Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft
File: 320AK7yrolDSrmtEVOPL_WfSx-o.mft (raw, json)
Hash identifier: 8QTYRxYwt5fAx/DWIbb7I3Ha8+LgQtiXfsDlUnvt3bw=
Subject key identifier: 1C:80:55:5A:30:EA:27:7F:59:11:12:3E:92:16:7B:96:96:95:0D:58
Authority key identifier: DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA
Certificate issuer: /CN=A9143DE2/serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA
Certificate serial: 096F
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft
Manifest number: 0965
Signing time: Fri 28 Mar 2025 20:27:23 +0000
Manifest this update: Fri 28 Mar 2025 20:27:22 +0000
Manifest next update: Fri 04 Apr 2025 20:27:22 +0000
Files and hashes: 1: 320AK7yrolDSrmtEVOPL_WfSx-o.crl (hash: U2ZYx4B/d/OfyG3psZoLRAbg1AHHjW3W1xYC1y+mQLQ=)
2: C07738FE9F4511EB88EBCA76C4F9AE02.roa (hash: EW5gw++/Nv/7XkyhmrGAdJFCyCQBgQSX+Pdw0qIT5p4=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2415 (0x96f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9143DE2
Validity
Not Before: Mar 28 20:27:22 2025 GMT
Not After : Apr 4 20:27:22 2025 GMT
Subject: CN=67e7062b-da80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:d2:b7:b1:fd:37:56:95:7d:e2:87:37:c9:ed:
e8:a3:2f:ea:d0:5e:b9:86:d9:02:1a:dd:d2:cc:55:
d0:b3:88:38:c5:19:4a:60:d7:55:54:4e:d4:5a:dc:
64:7d:9b:85:82:ad:f2:ce:84:c3:8b:16:b7:ee:c3:
9f:c1:6d:35:03:c4:63:84:b4:83:7d:b9:31:27:af:
6d:b0:be:d3:8d:b6:6b:27:8a:30:46:5a:2d:a3:56:
13:93:84:8e:4d:f2:c0:61:39:35:90:8a:83:b2:e9:
4b:36:78:6a:97:c9:66:71:fe:c2:af:00:de:e3:66:
b4:29:83:f5:09:14:c0:c6:b8:52:1f:99:b7:7b:37:
e5:86:6d:a0:9a:4c:0c:1b:73:f1:02:68:f6:b0:ff:
b6:c2:16:f5:43:26:6d:e7:be:be:7a:09:02:2b:04:
ac:3c:5a:ec:a1:56:3b:2f:5a:89:49:45:b5:d4:cf:
a9:1d:f9:4a:a6:13:8c:53:a0:e1:67:cd:cf:e7:a7:
7e:e7:ed:04:e8:86:92:3c:24:51:1f:f9:44:36:b5:
ae:77:de:87:08:a3:f5:e9:8d:81:30:12:a0:49:51:
83:48:8f:f0:6a:f7:5d:83:45:5a:7d:15:37:07:86:
71:7b:3f:0c:75:73:fd:a3:bf:ad:a2:4d:29:98:e7:
a1:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:80:55:5A:30:EA:27:7F:59:11:12:3E:92:16:7B:96:96:95:0D:58
X509v3 Authority Key Identifier:
keyid:DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
28:69:58:ab:0a:1b:47:58:03:8f:e2:79:f2:02:0a:7b:15:32:
9c:89:63:97:d5:0f:2d:b2:96:44:56:e8:09:3f:66:92:1f:45:
f5:40:15:9c:06:29:51:80:a2:3b:ec:76:ec:2f:60:d9:74:40:
e1:2d:ba:64:8d:47:80:b4:71:cd:3b:b1:91:38:7d:a0:6d:70:
e7:44:2d:58:4f:46:d4:47:fe:d3:f5:c9:87:f0:59:6c:0f:ef:
99:ae:ca:c8:15:98:d0:d2:83:d5:bb:1a:0c:b4:09:36:4e:80:
87:02:76:ea:44:93:54:d5:42:db:c6:67:c4:6d:13:83:44:c7:
1c:33:81:2a:ec:47:2a:b2:51:67:41:1c:c8:b3:5d:27:1d:52:
77:95:3a:bf:40:21:0b:f9:1b:e6:23:be:9a:2f:5e:ff:84:84:
22:c4:c4:36:5d:3e:d5:c0:25:40:b9:30:ef:8e:1d:64:f1:c7:
54:0a:55:43:99:e2:82:e9:20:44:95:03:f1:6d:18:73:67:13:
21:fd:29:6e:e9:e0:09:7a:c5:b2:2d:86:9e:da:dd:62:e0:ad:
bd:c1:81:18:c8:98:58:56:3e:b7:67:19:9a:23:f4:0f:54:ac:
0e:34:a0:99:b2:f5:09:d1:4a:e6:aa:ac:95:b0:e2:3e:e3:c2:
cb:a1:ef:24
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCW8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDNERTIxMTAvBgNVBAUTKERGNkQwMDJCQkNBQkEyNTBEMkFFNkI0NDU0RTNDQkZE
NjdEMkM3RUEwHhcNMjUwMzI4MjAyNzIyWhcNMjUwNDA0MjAyNzIyWjAYMRYwFAYD
VQQDEw02N2U3MDYyYi1kYTgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3dK3sf03VpV94oc3ye3ooy/q0F65htkCGt3SzFXQs4g4xRlKYNdVVE7UWtxk
fZuFgq3yzoTDixa37sOfwW01A8RjhLSDfbkxJ69tsL7TjbZrJ4owRloto1YTk4SO
TfLAYTk1kIqDsulLNnhql8lmcf7CrwDe42a0KYP1CRTAxrhSH5m3ezflhm2gmkwM
G3PxAmj2sP+2whb1QyZt576+egkCKwSsPFrsoVY7L1qJSUW11M+pHflKphOMU6Dh
Z83P56d+5+0E6IaSPCRRH/lENrWud96HCKP16Y2BMBKgSVGDSI/wavddg0VafRU3
B4Zxez8MdXP9o7+tok0pmOehUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFByAVVow
6id/WRESPpIWe5aWlQ1YMB8GA1UdIwQYMBaAFN9tACu8q6JQ0q5rRFTjy/1n0sfq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RFMi9EMjE4REQ1MjhF
OTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9sRFNybXRFVk9QTF9XZlN4
LW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzMyMEFLN3lyb2xEU3JtdEVWT1BMX1dmU3gtby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
M0RFMi9EMjE4REQ1MjhFOTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9s
RFNybXRFVk9QTF9XZlN4LW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAoaVirChtHWAOP4nnyAgp7FTKciWOX1Q8tspZEVugJP2aSH0X1QBWc
BilRgKI77HbsL2DZdEDhLbpkjUeAtHHNO7GROH2gbXDnRC1YT0bUR/7T9cmH8Fls
D++ZrsrIFZjQ0oPVuxoMtAk2ToCHAnbqRJNU1ULbxmfEbRODRMccM4Eq7EcqslFn
QRzIs10nHVJ3lTq/QCEL+RvmI76aL17/hIQixMQ2XT7VwCVAuTDvjh1k8cdUClVD
meKC6SBElQPxbRhzZxMh/Slu6eAJesWyLYae2t1i4K29wYEYyJhYVj63ZxmaI/QP
VKwONKCZsvUJ0UrmqqyVsOI+48LLoe8k
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:17:42 2025 by rpki-client