Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft
File: -qIKGvsgkct_URR4g_NkpFMJQTE.mft (raw, json)
Hash identifier: XzDCOmldWfMBwYsAE9yuP0rCBng+SL8hlV5f117DHxM=
Subject key identifier: EB:A2:C3:F2:4E:7B:72:25:11:F3:CC:1F:8B:42:FF:F6:1B:45:8B:86
Authority key identifier: FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31
Certificate issuer: /CN=A91AF0E8/serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131
Certificate serial: 3479
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft
Manifest number: 346E
Signing time: Fri 28 Mar 2025 15:13:33 +0000
Manifest this update: Fri 28 Mar 2025 15:13:32 +0000
Manifest next update: Fri 04 Apr 2025 15:13:32 +0000
Files and hashes: 1: -qIKGvsgkct_URR4g_NkpFMJQTE.crl (hash: C10vblAz3dsMsnL6QMEqhKA+Rp4N3xm/Zro7eaKcEQY=)
2: 0A956A80B48711EC83327546C4F9AE02.roa (hash: QTUVJsweaVnNBbhlnpDHj+5m7Q6KujtkGNOkASm6SsM=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13433 (0x3479)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91AF0E8
Validity
Not Before: Mar 28 15:13:32 2025 GMT
Not After : Apr 4 15:13:32 2025 GMT
Subject: CN=67e6bc9d-71fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:75:fb:68:1f:04:bb:13:23:8b:ca:d1:7e:09:
75:ab:9f:d5:78:f0:20:0f:cf:d7:55:69:45:12:13:
8a:82:4f:47:84:7c:2d:e8:95:bb:52:1f:d1:8b:3e:
a8:6b:1e:11:93:9a:12:9f:5f:e4:f7:e6:b5:88:4e:
06:b2:32:ca:b3:22:c8:0e:78:37:1a:b1:e7:07:21:
9f:cd:51:0b:42:0b:4f:c2:15:4e:ed:f1:45:1b:c8:
db:4a:c8:38:de:30:19:09:46:d0:33:8d:3d:28:01:
45:38:e0:ff:63:85:d3:88:43:19:9f:83:03:3e:db:
aa:73:f6:db:3d:fd:bf:d9:d1:7f:55:0a:31:ae:b1:
4c:9f:ec:00:f1:8a:c0:93:28:28:e3:94:9b:7c:58:
47:00:99:71:ae:fe:fd:74:0a:70:e9:5b:5c:d1:7c:
79:a2:21:bc:55:d6:66:d5:8f:f9:44:a4:43:e7:e7:
e1:24:63:6e:2d:d1:69:27:ef:4c:65:b7:e0:af:ce:
6a:bd:73:f6:ce:f6:90:25:d2:bd:c4:90:50:44:e3:
0b:13:6b:6a:93:f8:6b:77:8b:37:ee:91:0f:a7:85:
79:f1:fe:5c:cb:d5:8a:a3:8e:5f:ef:06:f1:8e:c9:
22:ac:c3:7c:02:e6:46:62:c7:a0:ad:88:d7:e7:ec:
5f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:A2:C3:F2:4E:7B:72:25:11:F3:CC:1F:8B:42:FF:F6:1B:45:8B:86
X509v3 Authority Key Identifier:
keyid:FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
31:ed:2e:6f:90:ab:13:7d:72:6b:83:45:e9:95:c9:0c:87:a7:
f9:8e:7d:87:4d:d2:6c:47:34:5f:35:f9:72:ab:14:a8:9f:5b:
df:e5:80:08:38:02:b0:a7:3a:a0:99:eb:3c:e3:a3:ef:52:ef:
8a:e0:fe:70:bc:3c:5b:c2:ae:bb:50:7f:6f:45:5b:a2:4c:d8:
8c:40:68:92:4d:0c:64:94:b4:04:a8:6b:97:e2:86:6d:77:50:
48:16:a3:df:67:96:dc:28:d5:50:4a:63:cc:e2:48:9c:2a:84:
a1:c0:90:03:85:a5:c9:06:97:62:93:3e:84:5a:55:88:60:97:
b8:e5:90:d0:69:17:50:54:59:68:f8:f8:3f:d5:cd:e7:47:d8:
e2:8d:d5:31:d1:7c:2e:48:52:ed:e8:c9:bf:e8:88:02:e4:15:
a8:f7:e1:a0:d5:0c:ff:e4:4c:d6:18:61:c8:d5:45:aa:26:22:
16:5f:d4:a7:aa:39:c4:b5:b4:c0:fd:7b:4b:67:f5:ac:cd:76:
a4:26:22:09:57:a9:3e:db:40:24:a1:4e:5a:f6:50:8c:6d:9b:
2b:4e:51:3d:f1:3b:e6:f1:a0:6d:04:c9:aa:f5:41:f0:11:21:
6d:78:96:c3:bb:b4:db:be:e6:cf:ac:92:34:1e:3a:22:2a:5b:
f0:13:a6:66
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNHkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QUYwRTgxMTAvBgNVBAUTKEZBQTIwQTFBRkIyMDkxQ0I3RjUxMTQ3ODgzRjM2NEE0
NTMwOTQxMzEwHhcNMjUwMzI4MTUxMzMyWhcNMjUwNDA0MTUxMzMyWjAYMRYwFAYD
VQQDEw02N2U2YmM5ZC03MWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAunX7aB8EuxMji8rRfgl1q5/VePAgD8/XVWlFEhOKgk9HhHwt6JW7Uh/Riz6o
ax4Rk5oSn1/k9+a1iE4GsjLKsyLIDng3GrHnByGfzVELQgtPwhVO7fFFG8jbSsg4
3jAZCUbQM409KAFFOOD/Y4XTiEMZn4MDPtuqc/bbPf2/2dF/VQoxrrFMn+wA8YrA
kygo45SbfFhHAJlxrv79dApw6Vtc0Xx5oiG8VdZm1Y/5RKRD5+fhJGNuLdFpJ+9M
Zbfgr85qvXP2zvaQJdK9xJBQROMLE2tqk/hrd4s37pEPp4V58f5cy9WKo45f7wbx
jskirMN8AuZGYsegrYjX5+xfXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOuiw/JO
e3IlEfPMH4tC//YbRYuGMB8GA1UdIwQYMBaAFPqiChr7IJHLf1EUeIPzZKRTCUEx
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjBFOC80NTc5NkFEMjFE
QTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tjdF9VUlI0Z19Oa3BGTUpR
VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLy1xSUtHdnNna2N0X1VSUjRnX05rcEZNSlFURS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB
RjBFOC80NTc5NkFEMjFEQTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tj
dF9VUlI0Z19Oa3BGTUpRVEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAx7S5vkKsTfXJrg0XplckMh6f5jn2HTdJsRzRfNflyqxSon1vf5YAI
OAKwpzqgmes846PvUu+K4P5wvDxbwq67UH9vRVuiTNiMQGiSTQxklLQEqGuX4oZt
d1BIFqPfZ5bcKNVQSmPM4kicKoShwJADhaXJBpdikz6EWlWIYJe45ZDQaRdQVFlo
+Pg/1c3nR9jijdUx0XwuSFLt6Mm/6IgC5BWo9+Gg1Qz/5EzWGGHI1UWqJiIWX9Sn
qjnEtbTA/XtLZ/WszXakJiIJV6k+20AkoU5a9lCMbZsrTlE98Tvm8aBtBMmq9UHw
ESFteJbDu7TbvubPrJI0HjoiKlvwE6Zm
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:53:49 2025 by rpki-client