:ba:09:36:cd:
fd:80:df:e7:1e:b7:55:4f:8d:01:9e:6f:0f:e8:d0:
d9:9f:c6:7a:af:a5:71:7c:15:45:18:6d:c6:01:4b:
2f:22:8d:af:e6:b8:03:93:3e:de:39:f0:79:83:f7:
b0:9e:96:e5:da:a1:98:5e:a2:9f:d9:64:39:8a:15:
f0:c4:23:f4:15:f8:04:a7:7f:6b:ae:af:76:d2:7b:
67:e3:6a:5e:0b:d9:d4:98:51:cc:83:e0:c6:82:52:
b3:84:f1:64:96:bc:d6:bf:d7:21:b2:82:23:6f:68:
1d:a4:a0:c9:de:1c:48:94:18:9d:05:86:cc:4e:2f:
92:93:3a:44:45:35:3f:1e:b5:52:3f:2e:36:cc:ea:
d3:13:04:7a:08:4c:f4:ce:ed:9c:97:23:6d:ca:59:
f9:33:63:ee:84:98:58:1a:4d:ae:a2:19:d4:57:a4:
16:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:8B:89:B1:D5:3C:AB:99:01:35:B7:A9:A7:19:93:8D:DB:78:30:50
X509v3 Authority Key Identifier:
keyid:1F:CA:D7:22:56:77:91:FD:73:A0:91:FE:89:1C:94:8F:19:14:D6:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2815/H8rXIlZ3kf1zoJH-iRyUjxkU1nI.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
bb:73:17:6a:96:40:0e:a0:44:96:05:df:39:9b:9c:d9:81:2b:
8e:74:68:7f:e5:74:60:e0:ef:5d:f8:22:42:32:d2:ea:ea:4c:
d0:83:18:d5:fb:f2:7b:82:b8:f4:bc:da:32:12:58:39:21:16:
98:4e:9b:9f:87:e7:77:d0:ef:b6:9c:67:c7:48:51:1b:b7:2b:
a3:fd:1d:59:d1:70:31:2b:3e:14:95:16:a0:ad:2b:86:0a:70:
7a:4a:df:30:24:da:a1:ae:11:01:a3:59:b8:3f:3c:fa:aa:ab:
34:c8:91:66:24:1e:05:51:c4:53:3d:af:37:89:3b:9e:18:70:
1d:b0:ec:4c:bf:71:2e:fa:16:07:b5:29:1c:5d:19:47:cd:14:
17:cc:99:60:59:7e:53:63:da:46:db:73:5e:ac:c8:0b:be:cb:
24:2c:d8:8d:3f:16:c4:2a:51:43:01:4c:58:16:98:45:80:35:
78:87:26:9e:01:39:e5:fb:c6:e1:86:53:7c:fa:2a:68:29:d1:
87:8f:2f:c4:6b:4b:bf:8c:44:46:a8:f1:d1:02:b2:ac:98:c5:
ad:e4:5a:4c:fb:32:c4:99:f8:a4:7f:eb:17:1b:34:b0:b5:06:
bd:4d:5a:69:4f:bf:c0:e6:72:db:74:6f:fe:c4:7f:3d:f5:9c:
dc:31:c2:6e
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICBe4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMUZD
QUQ3MjI1Njc3OTFGRDczQTA5MUZFODkxQzk0OEYxOTE0RDY3MjAeFw0yNTA0MjIx
MzA2MjNaFw0yNjA0MDkwNjQxMzJaMDMxMTAvBgNVBAMTKERDOEI4OUIxRDUzQ0FC
OTkwMTM1QjdBOUE3MTk5MzhEREI3ODMwNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwRMtFssUvA2xqDK89qG8/iVZgQhc7LO9hvZcQYXE+oXhMh7Mk
jUJCziY4vh9GAfVqrdlIsCLX9JPzuTz4uRvLO54gQSMFb8c0dqHdneKKLNYSb2pT
ugk2zf2A3+cet1VPjQGebw/o0NmfxnqvpXF8FUUYbcYBSy8ija/muAOTPt458HmD
97CeluXaoZheop/ZZDmKFfDEI/QV+ASnf2uur3bSe2fjal4L2dSYUcyD4MaCUrOE
8WSWvNa/1yGygiNvaB2koMneHEiUGJ0FhsxOL5KTOkRFNT8etVI/LjbM6tMTBHoI
TPTO7ZyXI23KWfkzY+6EmFgaTa6iGdRXpBa7AgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQU3IuJsdU8q5kBNbeppxmTjdt4MFAwHwYDVR0jBBgwFoAUH8rXIlZ3kf1zoJH+
iRyUjxkU1nIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMjgx
NS9IOHJYSWxaM2tmMXpvSkgtaVJ5VWp4a1UxbkkuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL0g4clhJbFoza2Yxem9KSC1pUnlVanhrVTFuSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzI4MTUvSDhyWElsWjNrZjF6
b0pILWlSeVVqeGtVMW5JLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBALtzF2qWQA6gRJYF3zmbnNmBK450aH/ldGDg7134IkIy0urqTNCDGNX78nuC
uPS82jISWDkhFphOm5+H53fQ77acZ8dIURu3K6P9HVnRcDErPhSVFqCtK4YKcHpK
3zAk2qGuEQGjWbg/PPqqqzTIkWYkHgVRxFM9rzeJO54YcB2w7Ey/cS76Fge1KRxd
GUfNFBfMmWBZflNj2kbbc16syAu+yyQs2I0/FsQqUUMBTFgWmEWANXiHJp4BOeX7
xuGGU3z6Kmgp0YePL8RrS7+MREao8dECsqyYxa3kWkz7MsSZ+KR/6xcbNLC1Br1N
WmlPv8Dmctt0b/7Efz31nNwxwm4=
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:17:46 2025 by rpki-client