Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft
File: yGYvK0iswHfpWADlqpLOFtJuHeo.mft (raw, json)
Hash identifier: z1bNKRQ2yssH3um9xSFmYuAX9Q+DElZJlBP4bYCVD+8=
Subject key identifier: 94:7C:DE:36:14:F0:27:AF:B0:FD:1C:6D:9E:D9:F8:27:17:0D:63:27
Authority key identifier: C8:66:2F:2B:48:AC:C0:77:E9:58:00:E5:AA:92:CE:16:D2:6E:1D:EA
Certificate issuer: /CN=C8662F2B48ACC077E95800E5AA92CE16D26E1DEA
Certificate serial: 04DF
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft
Manifest number: 04D9
Signing time: Wed 18 Mar 2026 01:28:59 +0000
Manifest this update: Wed 18 Mar 2026 01:28:59 +0000
Manifest next update: Wed 18 Mar 2026 07:28:59 +0000
Files and hashes: 1: 4IPxAcBB8d60RbMzQW1q_Zk5spc.roa (hash: RSRbi+VJkcVS/ILldg1kKiHadRJWcM1Mmw3Dk4goFaM=)
2: uW_sUHl-3HScavxDrg5eg9_INJ4.roa (hash: reqWK3fVKlZA3fra6G1lT9OteuvSXtDOZpPqJhZckac=)
3: yGYvK0iswHfpWADlqpLOFtJuHeo.crl (hash: y6VSxeYrO4ra4IL0r5xGlHx1k5kgGGN1I7XQT2aYjmU=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1247 (0x4df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C8662F2B48ACC077E95800E5AA92CE16D26E1DEA
Validity
Not Before: Mar 18 01:28:59 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=947CDE3614F027AFB0FD1C6D9ED9F827170D6327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:53:3e:ae:64:8f:6b:31:45:e5:ec:51:02:5b:
5b:15:41:6a:62:0e:d2:df:92:ca:34:b3:fc:9f:d4:
d3:f5:93:40:bd:8e:a4:a3:4b:84:38:04:db:3a:bf:
df:bb:a9:b7:7a:0f:28:7b:12:48:54:ac:52:48:55:
1e:99:93:0c:10:b7:06:0a:80:3c:0c:98:79:20:67:
1e:2d:33:c3:fb:37:8d:30:7e:ea:17:e1:f2:27:22:
c0:a9:fc:2e:a1:53:e5:ac:b5:25:de:93:45:a2:b6:
1b:4a:7b:89:81:2f:32:c2:8d:98:50:f3:23:0b:22:
88:4d:77:2f:90:8b:20:e9:dd:35:35:af:8a:bb:e5:
8f:7e:50:5d:88:98:07:06:9e:3a:e2:8a:81:a7:83:
1a:9a:6b:c0:45:1d:9c:ab:18:52:d4:6d:6d:85:35:
29:a7:08:1f:00:49:4e:97:ec:43:48:f4:5f:54:6e:
0a:1e:6a:7d:a0:5e:45:e1:df:7e:85:fe:22:be:cc:
22:b3:8b:53:86:64:b7:90:c4:60:84:6f:40:a3:0f:
61:e9:29:bd:a7:44:c4:73:64:be:ba:4e:69:e2:dc:
8c:09:40:c0:00:76:9e:81:ab:17:95:d7:53:07:0f:
1f:b2:a1:b6:f7:d2:b4:54:a0:3c:31:43:82:cc:d0:
36:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:7C:DE:36:14:F0:27:AF:B0:FD:1C:6D:9E:D9:F8:27:17:0D:63:27
X509v3 Authority Key Identifier:
keyid:C8:66:2F:2B:48:AC:C0:77:E9:58:00:E5:AA:92:CE:16:D2:6E:1D:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/yGYvK0iswHfpWADlqpLOFtJuHeo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3070/yGYvK0iswHfpWADlqpLOFtJuHeo.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
