Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.mft
File: Al4teU5v-uKVus5JEQDj0YuccUE.mft (raw, json)
Hash identifier: 8rUWYZEmD9LZXEWfLCMrwbKTpMyE5B69EzufOpSY3r8=
Subject key identifier: 68:95:0B:9B:9B:3C:EB:1D:C5:A5:7A:20:50:6D:0C:00:C8:05:DE:63
Authority key identifier: 02:5E:2D:79:4E:6F:FA:E2:95:BA:CE:49:11:00:E3:D1:8B:9C:71:41
Certificate issuer: /CN=025E2D794E6FFAE295BACE491100E3D18B9C7141
Certificate serial: 229F
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Al4teU5v-uKVus5JEQDj0YuccUE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.mft
Manifest number: 2297
Signing time: Tue 17 Mar 2026 23:59:04 +0000
Manifest this update: Tue 17 Mar 2026 23:59:04 +0000
Manifest next update: Wed 18 Mar 2026 05:59:04 +0000
Files and hashes: 1: Al4teU5v-uKVus5JEQDj0YuccUE.crl (hash: wcoU9iYRn2jiH4h0JFp65JXCZ/tdygkkEGQNiFDRhWw=)
2: EdKuHFR3MnqwbaM43wM36itNt9A.roa (hash: 5cCZZWRuvcXUASqOAxLpFZlKl075UZSbaOkBkN6iYao=)
3: jqRpm9JiE0rTpOHGGDbx3TEszO4.roa (hash: fUSzDqDIpPhopoceHTVJRAtJ3jDg6hbeIkOZQ0Cna1k=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8863 (0x229f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=025E2D794E6FFAE295BACE491100E3D18B9C7141
Validity
Not Before: Mar 17 23:59:04 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=68950B9B9B3CEB1DC5A57A20506D0C00C805DE63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f8:52:ea:be:09:16:4c:60:da:89:fc:09:a2:
ee:ac:81:ee:8c:e7:9d:62:13:ff:7b:b5:18:3f:b1:
04:6d:56:47:1f:98:4a:4f:b1:51:93:c2:c6:9b:53:
b0:d2:05:fa:f9:21:8b:e5:09:9e:0a:cf:f1:ed:a8:
b2:23:09:60:24:fe:55:be:e7:50:f6:51:17:92:21:
02:ae:64:78:45:9c:fc:cc:82:38:bd:eb:ff:01:6e:
5f:fd:d6:23:08:1f:11:45:65:26:fc:5c:00:cd:32:
ce:77:12:98:5d:06:f0:d2:de:12:17:6f:9f:1f:e2:
6c:de:38:7b:08:38:d2:21:4b:98:54:ad:63:bf:50:
49:2e:e0:67:cf:c2:fb:8c:10:86:f6:6a:21:7e:9f:
1c:51:0f:ae:31:db:c6:17:6b:a4:9d:71:49:d1:3f:
af:29:0d:8a:58:87:88:31:b4:05:1d:ec:0b:d5:76:
85:e3:cb:11:0e:d6:6f:1e:a0:81:3c:a3:ba:ee:b8:
0b:80:35:cb:9e:d1:ae:aa:3d:04:ec:32:18:d6:0f:
f7:04:45:e9:da:ce:d5:ca:27:16:86:b3:9f:ca:dc:
26:36:63:9c:0e:9f:a1:cc:a1:e6:91:56:ec:2d:1d:
c5:11:c9:9e:9d:3a:07:be:f3:68:98:61:f7:19:2a:
ff:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:95:0B:9B:9B:3C:EB:1D:C5:A5:7A:20:50:6D:0C:00:C8:05:DE:63
X509v3 Authority Key Identifier:
keyid:02:5E:2D:79:4E:6F:FA:E2:95:BA:CE:49:11:00:E3:D1:8B:9C:71:41
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/Al4teU5v-uKVus5JEQDj0YuccUE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/479/Al4teU5v-uKVus5JEQDj0YuccUE.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
