Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91764A1/6B7D69A6045311EAA8F8EC1DC4F9AE02/W9l8Mex4xvFX13LBu1drgCSCtyg.mft
File: W9l8Mex4xvFX13LBu1drgCSCtyg.mft (raw, json)
Hash identifier: sLPGp6pxvvu375gXXbtgwIOIJTgIUaQzoA3+cUgZRK8=
Subject key identifier: 72:7D:DD:E9:7B:46:D3:7B:38:E9:17:0B:B7:D0:8A:F2:A0:7F:0D:12
Authority key identifier: 5B:D9:7C:31:EC:78:C6:F1:57:D7:72:C1:BB:57:6B:80:24:82:B7:28
Certificate issuer: /CN=A91764A1/serialNumber=5BD97C31EC78C6F157D772C1BB576B802482B728
Certificate serial: 0C32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W9l8Mex4xvFX13LBu1drgCSCtyg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91764A1/6B7D69A6045311EAA8F8EC1DC4F9AE02/W9l8Mex4xvFX13LBu1drgCSCtyg.mft
Manifest number: 0C28
Signing time: Fri 28 Mar 2025 18:37:23 +0000
Manifest this update: Fri 28 Mar 2025 18:37:22 +0000
Manifest next update: Fri 04 Apr 2025 18:37:22 +0000
Files and hashes: 1: W9l8Mex4xvFX13LBu1drgCSCtyg.crl (hash: LmlSJulDoKR59RwdOeX/qRgvd27UoLbNNxMgkZ4uOdo=)
2: 753703FE045C11EAB8BF0932C4F9AE02.roa (hash: S/ofOXTredoKUYwl0LoZXr2usuoq2v/owpoDEv+TetE=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3122 (0xc32)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91764A1
Validity
Not Before: Mar 28 18:37:22 2025 GMT
Not After : Apr 4 18:37:22 2025 GMT
Subject: CN=67e6ec63-b6b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3c:50:2b:8c:1f:5c:30:24:42:ca:9d:e5:73:
ba:9a:2f:17:a4:da:75:41:a4:59:d7:53:eb:bc:1b:
cf:f4:26:76:46:c3:0b:7d:ed:99:50:d3:c9:97:cf:
53:5d:8d:65:66:12:b0:a4:7f:cb:b6:ef:f1:0f:5e:
bc:d2:5f:fb:05:6a:c8:f1:38:c2:c4:00:7a:62:98:
b7:6c:13:22:df:b0:d5:6e:fc:50:94:3e:6f:3c:fa:
38:47:32:9b:f6:95:5c:70:fb:40:87:54:05:cf:b3:
e2:23:e2:19:9a:27:55:f0:ab:25:a1:8e:ea:1a:d1:
b3:14:50:1e:c6:e3:53:d1:2c:b2:86:2c:74:78:11:
c0:98:74:23:17:f6:23:b9:ca:e6:1d:ab:6b:19:f6:
83:91:4e:80:80:c3:d7:13:3f:3d:d4:00:e0:8c:a9:
d1:62:62:46:87:75:12:00:cf:6d:c1:4d:10:d7:bb:
f1:a5:7c:66:92:11:ab:2c:39:83:9b:8f:58:09:6f:
05:44:05:04:d0:cd:d9:ea:eb:1f:ca:a7:23:0b:89:
88:88:fa:31:66:26:4d:8e:81:5e:3e:0b:54:ab:99:
f2:05:8d:9e:83:a7:c8:95:e4:64:4f:f2:3d:5f:fb:
12:a7:4f:49:98:40:09:d9:56:4c:fb:1e:bc:be:5e:
43:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:7D:DD:E9:7B:46:D3:7B:38:E9:17:0B:B7:D0:8A:F2:A0:7F:0D:12
X509v3 Authority Key Identifier:
keyid:5B:D9:7C:31:EC:78:C6:F1:57:D7:72:C1:BB:57:6B:80:24:82:B7:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91764A1/6B7D69A6045311EAA8F8EC1DC4F9AE02/W9l8Mex4xvFX13LBu1drgCSCtyg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/W9l8Mex4xvFX13LBu1drgCSCtyg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91764A1/6B7D69A6045311EAA8F8EC1DC4F9AE02/W9l8Mex4xvFX13LBu1drgCSCtyg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
