Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft
File: 2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft (raw, json)
Hash identifier: 2tZEe8Utu0FCRt+MV70CebsH33Mt6QhIcdgZYKjV/Tk=
Subject key identifier: DB:95:FB:87:37:A8:81:A6:96:B5:CD:C7:2C:C2:88:90:8B:E4:1D:50
Authority key identifier: DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1
Certificate issuer: /CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1
Certificate serial: 01F8
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft
Manifest number: 01F6
Signing time: Fri 04 Apr 2025 19:09:57 +0000
Manifest this update: Fri 04 Apr 2025 19:09:57 +0000
Manifest next update: Sat 05 Apr 2025 01:09:57 +0000
Files and hashes: 1: 2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl (hash: mJDTMkS9V//P/LrkIS8MvrzH6Pooj6cHYFRd2gXjreo=)
2: 4rIKi71cnPKiZ6le-I8T__5k1N4.roa (hash: tNGI77V6KgBy/gmuuKH73UZZqJT4nL9iHPvyEDnpdTU=)
3: NENwW-YjXqfqZoRO7e6IVtyfJno.roa (hash: shhp8XTqqPaxGVCmML4kyHBJcfox3b9DaUPiLypqy38=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 504 (0x1f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DA1DABECF1945DFF53B620E0B6C410E91E4471B1
Validity
Not Before: Apr 4 19:09:57 2025 GMT
Not After : Apr 3 08:00:09 2026 GMT
Subject: CN=DB95FB8737A881A696B5CDC72CC288908BE41D50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e9:7d:c0:59:21:5f:82:8b:b4:e8:c7:3a:d8:
ad:f4:27:ab:b2:5e:43:7d:45:18:3d:70:51:e1:fc:
6c:0e:7d:48:91:30:42:39:d5:ce:a6:ff:f9:8f:60:
b1:49:8d:39:1e:f1:4e:54:f5:2c:ee:3c:bb:8d:11:
17:af:8f:ce:09:4c:47:59:d5:a6:35:73:48:c7:5e:
33:39:dc:c0:64:58:a1:eb:5f:d5:67:6a:58:9e:37:
34:57:4d:d8:ec:a3:a4:51:85:f4:ba:18:f6:0d:98:
bf:0e:d3:2a:22:ed:ce:5d:ee:71:18:80:ae:9d:a2:
9c:dc:58:bc:a9:2f:83:e5:b6:b7:3e:aa:ad:db:85:
2a:c2:f6:a6:b7:98:11:91:e4:6e:9b:ea:02:52:10:
e7:f8:4a:cd:91:9b:47:0f:3c:aa:88:25:be:d2:12:
90:3f:ce:f8:a1:cd:d4:0c:a0:54:0b:71:59:1b:88:
b3:91:84:2c:2a:67:68:5d:7b:4f:dd:5f:05:bc:74:
42:b9:73:00:90:c5:44:0e:c9:66:4b:90:75:50:6c:
d2:29:c5:48:85:ff:bf:87:81:fb:6f:ac:61:cc:e1:
b4:5e:a4:1d:a4:d6:57:55:9b:68:0b:67:8a:05:e6:
ac:19:ec:7d:9b:51:c9:52:1d:aa:e3:54:71:23:61:
49:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:95:FB:87:37:A8:81:A6:96:B5:CD:C7:2C:C2:88:90:8B:E4:1D:50
X509v3 Authority Key Identifier:
keyid:DA:1D:AB:EC:F1:94:5D:FF:53:B6:20:E0:B6:C4:10:E9:1E:44:71:B1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/52/2h2r7PGUXf9TtiDgtsQQ6R5EcbE.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
8d:7b:63:e1:05:cf:70:15:dd:0b:c6:7b:19:24:75:df:95:73:
51:5b:20:db:e6:33:dd:c1:da:79:00:4e:26:60:2b:db:58:b1:
24:83:a6:96:f4:e3:3c:13:08:a1:15:64:0d:73:18:50:0d:f7:
3f:a5:13:75:29:37:18:b4:bf:bf:f9:40:97:3a:f8:b2:82:0a:
9a:ce:ec:1c:b6:ca:de:1c:86:1a:14:1d:25:ca:07:f1:71:df:
f3:e4:bc:8a:98:c5:75:1f:26:6c:88:0e:cc:bf:d9:b0:4a:2c:
3f:83:9b:29:b0:a6:1e:b8:42:5d:72:f6:a5:77:9f:24:14:93:
fd:5e:88:7e:bc:95:8e:f0:27:f8:1d:56:77:d4:f7:39:1e:9c:
68:fd:f9:fc:a6:3d:ab:0f:0e:10:6f:97:5d:71:d1:c4:cc:9e:
14:0b:fb:f2:23:79:bc:11:08:c9:1a:42:91:6f:f5:b4:1f:91:
68:2c:1d:71:ee:ee:ee:bb:6d:2b:60:53:e6:d9:f8:e0:fc:89:
a5:dc:ba:4f:db:c5:a7:97:c8:bd:c7:2b:e4:94:83:66:db:07:
15:fc:f9:c6:b5:6a:04:32:0d:82:e1:a0:8f:f9:ef:b5:e6:db:
79:29:22:23:c6:00:92:2e:18:5c:c2:1d:2d:6d:95:05:69:f8:
95:21:ec:f4
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgICAfgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREEx
REFCRUNGMTk0NURGRjUzQjYyMEUwQjZDNDEwRTkxRTQ0NzFCMTAeFw0yNTA0MDQx
OTA5NTdaFw0yNjA0MDMwODAwMDlaMDMxMTAvBgNVBAMTKERCOTVGQjg3MzdBODgx
QTY5NkI1Q0RDNzJDQzI4ODkwOEJFNDFENTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH6X3AWSFfgou06Mc62K30J6uyXkN9RRg9cFHh/GwOfUiRMEI5
1c6m//mPYLFJjTke8U5U9SzuPLuNERevj84JTEdZ1aY1c0jHXjM53MBkWKHrX9Vn
alieNzRXTdjso6RRhfS6GPYNmL8O0yoi7c5d7nEYgK6dopzcWLypL4Pltrc+qq3b
hSrC9qa3mBGR5G6b6gJSEOf4Ss2Rm0cPPKqIJb7SEpA/zvihzdQMoFQLcVkbiLOR
hCwqZ2hde0/dXwW8dEK5cwCQxUQOyWZLkHVQbNIpxUiF/7+HgftvrGHM4bRepB2k
1ldVm2gLZ4oF5qwZ7H2bUclSHarjVHEjYUm7AgMBAAGjggIIMIICBDAdBgNVHQ4E
FgQU25X7hzeogaaWtc3HLMKIkIvkHVAwHwYDVR0jBBgwFoAU2h2r7PGUXf9TtiDg
tsQQ6R5EcbEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTIv
MmgycjdQR1VYZjlUdGlEZ3RzUVE2UjVFY2JFLmNybDBjBggrBgEFBQcBAQRXMFUw
UwYIKwYBBQUHMAKGR3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNE
MDAwMC8yaDJyN1BHVVhmOVR0aURndHNRUTZSNUVjYkUuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBr
aS5jbm5pYy5jbi9ycGtpL0E5MTYyRTNEMDAwMC81Mi8yaDJyN1BHVVhmOVR0aURn
dHNRUTZSNUVjYkUubWZ0MDEGCCsGAQUFBzANhiVodHRwczovL3Jwa2kuY25uaWMu
Y24vcnJkcC9ub3RpZnkueG1sMBUGCCsGAQUFBwEIAQH/BAYwBKACBQAwIQYIKwYB
BQUHAQcBAf8EEjAQMAYEAgABBQAwBgQCAAIFADANBgkqhkiG9w0BAQsFAAOCAQEA
jXtj4QXPcBXdC8Z7GSR135VzUVsg2+Yz3cHaeQBOJmAr21ixJIOmlvTjPBMIoRVk
DXMYUA33P6UTdSk3GLS/v/lAlzr4soIKms7sHLbK3hyGGhQdJcoH8XHf8+S8ipjF
dR8mbIgOzL/ZsEosP4ObKbCmHrhCXXL2pXefJBST/V6IfryVjvAn+B1Wd9T3OR6c
aP35/KY9qw8OEG+XXXHRxMyeFAv78iN5vBEIyRpCkW/1tB+RaCwdce7u7rttK2BT
5tn44PyJpdy6T9vFp5fIvccr5JSDZtsHFfz5xrVqBDINguGgj/nvtebbeSkiI8YA
ki4YXMIdLW2VBWn4lSHs9A==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:09:37 2025 by rpki-client