Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.mft
File: KdzyaXujSl1MV_LtlnGNAxu8VjA.mft (raw, json)
Hash identifier: cC9Mdc9TvZkDaT1BQjVKiWIIFJsywOWnbwoqSbiMfIw=
Subject key identifier: 42:43:45:F2:62:8B:D4:A6:99:4E:30:45:65:E8:A8:50:9D:6D:D7:DA
Authority key identifier: 29:DC:F2:69:7B:A3:4A:5D:4C:57:F2:ED:96:71:8D:03:1B:BC:56:30
Certificate issuer: /CN=A91A1103/serialNumber=29DCF2697BA34A5D4C57F2ED96718D031BBC5630
Certificate serial: 15EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdzyaXujSl1MV_LtlnGNAxu8VjA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.mft
Manifest number: 15E2
Signing time: Fri 28 Mar 2025 16:53:17 +0000
Manifest this update: Fri 28 Mar 2025 16:53:17 +0000
Manifest next update: Fri 04 Apr 2025 16:53:17 +0000
Files and hashes: 1: KdzyaXujSl1MV_LtlnGNAxu8VjA.crl (hash: q0ZaXourHgx9/M+20wolylDpKj+F4VKXSQTud8ShseI=)
2: 1C85059C1EB911E88533FA4EC4F9AE02.roa (hash: RqHN2PwZe21iOjQw65O1dXW58VJkxhmOGxQkFQUXslk=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5612 (0x15ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A1103
Validity
Not Before: Mar 28 16:53:17 2025 GMT
Not After : Apr 4 16:53:17 2025 GMT
Subject: CN=67e6d3fd-85fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a3:dd:4f:f4:0e:a4:b4:9b:46:55:04:3f:d1:
35:49:c7:ac:b2:d0:a7:f9:8b:39:07:18:6e:00:61:
90:ae:94:2b:e3:c7:77:bb:0e:66:a5:d6:b3:81:63:
c9:06:a7:63:51:27:00:1e:12:95:29:f4:47:04:24:
b1:dc:66:28:5d:5f:7f:34:7f:d1:14:13:e5:b8:14:
8e:98:1f:45:a1:7a:95:3e:cd:6f:93:63:8e:21:fd:
57:7a:3d:5e:bf:20:18:53:a3:5a:60:b2:b4:5b:a5:
47:21:f6:0a:78:19:52:1a:92:98:bb:3c:27:2d:be:
0a:8d:37:fb:88:6a:f0:79:0e:2d:35:fb:f0:b0:78:
54:10:c1:12:1e:7d:10:83:db:ac:98:9b:9e:6f:7b:
f5:49:2b:c6:bd:70:c0:d9:26:89:2f:0b:50:f9:bc:
55:5b:2c:96:d2:8d:1a:52:79:16:cc:fa:d7:14:6b:
b7:79:6e:d9:fe:b9:9c:34:22:ef:3a:b9:c8:2e:9e:
14:22:eb:15:e4:ba:dd:39:a7:e1:bb:62:be:a9:78:
fe:9c:a7:0a:c1:44:2e:92:7f:7e:e7:54:a3:a6:77:
38:cf:07:1d:61:e1:e9:8f:54:19:c5:00:26:65:0f:
10:33:85:45:c3:8b:c1:37:64:d6:6b:c3:e6:bc:df:
9e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:43:45:F2:62:8B:D4:A6:99:4E:30:45:65:E8:A8:50:9D:6D:D7:DA
X509v3 Authority Key Identifier:
keyid:29:DC:F2:69:7B:A3:4A:5D:4C:57:F2:ED:96:71:8D:03:1B:BC:56:30
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdzyaXujSl1MV_LtlnGNAxu8VjA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
23:42:a2:71:5d:43:d2:b8:bc:e0:b8:41:31:2f:4b:b7:30:74:
f3:10:d1:9f:c5:02:97:be:76:70:a8:75:5f:d1:a4:5e:e6:f8:
17:0b:6b:e7:8b:d8:bd:85:5e:ce:da:48:f4:6c:0c:5d:5d:29:
5e:ab:f6:e2:35:bd:b4:08:08:a9:da:d8:09:fd:f7:12:15:f4:
21:6b:9f:eb:6f:4e:83:93:d6:8a:4b:88:0c:32:98:3f:79:5a:
39:43:c8:22:93:2c:7f:48:e4:b6:60:fb:4d:11:2f:bd:c7:4e:
d5:02:8c:6c:f2:55:0a:cd:f5:3d:f5:e2:dc:61:36:30:1b:c5:
0f:6e:f3:c6:3f:d8:e3:ad:b5:ce:f7:96:29:93:07:dd:70:a4:
58:02:8e:d0:f3:2a:dd:d4:eb:6d:d8:a1:25:b7:97:49:06:d6:
7e:17:c5:b2:51:e3:16:ad:bd:d3:8d:34:2b:48:fb:a0:4d:c6:
36:91:9b:af:1d:7b:45:c9:9b:97:47:2b:66:45:f8:eb:e1:60:
c6:2b:34:9b:5e:97:98:e4:47:87:53:6f:ff:66:0b:6d:c7:98:
e0:58:3f:b8:0e:c4:2b:da:c3:30:a1:c0:69:61:e3:c6:26:b3:
a6:6b:25:fa:fe:5f:05:a0:ec:ac:a6:0f:c5:d9:6b:24:17:32:
1c:56:1b:f9
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICFewwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTExMDMxMTAvBgNVBAUTKDI5RENGMjY5N0JBMzRBNUQ0QzU3RjJFRDk2NzE4RDAz
MUJCQzU2MzAwHhcNMjUwMzI4MTY1MzE3WhcNMjUwNDA0MTY1MzE3WjAYMRYwFAYD
VQQDEw02N2U2ZDNmZC04NWZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAraPdT/QOpLSbRlUEP9E1ScesstCn+Ys5BxhuAGGQrpQr48d3uw5mpdazgWPJ
BqdjUScAHhKVKfRHBCSx3GYoXV9/NH/RFBPluBSOmB9FoXqVPs1vk2OOIf1Xej1e
vyAYU6NaYLK0W6VHIfYKeBlSGpKYuzwnLb4KjTf7iGrweQ4tNfvwsHhUEMESHn0Q
g9usmJueb3v1SSvGvXDA2SaJLwtQ+bxVWyyW0o0aUnkWzPrXFGu3eW7Z/rmcNCLv
OrnILp4UIusV5LrdOafhu2K+qXj+nKcKwUQukn9+51Sjpnc4zwcdYeHpj1QZxQAm
ZQ8QM4VFw4vBN2TWa8PmvN+evwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEJDRfJi
i9SmmU4wRWXoqFCdbdfaMB8GA1UdIwQYMBaAFCnc8ml7o0pdTFfy7ZZxjQMbvFYw
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMTEwMy8yMDk1QUE2MjFB
MDcxMUU4QkUyNEE1NThDNEY5QUUwMi9LZHp5YVh1alNsMU1WX0x0bG5HTkF4dThW
akEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tkenlhWHVqU2wxTVZfTHRsbkdOQXh1OFZqQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
MTEwMy8yMDk1QUE2MjFBMDcxMUU4QkUyNEE1NThDNEY5QUUwMi9LZHp5YVh1alNs
MU1WX0x0bG5HTkF4dThWakEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAjQqJxXUPSuLzguEExL0u3MHTzENGfxQKXvnZwqHVf0aRe5vgXC2vn
i9i9hV7O2kj0bAxdXSleq/biNb20CAip2tgJ/fcSFfQha5/rb06Dk9aKS4gMMpg/
eVo5Q8gikyx/SOS2YPtNES+9x07VAoxs8lUKzfU99eLcYTYwG8UPbvPGP9jjrbXO
95YpkwfdcKRYAo7Q8yrd1Ott2KElt5dJBtZ+F8WyUeMWrb3TjTQrSPugTcY2kZuv
HXtFyZuXRytmRfjr4WDGKzSbXpeY5EeHU2//Zgttx5jgWD+4DsQr2sMwocBpYePG
JrOmayX6/l8FoOyspg/F2WskFzIcVhv5
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:10:40 2025 by rpki-client