Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A913837F/64590C1246E311EEB5E41642C4F9AE02/BKm4kZsiD18-q9D03YXi9b28VQA.mft
File: BKm4kZsiD18-q9D03YXi9b28VQA.mft (raw, json)
Hash identifier: 4w+xhciE/f4sU06zTtvTSh+lTMmsBVfDUaeBSIZyWw8=
Subject key identifier: 8A:4C:7E:61:FB:6E:07:58:62:97:47:E1:F4:8D:8B:F5:2F:C6:A2:85
Authority key identifier: 04:A9:B8:91:9B:22:0F:5F:3E:AB:D0:F4:DD:85:E2:F5:BD:BC:55:00
Certificate issuer: /CN=A913837F/serialNumber=04A9B8919B220F5F3EABD0F4DD85E2F5BDBC5500
Certificate serial: 012A
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BKm4kZsiD18-q9D03YXi9b28VQA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A913837F/64590C1246E311EEB5E41642C4F9AE02/BKm4kZsiD18-q9D03YXi9b28VQA.mft
Manifest number: 0128
Signing time: Sat 29 Mar 2025 04:01:38 +0000
Manifest this update: Sat 29 Mar 2025 04:01:38 +0000
Manifest next update: Sat 05 Apr 2025 04:01:38 +0000
Files and hashes: 1: BKm4kZsiD18-q9D03YXi9b28VQA.crl (hash: 4Xoz1YyVsU2y8Ot92uDXqTUv8EnbybNohfrcc/yxg0Q=)
2: 3D83357646E411EE82ED8843C4F9AE02.roa (hash: g/+jUDFbmU3qj9AfAKSl3kwzplQXj9NIVbGDOmw78Ds=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 298 (0x12a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A913837F
Validity
Not Before: Mar 29 04:01:38 2025 GMT
Not After : Apr 5 04:01:38 2025 GMT
Subject: CN=67e770a2-a26b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d9:0c:77:db:43:fd:d1:1f:74:a4:c0:21:77:
2f:bb:bf:7d:fd:e9:0e:46:45:cc:6f:69:a3:2f:ed:
37:8e:25:ec:f0:b6:ea:3f:28:0c:87:41:78:f8:ea:
af:62:04:43:65:ff:9b:bf:1b:2f:92:76:43:ac:ae:
39:f1:46:8e:3b:a0:50:e3:b2:e7:8c:fa:33:e0:4d:
f4:17:67:2a:17:d0:50:22:b8:78:37:9c:1d:87:c3:
29:6c:84:44:28:13:6a:75:13:50:c9:ae:01:22:61:
a8:40:79:50:c0:93:ec:8c:a0:a2:f9:3c:af:36:ae:
b5:a7:20:2d:13:6d:f6:18:ec:c5:73:32:bc:e7:01:
e1:28:f1:34:52:ac:6c:5a:90:a2:cc:63:de:bb:05:
4f:40:89:40:05:72:65:cf:5e:99:07:ff:bc:ae:1d:
bf:e0:be:9f:8e:08:60:cd:12:cd:3c:8c:c7:06:9f:
d5:71:35:f2:c1:d7:d8:41:55:6e:a3:85:35:42:24:
9d:4a:f5:ba:b8:76:69:bc:47:e6:9e:c4:69:15:74:
7e:43:a3:e5:43:a1:a7:a7:c5:5a:04:37:73:e7:03:
9d:41:77:82:ff:4e:fc:96:43:2f:ce:6e:f4:3f:1a:
7b:71:89:fa:b2:35:44:30:07:d1:7a:f0:a4:56:a4:
cf:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4C:7E:61:FB:6E:07:58:62:97:47:E1:F4:8D:8B:F5:2F:C6:A2:85
X509v3 Authority Key Identifier:
keyid:04:A9:B8:91:9B:22:0F:5F:3E:AB:D0:F4:DD:85:E2:F5:BD:BC:55:00
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A913837F/64590C1246E311EEB5E41642C4F9AE02/BKm4kZsiD18-q9D03YXi9b28VQA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BKm4kZsiD18-q9D03YXi9b28VQA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913837F/64590C1246E311EEB5E41642C4F9AE02/BKm4kZsiD18-q9D03YXi9b28VQA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
