Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/-KpwkWtspYPANj63qaX38mJ9c2A.mft
File: -KpwkWtspYPANj63qaX38mJ9c2A.mft (raw, json)
Hash identifier: UWyxKnz7Ud+vfAtuuAJdXM6FS3Ltr1+Hh0uLxeIJNnw=
Subject key identifier: CB:DE:A0:CF:2D:3E:C3:4C:B2:FC:3E:D3:10:36:FA:3C:67:37:48:28
Authority key identifier: F8:AA:70:91:6B:6C:A5:83:C0:36:3E:B7:A9:A5:F7:F2:62:7D:73:60
Certificate issuer: /CN=A915EE53/serialNumber=F8AA70916B6CA583C0363EB7A9A5F7F2627D7360
Certificate serial: 261B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-KpwkWtspYPANj63qaX38mJ9c2A.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/-KpwkWtspYPANj63qaX38mJ9c2A.mft
Manifest number: 251D
Signing time: Fri 28 Mar 2025 15:52:23 +0000
Manifest this update: Fri 28 Mar 2025 15:52:22 +0000
Manifest next update: Fri 04 Apr 2025 15:52:22 +0000
Files and hashes: 1: -KpwkWtspYPANj63qaX38mJ9c2A.crl (hash: EQXCeVHTPDSIYNP05PwNIr41vfezd4ntkgZyJNacbkg=)
2: 9DBB8670790211EC9EE24885C4F9AE02.roa (hash: ZeH6ECuQSQ7jbEvsw/ti8Ne5hW6qGOm2ObSN2ziSRtc=)
3: 5CCAC7F8528C11ECB6101B10C4F9AE02.roa (hash: 1dZ/PYF2y/rA4g03VyVZaVZy6CLwb/t5eX6QNNHBKU4=)
4: 86D13B7E571C11EC81276481C4F9AE02.roa (hash: /OIV93XTmaqNcQdoy+u+KBTNCx5sq1KiAVNHrTFDsPk=)
5: 63C97CBAC49E11EBAC936D7AC4F9AE02.roa (hash: Iw9+JOdav50YSnSQXp9Mgjc+tFnSJTCmgJVv03j+03E=)
6: CFF5A20078E011EC8357FA15C4F9AE02.roa (hash: a8WMRrKXqOWpbHlU3tbV4FzyKQszu4zB5F1ouGdfBCA=)
7: 15812F82C4A111EBAE6C7F49C4F9AE02.roa (hash: 3xgwAlFAD++SNOBnqBO1zaeR1ssuXDrrYrvWI6Sll60=)
8: 6E042EFCABF011EC92152E22C4F9AE02.roa (hash: ffEWhmrNXjBc0Nb4WuWVQZiVVzyHTO8bmJ3skIR6GwI=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9755 (0x261b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A915EE53
Validity
Not Before: Mar 28 15:52:22 2025 GMT
Not After : Apr 4 15:52:22 2025 GMT
Subject: CN=67e6c5b6-becd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e1:b5:c1:47:28:54:23:b8:7b:4b:5e:5a:28:
55:47:0d:b7:3f:2c:1d:65:30:a3:bc:91:2a:90:46:
9c:47:c1:b2:3b:df:da:09:de:74:85:9f:2a:91:9a:
9b:c1:af:ed:34:25:b5:59:fd:71:18:b4:c1:e3:a4:
7d:14:99:d5:77:d5:78:ea:51:aa:26:51:1e:e7:35:
92:5a:b3:76:b4:14:99:47:c5:8e:d6:e4:3a:ea:81:
27:67:d7:50:ea:10:7b:45:14:58:96:62:d3:9b:38:
a5:b9:3d:ae:f1:8c:4e:98:ce:71:4c:ff:21:46:e2:
f9:00:ce:7f:85:e5:e3:49:45:70:db:80:1e:36:4b:
7c:05:28:ef:1d:07:1e:8f:e1:d8:08:df:41:ea:39:
27:67:be:d9:03:2e:f1:da:4d:dd:05:54:59:f6:92:
62:00:c1:87:a6:36:5e:c6:11:c5:9c:3d:9f:da:22:
80:44:d6:77:a2:9c:a2:e9:7b:34:1b:ca:33:95:26:
d5:76:cb:75:e1:6c:b5:a0:c3:3e:51:85:80:23:dc:
c8:b7:d6:11:c4:2a:e5:a7:f0:d8:00:23:eb:0c:b9:
84:c7:5f:61:0f:3a:28:dd:6f:04:f1:f4:27:7c:b1:
73:1c:92:8d:31:90:e3:44:22:a7:94:1b:4a:e7:29:
d3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:DE:A0:CF:2D:3E:C3:4C:B2:FC:3E:D3:10:36:FA:3C:67:37:48:28
X509v3 Authority Key Identifier:
keyid:F8:AA:70:91:6B:6C:A5:83:C0:36:3E:B7:A9:A5:F7:F2:62:7D:73:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/-KpwkWtspYPANj63qaX38mJ9c2A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-KpwkWtspYPANj63qaX38mJ9c2A.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EE53/38511840458811E59B2D8371C4F9AE02/-KpwkWtspYPANj63qaX38mJ9c2A.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
23:c0:31:b2:3d:1d:30:fb:ad:31:6b:be:7b:47:a2:26:e3:79:
e8:e8:f9:b6:85:af:00:55:88:dc:d8:ac:64:51:4f:41:74:34:
55:64:5a:3a:32:f8:a9:a0:c0:bb:d8:e6:9b:95:e9:48:0d:6f:
a0:4d:c1:91:bc:0b:44:ef:cf:f8:3e:91:21:eb:25:a3:af:e8:
03:6e:0b:cd:cc:9c:95:c5:ae:cf:ef:e9:15:cc:14:08:93:52:
6b:9b:4a:41:a2:11:88:07:9e:d2:8b:c6:9d:62:02:09:c1:44:
89:bc:03:27:2f:e2:f9:dc:fb:7b:17:2b:d1:55:88:9b:67:e9:
e1:7f:5e:d0:d5:ea:f4:87:9b:1c:18:9c:7b:e9:75:af:f3:44:
f7:1c:de:52:e7:94:d8:8b:bd:36:58:1e:c2:05:ef:6d:e1:08:
5c:5f:78:a8:94:d6:54:72:e8:3b:d5:93:d3:71:d8:73:0c:26:
06:0c:75:22:a7:cc:5a:c2:b4:1a:d0:21:7a:2c:ef:56:6c:03:
46:be:44:59:48:ce:3b:83:6b:14:35:98:60:92:d9:07:50:ae:
5d:36:e2:63:fa:3d:62:b4:86:68:5c:eb:f1:fa:01:26:88:cf:
7e:da:1c:67:b7:09:86:62:9c:14:11:06:05:b4:bb:41:a6:9c:
b3:48:f1:a3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICJhswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NUVFNTMxMTAvBgNVBAUTKEY4QUE3MDkxNkI2Q0E1ODNDMDM2M0VCN0E5QTVGN0Yy
NjI3RDczNjAwHhcNMjUwMzI4MTU1MjIyWhcNMjUwNDA0MTU1MjIyWjAYMRYwFAYD
VQQDEw02N2U2YzViNi1iZWNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAoOG1wUcoVCO4e0teWihVRw23PywdZTCjvJEqkEacR8GyO9/aCd50hZ8qkZqb
wa/tNCW1Wf1xGLTB46R9FJnVd9V46lGqJlEe5zWSWrN2tBSZR8WO1uQ66oEnZ9dQ
6hB7RRRYlmLTmziluT2u8YxOmM5xTP8hRuL5AM5/heXjSUVw24AeNkt8BSjvHQce
j+HYCN9B6jknZ77ZAy7x2k3dBVRZ9pJiAMGHpjZexhHFnD2f2iKARNZ3opyi6Xs0
G8ozlSbVdst14Wy1oMM+UYWAI9zIt9YRxCrlp/DYACPrDLmEx19hDzoo3W8E8fQn
fLFzHJKNMZDjRCKnlBtK5ynThQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMveoM8t
PsNMsvw+0xA2+jxnN0goMB8GA1UdIwQYMBaAFPiqcJFrbKWDwDY+t6ml9/JifXNg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUU1My8zODUxMTg0MDQ1
ODgxMUU1OUIyRDgzNzFDNEY5QUUwMi8tS3B3a1d0c3BZUEFOajYzcWFYMzhtSjlj
MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1LcHdrV3RzcFlQQU5qNjNxYVgzOG1KOWMyQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1
RUU1My8zODUxMTg0MDQ1ODgxMUU1OUIyRDgzNzFDNEY5QUUwMi8tS3B3a1d0c3BZ
UEFOajYzcWFYMzhtSjljMkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAjwDGyPR0w+60xa757R6Im43no6Pm2ha8AVYjc2KxkUU9BdDRVZFo6
MvipoMC72OablelIDW+gTcGRvAtE78/4PpEh6yWjr+gDbgvNzJyVxa7P7+kVzBQI
k1Jrm0pBohGIB57Si8adYgIJwUSJvAMnL+L53Pt7FyvRVYibZ+nhf17Q1er0h5sc
GJx76XWv80T3HN5S55TYi702WB7CBe9t4QhcX3iolNZUcug71ZPTcdhzDCYGDHUi
p8xawrQa0CF6LO9WbANGvkRZSM47g2sUNZhgktkHUK5dNuJj+j1itIZoXOvx+gEm
iM9+2hxntwmGYpwUEQYFtLtBppyzSPGj
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:44:13 2025 by rpki-client