14:22:2a:b8:a6:57:d2:98:0a:3a:42:e4:72:f5:48:72:70:fa:
5f:2b:d0:6f:db:13:d5:f3:9f:d8:4b:2a:0c:20:c2:d8:5b:cd:
4e:ec:6f:3f:20:1e:4b:58:8f:80:7b:7d:e4:d4:57:12:67:85:
bb:f3:9d:80:b1:fb:30:23:16:9b:8a:0f:08:c8:0a:3a:f2:25:
ad:a7:35:ab:89:be:e3:5c:62:06:56:f8:85:c4:a8:96:8b:4f:
f6:c3:80:08:83:83:bf:d9:a4:2e:12:0b:a1:fd:21:d0:f3:da:
55:29:e7:8c:97:89:35:b6:23:7b:b0:76:9d:d0:82:fe:18:81:
a2:7b:fc:71:51:82:c9:5f:66:72:90:00:34:66:87:51:7b:d3:
a1:4e:95:c1:65:cb:71:29:bf:48:88:b5:55:7a:ac:41:15:9d:
a8:13:39:fc:ad:25:5f:8a:14:0b:2f:89:e4:40:3c:86:ff:8f:
f8:44:a8:2c:b7:f4:f0:b7:76:6f:67:b2:44:46:2d:ab:38:db:
6a:15:9a:27:08:9c:20:88:81:3e:d3:d4:e8:0b:a3:e1:68:8e:
28:d0:b2:09:cb:12:77:0f:a4:af:7b:63:c2:96:de:7a:5e:f2:
10:6d:32:af:d6:d2:30:18:b7:5f:0d:e8:69:c9:32:31:12:28:
35:f9:e8:51
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICBN8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzg2
NjJGMkI0OEFDQzA3N0U5NTgwMEU1QUE5MkNFMTZEMjZFMURFQTAeFw0yNjAzMTgw
MTI4NTlaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDk0N0NERTM2MTRGMDI3
QUZCMEZEMUM2RDlFRDlGODI3MTcwRDYzMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjUz6uZI9rMUXl7FECW1sVQWpiDtLfkso0s/yf1NP1k0C9jqSj
S4Q4BNs6v9+7qbd6Dyh7EkhUrFJIVR6ZkwwQtwYKgDwMmHkgZx4tM8P7N40wfuoX
4fInIsCp/C6hU+WstSXek0WithtKe4mBLzLCjZhQ8yMLIohNdy+QiyDp3TU1r4q7
5Y9+UF2ImAcGnjriioGngxqaa8BFHZyrGFLUbW2FNSmnCB8ASU6X7ENI9F9Ubgoe
an2gXkXh336F/iK+zCKzi1OGZLeQxGCEb0CjD2HpKb2nRMRzZL66Tmni3IwJQMAA
dp6BqxeV11MHDx+yobb30rRUoDwxQ4LM0DYtAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUlHzeNhTwJ6+w/Rxtntn4JxcNYycwHwYDVR0jBBgwFoAUyGYvK0iswHfpWADl
qpLOFtJuHeowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA3
MC95R1l2SzBpc3dIZnBXQURscXBMT0Z0SnVIZW8uY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL3lHWXZLMGlzd0hmcFdBRGxxcExPRnRKdUhlby5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNzAveUdZdkswaXN3SGZw
V0FEbHFwTE9GdEp1SGVvLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBABQiKrimV9KYCjpC5HL1SHJw+l8r0G/bE9Xzn9hLKgwgwthbzU7sbz8gHktY
j4B7feTUVxJnhbvznYCx+zAjFpuKDwjICjryJa2nNauJvuNcYgZW+IXEqJaLT/bD
gAiDg7/ZpC4SC6H9IdDz2lUp54yXiTW2I3uwdp3Qgv4YgaJ7/HFRgslfZnKQADRm
h1F706FOlcFly3Epv0iItVV6rEEVnagTOfytJV+KFAsvieRAPIb/j/hEqCy39PC3
dm9nskRGLas422oVmicInCCIgT7T1OgLo+FojijQsgnLEncPpK97Y8KW3npe8hBt
Mq/W0jAYt18N6GnJMjESKDX56FE=
-----END CERTIFICATE-----
Generated at Mon Jun 22 06:16:45 2026 by rpki-client