Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91953AF/043160B0CA0411EEBCD01770C4F9AE02/qCS2Y_P1o0-C7iJyqK795Dt5vZM.mft
File: qCS2Y_P1o0-C7iJyqK795Dt5vZM.mft (raw, json)
Hash identifier: 2hcJH+mMvb8GX2eAATP76jxp6VjiFpE6rYFT4a8Dmfw=
Subject key identifier: D9:64:60:BE:40:C8:18:74:61:8C:42:48:65:9B:FD:71:A2:3E:2A:1B
Authority key identifier: A8:24:B6:63:F3:F5:A3:4F:82:EE:22:72:A8:AE:FD:E4:3B:79:BD:93
Certificate issuer: /CN=A91953AF/serialNumber=A824B663F3F5A34F82EE2272A8AEFDE43B79BD93
Certificate serial: D5
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qCS2Y_P1o0-C7iJyqK795Dt5vZM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91953AF/043160B0CA0411EEBCD01770C4F9AE02/qCS2Y_P1o0-C7iJyqK795Dt5vZM.mft
Manifest number: D3
Signing time: Sat 29 Mar 2025 05:01:15 +0000
Manifest this update: Sat 29 Mar 2025 05:01:15 +0000
Manifest next update: Sat 05 Apr 2025 05:01:15 +0000
Files and hashes: 1: qCS2Y_P1o0-C7iJyqK795Dt5vZM.crl (hash: e/XBWz/26MSaHFyGjJWTkhiF6n5R1LwkGGp1BQWOxhE=)
2: 593AFF1ACA0611EEBA01A22CC4F9AE02.roa (hash: 5Igi5uwLEP9LNSo1jtb9EAzRP4JXP+61tZCh/iJ8p+M=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213 (0xd5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91953AF
Validity
Not Before: Mar 29 05:01:15 2025 GMT
Not After : Apr 5 05:01:15 2025 GMT
Subject: CN=67e77e9b-5caf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6d:f6:53:bd:f2:69:4d:13:5f:f1:28:78:f0:
28:f1:56:dd:51:0a:b4:69:c5:a0:7a:9f:c1:bc:0b:
17:d1:54:ee:c2:e2:0a:c9:e6:a7:19:63:9a:e7:3b:
f8:83:5b:0c:83:08:f2:77:87:6e:04:81:f8:9b:8b:
46:15:e6:a8:5a:bb:7f:92:27:37:64:a7:2b:0e:68:
7c:49:2a:6e:c4:d8:ab:02:6b:92:75:53:a3:2d:e1:
3c:0a:30:b9:2b:6e:f6:fe:3b:a9:5b:e4:c5:58:ac:
c7:a2:65:f8:19:0a:a2:08:a3:02:9b:b3:6f:c8:2a:
17:c3:8d:d7:8d:6a:b3:e7:2b:f5:0c:05:20:53:3a:
de:72:14:85:ba:4f:42:c2:ab:51:af:e1:d5:9a:66:
38:e6:d7:91:ff:d5:2d:78:7c:da:a4:b8:16:86:ee:
01:ce:c4:8f:74:63:d8:2a:c3:3d:89:53:3e:1c:f1:
c9:73:dc:ae:e2:54:75:c1:f0:3f:32:84:d3:6d:80:
ec:b0:e1:2f:84:3d:d4:3b:4c:27:cc:ca:f1:cb:f6:
5c:d2:2c:c0:b3:04:e0:74:97:56:f4:70:a0:e9:65:
88:0f:70:30:3e:c1:42:03:58:90:e2:c5:2c:26:35:
3d:92:49:4e:da:17:1f:03:8e:ba:1c:c1:59:14:24:
63:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:64:60:BE:40:C8:18:74:61:8C:42:48:65:9B:FD:71:A2:3E:2A:1B
X509v3 Authority Key Identifier:
keyid:A8:24:B6:63:F3:F5:A3:4F:82:EE:22:72:A8:AE:FD:E4:3B:79:BD:93
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91953AF/043160B0CA0411EEBCD01770C4F9AE02/qCS2Y_P1o0-C7iJyqK795Dt5vZM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qCS2Y_P1o0-C7iJyqK795Dt5vZM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91953AF/043160B0CA0411EEBCD01770C4F9AE02/qCS2Y_P1o0-C7iJyqK795Dt5vZM.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