a3:51:38:b7:53:06:36:c3:3d:bc:a1:fe:2f:61:93:42:9d:49:
ed:01:be:f1:17:5d:52:d4:53:45:06:bb:22:f9:37:78:f8:f4:
96:97:07:9b:07:df:5d:1e:8a:fa:dd:2a:43:b9:24:e1:0a:f5:
05:90:87:48:6c:5b:6d:ed:f0:47:55:e0:32:56:7b:1c:ec:5f:
05:59:e1:b5:69:ca:85:59:dc:ee:08:9d:d0:17:1b:c8:00:52:
94:0e:04:92:cc:1a:00:c4:3f:53:d7:f2:55:b4:ce:66:d2:c3:
33:f6:22:eb:39:b5:1e:6b:67:45:4e:3c:5c:35:7b:aa:29:b1:
57:e4:bb:37:9b:d6:98:8a:a9:7a:12:9d:86:29:b2:b9:82:c4:
40:6a:48:2a:fd:4e:0e:92:46:32:4e:a7:9c:50:a3:8f:71:9f:
5f:0e:76:ad:68:d9:72:7e:50:25:9c:e0:8b:8d:39:2f:ad:a5:
9f:1f:c4:99:77:e5:be:99:e1:0c:95:81:8b:4b:55:b0:16:be:
81:21:ee:2f:32:78:a6:55:e9:2d:ec:ba:0c:aa:75:00:d6:45:
0d:cb:97:88:20:e7:83:df:cf:ed:c6:59:45:c5:a0:b4:34:9e:
ed:21:5f:da:f8:5d:0e:75:ac:d5:87:5d:51:ad:39:86:40:aa:
2a:9d:42:89
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICASowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzgzN0YxMTAvBgNVBAUTKDA0QTlCODkxOUIyMjBGNUYzRUFCRDBGNEREODVFMkY1
QkRCQzU1MDAwHhcNMjUwMzI5MDQwMTM4WhcNMjUwNDA1MDQwMTM4WjAYMRYwFAYD
VQQDEw02N2U3NzBhMi1hMjZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr9kMd9tD/dEfdKTAIXcvu799/ekORkXMb2mjL+03jiXs8LbqPygMh0F4+Oqv
YgRDZf+bvxsvknZDrK458UaOO6BQ47LnjPoz4E30F2cqF9BQIrh4N5wdh8MpbIRE
KBNqdRNQya4BImGoQHlQwJPsjKCi+TyvNq61pyAtE232GOzFczK85wHhKPE0Uqxs
WpCizGPeuwVPQIlABXJlz16ZB/+8rh2/4L6fjghgzRLNPIzHBp/VcTXywdfYQVVu
o4U1QiSdSvW6uHZpvEfmnsRpFXR+Q6PlQ6Gnp8VaBDdz5wOdQXeC/078lkMvzm70
Pxp7cYn6sjVEMAfRevCkVqTPNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIpMfmH7
bgdYYpdH4fSNi/UvxqKFMB8GA1UdIwQYMBaAFASpuJGbIg9fPqvQ9N2F4vW9vFUA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzODM3Ri82NDU5MEMxMjQ2
RTMxMUVFQjVFNDE2NDJDNEY5QUUwMi9CS200a1pzaUQxOC1xOUQwM1lYaTliMjhW
UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0JLbTRrWnNpRDE4LXE5RDAzWVhpOWIyOFZRQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz
ODM3Ri82NDU5MEMxMjQ2RTMxMUVFQjVFNDE2NDJDNEY5QUUwMi9CS200a1pzaUQx
OC1xOUQwM1lYaTliMjhWUUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCjUTi3UwY2wz28of4vYZNCnUntAb7xF11S1FNFBrsi+Td4+PSWlweb
B99dHor63SpDuSThCvUFkIdIbFtt7fBHVeAyVnsc7F8FWeG1acqFWdzuCJ3QFxvI
AFKUDgSSzBoAxD9T1/JVtM5m0sMz9iLrObUea2dFTjxcNXuqKbFX5Ls3m9aYiql6
Ep2GKbK5gsRAakgq/U4OkkYyTqecUKOPcZ9fDnataNlyflAlnOCLjTkvraWfH8SZ
d+W+meEMlYGLS1WwFr6BIe4vMnimVekt7LoMqnUA1kUNy5eIIOeD38/txllFxaC0
NJ7tIV/a+F0OdazVh11RrTmGQKoqnUKJ
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:23:05 2025 by rpki-client