Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.mft
File: b814Gaj5P69A0OOH8htG6E3p1ws.mft (raw, json)
Hash identifier: mXEzPc0CW6232W6ZiCB2uo9p0GJvEK1XJ+fFPAnjjt8=
Subject key identifier: 24:A0:3B:A2:04:B7:65:CB:44:47:C2:1F:E3:5F:39:6A:CB:FB:4C:02
Authority key identifier: 6F:CD:78:19:A8:F9:3F:AF:40:D0:E3:87:F2:1B:46:E8:4D:E9:D7:0B
Certificate issuer: /CN=A91B02A2/serialNumber=6FCD7819A8F93FAF40D0E387F21B46E84DE9D70B
Certificate serial: 010A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b814Gaj5P69A0OOH8htG6E3p1ws.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.mft
Manifest number: 0108
Signing time: Sat 29 Mar 2025 04:24:56 +0000
Manifest this update: Sat 29 Mar 2025 04:24:55 +0000
Manifest next update: Sat 05 Apr 2025 04:24:55 +0000
Files and hashes: 1: b814Gaj5P69A0OOH8htG6E3p1ws.crl (hash: Z9t/4WF/BnM3UpLhhHWSjHrRrH3Et5vbc7VALaLwRwM=)
2: 5D98833C77EC11EEA06F373BC4F9AE02.roa (hash: PTNlCaFqxgAXX8dh1a7LSvNmOXF/4erL00o7/e/JlJk=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 266 (0x10a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B02A2
Validity
Not Before: Mar 29 04:24:55 2025 GMT
Not After : Apr 5 04:24:55 2025 GMT
Subject: CN=67e77618-7aa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:00:33:9e:d3:5f:10:14:4b:27:b5:98:c4:20:
9a:79:68:74:a0:54:15:90:f1:fa:4c:89:c0:bc:ec:
0d:5c:ab:fa:ee:a7:49:78:0c:4e:61:70:48:3a:ff:
34:c6:40:b4:32:4b:3b:55:9d:07:fb:a7:59:ce:2d:
a7:08:fd:1c:99:dc:1b:5c:b0:e2:c6:99:3e:5d:6a:
ad:41:75:a3:2b:1d:30:b7:5a:ab:e9:21:c6:c8:03:
df:5c:37:52:32:cd:57:36:67:c9:b9:9a:e0:ac:92:
5d:52:c1:af:ca:73:f7:73:4e:d9:f1:85:fd:bd:6a:
83:2a:9e:27:28:07:63:30:4f:ad:61:7c:92:01:f6:
37:0e:ff:95:bf:0f:b6:5c:4c:ce:a9:2b:7d:81:33:
52:89:67:00:02:57:95:d8:e6:58:07:02:f5:84:8f:
67:c4:f4:41:9a:5d:09:66:79:f3:7d:cd:d2:ec:d7:
a2:f7:5a:b0:06:45:5e:75:ee:81:31:5f:4f:22:0b:
06:be:6d:c8:2e:62:d2:05:df:bc:c4:75:48:b9:6d:
c1:f9:10:4f:76:d8:e9:d6:fa:44:94:58:de:39:da:
e9:6d:25:7a:2b:35:20:01:02:12:71:61:67:4a:2f:
e8:07:f3:9f:42:7c:ef:49:0e:13:97:46:5b:48:de:
1e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A0:3B:A2:04:B7:65:CB:44:47:C2:1F:E3:5F:39:6A:CB:FB:4C:02
X509v3 Authority Key Identifier:
keyid:6F:CD:78:19:A8:F9:3F:AF:40:D0:E3:87:F2:1B:46:E8:4D:E9:D7:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b814Gaj5P69A0OOH8htG6E3p1ws.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
0a:5d:69:b2:20:58:1e:e2:e5:9e:1d:45:06:e1:d4:f1:8d:4f:
