Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/CkIqY5fY62yzV3UpfOtVpeGP4eI.mft
File: CkIqY5fY62yzV3UpfOtVpeGP4eI.mft (raw, json)
Hash identifier: utEcGBajMmtSVXOO35tA83wjHo02Sq2J6UywEuhBKUU=
Subject key identifier: 33:2E:B0:31:18:21:3F:BA:6B:58:79:39:A8:6E:A3:E2:96:28:AE:1D
Authority key identifier: 0A:42:2A:63:97:D8:EB:6C:B3:57:75:29:7C:EB:55:A5:E1:8F:E1:E2
Certificate issuer: /CN=A9176AFD/serialNumber=0A422A6397D8EB6CB35775297CEB55A5E18FE1E2
Certificate serial: 18B1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkIqY5fY62yzV3UpfOtVpeGP4eI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/CkIqY5fY62yzV3UpfOtVpeGP4eI.mft
Manifest number: 18A0
Signing time: Fri 28 Mar 2025 16:35:54 +0000
Manifest this update: Fri 28 Mar 2025 16:35:54 +0000
Manifest next update: Fri 04 Apr 2025 16:35:54 +0000
Files and hashes: 1: CkIqY5fY62yzV3UpfOtVpeGP4eI.crl (hash: gZTC1T+he0UqtjhdHrKo8GSvVbc31ck8ixP6AjsmeAg=)
2: D6D99A3EBE3711EDA6617C5DC4F9AE02.roa (hash: i+oJi6jpDEgYGCAfWO68s9CmpJ8yXleP5d3NPE288zQ=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6321 (0x18b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9176AFD
Validity
Not Before: Mar 28 16:35:54 2025 GMT
Not After : Apr 4 16:35:54 2025 GMT
Subject: CN=67e6cfea-9c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e1:bb:67:44:2f:49:4f:57:c9:0a:1a:77:62:
24:c2:6f:2c:eb:5f:ec:6c:c3:6b:e2:68:a6:39:ea:
cf:4d:9f:80:5e:de:05:43:38:cc:41:41:f3:72:80:
58:27:04:25:4e:37:c9:f8:0f:89:f0:c6:46:98:01:
b9:6c:3e:a4:d9:5b:9d:da:68:96:d1:01:dd:ff:06:
c7:ba:04:48:44:d6:4a:ae:09:ea:2a:99:d1:8f:a1:
e9:fe:f3:bd:20:ba:0e:3e:6d:5c:0e:72:45:e2:4a:
6c:dc:5c:f0:c0:c2:eb:14:75:95:b3:cf:15:d1:02:
1c:90:c3:b0:0a:b1:e3:6c:b7:dd:eb:38:ca:67:e2:
17:ad:6d:fc:60:71:f0:b6:56:bb:b7:6b:53:bc:58:
73:e7:ff:62:57:eb:52:da:5a:f6:d0:bb:74:02:12:
22:3a:2b:78:59:6d:54:56:ae:00:98:62:40:53:ee:
75:8a:df:e8:92:36:ea:66:ea:11:db:fb:39:98:98:
7f:32:67:1e:5d:05:9c:51:9f:e1:9f:12:1a:81:e7:
8f:ea:92:9e:8d:57:13:f5:a9:25:05:63:0e:1a:c0:
ad:ae:51:66:ed:4b:03:f3:85:0b:d4:fd:98:2e:16:
ba:45:53:15:d5:62:0a:54:dc:98:1d:ef:2d:c3:6f:
c3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:2E:B0:31:18:21:3F:BA:6B:58:79:39:A8:6E:A3:E2:96:28:AE:1D
X509v3 Authority Key Identifier:
keyid:0A:42:2A:63:97:D8:EB:6C:B3:57:75:29:7C:EB:55:A5:E1:8F:E1:E2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/CkIqY5fY62yzV3UpfOtVpeGP4eI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkIqY5fY62yzV3UpfOtVpeGP4eI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9176AFD/5BB2230A92F811E784CA0E5CC4F9AE02/CkIqY5fY62yzV3UpfOtVpeGP4eI.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
