Manifest
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/775/zWXd_8pJD2leEvOlPuuv8O2ncFA.mft
File: zWXd_8pJD2leEvOlPuuv8O2ncFA.mft (raw, json)
Hash identifier: ejyYwcdPHe4bBf5CGFqiL40jkXbj3gnyvl81FOfUTN4=
Subject key identifier: EE:56:9C:73:AF:2A:B0:5C:81:BC:B9:16:40:D0:38:BC:FC:5A:B3:2B
Authority key identifier: CD:65:DD:FF:CA:49:0F:69:5E:12:F3:A5:3E:EB:AF:F0:ED:A7:70:50
Certificate issuer: /CN=CD65DDFFCA490F695E12F3A53EEBAFF0EDA77050
Certificate serial: 11A8
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zWXd_8pJD2leEvOlPuuv8O2ncFA.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/775/zWXd_8pJD2leEvOlPuuv8O2ncFA.mft
Manifest number: 11A0
Signing time: Thu 05 Mar 2026 18:59:56 +0000
Manifest this update: Thu 05 Mar 2026 18:59:56 +0000
Manifest next update: Fri 06 Mar 2026 00:59:56 +0000
Files and hashes: 1: aVEwty2RaQ7ZMQsM6gPJIDhHx0s.roa (hash: iOBwcScs0YJqCUy+IANX3ajyrol1E6jNhR8CiDpsub8=)
2: gDLooqo61cW4ELEjMHUqf6lNUOo.roa (hash: GKHBn3alZIpjJZe3i8slVi6XBHRZTK/7qbql7Fxl1gQ=)
3: zWXd_8pJD2leEvOlPuuv8O2ncFA.crl (hash: oGZVATh/xIbTIpnQd59KvfvIvxjEIlBVjJaPMbiiTOU=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4520 (0x11a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CD65DDFFCA490F695E12F3A53EEBAFF0EDA77050
Validity
Not Before: Mar 5 18:59:56 2026 GMT
Not After : Jan 9 08:23:18 2027 GMT
Subject: CN=EE569C73AF2AB05C81BCB91640D038BCFC5AB32B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:88:b7:f2:85:fd:c1:0e:05:bb:70:87:d6:c8:
8f:03:11:7a:8f:31:93:06:9f:9f:0c:a7:b9:2c:3b:
b3:80:4b:19:42:7b:96:56:32:0b:0e:b0:b8:83:70:
65:b1:f1:a9:24:33:e2:dc:e0:86:e2:0f:b9:29:ab:
6e:30:98:5f:7a:1a:43:17:16:f1:02:9f:b2:dc:bf:
42:18:af:fd:c3:05:f7:90:bc:ce:f2:98:02:13:b2:
6a:6f:d1:ad:e4:e4:fe:1a:84:75:61:b6:14:f9:28:
d4:6d:31:71:89:24:a9:40:f1:5d:f2:aa:8d:a0:43:
03:db:64:93:1a:38:b1:d4:b7:20:bf:a1:d3:b0:64:
d1:21:c6:0a:4b:81:18:62:2e:41:43:6d:f4:e1:12:
58:f2:6a:e3:9b:95:80:70:58:a0:df:71:35:7a:05:
11:dc:d1:6f:41:08:18:da:bb:5b:d9:51:d0:f7:fd:
a8:c1:79:a4:42:2d:c9:fb:fb:64:a3:be:ac:0e:f3:
a3:67:d5:0b:41:88:ec:91:3d:aa:b5:18:b0:17:4d:
76:a3:e1:7e:51:0f:f7:7b:c9:b6:03:4a:cf:1d:b9:
4e:1b:19:5f:91:f7:99:af:b2:a3:04:9a:2e:51:eb:
da:af:0e:f8:52:ba:ae:45:50:9b:34:94:e1:f2:23:
b2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:56:9C:73:AF:2A:B0:5C:81:BC:B9:16:40:D0:38:BC:FC:5A:B3:2B
X509v3 Authority Key Identifier:
keyid:CD:65:DD:FF:CA:49:0F:69:5E:12:F3:A5:3E:EB:AF:F0:ED:A7:70:50
