Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.mft
File: 7oh6zHzktfZsz0lG8Cv6y94ot2o.mft (raw, json)
Hash identifier: mWLzZjNWPyD8SVe8fDcNBv4qwtA6IXcgwz0bM1EO80o=
Subject key identifier: 71:D1:BC:AA:71:CD:2B:AB:92:8D:BD:57:9E:F3:C1:79:07:4B:57:CC
Authority key identifier: EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A
Certificate issuer: /CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A
Certificate serial: 2231
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.mft
Manifest number: 221C
Signing time: Tue 17 Mar 2026 23:59:19 +0000
Manifest this update: Tue 17 Mar 2026 23:59:19 +0000
Manifest next update: Wed 18 Mar 2026 05:59:19 +0000
Files and hashes: 1: 6x6hqo0Cnu2DY80d0M2a1T3hILw.roa (hash: suL4eu4ACTdMQ8EhG3IwPC8L4xiiawA4SSbx7c7QEeU=)
2: 7oh6zHzktfZsz0lG8Cv6y94ot2o.crl (hash: VUaWiKvuiTltzz+HJ/thH5rqSHDhSeS+c4WfAYkPfbI=)
3: ErfEwcAx898tX4S9822NVXpbrGo.roa (hash: VAxgA96n0yvdmKEC0RETcM04sas17swBidGI/3NcD+c=)
4: X9U6c4cYKAx0rXhgtX8hkxalSFs.roa (hash: GoRC8cSZH4f3OWCxKXSnZPnR9NAmS+/EImBAzeimhQ8=)
5: zJ9YmN7_pZvu0tkeY-0KKlh6Js0.roa (hash: i9RgwHolwZTVdXudlPKeD4KuhudGO2gUAIrLw8GTjnE=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8753 (0x2231)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EE887ACC7CE4B5F66CCF4946F02BFACBDE28B76A
Validity
Not Before: Mar 17 23:59:19 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=71D1BCAA71CD2BAB928DBD579EF3C179074B57CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:95:0d:60:c4:3e:68:d6:46:f0:7e:0a:c7:54:
8b:25:88:5d:a6:57:09:eb:d8:6b:89:e3:d3:e3:ac:
4d:69:db:62:e5:06:8c:e4:91:ba:71:fa:f7:d5:95:
58:08:be:d8:1e:a5:1d:d0:96:57:91:8c:61:7b:ec:
ff:10:49:62:12:f0:6c:d4:5b:ed:58:6e:c9:9b:86:
88:6d:18:26:6b:9e:47:bf:c4:6b:5c:04:f1:ab:9d:
c5:6a:cd:a8:ad:19:b4:b1:f1:8e:ce:6c:fa:eb:c6:
f4:97:49:72:03:bf:5f:b3:15:71:ff:55:fd:1a:5d:
57:d9:e9:3b:c8:79:26:dc:c7:98:96:83:c0:ed:0a:
a3:a7:70:18:bf:13:3d:b8:d7:f4:7d:e1:bf:34:37:
53:dc:b8:a6:0d:42:19:7e:42:da:ac:95:e6:1d:69:
27:49:14:88:e3:bd:92:36:aa:e2:6c:3a:4c:92:32:
4c:72:8e:c0:53:97:b4:26:a2:12:33:89:4e:7a:a1:
81:f9:91:0a:42:a3:4c:bd:af:c6:2c:f5:4f:03:51:
d3:cb:05:69:0b:29:d7:da:6f:97:7e:33:60:77:74:
0f:de:0b:42:d0:28:0e:17:5d:ac:72:6c:2d:4f:0f:
ad:79:16:c8:83:fc:d5:df:1c:3b:22:0e:cd:59:3c:
ca:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:D1:BC:AA:71:CD:2B:AB:92:8D:BD:57:9E:F3:C1:79:07:4B:57:CC
X509v3 Authority Key Identifier:
