Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A9191D22/284001EC7B1F11EA858BCD86C4F9AE02/zPugs5k5MOsTt6JZJyqoEfh0SyM.mft
File: zPugs5k5MOsTt6JZJyqoEfh0SyM.mft (raw, json)
Hash identifier: IlHiJN8biCsY/zwXWJ+82h1xWfb6GcH5wamqdxOr3uA=
Subject key identifier: F5:3A:E5:7C:CD:31:D6:E9:50:C8:0C:E0:E6:8C:D4:89:D8:2D:67:A2
Authority key identifier: CC:FB:A0:B3:99:39:30:EB:13:B7:A2:59:27:2A:A8:11:F8:74:4B:23
Certificate issuer: /CN=A9191D22/serialNumber=CCFBA0B3993930EB13B7A259272AA811F8744B23
Certificate serial: 09D2
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPugs5k5MOsTt6JZJyqoEfh0SyM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9191D22/284001EC7B1F11EA858BCD86C4F9AE02/zPugs5k5MOsTt6JZJyqoEfh0SyM.mft
Manifest number: 09CA
Signing time: Fri 28 Mar 2025 20:12:56 +0000
Manifest this update: Fri 28 Mar 2025 20:12:55 +0000
Manifest next update: Fri 04 Apr 2025 20:12:55 +0000
Files and hashes: 1: zPugs5k5MOsTt6JZJyqoEfh0SyM.crl (hash: FVNJ0LzPu1rEE+gL9UevdlKdLejHSDbS+4+Za5zewgs=)
2: 047A427C7E2B11EAB1B5B00DC4F9AE02.roa (hash: vYfbYGbaZtOjNPwwYTLo3cpgHwXTvaA/VLhLM/0gXjE=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2514 (0x9d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9191D22
Validity
Not Before: Mar 28 20:12:55 2025 GMT
Not After : Apr 4 20:12:55 2025 GMT
Subject: CN=67e702c8-d9a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:65:a9:79:a0:08:3e:3c:7b:cf:84:ca:74:1e:
b6:71:94:60:c8:c1:c4:7a:c6:83:89:e7:58:6d:71:
30:ed:7a:a3:b1:83:9d:5b:ee:bc:f7:55:83:01:ca:
4d:ec:b4:f6:ae:54:97:c4:bd:14:d7:bd:1c:5a:8c:
a8:83:5f:85:c4:bb:7e:8c:23:a9:6e:f4:ad:3f:4b:
37:97:a2:02:38:a8:a2:ad:6c:ce:52:2b:59:15:b0:
74:60:92:f4:8d:9e:30:39:45:cd:dd:10:6a:64:07:
18:98:76:38:c5:49:ad:34:7a:c7:46:ab:ca:7d:54:
c0:41:b7:9e:c9:20:da:37:f7:ec:c6:23:91:18:e1:
55:71:21:cc:81:e2:ce:9c:10:f5:05:e6:48:a4:fa:
85:d0:c3:16:2b:0b:5f:2a:8c:70:a1:35:da:c6:20:
79:46:d2:2b:8a:52:e9:5e:7c:5d:5b:0c:b1:9c:1a:
76:cb:73:74:de:50:d6:1a:f7:c1:8e:83:d8:71:aa:
31:ca:d6:ef:cb:55:a8:ff:52:4e:aa:77:48:12:af:
da:93:32:21:be:04:9f:96:c5:03:b1:27:d2:21:ac:
bc:45:37:35:a7:1e:01:02:5e:c7:96:c6:c5:0f:d2:
24:86:0d:a0:0f:ad:d7:e2:47:e1:a5:41:2b:ed:f9:
81:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:3A:E5:7C:CD:31:D6:E9:50:C8:0C:E0:E6:8C:D4:89:D8:2D:67:A2
X509v3 Authority Key Identifier:
keyid:CC:FB:A0:B3:99:39:30:EB:13:B7:A2:59:27:2A:A8:11:F8:74:4B:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9191D22/284001EC7B1F11EA858BCD86C4F9AE02/zPugs5k5MOsTt6JZJyqoEfh0SyM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zPugs5k5MOsTt6JZJyqoEfh0SyM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9191D22/284001EC7B1F11EA858BCD86C4F9AE02/zPugs5k5MOsTt6JZJyqoEfh0SyM.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
