Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.mft
File: OstT3inBC2LxfO9hjR44QUU6wOg.mft (raw, json)
Hash identifier: tGw+8kc+KOB+IY5YsvyiNOQ8BhVtLgzHmd2KxrQ1o+0=
Subject key identifier: 53:9F:71:D4:C3:E8:20:FA:15:5B:BC:F7:9E:4B:1A:D9:CD:F7:B5:7D
Authority key identifier: 3A:CB:53:DE:29:C1:0B:62:F1:7C:EF:61:8D:1E:38:41:45:3A:C0:E8
Certificate issuer: /CN=3ACB53DE29C10B62F17CEF618D1E3841453AC0E8
Certificate serial: 0798
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OstT3inBC2LxfO9hjR44QUU6wOg.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.mft
Manifest number: 0798
Signing time: Sat 29 Mar 2025 08:28:11 +0000
Manifest this update: Sat 29 Mar 2025 08:28:11 +0000
Manifest next update: Sat 29 Mar 2025 14:28:11 +0000
Files and hashes: 1: OstT3inBC2LxfO9hjR44QUU6wOg.crl (hash: hQoF5W57F/x8h54vYITMYFe0+h4SoCLyCamruZdIxyM=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1944 (0x798)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ACB53DE29C10B62F17CEF618D1E3841453AC0E8
Validity
Not Before: Mar 29 08:28:11 2025 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=539F71D4C3E820FA155BBCF79E4B1AD9CDF7B57D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:07:66:9e:d2:03:96:b0:e1:9a:f2:2f:ab:f3:
99:3b:83:7a:68:7b:7b:18:38:84:7d:82:50:32:22:
71:c8:6b:e3:4c:2f:2a:ba:cf:cf:86:24:84:a0:7d:
dc:fb:dc:33:2a:f4:d7:d5:7e:39:ea:8b:b7:75:64:
ff:d6:98:c4:c5:a2:1f:7d:f7:d1:21:b4:c2:8a:d5:
55:80:8d:b5:f3:08:4f:10:ef:41:e5:26:0d:00:68:
89:e0:28:2e:52:43:a3:c8:e4:6b:80:f8:94:8a:92:
57:c3:d9:18:8f:9b:75:d0:b9:52:67:fa:fe:66:7a:
47:1d:bf:cc:11:a5:b5:0b:ab:f5:e8:f5:2a:e9:10:
17:e0:37:09:1c:10:18:d6:ed:62:86:c3:98:46:d1:
13:11:03:f1:3e:c1:2b:74:e9:c1:8f:42:a7:25:23:
ea:42:1f:8c:ab:59:9d:b0:7b:f1:d2:1d:fb:5e:2b:
85:87:c1:49:1a:33:37:c3:4c:26:ee:1d:9a:57:50:
d1:12:04:c8:7a:57:c3:17:60:72:bc:2c:ac:80:5b:
52:1c:1d:3e:c2:5e:19:75:0f:a5:b2:b4:51:93:e9:
a2:0a:f8:ee:e6:0b:ae:b9:4a:83:4b:52:09:6e:9c:
41:b0:43:94:3d:7e:9d:74:ef:e2:43:d5:e2:b0:9c:
6f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:9F:71:D4:C3:E8:20:FA:15:5B:BC:F7:9E:4B:1A:D9:CD:F7:B5:7D
X509v3 Authority Key Identifier:
keyid:3A:CB:53:DE:29:C1:0B:62:F1:7C:EF:61:8D:1E:38:41:45:3A:C0:E8
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/OstT3inBC2LxfO9hjR44QUU6wOg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3267/OstT3inBC2LxfO9hjR44QUU6wOg.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