d1:60:83:be:ae:d1:d5:13:1e:c5:2f:e0:a1:cc:0e:01:fb:b0:
6b:f7:34:33:6f:35:61:3d:c2:b6:6d:07:c0:8e:70:47:41:bf:
70:ba:31:6f:ba:35:0f:1d:3f:77:a5:c8:c8:db:ee:64:72:88:
dd:5e:84:60:66:0e:ee:7c:fa:2d:48:77:6a:e1:e4:b3:3d:1b:
bd:c4:6e:89:80:4b:7a:bd:56:3b:43:b4:36:7a:64:e6:21:9d:
73:73:65:de:71:17:11:3f:04:7b:3c:92:73:2c:c7:b0:98:14:
ba:bd:c0:d8:0b:d2:8a:ea:09:4d:b4:df:c6:df:6a:6a:2a:05:
a5:82:ba:54:3c:e1:ed:bb:39:38:07:a2:f3:f9:ff:94:60:0a:
c6:f0:96:3c:3d:d8:d9:f6:f8:1f:f5:d2:c5:70:c9:fd:46:49:
17:ca:76:03:dc:e7:a7:d0:00:90:91:f1:3e:0a:08:ec:85:4e:
ff:7b:e5:de:e4:06:46:1d:f3:fe:1a:d0:c4:fb:3a:0d:2b:71:
26:68:d7:fe:42:b5:95:e4:3c:79:47:ab:3c:a1:f0:0c:a6:b3:
49:2b:85:59:5a:b2:05:7c:55:0c:1c:30:71:18:e2:4a:4d:34:
c5:23:09:b5
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAQowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjAyQTIxMTAvBgNVBAUTKDZGQ0Q3ODE5QThGOTNGQUY0MEQwRTM4N0YyMUI0NkU4
NERFOUQ3MEIwHhcNMjUwMzI5MDQyNDU1WhcNMjUwNDA1MDQyNDU1WjAYMRYwFAYD
VQQDEw02N2U3NzYxOC03YWEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAugAzntNfEBRLJ7WYxCCaeWh0oFQVkPH6TInAvOwNXKv67qdJeAxOYXBIOv80
xkC0Mks7VZ0H+6dZzi2nCP0cmdwbXLDixpk+XWqtQXWjKx0wt1qr6SHGyAPfXDdS
Ms1XNmfJuZrgrJJdUsGvynP3c07Z8YX9vWqDKp4nKAdjME+tYXySAfY3Dv+Vvw+2
XEzOqSt9gTNSiWcAAleV2OZYBwL1hI9nxPRBml0JZnnzfc3S7Nei91qwBkVede6B
MV9PIgsGvm3ILmLSBd+8xHVIuW3B+RBPdtjp1vpElFjeOdrpbSV6KzUgAQIScWFn
Si/oB/OfQnzvSQ4Tl0ZbSN4eCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCSgO6IE
t2XLREfCH+NfOWrL+0wCMB8GA1UdIwQYMBaAFG/NeBmo+T+vQNDjh/IbRuhN6dcL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDJBMi9FRkQyMTU4NDc3
RUIxMUVFOTNCNjhCM0FDNEY5QUUwMi9iODE0R2FqNVA2OUEwT09IOGh0RzZFM3Ax
d3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2I4MTRHYWo1UDY5QTBPT0g4aHRHNkUzcDF3cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
MDJBMi9FRkQyMTU4NDc3RUIxMUVFOTNCNjhCM0FDNEY5QUUwMi9iODE0R2FqNVA2
OUEwT09IOGh0RzZFM3Axd3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAKXWmyIFge4uWeHUUG4dTxjU/RYIO+rtHVEx7FL+ChzA4B+7Br9zQz
bzVhPcK2bQfAjnBHQb9wujFvujUPHT93pcjI2+5kcojdXoRgZg7ufPotSHdq4eSz
PRu9xG6JgEt6vVY7Q7Q2emTmIZ1zc2XecRcRPwR7PJJzLMewmBS6vcDYC9KK6glN
tN/G32pqKgWlgrpUPOHtuzk4B6Lz+f+UYArG8JY8PdjZ9vgf9dLFcMn9RkkXynYD
3Oen0ACQkfE+CgjshU7/e+Xe5AZGHfP+GtDE+zoNK3EmaNf+QrWV5Dx5R6s8ofAM
prNJK4VZWrIFfFUMHDBxGOJKTTTFIwm1
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:25:08 2025 by rpki-client