Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6462/DAF435E0184311EAB0AF201DC4F9AE02/kaXm5XbDFcQxnu-f2jKHrSDDgDk.mft
File: kaXm5XbDFcQxnu-f2jKHrSDDgDk.mft (raw, json)
Hash identifier: 7yAjuYUxU2TdfB5VAjblYFNJqF9bsCv204euatUeKzc=
Subject key identifier: FB:E7:7F:EE:C1:00:C7:03:2D:AF:58:35:93:62:49:CD:7A:FE:A2:DC
Authority key identifier: 91:A5:E6:E5:76:C3:15:C4:31:9E:EF:9F:DA:32:87:AD:20:C3:80:39
Certificate issuer: /CN=A91B6462/serialNumber=91A5E6E576C315C4319EEF9FDA3287AD20C38039
Certificate serial: 0BE4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kaXm5XbDFcQxnu-f2jKHrSDDgDk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91B6462/DAF435E0184311EAB0AF201DC4F9AE02/kaXm5XbDFcQxnu-f2jKHrSDDgDk.mft
Manifest number: 0BD1
Signing time: Fri 28 Mar 2025 19:01:59 +0000
Manifest this update: Fri 28 Mar 2025 19:01:59 +0000
Manifest next update: Fri 04 Apr 2025 19:01:59 +0000
Files and hashes: 1: kaXm5XbDFcQxnu-f2jKHrSDDgDk.crl (hash: zzsUSZwTE7AbYx/e3Dw5c7l1c7HkIhueOpEJguzswgU=)
2: EA531ACE61C211EF89F25E2CC4F9AE02.roa (hash: wvS2IKCsAphgy9VmVy8jmzdrhXrxZNTENgiqGBEyqqY=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3044 (0xbe4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91B6462
Validity
Not Before: Mar 28 19:01:59 2025 GMT
Not After : Apr 4 19:01:59 2025 GMT
Subject: CN=67e6f227-1915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9a:de:b4:58:c0:b9:90:11:5d:86:e5:bb:f8:
e0:d0:33:5b:81:05:53:ac:4d:8f:b1:30:00:dd:61:
42:e2:bb:7e:a0:b9:28:89:2b:41:56:2e:52:6a:03:
6e:20:fc:9e:65:a5:29:d4:b4:26:88:e3:f7:1b:74:
d7:f6:0d:23:9f:73:d9:55:3e:9b:e2:b9:bb:43:52:
21:1c:61:19:91:2d:09:1f:da:3c:00:85:9c:96:35:
07:fe:8b:9c:96:80:82:4f:f0:86:21:c2:40:34:29:
1e:c2:7a:40:93:1c:29:89:3a:00:69:35:75:18:b0:
b2:bb:bd:58:f6:3a:a5:27:da:cf:06:f1:eb:86:df:
e9:0c:26:03:d8:4e:88:d8:38:b6:6b:1f:f3:de:45:
14:63:0d:9d:e9:af:ea:00:bf:fb:6d:d6:88:b0:84:
aa:2f:85:03:f1:df:a1:ba:4d:b1:44:67:c9:0a:c5:
48:18:9e:f3:b1:5e:31:fc:a3:6a:dc:e2:f6:a8:ac:
b5:04:18:26:13:ce:5b:3f:6e:61:cb:4a:25:40:c6:
d9:64:8a:f0:0a:f0:2e:d0:f0:ec:f2:64:a2:80:e5:
77:fc:72:e6:d6:48:1c:5d:19:5b:75:5f:c1:ce:ec:
08:1b:60:fc:40:ed:b0:f4:90:d6:46:69:b2:07:ff:
13:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E7:7F:EE:C1:00:C7:03:2D:AF:58:35:93:62:49:CD:7A:FE:A2:DC
X509v3 Authority Key Identifier:
keyid:91:A5:E6:E5:76:C3:15:C4:31:9E:EF:9F:DA:32:87:AD:20:C3:80:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91B6462/DAF435E0184311EAB0AF201DC4F9AE02/kaXm5XbDFcQxnu-f2jKHrSDDgDk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kaXm5XbDFcQxnu-f2jKHrSDDgDk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6462/DAF435E0184311EAB0AF201DC4F9AE02/kaXm5XbDFcQxnu-f2jKHrSDDgDk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
