Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft
File: AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft (raw, json)
Hash identifier: sSl7Vms/dKVfDlyn07r0NehvHq8IspotUBaZpYQ0x9Q=
Subject key identifier: 76:75:B4:F5:78:A7:11:20:C5:FA:4F:5A:F6:1A:8F:3E:29:26:4E:39
Authority key identifier: 00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4
Certificate issuer: /CN=A9170DF0/serialNumber=0008E2EEBE6C55F2594949A477F8677BFF4A7FE4
Certificate serial: 0135
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft
Manifest number: 0133
Signing time: Sat 29 Mar 2025 03:55:23 +0000
Manifest this update: Sat 29 Mar 2025 03:55:23 +0000
Manifest next update: Sat 05 Apr 2025 03:55:23 +0000
Files and hashes: 1: AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl (hash: evciBMSO/+Cq9+oD7YGNSkdhIJyb3g5/uYuW7LLQad0=)
2: B022AC18368811EEB1BFE56AC4F9AE02.roa (hash: z6BHSk4cb9I8/kB9JR0TRRNQXU/qOZQ+pN/Lst+leW4=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 309 (0x135)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170DF0
Validity
Not Before: Mar 29 03:55:23 2025 GMT
Not After : Apr 5 03:55:23 2025 GMT
Subject: CN=67e76f2b-bc15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ee:54:67:47:ae:cc:8a:2e:28:f4:a1:7b:43:
19:20:df:63:53:ed:e3:63:f6:2a:bb:ec:9c:7d:ec:
94:1c:d6:67:a1:a7:75:27:21:ab:cc:46:4c:74:ab:
c1:74:cf:f6:31:5a:8e:3e:a8:94:3a:0c:20:22:57:
37:db:2c:06:4d:25:10:0a:c6:43:e7:e7:25:4a:03:
58:2c:ee:fc:cb:0f:47:fa:00:61:f1:38:0f:76:90:
2f:3d:0f:c2:06:91:bd:b0:ed:96:82:8f:23:9b:90:
91:ca:bf:b7:83:a5:5f:ba:d7:4b:db:f4:b5:94:30:
5a:27:cf:e8:ae:d4:3c:9f:e6:d0:0a:ff:4c:a4:27:
80:2b:6d:d1:29:97:0b:90:7a:3f:e0:d2:0c:45:d0:
b1:e7:e6:0c:4c:9e:fe:d5:fd:c2:80:2c:4a:37:ae:
29:a9:0f:e9:6c:11:c9:e7:ea:92:e7:17:62:70:b5:
0c:c4:8d:0e:45:29:b3:90:4c:b6:6d:e2:a3:4d:94:
81:9e:24:01:9c:29:fb:59:00:78:f0:69:13:d3:ea:
b0:ec:74:6d:f9:28:6d:c3:90:e2:60:79:87:fd:85:
16:ee:22:6f:f9:b2:c4:57:f6:5e:14:40:65:4f:f9:
df:41:16:f4:43:01:93:b8:95:6f:ec:1d:2d:a1:f9:
c4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:75:B4:F5:78:A7:11:20:C5:FA:4F:5A:F6:1A:8F:3E:29:26:4E:39
X509v3 Authority Key Identifier:
keyid:00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
9e:05:01:2e:34:67:3b:45:a1:03:ba:c9:bd:f3:71:c4:e7:83:
34:90:f6:47:62:de:cb:99:11:96:61:f4:02:77:dc:ad:3a:9d:
8f:6f:a5:1e:e4:79:06:ec:aa:1e:ae:a4:30:e4:03:9e:ad:be:
1c:5d:7e:4e:22:e4:30:55:12:b8:e5:51:ed:d2:65:aa:eb:f3:
0f:7c:44:e3:7e:ec:5d:32:5a:a2:6b:93:a7:d1:eb:f6:b9:6f:
ef:71:60:c8:4c:de:85:6a:ac:61:2a:b5:b1:09:f8:a9:f0:e9:
35:75:7b:b9:e4:db:d3:7a:44:f1:88:38:02:e6:af:ac:f4:77:
7f:07:a9:62:68:e5:1f:63:21:e6:8c:7b:d5:65:94:8f:c3:96:
cc:bc:f7:84:d1:16:0f:52:c4:98:46:fc:72:ed:cf:97:15:76:
6b:14:f9:e8:90:9c:e6:88:58:f2:e3:66:2a:e7:4a:eb:90:ec:
5d:8c:23:67:e4:74:47:59:d9:b5:9f:9a:5d:34:51:d3:1b:6e:
34:ce:a1:9f:8a:29:1d:1b:23:34:da:46:c2:2f:50:eb:ee:22:
d9:fd:4d:c3:84:aa:03:9c:37:03:4d:09:d6:85:42:29:57:14:
ad:7e:58:17:16:57:0e:3f:97:cf:ee:b1:ec:94:ff:a6:4c:28:
13:f7:8d:a0
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICATUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzBERjAxMTAvBgNVBAUTKDAwMDhFMkVFQkU2QzU1RjI1OTQ5NDlBNDc3Rjg2NzdC
RkY0QTdGRTQwHhcNMjUwMzI5MDM1NTIzWhcNMjUwNDA1MDM1NTIzWjAYMRYwFAYD
VQQDEw02N2U3NmYyYi1iYzE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAw+5UZ0euzIouKPShe0MZIN9jU+3jY/Yqu+ycfeyUHNZnoad1JyGrzEZMdKvB
dM/2MVqOPqiUOgwgIlc32ywGTSUQCsZD5+clSgNYLO78yw9H+gBh8TgPdpAvPQ/C
BpG9sO2Wgo8jm5CRyr+3g6VfutdL2/S1lDBaJ8/ortQ8n+bQCv9MpCeAK23RKZcL
kHo/4NIMRdCx5+YMTJ7+1f3CgCxKN64pqQ/pbBHJ5+qS5xdicLUMxI0ORSmzkEy2
beKjTZSBniQBnCn7WQB48GkT0+qw7HRt+Shtw5DiYHmH/YUW7iJv+bLEV/ZeFEBl
T/nfQRb0QwGTuJVv7B0tofnEuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHZ1tPV4
pxEgxfpPWvYajz4pJk45MB8GA1UdIwQYMBaAFAAI4u6+bFXyWUlJpHf4Z3v/Sn/k
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MERGMC81REVGQUNGMDM2
NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1ZmSlpTVW1rZF9obmVfOUtm
LVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0FBamk3cjVzVmZKWlNVbWtkX2huZV85S2YtUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MERGMC81REVGQUNGMDM2NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1Zm
SlpTVW1rZF9obmVfOUtmLVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCeBQEuNGc7RaEDusm983HE54M0kPZHYt7LmRGWYfQCd9ytOp2Pb6Ue
5HkG7KoerqQw5AOerb4cXX5OIuQwVRK45VHt0mWq6/MPfETjfuxdMlqia5On0ev2
uW/vcWDITN6FaqxhKrWxCfip8Ok1dXu55NvTekTxiDgC5q+s9Hd/B6liaOUfYyHm
jHvVZZSPw5bMvPeE0RYPUsSYRvxy7c+XFXZrFPnokJzmiFjy42Yq50rrkOxdjCNn
5HRHWdm1n5pdNFHTG240zqGfiikdGyM02kbCL1Dr7iLZ/U3DhKoDnDcDTQnWhUIp
VxStflgXFlcOP5fP7rHslP+mTCgT942g
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:23:25 2025 by rpki-client