Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft
File: O-7kvaWgSxBLHXLmAcMJONuktkQ.mft (raw, json)
Hash identifier: jbfXx7A+onfzdTp0xvYHUGeFu2jgTl8HCk42BBufilA=
Subject key identifier: 0B:DD:E5:74:75:82:AA:DE:19:D9:CD:93:8C:7C:52:3C:8C:F5:22:A4
Authority key identifier: 3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44
Certificate issuer: /CN=A911D2A3/serialNumber=3BEEE4BDA5A04B104B1D72E601C30938DBA4B644
Certificate serial: 14E5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft
Manifest number: 14DB
Signing time: Fri 28 Mar 2025 16:57:06 +0000
Manifest this update: Fri 28 Mar 2025 16:57:06 +0000
Manifest next update: Fri 04 Apr 2025 16:57:06 +0000
Files and hashes: 1: O-7kvaWgSxBLHXLmAcMJONuktkQ.crl (hash: sUIjaeS18aW20x9t77MzT9j4+5rzKp0r3LpyfoCU7VQ=)
2: D9EDB272C44C11ECA07C2D77C4F9AE02.roa (hash: wyU9pinjd2UbUaW4sVOJH2OwbvM9u93WKqi90XHcaFI=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5349 (0x14e5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A911D2A3
Validity
Not Before: Mar 28 16:57:06 2025 GMT
Not After : Apr 4 16:57:06 2025 GMT
Subject: CN=67e6d4e2-5b6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6b:61:a2:bb:3f:bb:08:b6:ba:4a:af:a9:7f:
72:dc:f5:49:a6:61:26:1b:22:71:ee:db:ee:20:dc:
cc:4d:43:18:85:89:fb:89:45:90:77:25:2a:03:1c:
f3:33:56:90:7e:9c:75:77:ae:25:1f:49:ec:d2:21:
73:a0:0b:a8:14:d2:19:2d:98:22:85:61:9f:2d:2d:
37:be:69:7f:3f:f1:b6:b4:fe:49:77:f8:3c:7b:e8:
42:cb:d8:ce:38:3e:85:f0:1b:f9:df:a3:2e:7e:5c:
2e:bb:fb:ad:a2:b6:86:ec:ca:8e:c3:07:e5:bb:0b:
74:7f:eb:1d:fd:d5:6c:3f:d5:77:6d:9b:b2:08:8c:
c5:6b:9a:17:45:00:3e:96:85:98:0e:77:4c:88:cf:
3f:de:da:44:0c:54:d5:24:f7:5e:c5:d4:59:0f:42:
d7:dc:d9:fa:8a:30:0e:3f:85:80:82:b7:29:3c:d3:
40:08:8a:46:d9:0a:14:9f:29:8b:dc:2e:fe:8a:16:
8c:9b:9e:84:e4:17:ed:27:9e:6f:22:8a:c5:cd:ea:
fe:ab:ad:bb:38:9d:23:9e:08:ba:ee:3b:0d:80:60:
34:02:e8:f9:98:c2:64:0e:1b:dd:4f:ba:6b:b8:e4:
e0:b1:b5:9b:4f:22:c6:02:f5:f8:6a:f0:88:8a:d6:
4b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:DD:E5:74:75:82:AA:DE:19:D9:CD:93:8C:7C:52:3C:8C:F5:22:A4
X509v3 Authority Key Identifier:
keyid:3B:EE:E4:BD:A5:A0:4B:10:4B:1D:72:E6:01:C3:09:38:DB:A4:B6:44
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O-7kvaWgSxBLHXLmAcMJONuktkQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911D2A3/F6AC63864EFD11E8892B8683C4F9AE02/O-7kvaWgSxBLHXLmAcMJONuktkQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
