Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C38CC/3AC57C8CD5E511EEB779223EC4F9AE02/y8CtGWWFFkH2YRHo4pAmmKm57YA.mft
File: y8CtGWWFFkH2YRHo4pAmmKm57YA.mft (raw, json)
Hash identifier: enD4pqNgchuCuRIA4xyFTUSuNSTtQ35aO4NIISwFFcg=
Subject key identifier: D2:72:3E:C8:06:AE:93:83:6B:D7:4D:A1:44:A6:B4:72:C2:5B:26:38
Authority key identifier: CB:C0:AD:19:65:85:16:41:F6:61:11:E8:E2:90:26:98:A9:B9:ED:80
Certificate issuer: /CN=A91C38CC/serialNumber=CBC0AD1965851641F66111E8E2902698A9B9ED80
Certificate serial: D3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y8CtGWWFFkH2YRHo4pAmmKm57YA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C38CC/3AC57C8CD5E511EEB779223EC4F9AE02/y8CtGWWFFkH2YRHo4pAmmKm57YA.mft
Manifest number: D0
Signing time: Sat 29 Mar 2025 05:06:45 +0000
Manifest this update: Sat 29 Mar 2025 05:06:45 +0000
Manifest next update: Sat 05 Apr 2025 05:06:45 +0000
Files and hashes: 1: y8CtGWWFFkH2YRHo4pAmmKm57YA.crl (hash: owXsAIDuerolObrlFcNnlGxL8atLjHhZ02hFYII79I4=)
2: CA2A06D6D5E511EE9B319A12C4F9AE02.roa (hash: U37kWMCNqNpu+UU1MaVXsy3rFn8/VgyQ4MzDX4Ugs7s=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 211 (0xd3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C38CC
Validity
Not Before: Mar 29 05:06:45 2025 GMT
Not After : Apr 5 05:06:45 2025 GMT
Subject: CN=67e77fe5-46e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:82:2d:4c:6c:96:4d:fd:9f:ea:b7:07:02:3e:
5f:26:75:de:ea:ea:d2:6b:9a:0d:4e:82:61:34:23:
7f:54:98:ad:ec:21:3e:10:88:07:c2:fc:b3:0a:f9:
9e:49:79:eb:b7:0d:56:8a:ca:33:8c:1f:e6:18:7c:
e3:33:24:5a:2c:94:67:81:2a:12:4e:96:2b:d9:15:
ca:b7:6b:aa:9e:70:8f:68:04:70:4c:37:cd:ce:f8:
95:2a:1f:30:88:76:aa:5a:74:2f:55:eb:33:8c:fd:
43:71:09:6d:71:b8:0e:af:2f:c1:7b:fd:61:c1:f3:
7c:41:9c:6a:19:a2:df:77:7d:1c:75:a9:ad:e5:78:
11:ff:0a:82:6d:73:6d:71:b7:93:9b:30:e7:58:d3:
c1:b5:48:b6:60:b5:b5:fb:6b:f1:1d:c6:43:eb:5b:
55:db:db:04:4f:65:99:04:b1:1a:c5:91:2f:57:1c:
cf:32:4b:73:fb:0e:0f:8a:a5:0e:f5:4a:b1:bd:17:
44:7b:76:cd:ff:a8:ff:2e:2c:39:e9:5f:6b:12:33:
ee:92:f1:06:c4:fe:e1:27:46:34:90:4d:d4:37:64:
78:ae:d4:1c:bd:fe:6f:d9:78:85:9d:b9:e6:68:a8:
b0:6f:10:65:39:e9:65:45:13:bb:59:f7:37:8f:9f:
ee:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:72:3E:C8:06:AE:93:83:6B:D7:4D:A1:44:A6:B4:72:C2:5B:26:38
X509v3 Authority Key Identifier:
keyid:CB:C0:AD:19:65:85:16:41:F6:61:11:E8:E2:90:26:98:A9:B9:ED:80
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C38CC/3AC57C8CD5E511EEB779223EC4F9AE02/y8CtGWWFFkH2YRHo4pAmmKm57YA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/y8CtGWWFFkH2YRHo4pAmmKm57YA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C38CC/3AC57C8CD5E511EEB779223EC4F9AE02/y8CtGWWFFkH2YRHo4pAmmKm57YA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
