Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A916D2D2/FA1EE372489D11EAB40FA43FC4F9AE02/O7SZ4ReyX_b6NqRPOpqUcpYpU-w.mft
File: O7SZ4ReyX_b6NqRPOpqUcpYpU-w.mft (raw, json)
Hash identifier: YI1yLFBoGuLJ7jYOxzX/mO4RWzZeoH7pUqB8qN0jICE=
Subject key identifier: A9:52:DE:55:58:04:D3:CF:8B:A1:17:3A:05:71:3B:7C:9B:32:37:37
Authority key identifier: 3B:B4:99:E1:17:B2:5F:F6:FA:36:A4:4F:3A:9A:94:72:96:29:53:EC
Certificate issuer: /CN=A916D2D2/serialNumber=3BB499E117B25FF6FA36A44F3A9A9472962953EC
Certificate serial: 0ACE
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O7SZ4ReyX_b6NqRPOpqUcpYpU-w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A916D2D2/FA1EE372489D11EAB40FA43FC4F9AE02/O7SZ4ReyX_b6NqRPOpqUcpYpU-w.mft
Manifest number: 0AC7
Signing time: Fri 28 Mar 2025 19:39:14 +0000
Manifest this update: Fri 28 Mar 2025 19:39:13 +0000
Manifest next update: Fri 04 Apr 2025 19:39:13 +0000
Files and hashes: 1: O7SZ4ReyX_b6NqRPOpqUcpYpU-w.crl (hash: n4EYKQhzhWvvXeiw9FLPFnOs9ItkB0DeuCkh4n3dUGo=)
2: E174463E4BD411EAAD10A710C4F9AE02.roa (hash: pPxz0Xj0Q495OhV6+Bhr4ANjqSPrxc3sqmemzntEGDU=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2766 (0xace)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A916D2D2
Validity
Not Before: Mar 28 19:39:13 2025 GMT
Not After : Apr 4 19:39:13 2025 GMT
Subject: CN=67e6fae2-63e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:88:19:e6:2c:0e:72:80:48:de:b1:c1:38:91:
bf:5d:57:f1:66:e5:0c:48:34:5a:81:4e:68:d7:08:
02:f0:61:0f:03:39:98:12:5a:3a:89:f1:d4:08:75:
d2:c8:52:5f:b0:45:eb:87:47:70:61:4d:81:cb:48:
6a:fc:ca:9f:30:fe:c0:22:c1:27:77:f7:39:e1:dc:
f8:03:de:55:8f:07:3d:cc:67:f0:07:59:cc:56:bd:
54:e3:61:07:a4:0a:0d:9e:9f:9a:49:2d:fd:49:05:
30:dc:ef:64:f9:6b:90:2c:4a:3e:31:b6:91:e5:39:
f8:c0:a8:1a:d8:ea:65:e6:e9:c8:46:3e:32:43:ca:
ee:31:54:09:11:3f:15:22:9d:1b:b3:f5:62:35:5e:
46:99:b6:a0:b6:0b:c0:d5:f2:01:42:5d:ba:a8:aa:
53:87:f2:9c:53:a1:a0:29:b1:df:98:d5:14:02:f6:
bd:ed:2e:9b:8c:3a:52:4f:11:d7:37:34:d9:9d:32:
f2:94:93:55:3c:99:b6:78:83:77:0a:83:c4:37:c4:
55:64:a0:f6:be:16:d1:b2:aa:71:d5:7f:30:cb:5d:
08:b7:e1:66:4b:45:fa:02:88:48:35:16:db:95:9b:
1b:bb:1f:fd:3e:be:fb:0b:c3:62:70:e4:32:ab:fd:
1f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:52:DE:55:58:04:D3:CF:8B:A1:17:3A:05:71:3B:7C:9B:32:37:37
X509v3 Authority Key Identifier:
keyid:3B:B4:99:E1:17:B2:5F:F6:FA:36:A4:4F:3A:9A:94:72:96:29:53:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A916D2D2/FA1EE372489D11EAB40FA43FC4F9AE02/O7SZ4ReyX_b6NqRPOpqUcpYpU-w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/O7SZ4ReyX_b6NqRPOpqUcpYpU-w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D2D2/FA1EE372489D11EAB40FA43FC4F9AE02/O7SZ4ReyX_b6NqRPOpqUcpYpU-w.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