keyid:EE:88:7A:CC:7C:E4:B5:F6:6C:CF:49:46:F0:2B:FA:CB:DE:28:B7:6A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/7oh6zHzktfZsz0lG8Cv6y94ot2o.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/721/7oh6zHzktfZsz0lG8Cv6y94ot2o.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
56:99:9e:ce:97:eb:2a:e7:30:b6:28:6d:6c:8f:58:18:87:79:
2d:8e:27:d0:5d:ed:6d:03:84:e8:6b:01:73:fb:52:2d:dd:63:
f0:5f:ae:e1:4f:7f:1d:69:eb:70:c2:ed:6e:67:4b:42:79:1d:
f5:82:c0:80:dd:22:7c:d4:28:25:df:c4:d8:17:ec:f8:66:23:
71:22:63:3b:e9:42:ef:02:01:db:dd:4e:62:de:25:2e:a0:fe:
5a:01:99:dc:40:4f:29:a0:54:d6:47:cf:76:64:21:93:98:26:
cc:28:00:a9:a3:48:77:ab:0e:e5:f4:c1:a8:79:c9:19:8a:16:
8d:e9:f4:a2:d2:e3:8e:7a:09:b0:f0:a5:8f:bb:d8:3e:a3:d7:
67:f5:07:17:f5:57:21:c9:a7:bc:89:a9:91:f2:67:8c:b9:fc:
4c:9a:33:0f:eb:78:65:81:84:ed:1a:be:bb:a9:fb:a4:07:a6:
62:77:92:0b:c2:ba:9e:82:a8:4d:d9:03:b4:bc:70:58:9b:29:
04:80:bf:56:6a:e6:e3:64:ea:e2:ae:52:7c:b2:3d:b5:3a:6d:
73:c1:16:00:07:6b:01:7c:56:49:fc:cd:ba:a9:a0:44:fe:16:
82:b9:e4:84:70:4c:b2:b4:bd:ed:32:22:16:12:13:38:40:3d:
c5:a2:bb:a5
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICIjEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUU4
ODdBQ0M3Q0U0QjVGNjZDQ0Y0OTQ2RjAyQkZBQ0JERTI4Qjc2QTAeFw0yNjAzMTcy
MzU5MTlaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKDcxRDFCQ0FBNzFDRDJC
QUI5MjhEQkQ1NzlFRjNDMTc5MDc0QjU3Q0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCWlQ1gxD5o1kbwfgrHVIsliF2mVwnr2GuJ49PjrE1p22LlBozk
kbpx+vfVlVgIvtgepR3QlleRjGF77P8QSWIS8GzUW+1YbsmbhohtGCZrnke/xGtc
BPGrncVqzaitGbSx8Y7ObPrrxvSXSXIDv1+zFXH/Vf0aXVfZ6TvIeSbcx5iWg8Dt
CqOncBi/Ez241/R94b80N1PcuKYNQhl+QtqsleYdaSdJFIjjvZI2quJsOkySMkxy
jsBTl7QmohIziU56oYH5kQpCo0y9r8Ys9U8DUdPLBWkLKdfab5d+M2B3dA/eC0LQ
KA4XXaxybC1PD615FsiD/NXfHDsiDs1ZPMqDAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQUcdG8qnHNK6uSjb1XnvPBeQdLV8wwHwYDVR0jBBgwFoAU7oh6zHzktfZsz0lG
8Cv6y94ot2owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIx
LzdvaDZ6SHprdGZac3owbEc4Q3Y2eTk0b3Qyby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvN29oNnpIemt0ZlpzejBsRzhDdjZ5OTRvdDJvLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzIxLzdvaDZ6SHprdGZac3ow
bEc4Q3Y2eTk0b3Qyby5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQBWmZ7Ol+sq5zC2KG1sj1gYh3ktjifQXe1tA4ToawFz+1It3WPwX67hT38daetw
wu1uZ0tCeR31gsCA3SJ81Cgl38TYF+z4ZiNxImM76ULvAgHb3U5i3iUuoP5aAZnc
QE8poFTWR892ZCGTmCbMKACpo0h3qw7l9MGoeckZihaN6fSi0uOOegmw8KWPu9g+
o9dn9QcX9Vchyae8iamR8meMufxMmjMP63hlgYTtGr67qfukB6Zid5ILwrqegqhN
2QO0vHBYmykEgL9WaubjZOrirlJ8sj21Om1zwRYAB2sBfFZJ/M26qaBE/haCueSE
cEyytL3tMiIWEhM4QD3Forul
-----END CERTIFICATE-----
Generated at Thu Apr 16 11:09:48 2026 by rpki-client