4b:6e:ef:66:2f:e5:ad:c6:63:66:ca:0e:3f:49:ec:29:da:01:
85:67:8b:83:5e:9f:b9:37:f0:a5:df:78:8d:76:52:e0:1b:05:
d3:aa:90:e4:7e:02:16:ea:bd:74:4f:67:57:70:12:e4:fa:57:
9c:02:4d:8f:a4:96:2c:c9:09:0b:80:0c:f4:3c:b5:da:34:ef:
77:d4:fd:e6:35:4d:ed:2c:7c:eb:5d:cd:ba:55:d1:2d:45:90:
06:ce:6b:a3:8e:07:da:b5:b2:a1:4e:b4:76:84:34:ba:99:6b:
30:f4:4f:c1:f6:5a:f5:7e:5e:48:ad:13:34:a5:41:cb:8f:b0:
1a:a5:65:89:1d:3d:63:72:20:2b:20:a0:64:41:d1:69:9a:c0:
da:c2:d3:0e:d1:d7:6b:fc:44:a3:2d:dd:c4:8d:97:09:19:27:
af:93:cd:20:1e:b1:b3:e4:ed:06:bd:e1:e5:35:63:fe:41:99:
4a:62:d1:91:29:32:29:99:4d:6a:c1:00:66:18:7c:04:23:a2:
10:f3:51:be:ad:34:ee:e8:f0:15:14:0c:59:de:79:84:3e:9a:
58:47:dd:7b:f7:f1:29:ed:96:70:f4:86:57:00:f6:04:36:dd:
85:31:39:06:c8:b3:da:03:02:87:33:a7:29:29:b5:4d:b9:f3:
11:9d:41:86
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDDIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzY0QTExMTAvBgNVBAUTKDVCRDk3QzMxRUM3OEM2RjE1N0Q3NzJDMUJCNTc2Qjgw
MjQ4MkI3MjgwHhcNMjUwMzI4MTgzNzIyWhcNMjUwNDA0MTgzNzIyWjAYMRYwFAYD
VQQDEw02N2U2ZWM2My1iNmIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyDxQK4wfXDAkQsqd5XO6mi8XpNp1QaRZ11PrvBvP9CZ2RsMLfe2ZUNPJl89T
XY1lZhKwpH/Ltu/xD1680l/7BWrI8TjCxAB6Ypi3bBMi37DVbvxQlD5vPPo4RzKb
9pVccPtAh1QFz7PiI+IZmidV8KsloY7qGtGzFFAexuNT0Syyhix0eBHAmHQjF/Yj
ucrmHatrGfaDkU6AgMPXEz891ADgjKnRYmJGh3USAM9twU0Q17vxpXxmkhGrLDmD
m49YCW8FRAUE0M3Z6usfyqcjC4mIiPoxZiZNjoFePgtUq5nyBY2eg6fIleRkT/I9
X/sSp09JmEAJ2VZM+x68vl5D2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHJ93el7
RtN7OOkXC7fQivKgfw0SMB8GA1UdIwQYMBaAFFvZfDHseMbxV9dywbtXa4Akgrco
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NjRBMS82QjdENjlBNjA0
NTMxMUVBQThGOEVDMURDNEY5QUUwMi9XOWw4TWV4NHh2RlgxM0xCdTFkcmdDU0N0
eWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1c5bDhNZXg0eHZGWDEzTEJ1MWRyZ0NTQ3R5Zy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NjRBMS82QjdENjlBNjA0NTMxMUVBQThGOEVDMURDNEY5QUUwMi9XOWw4TWV4NHh2
RlgxM0xCdTFkcmdDU0N0eWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBLbu9mL+WtxmNmyg4/Sewp2gGFZ4uDXp+5N/Cl33iNdlLgGwXTqpDk
fgIW6r10T2dXcBLk+lecAk2PpJYsyQkLgAz0PLXaNO931P3mNU3tLHzrXc26VdEt
RZAGzmujjgfatbKhTrR2hDS6mWsw9E/B9lr1fl5IrRM0pUHLj7AapWWJHT1jciAr
IKBkQdFpmsDawtMO0ddr/ESjLd3EjZcJGSevk80gHrGz5O0GveHlNWP+QZlKYtGR
KTIpmU1qwQBmGHwEI6IQ81G+rTTu6PAVFAxZ3nmEPppYR9179/Ep7ZZw9IZXAPYE
Nt2FMTkGyLPaAwKHM6cpKbVNufMRnUGG
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:20:05 2025 by rpki-client