Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft
File: H8Tf0A2sNKjrhGPTlRwio0WDesk.mft (raw, json)
Hash identifier: TD+b9zd6PESKGt6gWe+ABkli54+uPAfTYJm6iv1kFnE=
Subject key identifier: 92:30:C8:9D:13:E3:50:39:D8:51:3D:2C:8B:BD:AE:0E:10:BF:C0:21
Authority key identifier: 1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9
Certificate issuer: /CN=A91B477B/serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9
Certificate serial: 0681
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft
Manifest number: 0674
Signing time: Fri 28 Mar 2025 22:37:37 +0000
Manifest this update: Fri 28 Mar 2025 22:37:37 +0000
Manifest next update: Fri 04 Apr 2025 22:37:37 +0000
Files and hashes: 1: H8Tf0A2sNKjrhGPTlRwio0WDesk.crl (hash: EG6D57kitrL0jyhsDxvSsRJerCEYOfhxFdaiG09Y3rA=)
2: 22F72E28725311EBA9C51756C4F9AE02.roa (hash: jYjWFz3EGxandnR9opo8f6aMMLeOf+7OXo3+jH6tu9c=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1665 (0x681)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B477B
Validity
Not Before: Mar 28 22:37:37 2025 GMT
Not After : Apr 4 22:37:37 2025 GMT
Subject: CN=67e724b1-a42a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f4:fd:0a:c2:03:6e:81:27:36:87:d5:cb:55:
62:de:6d:60:52:e0:88:7c:80:e9:d1:bb:06:9f:13:
71:4a:e8:a9:ea:08:49:d3:30:1d:1e:1c:1d:3f:6a:
60:79:c3:1b:9b:b7:79:26:9e:7c:ed:a4:6f:d8:9e:
a6:9e:97:a7:14:ea:af:52:9f:be:f2:f2:91:e9:6a:
f6:e2:09:c2:67:37:b0:cf:e7:04:17:86:e0:7a:f4:
87:a0:e9:69:0b:3d:1d:ce:65:cc:3c:16:71:3a:e6:
c3:49:21:20:a2:c7:e2:59:17:f5:6c:4a:78:04:38:
83:16:e6:6f:97:14:1d:31:05:3c:09:17:45:fe:82:
09:4e:6a:e3:a2:d2:58:6f:ae:82:37:ed:bb:95:be:
21:01:93:4c:79:da:75:34:44:e7:94:ad:db:d3:72:
8e:f7:2c:b3:94:ff:87:10:81:09:3b:a7:e2:70:4f:
08:ae:69:68:ba:6d:fa:17:cb:14:2a:4c:a7:e9:a8:
ab:54:90:b9:88:d1:e1:8e:83:b9:45:9f:5a:c7:d1:
a5:cc:37:b4:df:43:bf:51:bf:1b:80:a5:c1:c9:b7:
a1:50:b6:fa:90:9b:69:81:9f:40:90:aa:e4:79:c5:
69:42:0a:ca:5a:d9:40:3b:a3:3f:8b:46:f8:31:96:
ba:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:30:C8:9D:13:E3:50:39:D8:51:3D:2C:8B:BD:AE:0E:10:BF:C0:21
X509v3 Authority Key Identifier:
keyid:1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
9f:5a:3b:5d:04:c7:c4:33:57:b3:88:09:42:0a:e2:0b:e4:fe:
df:99:c3:f3:50:b9:0e:d9:e5:40:e9:ad:e1:eb:f8:5b:87:b1:
e0:38:cf:a0:b8:1d:29:e0:98:b2:ff:df:73:38:55:45:77:3e:
13:a1:31:d3:25:ee:c7:9e:d5:59:44:09:7d:c8:16:bd:32:01:
de:7f:e2:a9:f6:c4:b3:d2:ae:8f:6b:62:12:f4:e1:4f:6d:3a:
0f:8d:94:23:7e:ec:e1:3b:35:ec:8f:34:b2:17:0e:5c:4c:59:
6a:5f:f8:74:4f:2c:e8:80:61:e8:db:b8:8a:d0:c6:f7:8e:5e:
3f:92:93:1f:ee:c6:0e:53:0b:93:37:c9:78:8d:7a:83:b8:71:
72:d0:66:6a:d5:9e:39:21:5b:a2:2f:5f:b4:eb:a5:99:65:05:
83:fb:1f:b2:3a:2d:8f:87:57:59:17:ba:c3:4c:b8:da:18:05:
f8:da:1f:2c:f5:78:20:a5:79:4b:57:43:54:c3:8a:58:ca:4b:
bc:57:0d:b4:f6:e3:bc:82:5d:a1:9b:c4:a1:24:51:7f:90:62:
1b:6e:8c:52:0a:73:c4:c5:23:f5:f2:8f:59:b6:8e:50:70:22:
1b:df:02:39:75:b9:05:52:57:a2:3b:16:e8:be:86:a4:eb:03:
ca:4f:21:fa
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBoEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjQ3N0IxMTAvBgNVBAUTKDFGQzRERkQwMERBQzM0QThFQjg0NjNEMzk1MUMyMkEz
NDU4MzdBQzkwHhcNMjUwMzI4MjIzNzM3WhcNMjUwNDA0MjIzNzM3WjAYMRYwFAYD
VQQDEw02N2U3MjRiMS1hNDJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2PT9CsIDboEnNofVy1Vi3m1gUuCIfIDp0bsGnxNxSuip6ghJ0zAdHhwdP2pg
ecMbm7d5Jp587aRv2J6mnpenFOqvUp++8vKR6Wr24gnCZzewz+cEF4bgevSHoOlp
Cz0dzmXMPBZxOubDSSEgosfiWRf1bEp4BDiDFuZvlxQdMQU8CRdF/oIJTmrjotJY
b66CN+27lb4hAZNMedp1NETnlK3b03KO9yyzlP+HEIEJO6ficE8Irmloum36F8sU
Kkyn6airVJC5iNHhjoO5RZ9ax9GlzDe030O/Ub8bgKXBybehULb6kJtpgZ9AkKrk
ecVpQgrKWtlAO6M/i0b4MZa6nwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJIwyJ0T
41A52FE9LIu9rg4Qv8AhMB8GA1UdIwQYMBaAFB/E39ANrDSo64Rj05UcIqNFg3rJ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDc3Qi8xQzI1NjI3MDcy
NTAxMUVCQjY0OEY4NEVDNEY5QUUwMi9IOFRmMEEyc05LanJoR1BUbFJ3aW8wV0Rl
c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0g4VGYwQTJzTktqcmhHUFRsUndpbzBXRGVzay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NDc3Qi8xQzI1NjI3MDcyNTAxMUVCQjY0OEY4NEVDNEY5QUUwMi9IOFRmMEEyc05L
anJoR1BUbFJ3aW8wV0Rlc2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCfWjtdBMfEM1eziAlCCuIL5P7fmcPzULkO2eVA6a3h6/hbh7HgOM+g
uB0p4Jiy/99zOFVFdz4ToTHTJe7HntVZRAl9yBa9MgHef+Kp9sSz0q6Pa2IS9OFP
bToPjZQjfuzhOzXsjzSyFw5cTFlqX/h0TyzogGHo27iK0Mb3jl4/kpMf7sYOUwuT
N8l4jXqDuHFy0GZq1Z45IVuiL1+066WZZQWD+x+yOi2Ph1dZF7rDTLjaGAX42h8s
9XggpXlLV0NUw4pYyku8Vw209uO8gl2hm8ShJFF/kGIbboxSCnPExSP18o9Zto5Q
cCIb3wI5dbkFUleiOxbovoak6wPKTyH6
-----END CERTIFICATE-----
Generated at Thu Apr 10 18:42:01 2025 by rpki-client