Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6EA0/F91400C28C2C11ED9638E672C4F9AE02/DMq5RHoXrDyKeHvpR-xdb0qJXOk.mft
File: DMq5RHoXrDyKeHvpR-xdb0qJXOk.mft (raw, json)
Hash identifier: kH0YA5CGZAm57e8izqTf/iCZ2X76kK1/hsV0AKHk+1Q=
Subject key identifier: 88:C0:35:EA:0F:EC:8C:93:E7:4E:1C:F4:BB:DE:2D:70:A4:5C:ED:37
Authority key identifier: 0C:CA:B9:44:7A:17:AC:3C:8A:78:7B:E9:47:EC:5D:6F:4A:89:5C:E9
Certificate issuer: /CN=A91A6EA0/serialNumber=0CCAB9447A17AC3C8A787BE947EC5D6F4A895CE9
Certificate serial: 01AA
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DMq5RHoXrDyKeHvpR-xdb0qJXOk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91A6EA0/F91400C28C2C11ED9638E672C4F9AE02/DMq5RHoXrDyKeHvpR-xdb0qJXOk.mft
Manifest number: 01A5
Signing time: Sat 29 Mar 2025 02:51:49 +0000
Manifest this update: Sat 29 Mar 2025 02:51:49 +0000
Manifest next update: Sat 05 Apr 2025 02:51:49 +0000
Files and hashes: 1: DMq5RHoXrDyKeHvpR-xdb0qJXOk.crl (hash: 2mnI3luPPEEqyfTMqWwULVNl316eSFVeqMJwAyKY85k=)
2: 35CFAB068C4111ED8E01DF60C4F9AE02.roa (hash: s2ufqDtIL2LcUO3l3IJXmwdiZKcS7NlwuSG6RgI0b0c=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 426 (0x1aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91A6EA0
Validity
Not Before: Mar 29 02:51:49 2025 GMT
Not After : Apr 5 02:51:49 2025 GMT
Subject: CN=67e76045-c3ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:51:d0:9e:6c:a4:b7:58:82:ce:f2:9c:da:54:
6e:64:f9:78:a6:6c:ce:3e:8b:4b:cf:8f:44:a2:8b:
9f:ef:05:f2:b6:66:45:46:8d:79:5a:bc:1f:3f:b1:
e6:50:02:fe:67:c2:95:fa:d2:b4:f9:83:e1:47:f1:
1a:2e:18:03:42:16:3d:26:2b:8e:c7:af:d9:9f:27:
40:95:9b:4e:a3:0b:17:4a:d1:10:27:81:ce:08:b7:
c3:63:34:bd:b3:dc:c2:ea:95:0b:1c:a4:ae:f5:9a:
f6:40:b7:f7:79:3c:66:87:a9:5c:3c:50:bd:f4:df:
be:b9:ee:cd:7e:b1:3d:b4:38:6f:d7:86:5f:f4:51:
99:89:7f:5a:9b:a8:6e:0d:61:d2:71:a4:35:59:62:
56:33:93:84:24:0c:4a:d7:ad:f9:ae:f7:09:3b:a4:
10:47:23:31:5e:b8:e8:3c:e5:fd:7a:05:7d:2d:ae:
40:f9:2b:f6:c9:c6:ea:19:42:e4:75:41:1e:8f:a6:
bf:51:68:6b:f3:63:6c:c5:17:42:27:d4:10:0c:71:
ec:95:a2:42:4a:06:e6:6b:d7:e9:00:cf:da:ed:88:
59:f2:28:e0:14:74:fd:a9:3a:c6:27:00:5a:4a:a7:
58:7e:07:da:80:2d:22:7a:7a:f8:24:25:84:f4:ec:
34:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C0:35:EA:0F:EC:8C:93:E7:4E:1C:F4:BB:DE:2D:70:A4:5C:ED:37
X509v3 Authority Key Identifier:
keyid:0C:CA:B9:44:7A:17:AC:3C:8A:78:7B:E9:47:EC:5D:6F:4A:89:5C:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91A6EA0/F91400C28C2C11ED9638E672C4F9AE02/DMq5RHoXrDyKeHvpR-xdb0qJXOk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DMq5RHoXrDyKeHvpR-xdb0qJXOk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6EA0/F91400C28C2C11ED9638E672C4F9AE02/DMq5RHoXrDyKeHvpR-xdb0qJXOk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
