Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.mft
File: I3BNWS9XUJ7c5aSte97tz3vbrOQ.mft (raw, json)
Hash identifier: likQxpRF/vM80rx7MSBFGMG8xPUNnp68i8Ex2PYTs0g=
Subject key identifier: 20:40:2F:55:5C:7C:2B:6F:B8:31:BF:6B:9A:5B:02:62:04:C5:33:D7
Authority key identifier: 23:70:4D:59:2F:57:50:9E:DC:E5:A4:AD:7B:DE:ED:CF:7B:DB:AC:E4
Certificate issuer: /CN=A9146A72/serialNumber=23704D592F57509EDCE5A4AD7BDEEDCF7BDBACE4
Certificate serial: 2D5D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3BNWS9XUJ7c5aSte97tz3vbrOQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.mft
Manifest number: 2D42
Signing time: Fri 28 Mar 2025 15:36:32 +0000
Manifest this update: Fri 28 Mar 2025 15:36:32 +0000
Manifest next update: Fri 04 Apr 2025 15:36:31 +0000
Files and hashes: 1: I3BNWS9XUJ7c5aSte97tz3vbrOQ.crl (hash: CONV4XN0OoGh15vxu36/0doccE1W/mNqSpqkb3VS6Xo=)
2: 3635C928CE3811EF878F6569C4F9AE02.roa (hash: qYH+0NoYqUVH/kICTwmC5FSWgYMcanxVuKqTuwnMQdk=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11613 (0x2d5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9146A72
Validity
Not Before: Mar 28 15:36:32 2025 GMT
Not After : Apr 4 15:36:31 2025 GMT
Subject: CN=67e6c200-564e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fb:51:7f:99:cb:1d:82:a3:8b:ea:56:82:58:
0e:a2:1b:8c:a3:a9:b3:d9:c1:b6:87:ec:c8:fa:2d:
a0:ac:18:e7:81:f8:b5:5a:35:b1:0e:f5:10:8a:eb:
00:8b:d0:01:b3:bd:48:7c:24:91:60:99:de:a9:33:
1b:0f:41:75:5a:6b:d4:f7:4d:bf:9d:cf:6f:a8:93:
c4:99:d8:c5:44:9a:d6:5f:7e:c7:63:fb:45:9b:21:
7d:92:10:47:d3:a5:ca:26:73:b5:3a:ff:1d:f2:c9:
a0:63:a0:b5:e7:0e:bc:b8:ac:4e:c2:08:38:fe:59:
90:8e:be:6a:bc:9d:9c:55:dd:6c:19:14:5d:d8:54:
be:bc:3a:45:bd:1c:b2:10:c3:7c:45:c3:e2:1e:67:
3a:23:10:3a:ce:44:0c:12:9b:43:19:de:5c:dc:81:
26:d0:37:93:00:61:a0:ef:4b:e6:64:bd:08:fb:4c:
6f:0b:ee:ad:84:b1:bb:79:23:0e:08:88:65:32:08:
f2:b5:1e:1e:83:30:82:56:d1:9e:f1:9c:c5:78:09:
6e:e9:d8:6d:4f:3a:06:4b:84:c2:fd:57:3c:56:d8:
5a:9c:36:4c:3b:91:4e:ec:82:70:53:cf:87:ea:9d:
b3:f4:bc:95:65:d7:eb:5d:df:8d:af:e2:7a:b4:09:
3d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:40:2F:55:5C:7C:2B:6F:B8:31:BF:6B:9A:5B:02:62:04:C5:33:D7
X509v3 Authority Key Identifier:
keyid:23:70:4D:59:2F:57:50:9E:DC:E5:A4:AD:7B:DE:ED:CF:7B:DB:AC:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3BNWS9XUJ7c5aSte97tz3vbrOQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9146A72/05C891DA89ED11E386916EA55911EA32/I3BNWS9XUJ7c5aSte97tz3vbrOQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