9d:c4:84:74:ae:22:a6:33:fe:a1:9e:14:fb:09:c7:8d:f2:8e:
03:5d:bd:28:96:a3:4d:cd:3a:0a:15:f0:13:91:59:32:1a:12:
0a:2b:40:6f:dc:67:67:82:80:c1:a8:47:e6:5f:4d:99:ca:09:
41:5f:d9:e0:29:36:79:ab:3c:86:e3:41:be:f9:9a:cd:a9:3a:
80:a4:3d:8b:75:f5:3d:28:28:92:cf:01:04:e7:93:16:e2:3c:
b7:b7:af:94:8d:47:33:43:b9:d0:5f:54:b6:1c:46:e0:69:d0:
bb:19:af:de:14:1c:03:4a:e6:a7:21:b6:77:d2:9f:99:25:b1:
e3:a9:50:6a:1f:f7:9d:5c:1d:2b:fb:69:7d:67:88:a9:e8:89:
ca:9f:5b:43:2b:f8:f8:49:46:14:6d:43:ea:56:a6:6e:61:94:
00:3d:b1:93:31:dc:8d:b2:be:a1:4f:38:30:2a:1e:5f:1e:cf:
f0:d1:13:62:c3:fe:47:f2:aa:b5:5e:7e:24:ad:6b:c3:01:22:
6c:c3:4c:aa:95:ee:34:32:df:36:e0:27:18:e5:f2:3d:ba:16:
55:6e:e5:b9:f0:07:a7:2c:55:93:d5:d4:cb:14:cb:8b:a1:5a:
5d:9d:d5:bc:34:65:e9:06:80:b8:b7:da:1f:c6:80:47:8e:7d:
0f:f4:db:1e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICFOUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MUQyQTMxMTAvBgNVBAUTKDNCRUVFNEJEQTVBMDRCMTA0QjFENzJFNjAxQzMwOTM4
REJBNEI2NDQwHhcNMjUwMzI4MTY1NzA2WhcNMjUwNDA0MTY1NzA2WjAYMRYwFAYD
VQQDEw02N2U2ZDRlMi01YjZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1mthors/uwi2ukqvqX9y3PVJpmEmGyJx7tvuINzMTUMYhYn7iUWQdyUqAxzz
M1aQfpx1d64lH0ns0iFzoAuoFNIZLZgihWGfLS03vml/P/G2tP5Jd/g8e+hCy9jO
OD6F8Bv536Muflwuu/utoraG7MqOwwfluwt0f+sd/dVsP9V3bZuyCIzFa5oXRQA+
loWYDndMiM8/3tpEDFTVJPdexdRZD0LX3Nn6ijAOP4WAgrcpPNNACIpG2QoUnymL
3C7+ihaMm56E5BftJ55vIorFzer+q627OJ0jngi67jsNgGA0Auj5mMJkDhvdT7pr
uOTgsbWbTyLGAvX4avCIitZLvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAvd5XR1
gqreGdnNk4x8UjyM9SKkMB8GA1UdIwQYMBaAFDvu5L2loEsQSx1y5gHDCTjbpLZE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRDJBMy9GNkFDNjM4NjRF
RkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4QkxIWExtQWNNSk9OdWt0
a1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL08tN2t2YVdnU3hCTEhYTG1BY01KT051a3RrUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx
RDJBMy9GNkFDNjM4NjRFRkQxMUU4ODkyQjg2ODNDNEY5QUUwMi9PLTdrdmFXZ1N4
QkxIWExtQWNNSk9OdWt0a1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCdxIR0riKmM/6hnhT7CceN8o4DXb0olqNNzToKFfATkVkyGhIKK0Bv
3GdngoDBqEfmX02ZyglBX9ngKTZ5qzyG40G++ZrNqTqApD2LdfU9KCiSzwEE55MW
4jy3t6+UjUczQ7nQX1S2HEbgadC7Ga/eFBwDSuanIbZ30p+ZJbHjqVBqH/edXB0r
+2l9Z4ip6InKn1tDK/j4SUYUbUPqVqZuYZQAPbGTMdyNsr6hTzgwKh5fHs/w0RNi
w/5H8qq1Xn4krWvDASJsw0yqle40Mt824CcY5fI9uhZVbuW58AenLFWT1dTLFMuL
oVpdndW8NGXpBoC4t9ofxoBHjn0P9Nse
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:53:03 2025 by rpki-client