Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91288D9/BA59535E425711EA8F838A43C4F9AE02/VB4KZv5g86rAJQLO8eSOYnpi90E.mft
File: VB4KZv5g86rAJQLO8eSOYnpi90E.mft (raw, json)
Hash identifier: DHrEi6vuHESQDAUOmY0Q7I51aGwq+XUg3/qgw5PVaJ8=
Subject key identifier: BE:0D:98:29:99:F8:0A:90:E3:F6:15:0D:7B:16:BF:F0:6D:CB:C3:B2
Authority key identifier: 54:1E:0A:66:FE:60:F3:AA:C0:25:02:CE:F1:E4:8E:62:7A:62:F7:41
Certificate issuer: /CN=A91288D9/serialNumber=541E0A66FE60F3AAC02502CEF1E48E627A62F741
Certificate serial: 0AEC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VB4KZv5g86rAJQLO8eSOYnpi90E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91288D9/BA59535E425711EA8F838A43C4F9AE02/VB4KZv5g86rAJQLO8eSOYnpi90E.mft
Manifest number: 0AE5
Signing time: Fri 28 Mar 2025 19:33:15 +0000
Manifest this update: Fri 28 Mar 2025 19:33:14 +0000
Manifest next update: Fri 04 Apr 2025 19:33:14 +0000
Files and hashes: 1: VB4KZv5g86rAJQLO8eSOYnpi90E.crl (hash: +R9dnqL4uq9PMpDSpMyotOPLpgxiOcFFPpPqYZNkAvc=)
2: E0FCE614425811EAADEA3B45C4F9AE02.roa (hash: uo0CqqDq1LW4OE16oHJh3v7l3D+UDenz/raY8uxIHFA=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2796 (0xaec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91288D9
Validity
Not Before: Mar 28 19:33:14 2025 GMT
Not After : Apr 4 19:33:14 2025 GMT
Subject: CN=67e6f97b-e32e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:99:a5:70:8d:34:ac:23:ad:4f:ad:51:a6:fa:
9c:27:2d:b5:a7:a8:e4:ff:22:71:3a:7e:04:64:08:
7d:ce:cc:5e:1a:09:57:46:98:4f:db:52:a3:65:21:
e3:24:29:30:2f:89:e7:e4:91:25:8e:a9:a6:e6:4f:
6f:7f:65:6a:e1:d0:51:ae:77:86:8c:62:b1:d7:11:
1e:d8:11:06:92:e7:eb:3a:f5:bb:06:18:4a:31:79:
87:79:28:73:c7:63:f6:bf:85:67:d9:cd:0f:93:96:
d6:10:99:7a:0f:ad:e3:b9:e9:7d:24:e1:05:32:8c:
e1:4a:03:ce:46:6e:2c:f8:7d:9a:47:f8:80:0e:72:
1b:4e:ff:8c:41:96:ef:0c:df:5f:28:64:53:c0:34:
d5:c9:e8:23:d2:87:0d:45:4d:d5:83:b1:87:79:35:
cf:7b:49:d2:bd:f2:b2:30:7b:46:eb:36:78:d0:c9:
20:3c:a5:2f:13:63:01:2d:1c:52:ba:24:f1:53:44:
86:d2:ea:7a:e5:90:17:4d:cc:1c:93:b9:27:0d:24:
ba:3a:59:f8:b6:b7:7e:b9:b8:51:13:24:a3:de:27:
df:96:59:90:eb:e4:69:56:b6:9e:62:95:a2:5e:d9:
29:b2:9d:87:9d:4e:48:31:ef:4d:a3:46:0d:a0:51:
7c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:0D:98:29:99:F8:0A:90:E3:F6:15:0D:7B:16:BF:F0:6D:CB:C3:B2
X509v3 Authority Key Identifier:
keyid:54:1E:0A:66:FE:60:F3:AA:C0:25:02:CE:F1:E4:8E:62:7A:62:F7:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91288D9/BA59535E425711EA8F838A43C4F9AE02/VB4KZv5g86rAJQLO8eSOYnpi90E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/VB4KZv5g86rAJQLO8eSOYnpi90E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91288D9/BA59535E425711EA8F838A43C4F9AE02/VB4KZv5g86rAJQLO8eSOYnpi90E.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