c6:9a:dd:45:82:f1:16:5a:3a:01:71:ba:89:8c:62:df:4d:e6:
00:b2:8b:b5:37:ed:56:c0:65:d8:bd:f7:d7:61:48:87:41:20:
09:1b:1e:77:95:5d:b7:8b:3c:94:7a:54:bc:ba:a2:8b:8c:4c:
0d:1f:83:73:db:48:cf:ce:2c:06:7b:0e:da:c3:19:7b:cd:45:
b3:fc:8b:e1:e7:89:99:71:9b:37:4d:15:65:11:4b:56:5f:cc:
44:e6:3b:3b:fe:b0:c5:3c:68:17:52:e1:1a:0a:8b:ba:68:c9:
46:14:07:9c:41:b0:b1:72:cd:65:cf:4a:36:db:ab:7c:6d:0d:
ba:82:e8:e2:2a:79:14:b7:70:04:1a:8a:a9:3e:b5:ac:ef:3f:
d2:bf:90:30:f0:ab:a2:eb:4b:dc:4f:77:15:8c:82:6b:35:04:
5b:64:4f:e1:c3:d0:85:8d:6c:d1:ed:78:f0:78:3b:c6:6a:f3:
bf:35:95:a6:fc:b8:33:a6:8d:50:8e:0d:c1:86:80:fe:69:d0:
e3:14:37:f6:ef:03:b5:8d:1b:79:53:ff:e7:b7:e3:e8:9f:97:
25:f1:42:7b:85:e1:ca:d9:a4:25:98:8f:3c:f2:12:53:36:2e:
98:07:4a:77:e9:c6:4d:31:1b:ec:23:94:b5:99:65:59:5d:37:
6f:d3:45:f1
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCs4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQyRDIxMTAvBgNVBAUTKDNCQjQ5OUUxMTdCMjVGRjZGQTM2QTQ0RjNBOUE5NDcy
OTYyOTUzRUMwHhcNMjUwMzI4MTkzOTEzWhcNMjUwNDA0MTkzOTEzWjAYMRYwFAYD
VQQDEw02N2U2ZmFlMi02M2U0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4ogZ5iwOcoBI3rHBOJG/XVfxZuUMSDRagU5o1wgC8GEPAzmYElo6ifHUCHXS
yFJfsEXrh0dwYU2By0hq/MqfMP7AIsEnd/c54dz4A95Vjwc9zGfwB1nMVr1U42EH
pAoNnp+aSS39SQUw3O9k+WuQLEo+MbaR5Tn4wKga2Opl5unIRj4yQ8ruMVQJET8V
Ip0bs/ViNV5GmbagtgvA1fIBQl26qKpTh/KcU6GgKbHfmNUUAva97S6bjDpSTxHX
NzTZnTLylJNVPJm2eIN3CoPEN8RVZKD2vhbRsqpx1X8wy10It+FmS0X6AohINRbb
lZsbux/9Pr77C8NicOQyq/0fJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKlS3lVY
BNPPi6EXOgVxO3ybMjc3MB8GA1UdIwQYMBaAFDu0meEXsl/2+jakTzqalHKWKVPs
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDJEMi9GQTFFRTM3MjQ4
OUQxMUVBQjQwRkE0M0ZDNEY5QUUwMi9PN1NaNFJleVhfYjZOcVJQT3BxVWNwWXBV
LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL083U1o0UmV5WF9iNk5xUlBPcHFVY3BZcFUtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2
RDJEMi9GQTFFRTM3MjQ4OUQxMUVBQjQwRkE0M0ZDNEY5QUUwMi9PN1NaNFJleVhf
YjZOcVJQT3BxVWNwWXBVLXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQDGmt1FgvEWWjoBcbqJjGLfTeYAsou1N+1WwGXYvffXYUiHQSAJGx53
lV23izyUelS8uqKLjEwNH4Nz20jPziwGew7awxl7zUWz/Ivh54mZcZs3TRVlEUtW
X8xE5js7/rDFPGgXUuEaCou6aMlGFAecQbCxcs1lz0o226t8bQ26gujiKnkUt3AE
GoqpPrWs7z/Sv5Aw8Kui60vcT3cVjIJrNQRbZE/hw9CFjWzR7XjweDvGavO/NZWm
/Lgzpo1Qjg3BhoD+adDjFDf27wO1jRt5U//nt+Pon5cl8UJ7heHK2aQlmI888hJT
Ni6YB0p36cZNMRvsI5S1mWVZXTdv00Xx
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:45:36 2025 by rpki-client