Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft
File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json)
Hash identifier: HsVaEHXqJwmoxOcIKcrZyloC0VQUjDKcjz0RO8kjQj4=
Subject key identifier: DE:5F:CC:43:FE:81:2A:7E:AE:7D:E1:3B:AB:F3:53:F0:14:DF:03:A1
Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48
Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948
Certificate serial: 0D98
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft
Manifest number: 0D7C
Signing time: Fri 28 Mar 2025 18:07:40 +0000
Manifest this update: Fri 28 Mar 2025 18:07:39 +0000
Manifest next update: Fri 04 Apr 2025 18:07:39 +0000
Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: kCdbi/2Q1UHJ5gcnyT0BE8uHfOVsxCYLawWyt8ZJzsE=)
2: 757320342E4011EEBC464879C4F9AE02.roa (hash: F8kcefS3I97Fp9Z0ACrQ84pOuyd0pejyLJ6D0xqjqYQ=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3480 (0xd98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A914F521
Validity
Not Before: Mar 28 18:07:39 2025 GMT
Not After : Apr 4 18:07:39 2025 GMT
Subject: CN=67e6e56b-04c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fd:66:ed:3f:24:e6:a1:69:3d:9d:24:4f:8f:
72:ed:0d:e2:87:80:62:cf:56:38:c0:de:45:59:df:
1d:7d:cd:ef:56:42:24:07:c5:7d:85:79:c0:24:5c:
9e:e8:25:91:2b:05:7e:dc:29:3f:f9:fb:bf:70:e9:
ea:3f:85:0e:1f:30:97:e6:af:4c:dc:8e:96:06:fa:
80:19:2d:15:7b:16:9f:29:8b:8c:a2:49:e3:f2:cf:
c1:f4:d0:87:83:df:0f:06:3f:e7:e7:dd:1b:9a:03:
b0:fe:52:cd:36:44:18:0c:78:b3:8b:ee:a7:c0:87:
9b:4e:ff:61:37:69:d9:37:4d:d4:b7:f5:a5:2d:f4:
66:97:17:d7:b3:d8:06:aa:a0:6d:2f:5b:dd:24:df:
ac:e6:15:4b:e6:c5:69:37:62:ac:68:1f:c9:e3:3c:
20:bf:ed:c9:1c:71:29:6e:5c:c0:e9:ae:4e:81:75:
db:55:a7:c9:81:5f:92:0a:3c:e8:78:2d:1e:f0:28:
27:5d:1d:d3:73:72:6f:b9:c0:75:dd:d8:08:86:60:
b8:30:5a:c8:e4:5d:20:61:00:05:86:71:ac:97:e8:
29:d1:98:0e:98:04:2d:1c:1b:0f:1c:3a:76:aa:ad:
ed:b1:d4:21:47:0b:5d:bb:91:05:be:f9:d5:45:5d:
55:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:5F:CC:43:FE:81:2A:7E:AE:7D:E1:3B:AB:F3:53:F0:14:DF:03:A1
X509v3 Authority Key Identifier:
keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
80:e6:03:88:32:bd:12:b3:d0:61:8d:05:7f:58:bf:dd:26:a3:
dc:15:d1:8d:e7:2a:58:84:13:ee:c4:d1:10:5a:bf:c4:7d:c5:
77:94:66:4f:04:e6:3d:53:29:0f:46:1e:21:29:0e:e1:2f:a4:
28:bb:f8:1e:9b:27:df:82:f0:8e:be:d3:0f:06:f4:ce:cb:56:
36:94:6d:bb:d3:ad:3b:50:94:8b:92:ec:cc:4b:b7:4f:7d:27:
93:6d:84:32:e1:bb:01:ff:bf:9b:d9:6e:03:cf:e2:af:28:fd:
79:2c:2a:85:8b:54:26:b9:e0:c6:fc:4a:9a:31:61:1b:0e:bd:
8e:57:40:ea:05:e8:10:6c:8e:6d:06:c6:42:8d:0a:b4:d7:10:
d9:a1:1f:07:3e:05:2e:0d:24:a4:85:0a:4f:be:4b:4d:cd:ab:
5d:e3:e4:0f:5a:67:85:77:8b:af:02:e5:c6:f7:8f:c6:98:34:
de:cb:ab:1a:3f:f0:39:ca:85:96:e4:eb:75:6f:9d:98:87:3c:
7d:ea:df:36:5d:08:6d:ff:41:02:93:88:86:a9:14:c5:4b:76:
76:0e:17:7e:9f:c7:1c:a4:99:e1:f6:ba:e6:ab:e5:a3:b5:8f:
72:54:f7:47:6e:a5:1f:4b:19:c5:87:7c:d4:58:5a:cd:cc:26:
99:de:4e:80
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDZgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1
MDc5N0M5NDgwHhcNMjUwMzI4MTgwNzM5WhcNMjUwNDA0MTgwNzM5WjAYMRYwFAYD
VQQDEw02N2U2ZTU2Yi0wNGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu/1m7T8k5qFpPZ0kT49y7Q3ih4Biz1Y4wN5FWd8dfc3vVkIkB8V9hXnAJFye
6CWRKwV+3Ck/+fu/cOnqP4UOHzCX5q9M3I6WBvqAGS0VexafKYuMoknj8s/B9NCH
g98PBj/n590bmgOw/lLNNkQYDHizi+6nwIebTv9hN2nZN03Ut/WlLfRmlxfXs9gG
qqBtL1vdJN+s5hVL5sVpN2KsaB/J4zwgv+3JHHEpblzA6a5OgXXbVafJgV+SCjzo
eC0e8CgnXR3Tc3JvucB13dgIhmC4MFrI5F0gYQAFhnGsl+gp0ZgOmAQtHBsPHDp2
qq3tsdQhRwtdu5EFvvnVRV1V8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN5fzEP+
gSp+rn3hO6vzU/AU3wOhMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2
N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5
VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0
RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX
S255b1hqNmVqZmRRZVh5VWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCA5gOIMr0Ss9BhjQV/WL/dJqPcFdGN5ypYhBPuxNEQWr/EfcV3lGZP
BOY9UykPRh4hKQ7hL6Qou/gemyffgvCOvtMPBvTOy1Y2lG270607UJSLkuzMS7dP
fSeTbYQy4bsB/7+b2W4Dz+KvKP15LCqFi1QmueDG/EqaMWEbDr2OV0DqBegQbI5t
BsZCjQq01xDZoR8HPgUuDSSkhQpPvktNzatd4+QPWmeFd4uvAuXG94/GmDTey6sa
P/A5yoWW5Ot1b52Yhzx96t82XQht/0ECk4iGqRTFS3Z2Dhd+n8ccpJnh9rrmq+Wj
tY9yVPdHbqUfSxnFh3zUWFrNzCaZ3k6A
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:40:09 2025 by rpki-client