9b:fc:56:e9:85:06:86:b1:aa:f0:4c:0d:81:72:0a:31:eb:97:
22:0f:20:91:b0:fb:3e:ab:c4:5e:46:00:ca:09:b2:80:e1:88:
9f:95:e4:7d:0d:13:4a:b8:82:ab:7a:ea:8a:cb:92:f0:db:1c:
8d:05:e6:9b:52:05:13:f6:6e:72:ea:ed:11:f3:f6:df:46:1b:
ee:22:57:1b:1f:ca:f6:3c:c6:db:1e:a4:cf:43:29:9e:8b:b4:
e2:6d:79:a5:1f:a1:20:ca:93:a4:83:58:d9:bf:ff:28:95:1e:
19:0f:35:4d:6b:c5:b4:86:ca:59:83:39:80:e8:1a:13:a8:79:
82:79:e1:9f:2d:98:a2:5f:0b:82:bd:a5:47:59:c0:e6:b3:1c:
99:5f:7a:7c:c7:f6:f4:30:07:59:05:d5:5b:4c:95:78:b2:84:
02:3f:f5:5b:42:d2:d4:b5:cc:1d:72:be:ae:02:68:89:84:42:
fc:68:99:c5:d4:fb:dd:19:09:62:23:01:6a:a6:4a:c7:09:ab:
25:ab:68:26:58:0a:73:3a:a0:16:7e:17:61:ec:6e:e3:aa:5a:
41:fc:dc:fe:88:85:cc:bd:a2:8c:49:b4:77:bc:6b:64:86:ec:
ba:a0:16:f6:d1:ae:91:df:d4:bc:f1:e2:c1:4f:4b:cd:9e:15:
e1:4f:9e:0e
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICB5gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0FD
QjUzREUyOUMxMEI2MkYxN0NFRjYxOEQxRTM4NDE0NTNBQzBFODAeFw0yNTAzMjkw
ODI4MTFaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDUzOUY3MUQ0QzNFODIw
RkExNTVCQkNGNzlFNEIxQUQ5Q0RGN0I1N0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEB2ae0gOWsOGa8i+r85k7g3poe3sYOIR9glAyInHIa+NMLyq6
z8+GJISgfdz73DMq9NfVfjnqi7d1ZP/WmMTFoh9999EhtMKK1VWAjbXzCE8Q70Hl
Jg0AaIngKC5SQ6PI5GuA+JSKklfD2RiPm3XQuVJn+v5mekcdv8wRpbULq/Xo9Srp
EBfgNwkcEBjW7WKGw5hG0RMRA/E+wSt06cGPQqclI+pCH4yrWZ2we/HSHfteK4WH
wUkaMzfDTCbuHZpXUNESBMh6V8MXYHK8LKyAW1IcHT7CXhl1D6WytFGT6aIK+O7m
C665SoNLUglunEGwQ5Q9fp107+JD1eKwnG/zAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUU59x1MPoIPoVW7z3nksa2c33tX0wHwYDVR0jBBgwFoAUOstT3inBC2LxfO9h
jR44QUU6wOgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzI2
Ny9Pc3RUM2luQkMyTHhmTzloalI0NFFVVTZ3T2cuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL09zdFQzaW5CQzJMeGZPOWhqUjQ0UVVVNndPZy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMyNjcvT3N0VDNpbkJDMkx4
Zk85aGpSNDRRVVU2d09nLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAJv8VumFBoaxqvBMDYFyCjHrlyIPIJGw+z6rxF5GAMoJsoDhiJ+V5H0NE0q4
gqt66orLkvDbHI0F5ptSBRP2bnLq7RHz9t9GG+4iVxsfyvY8xtsepM9DKZ6LtOJt
eaUfoSDKk6SDWNm//yiVHhkPNU1rxbSGylmDOYDoGhOoeYJ54Z8tmKJfC4K9pUdZ
wOazHJlfenzH9vQwB1kF1VtMlXiyhAI/9VtC0tS1zB1yvq4CaImEQvxomcXU+90Z
CWIjAWqmSscJqyWraCZYCnM6oBZ+F2HsbuOqWkH83P6Ihcy9ooxJtHe8a2SG7Lqg
FvbRrpHf1Lzx4sFPS82eFeFPng4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:42:51 2025 by rpki-client