Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.mft
File: 3jE8s1zQdq_lw3ePBeXKFc8zevk.mft (raw, json)
Hash identifier: dIs6xs88OBUzxfn9X7zz9PLYQwZcz2A8r+gor5dt7P8=
Subject key identifier: 76:1F:96:DF:87:D4:3E:7A:D6:AC:CE:F3:AE:59:20:3B:4D:D0:C2:1C
Authority key identifier: DE:31:3C:B3:5C:D0:76:AF:E5:C3:77:8F:05:E5:CA:15:CF:33:7A:F9
Certificate issuer: /CN=A9148AC4/serialNumber=DE313CB35CD076AFE5C3778F05E5CA15CF337AF9
Certificate serial: 2C90
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3jE8s1zQdq_lw3ePBeXKFc8zevk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.mft
Manifest number: 2C7B
Signing time: Fri 28 Mar 2025 15:37:46 +0000
Manifest this update: Fri 28 Mar 2025 15:37:45 +0000
Manifest next update: Fri 04 Apr 2025 15:37:45 +0000
Files and hashes: 1: 3jE8s1zQdq_lw3ePBeXKFc8zevk.crl (hash: LZs82DhCGo4UPbAmnA83DX68yxTUUskFCjjDEh4TqAc=)
2: E33945D6B0ED11E5B7779F44C4F9AE02.roa (hash: skjzRKV2yiK6mRZi2jO6tjX3v0zfq/yBAWOKemHERmE=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11408 (0x2c90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9148AC4
Validity
Not Before: Mar 28 15:37:45 2025 GMT
Not After : Apr 4 15:37:45 2025 GMT
Subject: CN=67e6c249-ba00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b8:fe:6a:36:65:6b:f5:0b:13:9c:1f:6f:c4:
9c:44:88:d6:3e:14:9a:27:4f:13:a0:cf:ab:8d:5d:
f2:29:a3:49:c6:2b:21:d2:86:f4:1a:36:aa:6a:68:
73:ef:49:d7:64:ea:f1:48:b0:27:36:60:08:b4:dc:
27:51:22:f5:27:24:4d:45:bd:61:f0:a8:94:8a:bf:
e7:df:98:1a:45:de:1b:9a:37:a8:fa:6c:96:79:41:
6f:09:f1:1f:a7:f0:40:44:1d:7f:12:e9:3b:67:d0:
c6:a0:36:94:74:ea:17:9d:54:16:d9:8d:ab:ed:09:
90:04:21:82:ec:cf:cf:25:a8:68:ec:b0:ab:88:70:
32:96:df:c9:33:b1:14:b1:b1:04:a6:cb:9b:dc:46:
02:99:0b:2d:c1:71:32:f2:45:a0:35:dd:2b:cb:ab:
5e:2d:8e:f9:cf:a8:e4:80:e0:c1:5d:7f:7e:c2:be:
2f:2d:c6:92:e2:81:3e:b6:23:22:e2:17:19:e3:d0:
71:56:8d:07:3a:ae:44:fe:4f:1e:1d:7f:52:65:b9:
07:47:0a:fb:22:d2:05:17:a1:77:55:e7:a5:c0:3a:
69:dd:b6:d1:89:bf:c0:5b:34:60:5d:3f:d5:84:4b:
38:37:b7:19:a3:90:ed:17:b2:11:91:9f:b1:4a:e0:
c5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:1F:96:DF:87:D4:3E:7A:D6:AC:CE:F3:AE:59:20:3B:4D:D0:C2:1C
X509v3 Authority Key Identifier:
keyid:DE:31:3C:B3:5C:D0:76:AF:E5:C3:77:8F:05:E5:CA:15:CF:33:7A:F9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3jE8s1zQdq_lw3ePBeXKFc8zevk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148AC4/206BC86CAE6A11E39379D5505911EA32/3jE8s1zQdq_lw3ePBeXKFc8zevk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