a5:1d:c5:9f:86:ab:1a:c3:3d:3a:bc:25:76:bb:e5:10:2e:10:
ff:cd:84:c4:33:a3:09:c6:6f:a0:3d:ee:6b:23:3c:9b:58:b8:
22:d8:95:2f:5b:67:20:36:06:1b:94:59:59:7e:d4:c1:58:a5:
3a:d7:64:1e:bc:03:72:64:29:cb:83:8a:a0:ee:e3:48:88:24:
01:57:a5:67:30:d0:ee:73:63:01:4a:14:09:1f:2b:f4:1a:42:
c1:66:64:5e:07:56:60:95:ff:61:da:08:2b:17:79:c4:7d:b6:
aa:93:95:9c:8c:7f:d9:cb:ba:ff:1d:c2:59:bc:00:ba:01:9b:
7c:84:f4:e7:93:92:44:5c:92:51:63:a9:03:05:d1:b4:e1:29:
42:f3:ae:90:27:a0:25:0a:df:f5:1e:cf:14:a2:4d:62:0d:5c:
b3:46:48:71:62:da:99:cc:51:a4:09:79:47:1d:76:ca:50:f1:
2a:c5:70:32:f9:fe:0d:57:eb:49:5d:70:6f:cd:15:57:f6:73:
20:d9:d2:bf:80:13:a1:f5:52:63:cc:99:33:36:2d:b0:8d:e0:
26:f1:84:b6:7b:5c:5f:1a:ee:6e:d3:22:52:ae:dd:c3:d2:c7:
a5:ed:cf:56:2c:7f:fb:76:19:14:d1:98:8e:91:48:7c:d9:6a:
e0:f3:c2:59
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAaowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QTZFQTAxMTAvBgNVBAUTKDBDQ0FCOTQ0N0ExN0FDM0M4QTc4N0JFOTQ3RUM1RDZG
NEE4OTVDRTkwHhcNMjUwMzI5MDI1MTQ5WhcNMjUwNDA1MDI1MTQ5WjAYMRYwFAYD
VQQDEw02N2U3NjA0NS1jM2NhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA6FHQnmykt1iCzvKc2lRuZPl4pmzOPotLz49Eoouf7wXytmZFRo15WrwfP7Hm
UAL+Z8KV+tK0+YPhR/EaLhgDQhY9JiuOx6/ZnydAlZtOowsXStEQJ4HOCLfDYzS9
s9zC6pULHKSu9Zr2QLf3eTxmh6lcPFC99N++ue7NfrE9tDhv14Zf9FGZiX9am6hu
DWHScaQ1WWJWM5OEJAxK1635rvcJO6QQRyMxXrjoPOX9egV9La5A+Sv2ycbqGULk
dUEej6a/UWhr82NsxRdCJ9QQDHHslaJCSgbma9fpAM/a7YhZ8ijgFHT9qTrGJwBa
SqdYfgfagC0ienr4JCWE9Ow0dwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIjANeoP
7IyT504c9LveLXCkXO03MB8GA1UdIwQYMBaAFAzKuUR6F6w8inh76UfsXW9KiVzp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNkVBMC9GOTE0MDBDMjhD
MkMxMUVEOTYzOEU2NzJDNEY5QUUwMi9ETXE1UkhvWHJEeUtlSHZwUi14ZGIwcUpY
T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0RNcTVSSG9YckR5S2VIdnBSLXhkYjBxSlhPay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
NkVBMC9GOTE0MDBDMjhDMkMxMUVEOTYzOEU2NzJDNEY5QUUwMi9ETXE1UkhvWHJE
eUtlSHZwUi14ZGIwcUpYT2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQClHcWfhqsawz06vCV2u+UQLhD/zYTEM6MJxm+gPe5rIzybWLgi2JUv
W2cgNgYblFlZftTBWKU612QevANyZCnLg4qg7uNIiCQBV6VnMNDuc2MBShQJHyv0
GkLBZmReB1Zglf9h2ggrF3nEfbaqk5WcjH/Zy7r/HcJZvAC6AZt8hPTnk5JEXJJR
Y6kDBdG04SlC866QJ6AlCt/1Hs8Uok1iDVyzRkhxYtqZzFGkCXlHHXbKUPEqxXAy
+f4NV+tJXXBvzRVX9nMg2dK/gBOh9VJjzJkzNi2wjeAm8YS2e1xfGu5u0yJSrt3D
0sel7c9WLH/7dhkU0ZiOkUh82Wrg88JZ
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:30:30 2025 by rpki-client