Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.mft
File: ZI5HI0RBcbar4W19wDDonAbwUNw.mft (raw, json)
Hash identifier: KSUfHoGYSOyp0nLfeFNtGYqAX7NDN6Xl6g3c8d4jQy4=
Subject key identifier: D7:8F:EE:ED:37:33:AF:DB:0D:64:8C:BF:69:30:6E:C8:07:D5:13:CE
Authority key identifier: 64:8E:47:23:44:41:71:B6:AB:E1:6D:7D:C0:30:E8:9C:06:F0:50:DC
Certificate issuer: /CN=A91408BE/serialNumber=648E4723444171B6ABE16D7DC030E89C06F050DC
Certificate serial: 0AF3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZI5HI0RBcbar4W19wDDonAbwUNw.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.mft
Manifest number: 0AED
Signing time: Fri 28 Mar 2025 19:30:41 +0000
Manifest this update: Fri 28 Mar 2025 19:30:40 +0000
Manifest next update: Fri 04 Apr 2025 19:30:40 +0000
Files and hashes: 1: ZI5HI0RBcbar4W19wDDonAbwUNw.crl (hash: YH2DKwzkbxxNsC66jMKNje6G47K4Bc3a/zH2KuvuULw=)
2: 5DCB0A0C410C11EA8A6C412DC4F9AE02.roa (hash: J/8oDeRELdGOcwKCSIyZI2ucZRyx8ILa8bbFd/o79oQ=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2803 (0xaf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91408BE
Validity
Not Before: Mar 28 19:30:40 2025 GMT
Not After : Apr 4 19:30:40 2025 GMT
Subject: CN=67e6f8e1-bebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:16:b6:3a:e0:05:19:80:df:d3:52:cd:ed:3d:
55:62:50:6f:7a:67:35:94:04:d3:31:0d:b8:24:4c:
12:8e:13:31:8b:8c:d9:2c:87:9a:4f:e3:ad:f9:18:
db:c2:37:db:7f:d3:62:ab:fc:cb:41:ef:aa:f3:82:
69:46:6a:6c:c3:6b:dc:85:d3:de:99:8f:4f:6c:17:
cc:e7:8b:09:ba:54:ab:4e:c2:f3:01:22:b5:14:9b:
d7:62:3c:15:6c:53:60:40:bd:05:9f:5f:3f:9b:e9:
ff:07:44:23:42:52:98:41:9f:ba:3a:e3:9b:8e:88:
0c:b1:56:93:31:cf:73:c2:29:7c:97:9f:25:94:09:
12:df:e1:22:c4:67:9a:13:b2:03:01:01:12:b9:4c:
f0:0b:18:bb:05:dc:d3:bd:0f:e8:94:1a:42:a6:fd:
4d:ec:86:5d:f3:c4:98:e4:9e:46:a7:f7:81:1c:14:
91:cb:a6:26:72:75:4f:ef:9e:c7:d7:c1:a2:43:df:
a3:b0:fc:ce:11:78:f8:66:a3:49:fa:41:3a:ca:30:
cb:f7:48:26:a0:8f:58:62:06:36:07:98:9c:7b:d8:
0b:22:ff:19:37:7f:78:d8:31:5f:52:45:36:3b:ca:
8b:39:38:5e:f6:65:77:8c:b2:1e:0b:e1:2e:16:cc:
5b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:8F:EE:ED:37:33:AF:DB:0D:64:8C:BF:69:30:6E:C8:07:D5:13:CE
X509v3 Authority Key Identifier:
keyid:64:8E:47:23:44:41:71:B6:AB:E1:6D:7D:C0:30:E8:9C:06:F0:50:DC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZI5HI0RBcbar4W19wDDonAbwUNw.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91408BE/A2C827EE410B11EAB6954A2CC4F9AE02/ZI5HI0RBcbar4W19wDDonAbwUNw.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
