Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3322/MSQwkFuWKBQp1OEUENoKNXUIPAQ.mft
File: MSQwkFuWKBQp1OEUENoKNXUIPAQ.mft (raw, json)
Hash identifier: KgBmKFvjMN0NY3fxXTTxkqkMQMPJPFp5XgRw3hcZCrE=
Subject key identifier: 61:9D:7A:78:02:41:74:56:E9:3C:0E:3E:02:1B:96:4B:CD:13:C6:91
Authority key identifier: 31:24:30:90:5B:96:28:14:29:D4:E1:14:10:DA:0A:35:75:08:3C:04
Certificate issuer: /CN=312430905B96281429D4E11410DA0A3575083C04
Certificate serial: 03CB
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MSQwkFuWKBQp1OEUENoKNXUIPAQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3322/MSQwkFuWKBQp1OEUENoKNXUIPAQ.mft
Manifest number: 03CB
Signing time: Fri 25 Apr 2025 22:40:25 +0000
Manifest this update: Fri 25 Apr 2025 22:40:25 +0000
Manifest next update: Sat 26 Apr 2025 04:40:25 +0000
Files and hashes: 1: MSQwkFuWKBQp1OEUENoKNXUIPAQ.crl (hash: AurEvdV7hzLjIRrl+83bBs13QWUMnYUHn8BwwTqm2Ow=)
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3322/MSQwkFuWKBQp1OEUENoKNXUIPAQ.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3322/MSQwkFuWKBQp1OEUENoKNXUIPAQ.mft
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MSQwkFuWKBQp1OEUENoKNXUIPAQ.cer
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1xHsDTeBWKRHb-bqfXClSpUZWhE.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1xHsDTeBWKRHb-bqfXClSpUZWhE.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 26 Apr 2025 02:39:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 971 (0x3cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=312430905B96281429D4E11410DA0A3575083C04
Validity
Not Before: Apr 25 22:40:25 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=619D7A7802417456E93C0E3E021B964BCD13C691
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f0:cd:da:1f:39:c0:51:b3:c7:fb:ac:61:a1:
e1:92:96:4b:ac:88:5b:ab:11:3b:34:a1:b5:85:aa:
bb:1f:38:d6:db:15:a2:f8:8c:67:9f:ce:ad:0a:35:
32:eb:39:59:f3:c9:39:0b:11:bb:66:23:0b:6c:eb:
95:11:2b:a0:d3:8f:36:a8:dd:c8:c0:bf:fd:c4:11:
fe:5f:dd:34:ba:cc:ed:26:e6:74:75:9d:63:fc:56:
54:a0:72:79:b2:d0:75:07:d3:b6:fb:28:61:bd:ac:
e3:3e:2c:cc:92:d6:e1:5e:14:6f:1b:0c:47:93:66:
9d:1e:2d:11:21:b7:08:af:49:02:a4:21:7d:5e:8a:
65:36:24:bb:50:74:6f:60:59:19:52:aa:8b:01:03:
13:d6:48:d3:c4:ab:81:fe:1f:55:af:ec:05:2f:30:
71:85:72:95:71:6e:5b:74:ef:87:59:cc:9b:e1:d1:
38:49:08:71:bf:30:b7:fc:f6:8b:8b:94:78:82:a1:
73:67:09:87:51:c4:6c:ed:c5:e2:51:24:88:dd:39:
0d:d4:0d:cc:bd:b2:cd:c0:3f:b5:88:48:e8:83:3b:
0d:81:3e:67:15:0e:cc:19:65:2e:f1:b0:cf:1d:f5:
2a:12:ab:31:8c:bb:93:c0:db:77:bf:b5:72:c5:0d:
4f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:9D:7A:78:02:41:74:56:E9:3C:0E:3E:02:1B:96:4B:CD:13:C6:91
X509v3 Authority Key Identifier:
keyid:31:24:30:90:5B:96:28:14:29:D4:E1:14:10:DA:0A:35:75:08:3C:04