b6:eb:44:c2:9e:70:d5:23:2d:ed:ce:e5:b5:c4:c4:9b:41:69:
2f:55:15:c1:ad:ad:dc:d2:8c:0c:ab:55:31:d9:1c:dc:b7:a4:
72:ea:d0:63:8b:a2:a2:31:29:24:44:d8:de:8a:62:6f:c9:6a:
24:ea:20:f3:04:45:27:d2:1c:b5:97:a1:3f:a9:63:55:cc:83:
bd:e7:b2:9a:f8:7d:b1:36:9d:c4:75:97:f4:d0:0c:76:8e:86:
4e:02:56:bc:45:85:59:b3:0e:8b:7e:4c:a1:f0:34:d2:b0:db:
82:53:a1:25:07:c2:f5:00:66:fb:19:fe:49:8a:43:f1:b2:97:
5d:3e:31:aa:8c:ab:d0:79:e0:5e:b0:7e:f1:d0:c9:cc:bc:de:
e5:c2:81:f3:c4:b9:e5:2c:ac:78:c6:e3:7c:ed:f0:c1:8a:9f:
f2:40:7c:54:ec:04:8d:71:b3:af:ce:85:ee:a9:07:d9:bd:cf:
9f:88:8c:5d:25:e3:1c:6f:e0:3e:1b:84:f3:d1:ca:1e:bd:e6:
85:74:f2:65:40:73:d6:78:de:6e:2d:90:68:8f:47:8d:ec:07:
2c:c8:99:b4:4e:2a:c1:d4:47:39:9f:4f:a6:17:54:87:7c:72:
bb:b5:56:63:2a:66:36:dc:f8:ff:e6:da:84:7f:3b:94:42:49:
fb:ae:8d:54
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICLV0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDZBNzIxMTAvBgNVBAUTKDIzNzA0RDU5MkY1NzUwOUVEQ0U1QTRBRDdCREVFRENG
N0JEQkFDRTQwHhcNMjUwMzI4MTUzNjMyWhcNMjUwNDA0MTUzNjMxWjAYMRYwFAYD
VQQDEw02N2U2YzIwMC01NjRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvvtRf5nLHYKji+pWglgOohuMo6mz2cG2h+zI+i2grBjngfi1WjWxDvUQiusA
i9ABs71IfCSRYJneqTMbD0F1WmvU902/nc9vqJPEmdjFRJrWX37HY/tFmyF9khBH
06XKJnO1Ov8d8smgY6C15w68uKxOwgg4/lmQjr5qvJ2cVd1sGRRd2FS+vDpFvRyy
EMN8RcPiHmc6IxA6zkQMEptDGd5c3IEm0DeTAGGg70vmZL0I+0xvC+6thLG7eSMO
CIhlMgjytR4egzCCVtGe8ZzFeAlu6dhtTzoGS4TC/Vc8VthanDZMO5FO7IJwU8+H
6p2z9LyVZdfrXd+Nr+J6tAk9iwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCBAL1Vc
fCtvuDG/a5pbAmIExTPXMB8GA1UdIwQYMBaAFCNwTVkvV1Ce3OWkrXve7c9726zk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NkE3Mi8wNUM4OTFEQTg5
RUQxMUUzODY5MTZFQTU1OTExRUEzMi9JM0JOV1M5WFVKN2M1YVN0ZTk3dHozdmJy
T1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0kzQk5XUzlYVUo3YzVhU3RlOTd0ejN2YnJPUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
NkE3Mi8wNUM4OTFEQTg5RUQxMUUzODY5MTZFQTU1OTExRUEzMi9JM0JOV1M5WFVK
N2M1YVN0ZTk3dHozdmJyT1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQC260TCnnDVIy3tzuW1xMSbQWkvVRXBra3c0owMq1Ux2Rzct6Ry6tBj
i6KiMSkkRNjeimJvyWok6iDzBEUn0hy1l6E/qWNVzIO957Ka+H2xNp3EdZf00Ax2
joZOAla8RYVZsw6Lfkyh8DTSsNuCU6ElB8L1AGb7Gf5JikPxspddPjGqjKvQeeBe
sH7x0MnMvN7lwoHzxLnlLKx4xuN87fDBip/yQHxU7ASNcbOvzoXuqQfZvc+fiIxd
JeMcb+A+G4Tz0coeveaFdPJlQHPWeN5uLZBoj0eN7AcsyJm0TirB1Ec5n0+mF1SH
fHK7tVZjKmY23Pj/5tqEfzuUQkn7ro1U
-----END CERTIFICATE-----
Generated at Thu Apr 10 17:01:18 2025 by rpki-client