3a:3f:70:6b:27:c7:1a:a8:7a:b5:b6:fe:56:18:61:2a:f1:fa:
7c:b5:b1:9e:17:d6:9b:ea:e2:34:cf:be:41:40:2c:d9:ed:36:
65:c6:b9:d2:d2:67:e7:2d:b9:1d:a7:2e:02:c0:5e:3a:3a:68:
55:56:13:8e:3e:3b:da:cf:79:f8:44:d1:42:0a:d0:8a:70:00:
4c:2c:54:6a:b1:02:6a:94:82:1b:ee:65:ec:a5:90:d6:48:1d:
35:0b:d3:c7:18:aa:9d:e2:a5:bf:8a:3a:9e:86:bf:39:a7:a9:
6d:db:2b:8d:61:59:dd:51:c1:a7:b1:c5:41:fa:15:7f:eb:92:
ea:a2:e2:55:a8:98:58:bc:cc:98:b2:f3:2f:e2:17:58:41:29:
ac:b6:f4:43:85:55:35:da:f5:af:53:82:1b:21:7b:07:17:8c:
a2:97:8d:62:f9:8f:92:f7:8d:86:08:b7:f6:5f:74:f4:ac:fc:
de:f5:e5:e4:68:87:f7:5e:45:c6:ce:c0:df:d2:3f:cc:e2:7b:
c3:93:69:76:5a:0b:11:1f:23:24:49:f1:83:ef:5b:b2:6a:a8:
52:44:6a:b7:81:c1:37:c9:02:5c:87:73:2c:41:a6:af:e9:6d:
b1:f1:f3:74:9a:9c:0b:4a:9a:69:7f:fb:5e:b7:d3:66:a4:6e:
d7:8a:ec:05
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCvMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDA4QkUxMTAvBgNVBAUTKDY0OEU0NzIzNDQ0MTcxQjZBQkUxNkQ3REMwMzBFODlD
MDZGMDUwREMwHhcNMjUwMzI4MTkzMDQwWhcNMjUwNDA0MTkzMDQwWjAYMRYwFAYD
VQQDEw02N2U2ZjhlMS1iZWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwRa2OuAFGYDf01LN7T1VYlBvemc1lATTMQ24JEwSjhMxi4zZLIeaT+Ot+Rjb
wjfbf9Niq/zLQe+q84JpRmpsw2vchdPemY9PbBfM54sJulSrTsLzASK1FJvXYjwV
bFNgQL0Fn18/m+n/B0QjQlKYQZ+6OuObjogMsVaTMc9zwil8l58llAkS3+EixGea
E7IDAQESuUzwCxi7BdzTvQ/olBpCpv1N7IZd88SY5J5Gp/eBHBSRy6YmcnVP757H
18GiQ9+jsPzOEXj4ZqNJ+kE6yjDL90gmoI9YYgY2B5ice9gLIv8ZN3942DFfUkU2
O8qLOThe9mV3jLIeC+EuFsxbzwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNeP7u03
M6/bDWSMv2kwbsgH1RPOMB8GA1UdIwQYMBaAFGSORyNEQXG2q+FtfcAw6JwG8FDc
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MDhCRS9BMkM4MjdFRTQx
MEIxMUVBQjY5NTRBMkNDNEY5QUUwMi9aSTVISTBSQmNiYXI0VzE5d0REb25BYndV
TncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1pJNUhJMFJCY2JhcjRXMTl3RERvbkFid1VOdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MDhCRS9BMkM4MjdFRTQxMEIxMUVBQjY5NTRBMkNDNEY5QUUwMi9aSTVISTBSQmNi
YXI0VzE5d0REb25BYndVTncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA6P3BrJ8caqHq1tv5WGGEq8fp8tbGeF9ab6uI0z75BQCzZ7TZlxrnS
0mfnLbkdpy4CwF46OmhVVhOOPjvaz3n4RNFCCtCKcABMLFRqsQJqlIIb7mXspZDW
SB01C9PHGKqd4qW/ijqehr85p6lt2yuNYVndUcGnscVB+hV/65LqouJVqJhYvMyY
svMv4hdYQSmstvRDhVU12vWvU4IbIXsHF4yil41i+Y+S942GCLf2X3T0rPze9eXk
aIf3XkXGzsDf0j/M4nvDk2l2WgsRHyMkSfGD71uyaqhSRGq3gcE3yQJch3MsQaav
6W2x8fN0mpwLSpppf/tet9NmpG7XiuwF
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:14:54 2025 by rpki-client