Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A911BA4B/E377FD7AFEA711E8A2E4B457C4F9AE02/lqeZovSzCLIlIrzkXjGNanAmKSs.mft
File: lqeZovSzCLIlIrzkXjGNanAmKSs.mft (raw, json)
Hash identifier: 19JA+9t1DXBqglDdOiWLMufuTzMw8hAt6hOeEHUASS8=
Subject key identifier: 35:FA:91:60:41:21:30:9C:AC:B7:D8:90:A6:31:88:50:BD:00:78:16
Authority key identifier: 96:A7:99:A2:F4:B3:08:B2:25:22:BC:E4:5E:31:8D:6A:70:26:29:2B
Certificate issuer: /CN=A911BA4B/serialNumber=96A799A2F4B308B22522BCE45E318D6A7026292B
Certificate serial: 1171
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lqeZovSzCLIlIrzkXjGNanAmKSs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911BA4B/E377FD7AFEA711E8A2E4B457C4F9AE02/lqeZovSzCLIlIrzkXjGNanAmKSs.mft
Manifest number: 1164
Signing time: Fri 28 Mar 2025 17:21:58 +0000
Manifest this update: Fri 28 Mar 2025 17:21:57 +0000
Manifest next update: Fri 04 Apr 2025 17:21:57 +0000
Files and hashes: 1: lqeZovSzCLIlIrzkXjGNanAmKSs.crl (hash: tmg4OMa7SbJqFWjbUUhIPpHvu8WYVQ02kAe+ruk/SrE=)
2: 318BC266FEA911E8BF138B59C4F9AE02.roa (hash: 33z1F9RZ3yx55dZ5+rGpqQ7gwX1OExcujk8Oepxi/pw=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4465 (0x1171)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911BA4B
Validity
Not Before: Mar 28 17:21:57 2025 GMT
Not After : Apr 4 17:21:57 2025 GMT
Subject: CN=67e6dab6-e683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:7b:d3:1a:f6:d4:ac:9e:ca:37:c3:ab:94:7c:
4a:cb:79:a0:49:06:6b:bb:06:3e:7e:d2:2e:02:bc:
51:5b:0c:0b:cd:35:11:70:ea:a5:02:2a:ad:fa:cb:
39:99:18:0a:7a:1f:2e:f6:11:61:e3:fa:e5:ef:28:
b7:cd:db:d1:10:2a:a9:09:e5:5e:47:46:c4:3c:52:
18:e5:bd:b3:6c:1f:d1:87:44:57:14:86:2b:cc:b8:
c3:68:53:4f:99:a2:8a:63:68:6a:ca:42:23:fa:0e:
ce:59:61:2e:05:10:5a:be:65:c3:99:a8:72:f7:4e:
65:a7:7b:ff:63:60:17:74:85:cd:98:16:1f:3d:8f:
b9:cd:57:2f:cd:bf:4c:cc:0c:e0:3d:79:4d:3a:81:
31:4d:ab:b7:b1:bd:d8:14:06:4c:45:28:05:6b:f4:
53:4d:f9:57:59:06:48:33:d3:f8:ba:56:06:b9:c8:
e5:1f:0e:23:f3:d4:ec:6e:e4:68:5d:e3:c7:cf:00:
ec:0f:78:6c:d3:ed:33:7f:13:fa:c2:c0:45:45:2b:
5b:07:99:22:71:96:53:f8:3f:a5:c3:dd:da:91:59:
44:57:4b:04:d4:33:4a:c5:ec:b2:84:7a:9e:70:55:
f3:ee:2b:a3:bc:42:cd:4f:5b:ad:5a:c1:55:6c:ee:
8b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:FA:91:60:41:21:30:9C:AC:B7:D8:90:A6:31:88:50:BD:00:78:16
X509v3 Authority Key Identifier:
keyid:96:A7:99:A2:F4:B3:08:B2:25:22:BC:E4:5E:31:8D:6A:70:26:29:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911BA4B/E377FD7AFEA711E8A2E4B457C4F9AE02/lqeZovSzCLIlIrzkXjGNanAmKSs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lqeZovSzCLIlIrzkXjGNanAmKSs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911BA4B/E377FD7AFEA711E8A2E4B457C4F9AE02/lqeZovSzCLIlIrzkXjGNanAmKSs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
