Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft
File: XKzlv2VarPfLxicsXGl_N3oGzow.mft (raw, json)
Hash identifier: 5i1My05JnsJYxbPIXrG7Z9DB5C2SKDz6ws0nwwgwbsg=
Subject key identifier: 92:97:44:D3:88:D5:CA:DD:B9:D1:0B:69:B1:4C:76:22:0C:AC:36:C0
Authority key identifier: 5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C
Certificate issuer: /CN=A917C9BF/serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C
Certificate serial: 6B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft
Manifest number: 67
Signing time: Sat 29 Mar 2025 06:21:16 +0000
Manifest this update: Sat 29 Mar 2025 06:21:15 +0000
Manifest next update: Sat 05 Apr 2025 06:21:15 +0000
Files and hashes: 1: XKzlv2VarPfLxicsXGl_N3oGzow.crl (hash: bCYu0UX3GaKRSZUAPJvbILx3uuY2+nzNl883Bi768b4=)
2: 15875DC27B5E11EFAB71253BC4F9AE02.roa (hash: Po2BM3la9bQp8SxvolgWBVl3dKAKoE5yaonqoVw5jxw=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107 (0x6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917C9BF
Validity
Not Before: Mar 29 06:21:15 2025 GMT
Not After : Apr 5 06:21:15 2025 GMT
Subject: CN=67e7915c-89b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:27:c4:50:7e:92:10:17:a0:26:f2:b7:e4:07:
8c:30:03:cf:60:e1:96:44:eb:85:19:ff:79:a1:02:
df:a6:cd:bc:54:c3:c0:bb:ba:9a:de:cd:15:65:86:
c2:a5:da:f7:74:62:3d:5e:65:bd:5b:59:58:0c:fd:
0a:3f:3c:48:48:bb:9f:ee:bf:cf:f0:20:46:27:28:
58:d6:2f:0c:8f:7f:58:cb:48:c6:5a:2f:1e:12:0d:
32:7b:93:97:33:8e:f3:d2:9b:f4:d2:e5:b4:be:45:
74:0f:f0:95:19:a3:06:b9:da:cc:6c:24:e4:e9:42:
7b:51:43:e8:3e:e0:38:33:61:f8:b4:35:19:fe:d5:
7d:2c:e6:25:55:8f:f7:f2:cc:15:ad:e6:c8:3f:64:
a4:96:37:26:56:7e:c7:dd:c9:11:45:a3:73:66:06:
1d:60:4e:ef:96:a8:de:67:2a:0f:4b:8a:91:7f:b5:
dc:ec:0f:b4:4c:89:db:80:2f:fc:de:30:26:75:7d:
a9:96:25:fa:e4:2b:3c:51:81:9c:72:ad:5f:68:8b:
57:36:2e:80:8d:85:ef:f0:8a:0f:d1:24:87:cb:99:
7a:a5:cc:e9:74:c8:26:12:34:10:ae:10:74:39:63:
fa:78:66:8c:f8:99:e0:bd:85:87:21:31:de:9d:96:
32:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:97:44:D3:88:D5:CA:DD:B9:D1:0B:69:B1:4C:76:22:0C:AC:36:C0
X509v3 Authority Key Identifier:
keyid:5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
12:e4:cf:b6:54:a8:3f:26:4f:6c:01:ec:b6:9f:30:bd:6c:4f:
40:2a:50:35:06:5d:b5:3a:d0:65:01:4a:63:5f:91:35:e4:d3:
c3:62:2e:15:00:ad:da:5b:4a:bb:c7:68:78:60:5b:aa:a3:12:
ca:07:61:d5:a1:c3:a4:54:a0:45:e7:e8:2a:1b:02:55:ff:81:
30:70:00:20:c3:f4:ae:17:31:d6:68:6c:c9:a9:a5:38:5a:34:
bc:bf:1b:91:5e:e3:83:4d:19:b2:82:79:ac:e0:1b:28:ad:4d:
1e:2f:6f:a0:52:ff:90:7a:ee:f7:05:63:32:8b:3b:58:17:21:
5a:a4:f2:9d:19:e2:d6:8e:ee:3c:a3:3f:00:3b:8e:b3:8c:48:
7c:da:65:12:8b:99:0d:80:d4:bb:e3:83:34:a4:78:c7:56:1f:
73:23:a7:4d:a2:37:3c:76:3c:77:23:48:ff:63:7f:62:6a:ac:
bb:29:2e:ae:c6:b7:70:a0:58:85:a0:d8:29:20:f5:de:04:97:
a9:45:96:0d:3c:2f:d7:3e:d8:b9:75:26:ba:b2:db:29:94:1a:
9d:e8:e0:88:50:e4:67:16:7e:69:bd:d1:0c:0f:1a:ff:d0:cb:
c8:27:a8:ac:97:36:a7:27:5b:52:99:9f:49:e5:9d:79:a2:56:
30:7c:aa:f7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBazANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3
QzlCRjExMC8GA1UEBRMoNUNBQ0U1QkY2NTVBQUNGN0NCQzYyNzJDNUM2OTdGMzc3
QTA2Q0U4QzAeFw0yNTAzMjkwNjIxMTVaFw0yNTA0MDUwNjIxMTVaMBgxFjAUBgNV
BAMTDTY3ZTc5MTVjLTg5YjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDDJ8RQfpIQF6Am8rfkB4wwA89g4ZZE64UZ/3mhAt+mzbxUw8C7uprezRVlhsKl
2vd0Yj1eZb1bWVgM/Qo/PEhIu5/uv8/wIEYnKFjWLwyPf1jLSMZaLx4SDTJ7k5cz
jvPSm/TS5bS+RXQP8JUZowa52sxsJOTpQntRQ+g+4DgzYfi0NRn+1X0s5iVVj/fy
zBWt5sg/ZKSWNyZWfsfdyRFFo3NmBh1gTu+WqN5nKg9LipF/tdzsD7RMiduAL/ze
MCZ1famWJfrkKzxRgZxyrV9oi1c2LoCNhe/wig/RJIfLmXqlzOl0yCYSNBCuEHQ5
Y/p4Zoz4meC9hYchMd6dljJPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUkpdE04jV
yt250QtpsUx2IgysNsAwHwYDVR0jBBgwFoAUXKzlv2VarPfLxicsXGl/N3oGzoww
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdDOUJGL0JFMUQ0QTM0N0I0
RDExRUZCMDIzNkM3OEM0RjlBRTAyL1hLemx2MlZhclBmTHhpY3NYR2xfTjNvR3pv
dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvWEt6bHYyVmFyUGZMeGljc1hHbF9OM29Hem93LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdD
OUJGL0JFMUQ0QTM0N0I0RDExRUZCMDIzNkM3OEM0RjlBRTAyL1hLemx2MlZhclBm
THhpY3NYR2xfTjNvR3pvdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBABLkz7ZUqD8mT2wB7LafML1sT0AqUDUGXbU60GUBSmNfkTXk08NiLhUA
rdpbSrvHaHhgW6qjEsoHYdWhw6RUoEXn6CobAlX/gTBwACDD9K4XMdZobMmppTha
NLy/G5Fe44NNGbKCeazgGyitTR4vb6BS/5B67vcFYzKLO1gXIVqk8p0Z4taO7jyj
PwA7jrOMSHzaZRKLmQ2A1LvjgzSkeMdWH3Mjp02iNzx2PHcjSP9jf2JqrLspLq7G
t3CgWIWg2Ckg9d4El6lFlg08L9c+2Ll1Jrqy2ymUGp3o4IhQ5GcWfmm90QwPGv/Q
y8gnqKyXNqcnW1KZn0nlnXmiVjB8qvc=
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:48:21 2025 by rpki-client