Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.mft
File: RyCit4x4I5km_e5zRKNoDaDYBx0.mft (raw, json)
Hash identifier: UcDZguUng/2P2vgIELvkqs501o4FVFunysSoTz4iuoI=
Subject key identifier: 61:F5:D3:F4:C9:FB:20:2F:20:2D:21:BA:E3:4B:F3:B6:72:5D:3E:92
Authority key identifier: 47:20:A2:B7:8C:78:23:99:26:FD:EE:73:44:A3:68:0D:A0:D8:07:1D
Certificate issuer: /CN=A91972DF/serialNumber=4720A2B78C78239926FDEE7344A3680DA0D8071D
Certificate serial: 59
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RyCit4x4I5km_e5zRKNoDaDYBx0.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.mft
Manifest number: 57
Signing time: Sun 13 Apr 2025 05:41:43 +0000
Manifest this update: Sun 13 Apr 2025 05:41:43 +0000
Manifest next update: Sun 20 Apr 2025 05:41:43 +0000
Files and hashes: 1: RyCit4x4I5km_e5zRKNoDaDYBx0.crl (hash: 5mvgZhnLEkCLlkwv5HWAPR3ddsFwHzlngsYH5EekSSw=)
2: A89EDBE29D2011EF85C22562C4F9AE02.roa (hash: PFCVOq6hCEE/LkUTzAqv0G5xeWtP3Mtqim+Dj4TAYwg=)
3: D2D7B762995611EFADA5D754C4F9AE02.roa (hash: leOkuh3L+EBwiYEQWHLbAuOaBMzDoG4/I9L1fdXLYok=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.crl
rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RyCit4x4I5km_e5zRKNoDaDYBx0.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 20 Apr 2025 02:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89 (0x59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91972DF, serialNumber=4720A2B78C78239926FDEE7344A3680DA0D8071D
Validity
Not Before: Apr 13 05:41:43 2025 GMT
Not After : Apr 20 05:41:43 2025 GMT
Subject: CN=67fb4e97-c213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:68:d5:42:10:b4:56:3f:ea:df:78:fb:79:79:
f7:ce:3c:d6:17:bf:52:55:c3:67:8c:3c:22:d9:23:
0d:d5:7f:2a:f5:b6:74:fb:7d:cc:5e:ef:d1:ee:79:
87:33:33:3b:92:69:ff:18:ce:c0:29:71:eb:db:9d:
a7:0d:0c:0c:f4:ee:c0:ac:b5:ca:92:b4:28:e3:d7:
d4:c6:9c:8b:66:51:75:51:35:21:64:18:bb:01:b4:
42:4f:1e:2a:66:4b:1f:16:d6:28:84:02:e2:ae:c9:
3a:00:04:51:9c:86:3d:9f:66:f8:46:f0:78:fd:31:
5f:67:72:16:db:d0:f6:78:89:81:75:b6:46:1e:e4:
65:f4:08:0d:46:80:39:85:19:6c:34:ab:20:63:1c:
fc:bb:f8:5f:a7:bb:b7:41:2d:b4:a0:c7:f1:ba:fd:
2b:e7:39:75:f3:a8:82:c9:48:3e:a3:9d:38:fc:87:
99:c4:3d:fd:ea:9d:5f:e3:7a:bd:db:32:e4:05:0a:
cd:80:d4:fc:ae:a4:e6:32:7d:81:47:28:4e:14:1f:
1d:3b:7e:9d:51:c6:77:aa:de:34:57:b8:d4:39:d3:
92:f1:b4:5a:bd:cf:9f:49:78:88:12:c7:80:34:b3:
5c:37:6e:34:69:2f:9c:59:36:69:8b:ad:ef:7c:30:
69:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:F5:D3:F4:C9:FB:20:2F:20:2D:21:BA:E3:4B:F3:B6:72:5D:3E:92
X509v3 Authority Key Identifier:
keyid:47:20:A2:B7:8C:78:23:99:26:FD:EE:73:44:A3:68:0D:A0:D8:07:1D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RyCit4x4I5km_e5zRKNoDaDYBx0.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91972DF/27E3EDA4983311EF83189A57C4F9AE02/RyCit4x4I5km_e5zRKNoDaDYBx0.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
c8:0e:5e:0d:4b:02:c1:32:cd:34:93:89:34:1c:d5:1c:80:7b:
0f:af:06:b3:83:35:8b:86:08:14:aa:fb:83:42:f3:e3:a3:43:
14:e9:be:4a:6a:7c:d4:fe:b5:d2:05:a8:68:7f:10:b7:96:7f:
c3:f4:90:f2:94:4e:16:26:63:5d:77:85:37:63:29:66:e2:e5:
58:3a:3b:ae:66:1c:e9:b9:92:ce:6b:70:c0:5d:40:5e:c0:59:
05:0c:d1:a4:5d:87:2b:72:0e:a8:52:df:85:ff:6f:9b:ca:d6:
07:27:03:17:e6:70:bd:86:3f:70:34:03:fc:45:c6:28:46:ac:
bf:ba:89:c3:d0:75:f3:dc:ba:53:73:99:ff:52:72:c7:3e:d1:
e0:58:e5:02:9a:18:08:68:8a:42:32:73:cf:44:88:2c:02:4c:
c5:6d:5e:08:1b:ba:9f:a4:1f:89:af:cb:bf:06:ed:97:1b:79:
89:3c:83:3b:d9:08:04:8b:e6:53:9c:27:30:e4:84:53:e7:dd:
e8:73:c7:c0:c1:ba:4a:e2:00:9a:a0:5a:75:b4:33:78:b2:b5:
a1:21:25:89:92:b4:2c:47:1c:c2:07:18:ed:63:ea:5e:12:e0:
08:f2:b8:5a:69:f1:48:80:2f:17:2f:77:26:01:e7:c3:93:d2:
00:cd:43:ef
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBWTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5
NzJERjExMC8GA1UEBRMoNDcyMEEyQjc4Qzc4MjM5OTI2RkRFRTczNDRBMzY4MERB
MEQ4MDcxRDAeFw0yNTA0MTMwNTQxNDNaFw0yNTA0MjAwNTQxNDNaMBgxFjAUBgNV
BAMTDTY3ZmI0ZTk3LWMyMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQCpaNVCELRWP+rfePt5effOPNYXv1JVw2eMPCLZIw3Vfyr1tnT7fcxe79HueYcz
MzuSaf8YzsApcevbnacNDAz07sCstcqStCjj19TGnItmUXVRNSFkGLsBtEJPHipm
Sx8W1iiEAuKuyToABFGchj2fZvhG8Hj9MV9nchbb0PZ4iYF1tkYe5GX0CA1GgDmF
GWw0qyBjHPy7+F+nu7dBLbSgx/G6/SvnOXXzqILJSD6jnTj8h5nEPf3qnV/jer3b
MuQFCs2A1PyupOYyfYFHKE4UHx07fp1Rxneq3jRXuNQ505LxtFq9z59JeIgSx4A0
s1w3bjRpL5xZNmmLre98MGk3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUYfXT9Mn7
IC8gLSG640vztnJdPpIwHwYDVR0jBBgwFoAURyCit4x4I5km/e5zRKNoDaDYBx0w
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk3MkRGLzI3RTNFREE0OTgz
MzExRUY4MzE4OUE1N0M0RjlBRTAyL1J5Q2l0NHg0STVrbV9lNXpSS05vRGFEWUJ4
MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG
RDFGRjIvUnlDaXQ0eDRJNWttX2U1elJLTm9EYURZQngwLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk3
MkRGLzI3RTNFREE0OTgzMzExRUY4MzE4OUE1N0M0RjlBRTAyL1J5Q2l0NHg0STVr
bV9lNXpSS05vRGFEWUJ4MC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAMgOXg1LAsEyzTSTiTQc1RyAew+vBrODNYuGCBSq+4NC8+OjQxTpvkpq
fNT+tdIFqGh/ELeWf8P0kPKUThYmY113hTdjKWbi5Vg6O65mHOm5ks5rcMBdQF7A
WQUM0aRdhytyDqhS34X/b5vK1gcnAxfmcL2GP3A0A/xFxihGrL+6icPQdfPculNz
mf9Scsc+0eBY5QKaGAhoikIyc89EiCwCTMVtXggbup+kH4mvy78G7ZcbeYk8gzvZ
CASL5lOcJzDkhFPn3ehzx8DBukriAJqgWnW0M3iytaEhJYmStCxHHMIHGO1j6l4S
4AjyuFpp8UiALxcvdyYB58OT0gDNQ+8=
-----END CERTIFICATE-----
Generated at Sun Apr 13 15:10:10 2025 by rpki-client