72:0a:0f:eb:29:ac:72:b7:1d:fd:af:54:82:ef:37:44:48:18:
78:67:09:d8:1d:f2:c2:91:7a:26:ff:98:fc:b2:39:38:17:b9:
ac:11:26:f6:53:ee:d5:24:3c:5c:86:7f:12:f6:f8:52:aa:cd:
bf:47:5b:d2:f9:2c:05:2b:a1:ed:fc:95:99:d3:1a:e8:0f:ba:
ca:92:70:2b:30:4b:13:d1:3b:16:dc:b2:bc:51:6e:61:26:fb:
e0:c8:aa:8a:16:6d:40:6e:73:fe:db:96:38:84:c3:2a:5a:9c:
ff:7b:03:36:5c:24:87:07:7b:83:c5:bc:df:b8:d0:2a:07:a9:
82:d2:6d:32:a6:df:3e:db:79:d0:96:a3:22:f5:81:72:95:26:
0e:b0:83:6d:65:e2:fa:fe:21:d5:4c:99:2b:cb:65:5a:6a:47:
87:25:84:8e:e2:29:8a:1d:47:1b:3d:c6:d0:a1:56:f9:2f:41:
38:5a:ae:c8:28:6c:54:e3:d4:45:ec:5a:d1:f9:73:fd:e8:60:
00:5d:a2:e2:14:c9:aa:67:2f:f9:73:c9:1a:1f:df:9d:c7:52:
73:26:8a:36:1c:80:ff:5f:d3:76:fb:e6:76:73:00:a7:d0:38:
7b:20:5e:2b:06:30:7e:74:22:a5:09:fe:3b:3d:38:4a:27:c9:
2d:f3:cb:5f
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEXEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUJBNEIxMTAvBgNVBAUTKDk2QTc5OUEyRjRCMzA4QjIyNTIyQkNFNDVFMzE4RDZB
NzAyNjI5MkIwHhcNMjUwMzI4MTcyMTU3WhcNMjUwNDA0MTcyMTU3WjAYMRYwFAYD
VQQDEw02N2U2ZGFiNi1lNjgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2HvTGvbUrJ7KN8OrlHxKy3mgSQZruwY+ftIuArxRWwwLzTURcOqlAiqt+ss5
mRgKeh8u9hFh4/rl7yi3zdvRECqpCeVeR0bEPFIY5b2zbB/Rh0RXFIYrzLjDaFNP
maKKY2hqykIj+g7OWWEuBRBavmXDmahy905lp3v/Y2AXdIXNmBYfPY+5zVcvzb9M
zAzgPXlNOoExTau3sb3YFAZMRSgFa/RTTflXWQZIM9P4ulYGucjlHw4j89TsbuRo
XePHzwDsD3hs0+0zfxP6wsBFRStbB5kicZZT+D+lw93akVlEV0sE1DNKxeyyhHqe
cFXz7iujvELNT1utWsFVbO6LAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDX6kWBB
ITCcrLfYkKYxiFC9AHgWMB8GA1UdIwQYMBaAFJanmaL0swiyJSK85F4xjWpwJikr
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQkE0Qi9FMzc3RkQ3QUZF
QTcxMUU4QTJFNEI0NTdDNEY5QUUwMi9scWVab3ZTekNMSWxJcnprWGpHTmFuQW1L
U3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2xxZVpvdlN6Q0xJbElyemtYakdOYW5BbUtTcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
QkE0Qi9FMzc3RkQ3QUZFQTcxMUU4QTJFNEI0NTdDNEY5QUUwMi9scWVab3ZTekNM
SWxJcnprWGpHTmFuQW1LU3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQByCg/rKaxytx39r1SC7zdESBh4ZwnYHfLCkXom/5j8sjk4F7msESb2
U+7VJDxchn8S9vhSqs2/R1vS+SwFK6Ht/JWZ0xroD7rKknArMEsT0TsW3LK8UW5h
JvvgyKqKFm1AbnP+25Y4hMMqWpz/ewM2XCSHB3uDxbzfuNAqB6mC0m0ypt8+23nQ
lqMi9YFylSYOsINtZeL6/iHVTJkry2VaakeHJYSO4imKHUcbPcbQoVb5L0E4Wq7I
KGxU49RF7FrR+XP96GAAXaLiFMmqZy/5c8kaH9+dx1JzJoo2HID/X9N2++Z2cwCn
0Dh7IF4rBjB+dCKlCf47PThKJ8kt88tf
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:58:03 2025 by rpki-client