Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft
File: KXr2WH-YpJnreNLMrjYW70KfV1A.mft (raw, json)
Hash identifier: KADt74tr7HXdCcYmGkKDdJhL8bR2qQKumlLJIVuXtZg=
Subject key identifier: D4:7E:58:31:72:ED:50:4A:35:57:16:5D:FB:E9:DD:18:3A:B4:B9:A4
Authority key identifier: 29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50
Certificate issuer: /CN=A91411BC/serialNumber=297AF6587F98A499EB78D2CCAE3616EF429F5750
Certificate serial: 1305
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft
Manifest number: 12FD
Signing time: Fri 28 Mar 2025 17:09:41 +0000
Manifest this update: Fri 28 Mar 2025 17:09:40 +0000
Manifest next update: Fri 04 Apr 2025 17:09:40 +0000
Files and hashes: 1: KXr2WH-YpJnreNLMrjYW70KfV1A.crl (hash: 4cQqfffUi9dF7qidSi6a0O6Zc6cB30m7HmjCXPrN0J8=)
2: B4996A22AC3411E88623474BC4F9AE02.roa (hash: Uautv1XlrGIKG3uUq9YoWLtURxeqWmVrl93Jj3fy9ko=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4869 (0x1305)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91411BC
Validity
Not Before: Mar 28 17:09:40 2025 GMT
Not After : Apr 4 17:09:40 2025 GMT
Subject: CN=67e6d7d5-cb56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:e8:bb:ee:1c:a7:6a:19:85:12:8b:ed:98:20:
c1:be:d7:45:58:04:ff:0e:74:de:19:40:f0:8f:3b:
99:a2:6c:76:17:24:84:bb:c2:de:c5:fe:68:5f:14:
da:05:a2:e9:fe:bb:13:98:eb:7f:71:92:d8:93:24:
23:f7:fa:b9:e0:29:d2:ee:68:bf:f2:eb:9c:6b:43:
f4:46:e2:8e:e2:0f:ca:17:cb:fa:2c:e1:50:0a:04:
56:3c:98:0a:36:d8:09:30:ff:35:d8:d9:c0:e8:a1:
f6:62:61:80:74:73:76:3d:39:44:ea:57:e0:05:2a:
62:e7:eb:4c:a7:fe:8b:f4:ef:7a:72:7c:d9:7d:37:
f3:22:a0:b9:be:67:ee:63:1b:b2:f1:79:e7:c7:16:
5a:2e:c8:49:cc:9e:9b:c9:1f:80:0c:db:c9:88:96:
60:0c:4f:45:e5:39:08:0a:65:8b:38:a6:2f:8b:4c:
da:46:47:5c:00:13:1e:a2:7a:2e:b8:1e:fb:5a:55:
84:96:58:ff:2f:94:f4:f6:c5:5b:a8:9e:b9:b2:3a:
51:31:d3:d9:a3:16:6d:10:e4:66:3b:53:7b:9c:67:
29:19:b9:49:dc:1a:4e:48:5f:f9:8f:ff:99:cc:b2:
31:df:b2:2c:ed:6e:8d:a1:53:30:36:9e:a3:49:30:
43:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:7E:58:31:72:ED:50:4A:35:57:16:5D:FB:E9:DD:18:3A:B4:B9:A4
X509v3 Authority Key Identifier:
keyid:29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
c1:c5:52:59:42:65:5b:20:20:c6:c9:f2:8d:0e:27:93:05:49:
7a:a6:40:51:26:04:fa:6a:a4:d6:f6:8a:79:c7:51:a2:27:96:
d2:ec:df:d8:4a:b5:f8:57:a6:91:23:23:17:98:80:c8:62:b7:
e6:9d:25:c2:56:94:26:5d:0f:f6:b3:8e:b2:cc:6a:a1:c0:52:
90:d8:d0:ae:4c:02:ad:40:c7:6b:0e:8f:0a:6b:c1:90:06:cb:
07:ae:bd:1f:b2:e4:0f:c2:f3:a2:ba:c6:cb:61:da:54:c8:5f:
00:f1:4a:d0:65:05:ba:56:82:e8:e5:a9:b5:fe:33:29:05:77:
49:80:28:ef:60:97:67:7c:e2:8b:34:70:f2:70:07:04:52:9e:
45:49:00:b6:ef:24:b4:94:98:d0:4e:b0:86:83:44:48:48:f1:
2d:fb:8a:0a:91:37:12:e8:3a:3a:c0:5a:85:3a:64:cb:d5:6a:
34:44:21:86:16:c6:71:16:a5:9f:9a:49:92:9a:45:e8:3e:9a:
0c:6d:48:5b:b8:4b:1f:11:e7:06:0d:ea:1a:ae:49:25:b1:3f:
29:01:8f:be:8b:30:7f:e8:bb:6e:d7:18:d8:90:1b:36:b3:4a:
23:0b:33:f2:b9:d5:ea:b1:33:e2:f9:b5:57:f9:5a:28:b2:17:
48:03:c9:e2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICEwUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDExQkMxMTAvBgNVBAUTKDI5N0FGNjU4N0Y5OEE0OTlFQjc4RDJDQ0FFMzYxNkVG
NDI5RjU3NTAwHhcNMjUwMzI4MTcwOTQwWhcNMjUwNDA0MTcwOTQwWjAYMRYwFAYD
VQQDEw02N2U2ZDdkNS1jYjU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5+i77hynahmFEovtmCDBvtdFWAT/DnTeGUDwjzuZomx2FySEu8Lexf5oXxTa
BaLp/rsTmOt/cZLYkyQj9/q54CnS7mi/8uuca0P0RuKO4g/KF8v6LOFQCgRWPJgK
NtgJMP812NnA6KH2YmGAdHN2PTlE6lfgBSpi5+tMp/6L9O96cnzZfTfzIqC5vmfu
Yxuy8XnnxxZaLshJzJ6byR+ADNvJiJZgDE9F5TkICmWLOKYvi0zaRkdcABMeonou
uB77WlWEllj/L5T09sVbqJ65sjpRMdPZoxZtEORmO1N7nGcpGblJ3BpOSF/5j/+Z
zLIx37Is7W6NoVMwNp6jSTBDDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNR+WDFy
7VBKNVcWXfvp3Rg6tLmkMB8GA1UdIwQYMBaAFCl69lh/mKSZ63jSzK42Fu9Cn1dQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MTFCQy9FMzE3MUIwMkFD
MzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBKbnJlTkxNcmpZVzcwS2ZW
MUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tYcjJXSC1ZcEpucmVOTE1yallXNzBLZlYxQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
MTFCQy9FMzE3MUIwMkFDMzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBK
bnJlTkxNcmpZVzcwS2ZWMUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQDBxVJZQmVbICDGyfKNDieTBUl6pkBRJgT6aqTW9op5x1GiJ5bS7N/Y
SrX4V6aRIyMXmIDIYrfmnSXCVpQmXQ/2s46yzGqhwFKQ2NCuTAKtQMdrDo8Ka8GQ
BssHrr0fsuQPwvOiusbLYdpUyF8A8UrQZQW6VoLo5am1/jMpBXdJgCjvYJdnfOKL
NHDycAcEUp5FSQC27yS0lJjQTrCGg0RISPEt+4oKkTcS6Do6wFqFOmTL1Wo0RCGG
FsZxFqWfmkmSmkXoPpoMbUhbuEsfEecGDeoarkklsT8pAY++izB/6Ltu1xjYkBs2
s0ojCzPyudXqsTPi+bVX+VooshdIA8ni
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:45:33 2025 by rpki-client