5a:d0:0b:56:d1:a6:db:46:44:26:88:25:ec:71:9d:9f:e2:ee:
64:33:fa:fc:ed:54:fb:0e:94:f0:bd:2f:a1:cb:35:8f:54:e6:
a9:b2:7b:e5:61:f9:29:63:b3:db:ba:37:89:13:32:ac:ab:29:
cb:a9:42:44:48:5b:f9:28:b4:0e:03:1c:d5:ec:ee:c0:a0:91:
a9:77:04:5a:6c:68:1f:8a:14:e9:af:ce:fc:30:aa:66:eb:3b:
c8:b7:db:45:88:0e:15:5a:42:eb:16:96:97:96:40:90:5d:be:
92:ab:00:81:5a:d0:cf:ca:5e:c3:8f:c9:91:f4:11:44:eb:6b:
7f:31:69:7d:af:9e:6b:2d:d7:ff:30:28:8c:ac:63:e0:65:bb:
21:55:19:59:b7:01:3c:55:82:df:e2:bf:85:d6:78:31:fd:66:
15:a5:36:8b:87:aa:91:92:db:fd:1b:5a:5c:fe:f5:06:3f:13:
8d:9f:83:72:f1:04:10:26:43:d4:3c:8c:7e:66:ef:75:85:bc:
eb:d3:ce:2c:ef:3f:d4:1b:98:33:2d:0e:5e:aa:fd:3d:c9:cd:
87:b2:25:1b:18:21:54:5f:b9:59:75:89:b5:cc:33:db:66:ad:
24:ef:61:0e:74:79:9a:08:be:c9:38:01:50:1a:71:00:ae:c8:
89:2a:40:16
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCuwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Mjg4RDkxMTAvBgNVBAUTKDU0MUUwQTY2RkU2MEYzQUFDMDI1MDJDRUYxRTQ4RTYy
N0E2MkY3NDEwHhcNMjUwMzI4MTkzMzE0WhcNMjUwNDA0MTkzMzE0WjAYMRYwFAYD
VQQDEw02N2U2Zjk3Yi1lMzJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAl5mlcI00rCOtT61RpvqcJy21p6jk/yJxOn4EZAh9zsxeGglXRphP21KjZSHj
JCkwL4nn5JEljqmm5k9vf2Vq4dBRrneGjGKx1xEe2BEGkufrOvW7BhhKMXmHeShz
x2P2v4Vn2c0Pk5bWEJl6D63juel9JOEFMozhSgPORm4s+H2aR/iADnIbTv+MQZbv
DN9fKGRTwDTVyegj0ocNRU3Vg7GHeTXPe0nSvfKyMHtG6zZ40MkgPKUvE2MBLRxS
uiTxU0SG0up65ZAXTcwck7knDSS6Oln4trd+ubhREySj3iffllmQ6+RpVraeYpWi
Xtkpsp2HnU5IMe9No0YNoFF8aQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL4NmCmZ
+AqQ4/YVDXsWv/Bty8OyMB8GA1UdIwQYMBaAFFQeCmb+YPOqwCUCzvHkjmJ6YvdB
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODhEOS9CQTU5NTM1RTQy
NTcxMUVBOEY4MzhBNDNDNEY5QUUwMi9WQjRLWnY1Zzg2ckFKUUxPOGVTT1lucGk5
MEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1ZCNEtadjVnODZyQUpRTE84ZVNPWW5waTkwRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy
ODhEOS9CQTU5NTM1RTQyNTcxMUVBOEY4MzhBNDNDNEY5QUUwMi9WQjRLWnY1Zzg2
ckFKUUxPOGVTT1lucGk5MEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBa0AtW0abbRkQmiCXscZ2f4u5kM/r87VT7DpTwvS+hyzWPVOapsnvl
YfkpY7PbujeJEzKsqynLqUJESFv5KLQOAxzV7O7AoJGpdwRabGgfihTpr878MKpm
6zvIt9tFiA4VWkLrFpaXlkCQXb6SqwCBWtDPyl7Dj8mR9BFE62t/MWl9r55rLdf/
MCiMrGPgZbshVRlZtwE8VYLf4r+F1ngx/WYVpTaLh6qRktv9G1pc/vUGPxONn4Ny
8QQQJkPUPIx+Zu91hbzr084s7z/UG5gzLQ5eqv09yc2HsiUbGCFUX7lZdYm1zDPb
Zq0k72EOdHmaCL7JOAFQGnEArsiJKkAW
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:04:28 2025 by rpki-client