43:93:69:4c:d6:9e:f4:3c:c2:2a:a7:5a:9a:f3:89:fa:e7:37:
9e:c3:0f:1b:90:3a:17:50:fc:e6:fe:43:68:ee:30:b0:d7:a9:
65:5f:cc:28:ec:7e:43:8e:79:1c:61:e4:4a:00:35:0b:66:c9:
15:70:7c:60:25:b7:8f:e6:86:ad:45:ad:ce:f7:e9:2c:6f:d3:
f7:77:ae:75:ef:8c:6f:d3:d2:ee:49:e5:84:e6:c2:8a:4f:d4:
2f:a9:c2:3d:fc:8b:1a:cc:0f:96:d1:00:5a:4d:9e:59:e7:c2:
35:f9:4e:4e:56:f3:95:4c:da:48:69:5b:9e:1c:6c:d7:13:77:
7a:9b:de:bd:83:0d:f0:6f:57:c1:25:c0:44:58:db:63:57:07:
5d:13:cf:e5:19:df:dc:ab:77:1a:ca:b7:a8:5a:c9:1f:9a:5f:
0d:04:a1:80:3f:c7:fa:47:be:be:0a:ef:bb:7e:a5:cb:b8:89:
9c:88:90:c4:c7:4a:d1:dd:28:aa:76:68:47:94:69:9b:2a:19:
54:79:a5:97:b0:dd:5e:a1:fd:1a:6a:9c:9d:bb:ba:a1:18:db:
87:8b:fe:a5:cd:35:41:1e:f7:66:6d:7e:68:c5:73:90:42:f3:
7a:15:5a:5b:02:1a:79:11:fb:96:3d:1f:62:69:92:64:d7:91:
90:48:23:42
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCdIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTFEMjIxMTAvBgNVBAUTKENDRkJBMEIzOTkzOTMwRUIxM0I3QTI1OTI3MkFBODEx
Rjg3NDRCMjMwHhcNMjUwMzI4MjAxMjU1WhcNMjUwNDA0MjAxMjU1WjAYMRYwFAYD
VQQDEw02N2U3MDJjOC1kOWE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAy2WpeaAIPjx7z4TKdB62cZRgyMHEesaDiedYbXEw7XqjsYOdW+6891WDAcpN
7LT2rlSXxL0U170cWoyog1+FxLt+jCOpbvStP0s3l6ICOKiirWzOUitZFbB0YJL0
jZ4wOUXN3RBqZAcYmHY4xUmtNHrHRqvKfVTAQbeeySDaN/fsxiORGOFVcSHMgeLO
nBD1BeZIpPqF0MMWKwtfKoxwoTXaxiB5RtIrilLpXnxdWwyxnBp2y3N03lDWGvfB
joPYcaoxytbvy1Wo/1JOqndIEq/akzIhvgSflsUDsSfSIay8RTc1px4BAl7HlsbF
D9Ikhg2gD63X4kfhpUEr7fmBMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPU65XzN
MdbpUMgM4OaM1InYLWeiMB8GA1UdIwQYMBaAFMz7oLOZOTDrE7eiWScqqBH4dEsj
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MUQyMi8yODQwMDFFQzdC
MUYxMUVBODU4QkNEODZDNEY5QUUwMi96UHVnczVrNU1Pc1R0NkpaSnlxb0VmaDBT
eU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3pQdWdzNWs1TU9zVHQ2SlpKeXFvRWZoMFN5TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
MUQyMi8yODQwMDFFQzdCMUYxMUVBODU4QkNEODZDNEY5QUUwMi96UHVnczVrNU1P
c1R0NkpaSnlxb0VmaDBTeU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBDk2lM1p70PMIqp1qa84n65zeeww8bkDoXUPzm/kNo7jCw16llX8wo
7H5DjnkcYeRKADULZskVcHxgJbeP5oatRa3O9+ksb9P3d65174xv09LuSeWE5sKK
T9QvqcI9/IsazA+W0QBaTZ5Z58I1+U5OVvOVTNpIaVueHGzXE3d6m969gw3wb1fB
JcBEWNtjVwddE8/lGd/cq3cayreoWskfml8NBKGAP8f6R76+Cu+7fqXLuImciJDE
x0rR3SiqdmhHlGmbKhlUeaWXsN1eof0aapydu7qhGNuHi/6lzTVBHvdmbX5oxXOQ
QvN6FVpbAhp5EfuWPR9iaZJk15GQSCNC
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:28:26 2025 by rpki-client