Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft
File: DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft (raw, json)
Hash identifier: 8NcJ9Qbev0Lg7ZYrfSKcD4A8Ox0IeYvUtr0Pg00aMYo=
Subject key identifier: 5C:64:82:33:F6:74:8F:CB:AC:F1:42:D4:6B:E9:6E:4F:03:96:2A:68
Authority key identifier: 0D:4A:3B:62:14:07:8C:A4:8E:66:F3:B8:C5:4F:1C:5F:DB:C9:DE:74
Certificate issuer: /CN=0D4A3B6214078CA48E66F3B8C54F1C5FDBC9DE74
Certificate serial: 21F0
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft
Manifest number: 21F0
Signing time: Wed 18 Mar 2026 04:59:33 +0000
Manifest this update: Wed 18 Mar 2026 04:59:33 +0000
Manifest next update: Wed 18 Mar 2026 10:59:33 +0000
Files and hashes: 1: DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl (hash: G+q4+o77HtADwoviz2iE4xu4LGhVqLViHyPdvjY2R90=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8688 (0x21f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0D4A3B6214078CA48E66F3B8C54F1C5FDBC9DE74
Validity
Not Before: Mar 18 04:59:33 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=5C648233F6748FCBACF142D46BE96E4F03962A68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:fe:be:28:bc:e8:92:51:ab:b2:1b:df:f9:86:
30:13:3c:b6:06:e1:aa:a8:65:99:2d:88:d4:d5:a3:
2c:7b:4d:1d:c6:03:6e:7b:0a:f9:be:24:d6:f4:e1:
6e:b9:73:f2:b9:37:30:dd:bc:a8:a5:ab:65:f0:72:
ce:42:40:b2:e4:57:09:70:ba:f6:02:ea:c4:5b:d3:
78:b0:f9:45:c2:43:eb:e5:6f:6f:ac:b9:71:a8:5f:
86:fb:bc:5a:40:fc:e7:34:21:96:7f:e9:53:a3:49:
69:21:42:4d:0e:f2:ec:b0:48:6c:4f:93:67:97:fc:
45:86:cd:e4:3b:13:a9:a7:46:9a:32:8c:44:3f:84:
21:18:21:86:30:e6:71:31:cc:47:0d:d7:8b:7c:a8:
9e:7d:70:74:56:4b:6c:92:9d:51:24:b9:7f:61:7f:
28:b6:69:8b:fe:29:be:33:2f:2a:87:b1:e5:76:a7:
8f:a3:72:7f:6d:e1:bf:8d:71:1b:dd:91:73:92:16:
3b:17:a6:7c:eb:47:39:aa:2b:65:0f:d0:94:82:33:
90:37:f4:32:d0:8c:72:86:17:12:4b:74:82:9b:32:
07:93:12:3b:c7:c5:84:c2:2f:71:47:aa:af:cc:4d:
17:7d:17:2f:12:e8:cb:84:ed:de:fd:d4:e1:03:45:
7b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:64:82:33:F6:74:8F:CB:AC:F1:42:D4:6B:E9:6E:4F:03:96:2A:68
X509v3 Authority Key Identifier:
keyid:0D:4A:3B:62:14:07:8C:A4:8E:66:F3:B8:C5:4F:1C:5F:DB:C9:DE:74
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/595/DUo7YhQHjKSOZvO4xU8cX9vJ3nQ.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
35:80:82:f1:5e:6d:28:16:9b:f9:e2:26:8d:fe:ec:19:7f:2a:
37:b4:77:51:29:78:b8:8a:a4:e5:b7:68:ab:e1:98:14:c7:cb:
fc:73:82:a3:17:7f:f4:8b:7e:c7:c1:d8:30:76:9b:f3:ff:8e:
c1:02:f8:e2:f0:f5:24:2f:48:9f:13:55:03:31:0f:5e:9f:19:
ed:ca:32:5e:a9:25:07:cc:b5:f2:14:f8:2e:e6:5b:51:86:fa:
42:56:f1:d0:f0:39:f2:1d:5f:6a:ce:aa:69:c0:6e:5e:7b:f8:
ba:45:b5:f3:0d:c2:94:af:81:40:1c:64:51:9b:d2:17:d2:4f:
7c:94:4e:1b:9e:29:df:a6:fc:df:6d:20:bb:32:24:bd:ab:87:
f9:2d:ed:16:d4:b5:6b:03:3b:cc:10:a1:f0:a1:70:23:57:ec:
f9:99:b3:61:f5:45:99:4e:36:7f:b5:a6:d3:7e:46:24:17:05:
ae:7a:5f:88:1a:de:04:7b:2a:f2:e6:8b:79:86:87:44:c5:1d:
6a:91:34:55:d6:2d:6d:27:5c:99:c9:d1:ef:c6:9d:c5:d9:ed:
a1:81:e1:12:75:fd:05:56:e6:a6:82:22:1a:c0:79:c4:1f:03:
65:eb:5d:48:3d:27:16:58:1d:a0:f2:75:3b:e2:e3:ff:50:df:
62:06:92:db
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICIfAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEQ0
QTNCNjIxNDA3OENBNDhFNjZGM0I4QzU0RjFDNUZEQkM5REU3NDAeFw0yNjAzMTgw
NDU5MzNaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDVDNjQ4MjMzRjY3NDhG
Q0JBQ0YxNDJENDZCRTk2RTRGMDM5NjJBNjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDe/r4ovOiSUauyG9/5hjATPLYG4aqoZZktiNTVoyx7TR3GA257
Cvm+JNb04W65c/K5NzDdvKilq2Xwcs5CQLLkVwlwuvYC6sRb03iw+UXCQ+vlb2+s
uXGoX4b7vFpA/Oc0IZZ/6VOjSWkhQk0O8uywSGxPk2eX/EWGzeQ7E6mnRpoyjEQ/
hCEYIYYw5nExzEcN14t8qJ59cHRWS2ySnVEkuX9hfyi2aYv+Kb4zLyqHseV2p4+j
cn9t4b+NcRvdkXOSFjsXpnzrRzmqK2UP0JSCM5A39DLQjHKGFxJLdIKbMgeTEjvH
xYTCL3FHqq/MTRd9Fy8S6MuE7d791OEDRXvdAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQUXGSCM/Z0j8us8ULUa+luTwOWKmgwHwYDVR0jBBgwFoAUDUo7YhQHjKSOZvO4
xU8cX9vJ3nQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1
L0RVbzdZaFFIaktTT1p2TzR4VThjWDl2SjNuUS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvRFVvN1loUUhqS1NPWnZPNHhVOGNYOXZKM25RLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNTk1L0RVbzdZaFFIaktTT1p2
TzR4VThjWDl2SjNuUS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQA1gILxXm0oFpv54iaN/uwZfyo3tHdRKXi4iqTlt2ir4ZgUx8v8c4KjF3/0i37H
wdgwdpvz/47BAvji8PUkL0ifE1UDMQ9enxntyjJeqSUHzLXyFPgu5ltRhvpCVvHQ
8DnyHV9qzqppwG5ee/i6RbXzDcKUr4FAHGRRm9IX0k98lE4bninfpvzfbSC7MiS9
q4f5Le0W1LVrAzvMEKHwoXAjV+z5mbNh9UWZTjZ/tabTfkYkFwWuel+IGt4Eeyry
5ot5hodExR1qkTRV1i1tJ1yZydHvxp3F2e2hgeESdf0FVuamgiIawHnEHwNl611I
PScWWB2g8nU74uP/UN9iBpLb
-----END CERTIFICATE-----
Generated at Mon Jun 22 06:15:40 2026 by rpki-client