Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.mft
File: Sn0mxMvxZwAkXWf79pULcSkYmTk.mft (raw, json)
Hash identifier: BFGNu8ZqWjiRWFXdN35xnk6MGmHy1b3p9gNWYBJQt+w=
Subject key identifier: 45:7E:43:CA:7B:83:8B:B8:B6:31:D2:92:6A:6E:C2:0A:25:02:EF:2F
Authority key identifier: 4A:7D:26:C4:CB:F1:67:00:24:5D:67:FB:F6:95:0B:71:29:18:99:39
Certificate issuer: /CN=A91839CF/serialNumber=4A7D26C4CBF16700245D67FBF6950B7129189939
Certificate serial: 43
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sn0mxMvxZwAkXWf79pULcSkYmTk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.mft
Manifest number: 42
Signing time: Sat 29 Mar 2025 06:46:05 +0000
Manifest this update: Sat 29 Mar 2025 06:46:04 +0000
Manifest next update: Sat 05 Apr 2025 06:46:04 +0000
Files and hashes: 1: Sn0mxMvxZwAkXWf79pULcSkYmTk.crl (hash: NZN7rzO7Gf5r4c9h+JVOZoZJ3haeHTWSvsIfEJK3EmY=)
2: 305EB30EA98D11EF8C023466C4F9AE02.roa (hash: Buuzt0i/kKtBaGkDf9aAUjvIwcQJfDzcstPOVS8Jm/I=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67 (0x43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91839CF
Validity
Not Before: Mar 29 06:46:04 2025 GMT
Not After : Apr 5 06:46:04 2025 GMT
Subject: CN=67e7972c-d5dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5a:0b:d8:8e:30:a7:67:43:da:fc:92:2e:a0:
0b:94:e9:24:a0:f9:b9:91:72:e6:c1:38:fc:8b:66:
1d:0b:01:e1:e7:18:f6:19:4f:10:77:e1:ad:bd:dd:
87:29:d3:46:c3:fb:5d:20:1a:61:ff:66:4c:82:af:
95:d8:27:59:55:9e:a5:51:09:da:73:37:95:a2:1e:
ed:c0:64:08:70:2b:1b:09:29:78:24:34:28:3e:e3:
ab:3f:ef:40:bd:71:ed:d2:2d:98:9c:2f:39:3d:4e:
19:82:c6:63:3f:50:fb:5e:9f:42:25:bc:9a:d7:4f:
9e:36:04:84:fa:a1:07:71:b4:a0:98:41:13:9e:57:
41:84:b0:eb:38:f2:17:12:16:86:9e:40:74:03:e1:
62:83:1b:28:58:92:37:10:14:50:d4:30:86:3c:3d:
b2:b7:7d:4f:ec:0f:d4:2e:3f:84:5e:f4:00:90:b6:
30:e5:75:c4:16:fe:8a:69:8b:7a:f4:0c:16:f6:86:
a8:c1:d1:ed:ef:c4:76:9c:6d:d5:b4:62:d7:fe:b7:
39:bb:ec:4e:15:f9:30:5b:b6:7f:01:87:90:5a:d2:
e7:c4:4e:20:20:18:67:b0:e1:fe:5d:29:18:14:df:
c8:3b:6e:56:9c:c9:b1:de:e5:a1:3c:03:0d:64:51:
1f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:7E:43:CA:7B:83:8B:B8:B6:31:D2:92:6A:6E:C2:0A:25:02:EF:2F
X509v3 Authority Key Identifier:
keyid:4A:7D:26:C4:CB:F1:67:00:24:5D:67:FB:F6:95:0B:71:29:18:99:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sn0mxMvxZwAkXWf79pULcSkYmTk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
92:e1:a2:35:fe:9e:e0:aa:37:33:c4:de:15:83:ed:15:cd:b4:
a3:b7:83:17:51:b1:27:b1:97:e9:ee:c9:0d:cf:9a:fb:5a:72:
69:61:ff:3c:79:e0:14:d9:32:bd:f8:d9:a9:7b:22:09:62:03:
21:42:f0:b7:e2:1c:d2:65:a7:8f:87:91:af:07:a3:42:d2:14:
22:78:d7:91:3f:cb:66:a8:0a:d1:63:a1:16:18:17:ab:59:79:
63:dc:8a:4d:03:ed:e4:ba:83:ae:fa:30:e7:70:5c:3c:06:4d:
e9:7f:f8:68:be:42:6f:f3:35:a7:e5:ab:69:97:52:da:f9:9b:
b2:f5:c1:d4:e3:b7:0d:50:4f:e8:63:1d:e4:17:15:ab:81:9c:
48:81:79:80:17:24:15:17:7d:e5:74:8f:e7:0a:a2:08:2a:49:
f8:d7:c9:0d:cc:2a:76:56:89:5c:8d:31:45:63:ce:21:ff:78:
71:ba:74:70:a0:c0:2c:90:6c:43:d5:05:e4:6a:8b:72:75:d9:
6b:a6:4a:ec:cc:ed:a8:a9:f7:b3:c4:15:01:86:a9:b8:e2:06:
2c:97:c6:08:50:60:20:03:fd:39:41:8c:e3:a4:74:18:06:07:
ad:50:12:e5:99:78:9d:29:86:81:be:ab:58:52:74:cd:ec:8f:
2e:d3:c6:f9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBQzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4
MzlDRjExMC8GA1UEBRMoNEE3RDI2QzRDQkYxNjcwMDI0NUQ2N0ZCRjY5NTBCNzEy
OTE4OTkzOTAeFw0yNTAzMjkwNjQ2MDRaFw0yNTA0MDUwNjQ2MDRaMBgxFjAUBgNV
BAMTDTY3ZTc5NzJjLWQ1ZGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQC8WgvYjjCnZ0Pa/JIuoAuU6SSg+bmRcubBOPyLZh0LAeHnGPYZTxB34a293Ycp
00bD+10gGmH/ZkyCr5XYJ1lVnqVRCdpzN5WiHu3AZAhwKxsJKXgkNCg+46s/70C9
ce3SLZicLzk9ThmCxmM/UPten0IlvJrXT542BIT6oQdxtKCYQROeV0GEsOs48hcS
FoaeQHQD4WKDGyhYkjcQFFDUMIY8PbK3fU/sD9QuP4Re9ACQtjDldcQW/oppi3r0
DBb2hqjB0e3vxHacbdW0Ytf+tzm77E4V+TBbtn8Bh5Ba0ufETiAgGGew4f5dKRgU
38g7blacybHe5aE8Aw1kUR9BAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQURX5DynuD
i7i2MdKSam7CCiUC7y8wHwYDVR0jBBgwFoAUSn0mxMvxZwAkXWf79pULcSkYmTkw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgzOUNGLzRERjJCRTUyQTk4
QzExRUZCQTA2ODg2NEM0RjlBRTAyL1NuMG14TXZ4WndBa1hXZjc5cFVMY1NrWW1U
ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvU24wbXhNdnhad0FrWFdmNzlwVUxjU2tZbVRrLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgz
OUNGLzRERjJCRTUyQTk4QzExRUZCQTA2ODg2NEM0RjlBRTAyL1NuMG14TXZ4WndB
a1hXZjc5cFVMY1NrWW1Uay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAJLhojX+nuCqNzPE3hWD7RXNtKO3gxdRsSexl+nuyQ3Pmvtacmlh/zx5
4BTZMr342al7IgliAyFC8LfiHNJlp4+Hka8Ho0LSFCJ415E/y2aoCtFjoRYYF6tZ
eWPcik0D7eS6g676MOdwXDwGTel/+Gi+Qm/zNaflq2mXUtr5m7L1wdTjtw1QT+hj
HeQXFauBnEiBeYAXJBUXfeV0j+cKoggqSfjXyQ3MKnZWiVyNMUVjziH/eHG6dHCg
wCyQbEPVBeRqi3J12WumSuzM7aip97PEFQGGqbjiBiyXxghQYCAD/TlBjOOkdBgG
B61QEuWZeJ0phoG+q1hSdM3sjy7Txvk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:25:11 2025 by rpki-client