15:47:ec:aa:55:de:2d:f9:d5:74:0f:5f:1a:76:21:5f:24:d0:
8b:56:4c:ff:4a:82:b2:53:7c:b2:3b:71:0a:1b:cf:fd:bb:16:
7e:45:34:74:87:64:cd:d5:21:7a:19:b7:5d:00:6d:8b:37:a2:
4c:c4:90:15:17:e9:2c:f2:9b:3c:3f:76:6a:f5:9d:c5:2b:cd:
3b:23:8d:0e:e3:8c:80:c3:fc:bb:fd:38:05:d6:f9:41:d8:3c:
98:b0:78:4f:2c:8a:c5:1b:46:57:4a:9c:b0:bf:57:ad:df:b2:
18:6e:55:4b:17:1f:c0:8f:00:92:0c:c8:23:77:8d:5d:f4:56:
b5:e4:f3:88:5b:32:97:03:bc:dc:3b:9a:28:2b:06:9e:ec:79:
ee:f5:66:56:80:27:5f:e2:41:3d:07:4e:3f:3a:ff:db:6f:23:
0b:ed:b4:4e:d3:74:b7:f6:c8:9b:6c:5e:4e:1f:aa:72:30:6a:
0b:d6:7d:57:3f:84:1f:4e:5c:62:46:7c:5b:74:6f:0f:11:cb:
f6:05:c4:d7:29:1e:a2:bb:0a:29:66:eb:ca:8f:f7:89:c1:7b:
0f:d4:86:2b:09:a2:89:2e:cc:16:4c:24:fa:2f:84:1e:77:e0:
51:74:81:74:fe:ef:35:8b:ea:75:db:27:1f:e5:75:6c:d2:1e:
f5:eb:63:87
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICANMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzM4Q0MxMTAvBgNVBAUTKENCQzBBRDE5NjU4NTE2NDFGNjYxMTFFOEUyOTAyNjk4
QTlCOUVEODAwHhcNMjUwMzI5MDUwNjQ1WhcNMjUwNDA1MDUwNjQ1WjAYMRYwFAYD
VQQDEw02N2U3N2ZlNS00NmUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4YItTGyWTf2f6rcHAj5fJnXe6urSa5oNToJhNCN/VJit7CE+EIgHwvyzCvme
SXnrtw1WisozjB/mGHzjMyRaLJRngSoSTpYr2RXKt2uqnnCPaARwTDfNzviVKh8w
iHaqWnQvVeszjP1DcQltcbgOry/Be/1hwfN8QZxqGaLfd30cdamt5XgR/wqCbXNt
cbeTmzDnWNPBtUi2YLW1+2vxHcZD61tV29sET2WZBLEaxZEvVxzPMktz+w4PiqUO
9UqxvRdEe3bN/6j/Liw56V9rEjPukvEGxP7hJ0Y0kE3UN2R4rtQcvf5v2XiFnbnm
aKiwbxBlOellRRO7Wfc3j5/uowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNJyPsgG
rpODa9dNoUSmtHLCWyY4MB8GA1UdIwQYMBaAFMvArRllhRZB9mER6OKQJpipue2A
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzhDQy8zQUM1N0M4Q0Q1
RTUxMUVFQjc3OTIyM0VDNEY5QUUwMi95OEN0R1dXRkZrSDJZUkhvNHBBbW1LbTU3
WUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3k4Q3RHV1dGRmtIMllSSG80cEFtbUttNTdZQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
MzhDQy8zQUM1N0M4Q0Q1RTUxMUVFQjc3OTIyM0VDNEY5QUUwMi95OEN0R1dXRkZr
SDJZUkhvNHBBbW1LbTU3WUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAVR+yqVd4t+dV0D18adiFfJNCLVkz/SoKyU3yyO3EKG8/9uxZ+RTR0
h2TN1SF6GbddAG2LN6JMxJAVF+ks8ps8P3Zq9Z3FK807I40O44yAw/y7/TgF1vlB
2DyYsHhPLIrFG0ZXSpywv1et37IYblVLFx/AjwCSDMgjd41d9Fa15POIWzKXA7zc
O5ooKwae7Hnu9WZWgCdf4kE9B04/Ov/bbyML7bRO03S39sibbF5OH6pyMGoL1n1X
P4QfTlxiRnxbdG8PEcv2BcTXKR6iuwopZuvKj/eJwXsP1IYrCaKJLswWTCT6L4Qe
d+BRdIF0/u81i+p12ycf5XVs0h7162OH
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:43:58 2025 by rpki-client