Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft
File: CB6icKn0s2sOyJai0hSO5Ok-Xys.mft (raw, json)
Hash identifier: vsE80TzZQ7DL7mEjrziRe4CeQyHonQUSwr1LLUt9G/k=
Subject key identifier: 85:B9:A7:46:95:55:AE:35:50:24:A0:BB:B9:D2:77:74:8A:BA:F2:10
Authority key identifier: 08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B
Certificate issuer: /CN=A91BB921/serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B
Certificate serial: 010C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft
Manifest number: 010A
Signing time: Sat 29 Mar 2025 04:24:14 +0000
Manifest this update: Sat 29 Mar 2025 04:24:13 +0000
Manifest next update: Sat 05 Apr 2025 04:24:13 +0000
Files and hashes: 1: CB6icKn0s2sOyJai0hSO5Ok-Xys.crl (hash: WMSdxVdWXVfnSedzDfqrgQGI+JPmbu7c3eiFXxnxx2A=)
2: 5A387584756311EEA256FD57C4F9AE02.roa (hash: UFjrfeuvHWS1oxtfXr6IVRfPvTnGzzV9TdVJHu2o8cI=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 268 (0x10c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BB921
Validity
Not Before: Mar 29 04:24:13 2025 GMT
Not After : Apr 5 04:24:13 2025 GMT
Subject: CN=67e775ed-142f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b8:d6:61:28:8c:98:5d:27:b6:b9:04:32:11:
da:00:88:da:b0:f4:b9:b1:f7:18:e7:18:33:47:6d:
ba:d3:67:cc:7e:5d:02:bf:20:c2:7b:c8:6c:75:18:
a4:3b:d0:38:3d:40:14:c7:fe:28:90:47:08:69:de:
72:0e:f2:03:47:81:35:ae:5f:d4:eb:54:07:4a:8f:
7c:53:71:e6:e4:13:26:af:1f:9c:5d:df:ac:dd:be:
a3:d4:5c:d2:cd:0e:e2:89:6c:d8:26:79:09:de:f6:
0c:1d:0d:5e:26:9b:0c:b3:18:c0:db:57:0e:5a:73:
14:d9:6a:11:7d:be:32:5f:4c:37:de:a3:0b:c4:89:
6b:d7:57:20:ce:36:a8:a5:ff:34:e8:48:43:f9:2d:
73:f4:04:6c:eb:2b:44:4d:e4:87:b1:f9:54:e1:1f:
84:ad:95:15:e9:6e:14:2a:80:f0:e7:11:ef:bc:a0:
39:76:32:1a:47:62:b9:c9:f3:84:70:58:9f:25:17:
79:24:84:9a:1f:79:ca:7d:ed:b2:f9:ac:fe:fe:a7:
cb:ca:d4:65:ce:87:66:8c:0d:5f:e9:a6:8c:ad:cb:
ca:bf:b1:41:85:78:56:c2:0e:90:3d:a2:f0:43:22:
f1:56:44:b6:40:97:f7:1f:04:d8:da:1e:e3:6c:21:
01:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B9:A7:46:95:55:AE:35:50:24:A0:BB:B9:D2:77:74:8A:BA:F2:10
X509v3 Authority Key Identifier:
keyid:08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
5b:24:c6:73:38:ee:8b:68:3a:13:52:fb:8b:1e:d1:36:0f:80:
cf:11:15:bf:47:11:16:22:6b:fc:1f:f2:c6:75:cb:b0:ca:89:
89:f3:4e:71:9f:63:b5:94:03:aa:a2:36:7c:5b:fa:15:36:0e:
72:d8:54:57:c1:c4:7f:76:0c:35:98:6b:ef:02:8e:43:f0:44:
49:45:9d:25:ff:38:97:9b:d3:6d:dd:89:83:d7:a3:38:a5:06:
f2:95:cb:28:4b:79:ca:e4:bf:a2:73:55:1b:42:48:2b:64:b2:
31:a0:29:db:be:08:58:c1:6e:0e:50:43:0b:6b:14:c7:33:6b:
00:7b:dd:0a:06:b1:3e:e3:64:fd:c4:96:20:93:a9:b7:43:d3:
bf:f0:76:3d:87:7f:f5:3b:20:ee:66:17:70:9e:05:5e:8c:52:
40:cf:42:05:c9:1b:a7:5a:1b:b1:77:ee:cf:cc:b1:37:56:a3:
0f:8d:3c:a6:eb:3f:f5:3e:e7:59:30:49:39:4d:02:d5:0b:ad:
87:a9:1b:78:bb:b3:60:b3:0f:a8:7a:21:e7:ce:86:e4:00:06:
78:40:99:15:1e:29:b7:05:ee:c3:be:b7:f7:6a:a2:7c:c4:85:
04:24:63:a6:29:de:0f:b5:4b:f1:b1:35:3c:75:89:d0:1d:33:
06:80:d2:9c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAQwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkI5MjExMTAvBgNVBAUTKDA4MUVBMjcwQTlGNEIzNkIwRUM4OTZBMkQyMTQ4RUU0
RTkzRTVGMkIwHhcNMjUwMzI5MDQyNDEzWhcNMjUwNDA1MDQyNDEzWjAYMRYwFAYD
VQQDEw02N2U3NzVlZC0xNDJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA2LjWYSiMmF0ntrkEMhHaAIjasPS5sfcY5xgzR22602fMfl0CvyDCe8hsdRik
O9A4PUAUx/4okEcIad5yDvIDR4E1rl/U61QHSo98U3Hm5BMmrx+cXd+s3b6j1FzS
zQ7iiWzYJnkJ3vYMHQ1eJpsMsxjA21cOWnMU2WoRfb4yX0w33qMLxIlr11cgzjao
pf806EhD+S1z9ARs6ytETeSHsflU4R+ErZUV6W4UKoDw5xHvvKA5djIaR2K5yfOE
cFifJRd5JISaH3nKfe2y+az+/qfLytRlzodmjA1f6aaMrcvKv7FBhXhWwg6QPaLw
QyLxVkS2QJf3HwTY2h7jbCEByQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIW5p0aV
Va41UCSgu7nSd3SKuvIQMB8GA1UdIwQYMBaAFAgeonCp9LNrDsiWotIUjuTpPl8r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjkyMS9EREI4RTE0Qzc1
NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMyc095SmFpMGhTTzVPay1Y
eXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0NCNmljS24wczJzT3lKYWkwaFNPNU9rLVh5cy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
QjkyMS9EREI4RTE0Qzc1NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMy
c095SmFpMGhTTzVPay1YeXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBbJMZzOO6LaDoTUvuLHtE2D4DPERW/RxEWImv8H/LGdcuwyomJ805x
n2O1lAOqojZ8W/oVNg5y2FRXwcR/dgw1mGvvAo5D8ERJRZ0l/ziXm9Nt3YmD16M4
pQbylcsoS3nK5L+ic1UbQkgrZLIxoCnbvghYwW4OUEMLaxTHM2sAe90KBrE+42T9
xJYgk6m3Q9O/8HY9h3/1OyDuZhdwngVejFJAz0IFyRunWhuxd+7PzLE3VqMPjTym
6z/1PudZMEk5TQLVC62HqRt4u7Ngsw+oeiHnzobkAAZ4QJkVHim3Be7Dvrf3aqJ8
xIUEJGOmKd4PtUvxsTU8dYnQHTMGgNKc
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:53:56 2025 by rpki-client