77:79:2d:33:40:80:be:56:a2:89:b8:68:fb:c8:24:1a:da:10:
15:af:c0:68:53:45:14:66:e3:48:27:a1:2a:8e:e1:08:95:d6:
b4:2f:42:bd:42:44:e4:9b:1a:6c:b7:b5:bd:76:70:97:b7:28:
57:c3:6c:3d:1f:e6:34:a3:ba:99:40:fa:e7:0a:0d:99:50:86:
f2:00:52:49:ab:f2:94:50:7b:2c:0e:8a:f1:2b:91:a6:66:ed:
7a:69:b3:f5:0f:63:47:cd:0b:ae:7a:f0:4d:ce:7d:df:00:7d:
93:ac:08:f0:48:89:55:51:05:4f:95:b0:4f:0a:44:a9:2f:85:
83:02:34:c1:6a:24:5c:8d:16:5d:a9:d1:35:c3:c6:3f:5a:b3:
18:95:cd:8f:d2:6f:97:11:fd:3a:cb:9b:fe:ea:a2:38:d2:e0:
78:f4:7f:82:b3:ef:9c:70:e7:3d:6e:2b:df:99:7d:c2:d3:5a:
54:36:e2:ca:52:cb:92:93:9b:c3:db:1f:f3:67:af:83:74:f8:
2c:a7:d7:9e:c7:92:40:8c:70:83:36:69:cc:43:4f:79:ed:a1:
5a:ad:80:d5:f4:b4:54:73:bb:0c:3c:66:68:71:a7:a5:ef:a3:
a3:61:93:e8:b4:06:7c:62:b4:83:45:d0:f3:2c:30:e9:a9:95:
21:b0:55:76
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICANUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTUzQUYxMTAvBgNVBAUTKEE4MjRCNjYzRjNGNUEzNEY4MkVFMjI3MkE4QUVGREU0
M0I3OUJEOTMwHhcNMjUwMzI5MDUwMTE1WhcNMjUwNDA1MDUwMTE1WjAYMRYwFAYD
VQQDEw02N2U3N2U5Yi01Y2FmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwW32U73yaU0TX/EoePAo8VbdUQq0acWgep/BvAsX0VTuwuIKyeanGWOa5zv4
g1sMgwjyd4duBIH4m4tGFeaoWrt/kic3ZKcrDmh8SSpuxNirAmuSdVOjLeE8CjC5
K272/jupW+TFWKzHomX4GQqiCKMCm7NvyCoXw43XjWqz5yv1DAUgUzrechSFuk9C
wqtRr+HVmmY45teR/9UteHzapLgWhu4BzsSPdGPYKsM9iVM+HPHJc9yu4lR1wfA/
MoTTbYDssOEvhD3UO0wnzMrxy/Zc0izAswTgdJdW9HCg6WWID3AwPsFCA1iQ4sUs
JjU9kklO2hcfA466HMFZFCRjxQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNlkYL5A
yBh0YYxCSGWb/XGiPiobMB8GA1UdIwQYMBaAFKgktmPz9aNPgu4icqiu/eQ7eb2T
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTNBRi8wNDMxNjBCMENB
MDQxMUVFQkNEMDE3NzBDNEY5QUUwMi9xQ1MyWV9QMW8wLUM3aUp5cUs3OTVEdDV2
Wk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3FDUzJZX1AxbzAtQzdpSnlxSzc5NUR0NXZaTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5
NTNBRi8wNDMxNjBCMENBMDQxMUVFQkNEMDE3NzBDNEY5QUUwMi9xQ1MyWV9QMW8w
LUM3aUp5cUs3OTVEdDV2Wk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQB3eS0zQIC+VqKJuGj7yCQa2hAVr8BoU0UUZuNIJ6EqjuEIlda0L0K9
QkTkmxpst7W9dnCXtyhXw2w9H+Y0o7qZQPrnCg2ZUIbyAFJJq/KUUHssDorxK5Gm
Zu16abP1D2NHzQuuevBNzn3fAH2TrAjwSIlVUQVPlbBPCkSpL4WDAjTBaiRcjRZd
qdE1w8Y/WrMYlc2P0m+XEf06y5v+6qI40uB49H+Cs++ccOc9bivfmX3C01pUNuLK
UsuSk5vD2x/zZ6+DdPgsp9eex5JAjHCDNmnMQ0957aFarYDV9LRUc7sMPGZocael
76OjYZPotAZ8YrSDRdDzLDDpqZUhsFV2
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:12:21 2025 by rpki-client