33:c9:10:1a:8f:cd:54:70:d7:a2:aa:11:72:03:f9:c6:b3:37:
5b:0c:82:85:15:47:80:cc:a7:1f:3d:bb:ba:48:45:60:c3:2e:
19:39:4b:46:b2:29:e8:08:bc:45:8a:57:58:1e:cc:13:40:2a:
bd:5b:ed:67:7c:d6:08:af:b2:c5:53:9a:7c:6a:57:3e:9d:4d:
d5:c9:78:99:01:f3:a3:e4:ac:23:9a:35:68:ff:66:ac:10:24:
9a:0c:d4:76:58:dc:c8:d1:24:87:68:b9:d7:db:3e:a6:a7:a7:
5d:25:21:6b:e3:f9:30:70:67:12:67:53:be:8a:c4:f0:81:cb:
37:b4:2d:a4:ee:ef:1f:75:a2:01:44:39:c6:97:48:00:1f:50:
ce:7c:0d:bb:7d:75:bc:99:0b:6f:0b:59:a6:09:e3:5a:69:ac:
15:31:02:49:45:e9:54:fa:8b:f3:69:20:1b:2b:13:51:8a:e3:
4e:33:42:bd:db:b0:c4:10:13:e7:af:c0:e5:34:5f:23:1e:17:
7a:96:a6:e7:72:74:96:6f:ed:be:b1:4a:9d:12:76:0c:6e:e1:
28:fc:30:ce:6d:b6:6a:a2:e1:58:8e:a8:c1:f6:ce:f0:f4:ae:
5a:44:f5:b3:d9:aa:18:8d:49:b6:58:c7:49:aa:66:a3:14:04:
6d:0d:3c:26
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICGLEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzZBRkQxMTAvBgNVBAUTKDBBNDIyQTYzOTdEOEVCNkNCMzU3NzUyOTdDRUI1NUE1
RTE4RkUxRTIwHhcNMjUwMzI4MTYzNTU0WhcNMjUwNDA0MTYzNTU0WjAYMRYwFAYD
VQQDEw02N2U2Y2ZlYS05YzdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnuG7Z0QvSU9XyQoad2Ikwm8s61/sbMNr4mimOerPTZ+AXt4FQzjMQUHzcoBY
JwQlTjfJ+A+J8MZGmAG5bD6k2Vud2miW0QHd/wbHugRIRNZKrgnqKpnRj6Hp/vO9
ILoOPm1cDnJF4kps3FzwwMLrFHWVs88V0QIckMOwCrHjbLfd6zjKZ+IXrW38YHHw
tla7t2tTvFhz5/9iV+tS2lr20Lt0AhIiOit4WW1UVq4AmGJAU+51it/okjbqZuoR
2/s5mJh/MmceXQWcUZ/hnxIageeP6pKejVcT9aklBWMOGsCtrlFm7UsD84UL1P2Y
Lha6RVMV1WIKVNyYHe8tw2/DHQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDMusDEY
IT+6a1h5Oahuo+KWKK4dMB8GA1UdIwQYMBaAFApCKmOX2Otss1d1KXzrVaXhj+Hi
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NkFGRC81QkIyMjMwQTky
RjgxMUU3ODRDQTBFNUNDNEY5QUUwMi9Da0lxWTVmWTYyeXpWM1VwZk90VnBlR1A0
ZUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NrSXFZNWZZNjJ5elYzVXBmT3RWcGVHUDRlSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
NkFGRC81QkIyMjMwQTkyRjgxMUU3ODRDQTBFNUNDNEY5QUUwMi9Da0lxWTVmWTYy
eXpWM1VwZk90VnBlR1A0ZUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAzyRAaj81UcNeiqhFyA/nGszdbDIKFFUeAzKcfPbu6SEVgwy4ZOUtG
sinoCLxFildYHswTQCq9W+1nfNYIr7LFU5p8alc+nU3VyXiZAfOj5KwjmjVo/2as
ECSaDNR2WNzI0SSHaLnX2z6mp6ddJSFr4/kwcGcSZ1O+isTwgcs3tC2k7u8fdaIB
RDnGl0gAH1DOfA27fXW8mQtvC1mmCeNaaawVMQJJRelU+ovzaSAbKxNRiuNOM0K9
27DEEBPnr8DlNF8jHhd6lqbncnSWb+2+sUqdEnYMbuEo/DDObbZqouFYjqjB9s7w
9K5aRPWz2aoYjUm2WMdJqmajFARtDTwm
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:17:49 2025 by rpki-client