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3322/MSQwkFuWKBQp1OEUENoKNXUIPAQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/MSQwkFuWKBQp1OEUENoKNXUIPAQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3322/MSQwkFuWKBQp1OEUENoKNXUIPAQ.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
0a:86:b8:07:7b:6d:44:75:4f:10:3b:f8:da:9c:68:8d:28:09:
0f:b9:4a:87:86:b9:27:6a:9a:c8:05:16:45:26:f0:c4:bb:6d:
c2:50:9e:1b:83:24:38:67:40:c3:3b:29:bd:21:f1:c5:cf:e9:
8e:8b:bf:b6:9e:af:2a:62:a1:a8:00:fe:94:f9:f9:9c:85:55:
f6:9c:8c:e0:b3:c7:41:09:cd:27:fe:54:cb:dd:89:ac:85:ce:
02:81:79:12:9a:04:95:2d:b4:bf:0b:73:b5:64:b2:13:d3:18:
f2:fd:34:b0:10:d1:14:4d:c5:50:34:87:c2:4a:21:4d:e9:1a:
d1:bd:3e:36:3a:f8:c2:05:89:eb:ec:22:ef:5b:bf:7a:be:84:
4b:5c:01:15:07:be:56:d8:95:ff:98:e5:ce:e2:16:35:58:b9:
86:c2:6c:e3:d8:05:63:21:f9:5b:b7:6c:a8:02:8f:2e:14:f8:
60:86:85:87:d3:c8:92:2b:b0:31:64:87:0f:19:f5:23:14:48:
60:8e:29:17:9b:f7:e0:77:dc:cb:d1:20:4b:95:c3:24:d8:8c:
97:f5:69:4e:c6:42:0a:3d:37:b6:c0:7d:13:37:6b:92:6a:f6:
76:cd:e7:d6:51:4e:9b:f7:84:96:ed:39:d2:ac:74:a7:8f:fc:
4f:40:77:47
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgICA8swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzEy
NDMwOTA1Qjk2MjgxNDI5RDRFMTE0MTBEQTBBMzU3NTA4M0MwNDAeFw0yNTA0MjUy
MjQwMjVaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKDYxOUQ3QTc4MDI0MTc0
NTZFOTNDMEUzRTAyMUI5NjRCQ0QxM0M2OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC78M3aHznAUbPH+6xhoeGSlkusiFurETs0obWFqrsfONbbFaL4
jGefzq0KNTLrOVnzyTkLEbtmIwts65URK6DTjzao3cjAv/3EEf5f3TS6zO0m5nR1
nWP8VlSgcnmy0HUH07b7KGG9rOM+LMyS1uFeFG8bDEeTZp0eLREhtwivSQKkIX1e
imU2JLtQdG9gWRlSqosBAxPWSNPEq4H+H1Wv7AUvMHGFcpVxblt074dZzJvh0ThJ
CHG/MLf89ouLlHiCoXNnCYdRxGztxeJRJIjdOQ3UDcy9ss3AP7WISOiDOw2BPmcV
DswZZS7xsM8d9SoSqzGMu5PA23e/tXLFDU/TAgMBAAGjggIMMIICCDAdBgNVHQ4E
FgQUYZ16eAJBdFbpPA4+AhuWS80TxpEwHwYDVR0jBBgwFoAUMSQwkFuWKBQp1OEU
ENoKNXUIPAQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzMy
Mi9NU1F3a0Z1V0tCUXAxT0VVRU5vS05YVUlQQVEuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL01TUXdrRnVXS0JRcDFPRVVFTm9LTlhVSVBBUS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMzMjIvTVNRd2tGdVdLQlFw
MU9FVUVOb0tOWFVJUEFRLm1mdDAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEG
CCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQAD
ggEBAAqGuAd7bUR1TxA7+NqcaI0oCQ+5SoeGuSdqmsgFFkUm8MS7bcJQnhuDJDhn
QMM7Kb0h8cXP6Y6Lv7aerypioagA/pT5+ZyFVfacjOCzx0EJzSf+VMvdiayFzgKB
eRKaBJUttL8Lc7VkshPTGPL9NLAQ0RRNxVA0h8JKIU3pGtG9PjY6+MIFievsIu9b
v3q+hEtcARUHvlbYlf+Y5c7iFjVYuYbCbOPYBWMh+Vu3bKgCjy4U+GCGhYfTyJIr
sDFkhw8Z9SMUSGCOKReb9+B33MvRIEuVwyTYjJf1aU7GQgo9N7bAfRM3a5Jq9nbN
59ZRTpv3hJbtOdKsdKeP/E9Ad0c=
-----END CERTIFICATE-----
Generated at Sat Apr 26 01:34:53 2025 by rpki-client