16:93:aa:a6:da:45:7a:6d:5d:83:69:39:ff:2f:00:83:40:1f:
fb:a4:57:14:7b:62:59:2e:53:ed:e8:a2:79:17:b8:c9:ae:59:
7e:88:90:2a:aa:35:1a:ab:a2:8c:94:7a:c5:55:39:c2:e2:98:
35:35:ca:19:18:80:99:5b:d2:4c:4a:ae:80:f1:04:40:18:f4:
47:86:d6:43:4c:7a:52:52:46:30:9c:a6:73:1a:84:2b:fa:01:
a2:5f:85:4e:f1:0c:9f:93:ea:ee:e0:74:3e:f4:ec:67:a5:93:
fd:99:4b:89:26:22:74:13:d1:b5:da:52:36:a8:e2:62:fa:d2:
ad:a5:a7:5d:aa:4e:60:86:74:ae:39:e4:16:69:90:75:6a:65:
fc:22:30:91:ce:88:2a:e0:08:39:b0:87:03:f6:04:06:ab:ea:
6a:55:43:80:03:44:10:fe:fb:89:3d:9e:c7:a2:71:b2:7b:b4:
ef:32:b3:23:78:d6:7e:32:ce:bf:3f:e8:ed:0a:2b:09:43:0e:
a2:a2:09:85:3a:dc:0b:13:db:6c:3a:d3:99:f0:20:e0:ea:66:
68:fb:2c:27:4c:35:da:1a:12:b9:b7:17:69:57:8a:10:ee:e1:
d7:63:62:b8:12:0e:d5:6b:c5:da:73:a0:a2:61:1a:7b:ca:52:
e1:7a:6a:84
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICLJAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDhBQzQxMTAvBgNVBAUTKERFMzEzQ0IzNUNEMDc2QUZFNUMzNzc4RjA1RTVDQTE1
Q0YzMzdBRjkwHhcNMjUwMzI4MTUzNzQ1WhcNMjUwNDA0MTUzNzQ1WjAYMRYwFAYD
VQQDEw02N2U2YzI0OS1iYTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAp7j+ajZla/ULE5wfb8ScRIjWPhSaJ08ToM+rjV3yKaNJxish0ob0Gjaqamhz
70nXZOrxSLAnNmAItNwnUSL1JyRNRb1h8KiUir/n35gaRd4bmjeo+myWeUFvCfEf
p/BARB1/Euk7Z9DGoDaUdOoXnVQW2Y2r7QmQBCGC7M/PJaho7LCriHAylt/JM7EU
sbEEpsub3EYCmQstwXEy8kWgNd0ry6teLY75z6jkgODBXX9+wr4vLcaS4oE+tiMi
4hcZ49BxVo0HOq5E/k8eHX9SZbkHRwr7ItIFF6F3VeelwDpp3bbRib/AWzRgXT/V
hEs4N7cZo5DtF7IRkZ+xSuDF5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHYflt+H
1D561qzO865ZIDtN0MIcMB8GA1UdIwQYMBaAFN4xPLNc0Hav5cN3jwXlyhXPM3r5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEFDNC8yMDZCQzg2Q0FF
NkExMUUzOTM3OUQ1NTA1OTExRUEzMi8zakU4czF6UWRxX2x3M2VQQmVYS0ZjOHpl
dmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNqRThzMXpRZHFfbHczZVBCZVhLRmM4emV2ay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
OEFDNC8yMDZCQzg2Q0FFNkExMUUzOTM3OUQ1NTA1OTExRUEzMi8zakU4czF6UWRx
X2x3M2VQQmVYS0ZjOHpldmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAWk6qm2kV6bV2DaTn/LwCDQB/7pFcUe2JZLlPt6KJ5F7jJrll+iJAq
qjUaq6KMlHrFVTnC4pg1NcoZGICZW9JMSq6A8QRAGPRHhtZDTHpSUkYwnKZzGoQr
+gGiX4VO8Qyfk+ru4HQ+9OxnpZP9mUuJJiJ0E9G12lI2qOJi+tKtpaddqk5ghnSu
OeQWaZB1amX8IjCRzogq4Ag5sIcD9gQGq+pqVUOAA0QQ/vuJPZ7HonGye7TvMrMj
eNZ+Ms6/P+jtCisJQw6iogmFOtwLE9tsOtOZ8CDg6mZo+ywnTDXaGhK5txdpV4oQ
7uHXY2K4Eg7Va8Xac6CiYRp7ylLhemqE
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:07:09 2025 by rpki-client