Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft
File: REhMnzpz9xlXK4vIoaH9nln6hPY.mft (raw, json)
Hash identifier: lqwRUdO8kYnvCtPoErVEZS/R45izXJfPu4oPuW+//7I=
Subject key identifier: 1A:F5:1B:72:83:31:0C:2E:F0:0D:B4:0A:68:BD:FF:6F:08:9E:26:A0
Authority key identifier: 44:48:4C:9F:3A:73:F7:19:57:2B:8B:C8:A1:A1:FD:9E:59:FA:84:F6
Certificate issuer: /CN=A91BD73B/serialNumber=44484C9F3A73F719572B8BC8A1A1FD9E59FA84F6
Certificate serial: 3462
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft
Manifest number: 3462
Signing time: Fri 28 Mar 2025 15:23:40 +0000
Manifest this update: Fri 28 Mar 2025 15:23:39 +0000
Manifest next update: Fri 04 Apr 2025 15:23:39 +0000
Files and hashes: 1: REhMnzpz9xlXK4vIoaH9nln6hPY.crl (hash: rUSTeOjgfbPnj5PSa+63HOav8SlWfNI0AE2HK+PObew=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13410 (0x3462)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91BD73B
Validity
Not Before: Mar 28 15:23:39 2025 GMT
Not After : Apr 4 15:23:39 2025 GMT
Subject: CN=67e6befc-17c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:47:84:fb:ca:8b:61:49:6e:40:91:df:60:2c:
c5:7c:c6:13:1d:88:ed:25:5a:5a:99:c3:62:53:5b:
ca:60:3b:78:9d:b4:be:15:37:94:5b:f7:d2:6f:a4:
cb:fb:05:09:47:03:c7:15:58:3a:ce:09:88:27:d1:
d1:4c:c7:89:f8:31:34:3c:e1:fe:b5:28:b1:69:99:
7a:d0:ea:fd:a7:d1:c5:8d:f0:74:36:00:e4:6a:67:
88:63:b5:07:9b:c2:b0:3c:a9:6a:2c:a1:ef:fc:70:
9d:e5:fc:a0:f9:50:80:72:f8:d3:b8:46:e0:65:06:
78:36:fd:c1:5d:66:c9:bb:4a:6f:ad:6f:44:55:23:
b7:22:3c:26:8a:58:43:65:2d:0b:9c:75:90:d4:4a:
e7:03:40:7d:03:d5:7e:2b:7b:8e:6e:d9:5a:68:d2:
44:a9:a0:75:2e:67:04:f6:3f:a6:35:f8:eb:2f:2a:
77:5f:9c:1a:60:5c:a9:3d:88:65:89:b6:55:02:71:
5d:5c:fa:57:c5:b0:26:d8:d0:d8:43:e7:0b:e9:1f:
1f:9b:0b:63:2a:62:6f:de:4b:59:eb:68:46:32:8d:
2a:8d:99:d2:27:5d:7d:58:24:1b:76:5a:54:05:b6:
5b:84:a9:dd:7f:c3:c9:13:4e:c2:86:35:88:66:65:
3d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:F5:1B:72:83:31:0C:2E:F0:0D:B4:0A:68:BD:FF:6F:08:9E:26:A0
X509v3 Authority Key Identifier:
keyid:44:48:4C:9F:3A:73:F7:19:57:2B:8B:C8:A1:A1:FD:9E:59:FA:84:F6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
14:e3:21:62:cd:80:b0:58:fa:79:d8:5e:0e:72:ee:b7:e4:32:
e9:f0:bb:96:43:5b:cd:df:62:ba:fc:3b:27:66:17:5b:a4:42:
31:b5:d7:13:0b:3c:8b:52:9d:20:7e:ec:c2:46:18:7e:a8:73:
be:f5:7b:3c:63:a8:64:1c:17:df:f4:4a:02:e5:ce:44:8b:e2:
4a:ae:e0:9b:e0:cc:f1:f1:33:f8:f5:f3:a3:c1:0d:26:76:0f:
f8:e5:2f:be:55:60:19:c9:49:4e:c0:2f:ba:01:4d:9a:a9:4d:
d1:16:3e:10:6d:7a:53:d3:56:ca:e2:45:79:d3:a5:0c:76:07:
d7:92:83:9b:1e:ce:45:32:06:75:ad:d9:c0:82:3a:94:65:26:
7a:2a:94:0f:82:f6:10:e1:20:6e:63:aa:65:18:1c:4d:36:4e:
30:a2:6a:2a:03:d3:6b:89:a6:d4:99:01:bb:8d:b8:54:43:99:
95:37:8d:67:3a:ff:74:73:fd:03:31:32:32:3a:3d:14:1e:ef:
a1:94:8c:c6:04:9c:7d:95:ba:b0:e0:df:be:50:19:de:41:c6:
7e:1f:6b:48:eb:19:9b:06:10:9b:e4:1c:dc:be:eb:fd:06:76:
37:a8:ea:37:5b:45:cb:06:58:8d:4f:1e:c5:ba:37:81:57:0e:
12:1c:b4:2b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNGIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QkQ3M0IxMTAvBgNVBAUTKDQ0NDg0QzlGM0E3M0Y3MTk1NzJCOEJDOEExQTFGRDlF
NTlGQTg0RjYwHhcNMjUwMzI4MTUyMzM5WhcNMjUwNDA0MTUyMzM5WjAYMRYwFAYD
VQQDEw02N2U2YmVmYy0xN2M5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqkeE+8qLYUluQJHfYCzFfMYTHYjtJVpamcNiU1vKYDt4nbS+FTeUW/fSb6TL
+wUJRwPHFVg6zgmIJ9HRTMeJ+DE0POH+tSixaZl60Or9p9HFjfB0NgDkameIY7UH
m8KwPKlqLKHv/HCd5fyg+VCAcvjTuEbgZQZ4Nv3BXWbJu0pvrW9EVSO3IjwmilhD
ZS0LnHWQ1ErnA0B9A9V+K3uObtlaaNJEqaB1LmcE9j+mNfjrLyp3X5waYFypPYhl
ibZVAnFdXPpXxbAm2NDYQ+cL6R8fmwtjKmJv3ktZ62hGMo0qjZnSJ119WCQbdlpU
BbZbhKndf8PJE07ChjWIZmU9QwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBr1G3KD
MQwu8A20Cmi9/28IniagMB8GA1UdIwQYMBaAFERITJ86c/cZVyuLyKGh/Z5Z+oT2
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRDczQi8yNkJERjMyQzFE
QUExMUUyQkUyNUE2QTUwOEIwMkNEMi9SRWhNbnpwejl4bFhLNHZJb2FIOW5sbjZo
UFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1JFaE1uenB6OXhsWEs0dklvYUg5bmxuNmhQWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC
RDczQi8yNkJERjMyQzFEQUExMUUyQkUyNUE2QTUwOEIwMkNEMi9SRWhNbnpwejl4
bFhLNHZJb2FIOW5sbjZoUFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAU4yFizYCwWPp52F4Ocu635DLp8LuWQ1vN32K6/DsnZhdbpEIxtdcT
CzyLUp0gfuzCRhh+qHO+9Xs8Y6hkHBff9EoC5c5Ei+JKruCb4Mzx8TP49fOjwQ0m
dg/45S++VWAZyUlOwC+6AU2aqU3RFj4QbXpT01bK4kV506UMdgfXkoObHs5FMgZ1
rdnAgjqUZSZ6KpQPgvYQ4SBuY6plGBxNNk4womoqA9NriabUmQG7jbhUQ5mVN41n
Ov90c/0DMTIyOj0UHu+hlIzGBJx9lbqw4N++UBneQcZ+H2tI6xmbBhCb5Bzcvuv9
BnY3qOo3W0XLBliNTx7FujeBVw4SHLQr
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:34:39 2025 by rpki-client