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/775/zWXd_8pJD2leEvOlPuuv8O2ncFA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/zWXd_8pJD2leEvOlPuuv8O2ncFA.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/775/zWXd_8pJD2leEvOlPuuv8O2ncFA.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
38:15:a4:c5:94:6d:63:29:10:ad:49:64:9f:62:9c:16:37:e0:
04:c3:23:6f:50:fe:41:3d:c6:6b:48:ef:d4:8c:5b:d6:16:da:
8a:94:97:60:8e:e6:1b:c4:43:fb:91:78:88:4e:66:e0:8f:4c:
0a:68:20:dd:38:5d:2b:1f:d3:f4:52:78:04:26:1b:bc:3c:37:
3f:c5:d7:9b:5b:d1:5d:7c:14:55:68:f3:96:b2:84:66:50:9a:
fa:2e:d7:4f:a3:ac:98:a2:34:ac:18:43:f9:a9:3a:d3:4e:11:
8a:57:a5:90:be:6e:ca:45:7b:73:ab:1c:5f:93:2e:49:f8:08:
cf:8f:65:ef:60:7b:36:91:cb:76:ad:3f:10:c3:66:54:9e:e5:
bc:b0:62:60:b8:eb:e7:a5:de:3d:39:76:df:74:2d:69:97:99:
08:30:fa:f6:4e:22:6b:78:11:20:fe:4d:d0:c9:08:59:5a:7a:
5b:5a:87:16:c6:40:9f:5d:65:28:3e:3b:9a:12:c7:e4:d4:9b:
07:77:69:e8:4c:ea:2f:18:0f:4c:c4:d5:40:3a:c4:55:6c:4b:
e0:8a:24:88:9a:09:76:52:ee:66:bf:a4:94:cc:76:17:99:55:
c3:b4:3c:53:19:f8:c1:6a:f5:05:6f:4c:17:e7:3b:7d:d3:63:
5f:94:7a:01
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgICEagwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Q2
NURERkZDQTQ5MEY2OTVFMTJGM0E1M0VFQkFGRjBFREE3NzA1MDAeFw0yNjAzMDUx
ODU5NTZaFw0yNzAxMDkwODIzMThaMDMxMTAvBgNVBAMTKEVFNTY5QzczQUYyQUIw
NUM4MUJDQjkxNjQwRDAzOEJDRkM1QUIzMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDiLfyhf3BDgW7cIfWyI8DEXqPMZMGn58Mp7ksO7OASxlCe5ZW
MgsOsLiDcGWx8akkM+Lc4IbiD7kpq24wmF96GkMXFvECn7Lcv0IYr/3DBfeQvM7y
mAITsmpv0a3k5P4ahHVhthT5KNRtMXGJJKlA8V3yqo2gQwPbZJMaOLHUtyC/odOw
ZNEhxgpLgRhiLkFDbfThEljyauOblYBwWKDfcTV6BRHc0W9BCBjau1vZUdD3/ajB
eaRCLcn7+2SjvqwO86Nn1QtBiOyRPaq1GLAXTXaj4X5RD/d7ybYDSs8duU4bGV+R
95mvsqMEmi5R69qvDvhSuq5FUJs0lOHyI7JBAgMBAAGjggIKMIICBjAdBgNVHQ4E
FgQU7lacc68qsFyBvLkWQNA4vPxasyswHwYDVR0jBBgwFoAUzWXd/8pJD2leEvOl
Puuv8O2ncFAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzc1
L3pXWGRfOHBKRDJsZUV2T2xQdXV2OE8ybmNGQS5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAveldYZF84cEpEMmxlRXZPbFB1dXY4TzJuY0ZBLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvNzc1L3pXWGRfOHBKRDJsZUV2
T2xQdXV2OE8ybmNGQS5tZnQwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggr
BgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IB
AQA4FaTFlG1jKRCtSWSfYpwWN+AEwyNvUP5BPcZrSO/UjFvWFtqKlJdgjuYbxEP7
kXiITmbgj0wKaCDdOF0rH9P0UngEJhu8PDc/xdebW9FdfBRVaPOWsoRmUJr6LtdP
o6yYojSsGEP5qTrTThGKV6WQvm7KRXtzqxxfky5J+AjPj2XvYHs2kct2rT8Qw2ZU
nuW8sGJguOvnpd49OXbfdC1pl5kIMPr2TiJreBEg/k3QyQhZWnpbWocWxkCfXWUo
PjuaEsfk1JsHd2noTOovGA9MxNVAOsRVbEvgiiSImgl2Uu5mv6SUzHYXmVXDtDxT
GfjBavUFb0wX5zt902NflHoB
-----END CERTIFICATE-----
Generated at Fri Mar 6 01:08:00 2026 by rpki-client