5b:19:f7:d2:69:fc:28:c2:70:9e:8b:78:a9:49:c4:26:cd:58:
4f:96:cb:a6:cf:e2:8f:49:98:c9:d7:09:b7:7c:16:74:dc:b3:
74:39:22:4d:7d:1e:39:f3:08:98:97:23:4a:e7:79:df:a2:82:
83:82:c3:25:c7:dc:63:de:cb:c4:db:d2:d1:21:99:90:e6:55:
39:89:3a:15:ff:13:29:6d:2c:ae:44:f7:9a:ea:0b:eb:5c:ab:
37:f8:10:e0:c5:f9:65:4d:43:cc:d3:3c:ce:22:8b:01:fb:79:
80:43:2a:01:8c:f9:bf:f5:10:9e:7a:7f:69:e7:70:b8:0f:fa:
cb:af:a2:20:ce:50:b3:6a:fb:38:f6:7f:c9:b6:cf:17:63:df:
22:96:89:de:83:68:f9:6b:6a:9c:f9:65:41:10:17:a0:44:6f:
f1:40:88:ea:8a:9c:6b:09:de:1e:ea:7e:4d:25:b4:dd:61:24:
9e:a0:51:b0:d0:a2:fe:20:f3:af:0f:b4:7c:80:90:a1:05:78:
7a:a9:be:7a:33:3c:49:89:1d:70:75:8e:07:94:fd:d2:8a:2d:
4c:53:41:69:a1:c7:b7:bf:a2:1f:2c:e2:a6:8e:84:23:ba:03:
88:25:b7:ea:7f:51:d3:a1:25:57:58:1d:6f:9f:8f:98:5b:c1:
20:ee:83:b8
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICIp8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDI1
RTJENzk0RTZGRkFFMjk1QkFDRTQ5MTEwMEUzRDE4QjlDNzE0MTAeFw0yNjAzMTcy
MzU5MDRaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDY4OTUwQjlCOUIzQ0VC
MURDNUE1N0EyMDUwNkQwQzAwQzgwNURFNjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4+FLqvgkWTGDaifwJou6sge6M551iE/97tRg/sQRtVkcfmEpP
sVGTwsabU7DSBfr5IYvlCZ4Kz/HtqLIjCWAk/lW+51D2UReSIQKuZHhFnPzMgji9
6/8Bbl/91iMIHxFFZSb8XADNMs53EphdBvDS3hIXb58f4mzeOHsIONIhS5hUrWO/
UEku4GfPwvuMEIb2aiF+nxxRD64x28YXa6SdcUnRP68pDYpYh4gxtAUd7AvVdoXj
yxEO1m8eoIE8o7ruuAuANcue0a6qPQTsMhjWD/cERenaztXKJxaGs5/K3CY2Y5wO
n6HMoeaRVuwtHcURyZ6dOge+82iYYfcZKv+TAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQUaJULm5s86x3FpXogUG0MAMgF3mMwHwYDVR0jBBgwFoAUAl4teU5v+uKVus5J
EQDj0YuccUEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDc5
L0FsNHRlVTV2LXVLVnVzNUpFUURqMFl1Y2NVRS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvQWw0dGVVNXYtdUtWdXM1SkVRRGowWXVjY1VFLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNDc5L0FsNHRlVTV2LXVLVnVz
NUpFUURqMFl1Y2NVRS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQBbGffSafwownCei3ipScQmzVhPlsumz+KPSZjJ1wm3fBZ03LN0OSJNfR458wiY
lyNK53nfooKDgsMlx9xj3svE29LRIZmQ5lU5iToV/xMpbSyuRPea6gvrXKs3+BDg
xfllTUPM0zzOIosB+3mAQyoBjPm/9RCeen9p53C4D/rLr6IgzlCzavs49n/Jts8X
Y98iloneg2j5a2qc+WVBEBegRG/xQIjqipxrCd4e6n5NJbTdYSSeoFGw0KL+IPOv
D7R8gJChBXh6qb56MzxJiR1wdY4HlP3Sii1MU0Fpoce3v6IfLOKmjoQjugOIJbfq
f1HToSVXWB1vn4+YW8Eg7oO4
-----END CERTIFICATE-----
Generated at Mon Jun 22 06:16:45 2026 by rpki-client