49:5b:2f:b2:10:08:9f:c8:17:fc:8f:a3:52:31:26:9d:62:7d:
a3:70:fd:3e:c0:45:43:d8:2f:2d:38:52:32:8a:4a:4b:af:b0:
9a:85:3c:b2:e3:94:17:2e:58:ed:fc:cb:ad:fc:70:fc:ac:c5:
be:fb:da:f6:ca:a0:77:18:5a:02:0b:22:f4:e7:c3:4e:08:fa:
cd:30:be:b5:aa:03:17:ef:f6:05:0f:f9:2b:8b:47:bc:32:d5:
ed:21:30:82:23:46:97:97:49:43:ae:c9:f7:6f:4e:47:36:0d:
0b:54:89:f6:41:b5:26:1e:0a:7b:b5:31:a7:2c:cb:5d:7c:a2:
9e:82:d4:9b:a4:c5:bd:4e:31:4f:f8:b1:db:68:be:0a:0d:33:
62:ed:ce:2e:09:7c:55:75:29:e1:fb:50:07:cc:e5:c6:38:21:
95:3d:71:da:6b:04:4e:35:08:94:83:de:98:6c:d4:e6:87:bb:
d6:0a:70:2b:a4:2a:95:fa:da:e6:eb:96:d3:be:38:52:c0:8d:
d8:8a:74:fa:56:1f:e3:58:f2:ef:3a:73:30:f9:9f:5c:3f:52:
da:f0:bb:cd:84:8c:36:fe:45:f8:e6:2d:d1:8d:c3:36:3d:6f:
68:b2:3f:3e:81:af:a9:ec:83:c6:d4:a5:be:63:e4:54:8c:94:
0f:cf:13:28
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICC+QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QjY0NjIxMTAvBgNVBAUTKDkxQTVFNkU1NzZDMzE1QzQzMTlFRUY5RkRBMzI4N0FE
MjBDMzgwMzkwHhcNMjUwMzI4MTkwMTU5WhcNMjUwNDA0MTkwMTU5WjAYMRYwFAYD
VQQDEw02N2U2ZjIyNy0xOTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqJretFjAuZARXYblu/jg0DNbgQVTrE2PsTAA3WFC4rt+oLkoiStBVi5SagNu
IPyeZaUp1LQmiOP3G3TX9g0jn3PZVT6b4rm7Q1IhHGEZkS0JH9o8AIWcljUH/ouc
loCCT/CGIcJANCkewnpAkxwpiToAaTV1GLCyu71Y9jqlJ9rPBvHrht/pDCYD2E6I
2Di2ax/z3kUUYw2d6a/qAL/7bdaIsISqL4UD8d+huk2xRGfJCsVIGJ7zsV4x/KNq
3OL2qKy1BBgmE85bP25hy0olQMbZZIrwCvAu0PDs8mSigOV3/HLm1kgcXRlbdV/B
zuwIG2D8QO2w9JDWRmmyB/8TjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPvnf+7B
AMcDLa9YNZNiSc16/qLcMB8GA1UdIwQYMBaAFJGl5uV2wxXEMZ7vn9oyh60gw4A5
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjQ2Mi9EQUY0MzVFMDE4
NDMxMUVBQjBBRjIwMURDNEY5QUUwMi9rYVhtNVhiREZjUXhudS1mMmpLSHJTRERn
RGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2thWG01WGJERmNReG51LWYyaktIclNERGdEay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
NjQ2Mi9EQUY0MzVFMDE4NDMxMUVBQjBBRjIwMURDNEY5QUUwMi9rYVhtNVhiREZj
UXhudS1mMmpLSHJTRERnRGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBJWy+yEAifyBf8j6NSMSadYn2jcP0+wEVD2C8tOFIyikpLr7CahTyy
45QXLljt/Mut/HD8rMW++9r2yqB3GFoCCyL058NOCPrNML61qgMX7/YFD/kri0e8
MtXtITCCI0aXl0lDrsn3b05HNg0LVIn2QbUmHgp7tTGnLMtdfKKegtSbpMW9TjFP
+LHbaL4KDTNi7c4uCXxVdSnh+1AHzOXGOCGVPXHaawRONQiUg96YbNTmh7vWCnAr
pCqV+trm65bTvjhSwI3YinT6Vh/jWPLvOnMw+Z9cP1La8LvNhIw2/kX45i3RjcM2
PW9osj8+ga+p7IPG1KW+Y+RUjJQPzxMo
-----END CERTIFICATE-----
Generated at Thu Apr 10 18:35:05 2025 by rpki-client