Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5778/3DDC1AC014EC11EAA8BAAE5AC4F9AE02/uLVa9atmqP-naRykPaKmtJuiRUA.mft
File: uLVa9atmqP-naRykPaKmtJuiRUA.mft (raw, json)
Hash identifier: NwvfmqhGK4/NYJvFs2e+ZMGpVimitOH70X4Teip3tcY=
Subject key identifier: 3B:F7:B5:5D:3D:D3:C9:6D:5D:E8:CE:A2:09:B4:32:4A:27:FD:E7:99
Authority key identifier: B8:B5:5A:F5:AB:66:A8:FF:A7:69:1C:A4:3D:A2:A6:B4:9B:A2:45:40
Certificate issuer: /CN=A91C5778/serialNumber=B8B55AF5AB66A8FFA7691CA43DA2A6B49BA24540
Certificate serial: 0BD9
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uLVa9atmqP-naRykPaKmtJuiRUA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C5778/3DDC1AC014EC11EAA8BAAE5AC4F9AE02/uLVa9atmqP-naRykPaKmtJuiRUA.mft
Manifest number: 0BD2
Signing time: Fri 28 Mar 2025 19:00:15 +0000
Manifest this update: Fri 28 Mar 2025 19:00:15 +0000
Manifest next update: Fri 04 Apr 2025 19:00:15 +0000
Files and hashes: 1: uLVa9atmqP-naRykPaKmtJuiRUA.crl (hash: WriRz1CItQ5VzmGLziFOlrx/39cpnvEMdemLW81c4+U=)
2: B3E5DF2A14ED11EAACAB5E5DC4F9AE02.roa (hash: cmHL+jcXVZxk1ExKQVL6FlfnXQXFN7c8jdKbgylZ/70=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3033 (0xbd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C5778
Validity
Not Before: Mar 28 19:00:15 2025 GMT
Not After : Apr 4 19:00:15 2025 GMT
Subject: CN=67e6f1bf-9608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8e:8f:1a:27:59:8b:f5:bc:37:d3:b3:11:b2:
ae:e5:87:14:09:b3:4d:e1:21:09:2a:ca:3e:c1:36:
bb:6a:52:eb:07:12:b7:45:04:e9:5d:fd:dc:b9:a7:
2a:c2:ac:32:63:c9:d9:37:93:1c:32:bf:ad:86:02:
88:ae:9e:29:67:ad:be:f0:25:ac:ef:66:69:04:f5:
ff:93:11:43:23:a1:f5:0a:b1:d5:a3:d5:3c:3f:0f:
3f:90:43:ed:16:92:be:75:b0:2f:ce:8d:e5:ff:20:
4b:00:13:28:14:83:bb:65:bd:64:3c:11:f6:95:68:
bc:3c:64:79:d3:10:74:34:d0:0e:75:f6:52:4e:c8:
89:9c:91:bf:31:6c:e1:91:a7:66:ac:62:67:d0:79:
cf:85:c9:fa:c4:5b:94:3c:2d:8a:52:f1:f7:90:fa:
03:57:b6:93:7d:4f:b2:13:68:d6:03:55:d9:50:b1:
58:e2:03:da:64:78:00:34:a1:8d:7c:c8:69:36:ab:
cc:53:d3:19:3d:65:cf:c1:4f:b8:24:62:23:d7:22:
95:be:88:21:03:de:d7:86:39:06:cd:dc:a6:c3:ad:
0e:d9:cd:8d:fb:63:64:1d:32:47:49:00:83:47:d9:
af:38:6c:0d:07:21:c9:ea:ff:ba:f3:d0:0c:32:1a:
45:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F7:B5:5D:3D:D3:C9:6D:5D:E8:CE:A2:09:B4:32:4A:27:FD:E7:99
X509v3 Authority Key Identifier:
keyid:B8:B5:5A:F5:AB:66:A8:FF:A7:69:1C:A4:3D:A2:A6:B4:9B:A2:45:40
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C5778/3DDC1AC014EC11EAA8BAAE5AC4F9AE02/uLVa9atmqP-naRykPaKmtJuiRUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uLVa9atmqP-naRykPaKmtJuiRUA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5778/3DDC1AC014EC11EAA8BAAE5AC4F9AE02/uLVa9atmqP-naRykPaKmtJuiRUA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
a3:05:b5:0b:2f:90:ad:85:a8:c1:25:ce:ba:eb:75:39:d3:a2:
76:cb:51:8a:f5:12:73:2b:bf:9e:d3:3f:67:c4:c5:e4:29:9d:
91:e9:00:35:6c:79:ee:e0:e6:1a:33:f5:6e:82:34:84:46:cb:
4f:36:52:28:19:81:d6:31:5e:36:ec:40:7a:f0:84:d3:5d:86:
71:ea:46:ce:bb:ad:81:62:ef:10:04:01:e5:0e:ce:11:66:37:
f7:0e:c2:5d:0f:9c:2c:2f:cc:44:6b:10:cb:c5:7b:b9:b3:63:
2f:b7:34:07:8a:33:07:a0:1d:5b:1e:0d:67:4a:b7:17:c3:63:
8d:8b:91:2a:67:3f:91:97:cf:17:73:0a:f6:b5:7b:4e:70:73:
cc:e0:3e:35:85:e8:f7:68:83:e9:83:1d:f7:ac:eb:46:1d:1b:
ae:8e:8d:1e:c7:63:2b:a0:d9:f1:55:2c:c3:bf:28:d3:67:ee:
83:e4:5b:cd:55:b9:0b:91:2f:1f:47:b2:a8:e2:64:e8:4b:bf:
fc:9a:9e:a0:14:5a:73:ae:24:ad:4c:c9:f8:8e:4c:d0:29:15:
0f:3b:58:69:1a:5d:0c:c1:59:95:02:8a:2e:9a:64:cf:ec:4b:
77:2b:29:5d:c4:03:38:f6:de:bc:39:8a:a0:75:a9:77:6e:1e:
70:35:f2:94
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICC9kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzU3NzgxMTAvBgNVBAUTKEI4QjU1QUY1QUI2NkE4RkZBNzY5MUNBNDNEQTJBNkI0
OUJBMjQ1NDAwHhcNMjUwMzI4MTkwMDE1WhcNMjUwNDA0MTkwMDE1WjAYMRYwFAYD
VQQDEw02N2U2ZjFiZi05NjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt46PGidZi/W8N9OzEbKu5YcUCbNN4SEJKso+wTa7alLrBxK3RQTpXf3cuacq
wqwyY8nZN5McMr+thgKIrp4pZ62+8CWs72ZpBPX/kxFDI6H1CrHVo9U8Pw8/kEPt
FpK+dbAvzo3l/yBLABMoFIO7Zb1kPBH2lWi8PGR50xB0NNAOdfZSTsiJnJG/MWzh
kadmrGJn0HnPhcn6xFuUPC2KUvH3kPoDV7aTfU+yE2jWA1XZULFY4gPaZHgANKGN
fMhpNqvMU9MZPWXPwU+4JGIj1yKVvoghA97XhjkGzdymw60O2c2N+2NkHTJHSQCD
R9mvOGwNByHJ6v+689AMMhpFmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDv3tV09
08ltXejOogm0Mkon/eeZMB8GA1UdIwQYMBaAFLi1WvWrZqj/p2kcpD2iprSbokVA
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTc3OC8zRERDMUFDMDE0
RUMxMUVBQThCQUFFNUFDNEY5QUUwMi91TFZhOWF0bXFQLW5hUnlrUGFLbXRKdWlS
VUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3VMVmE5YXRtcVAtbmFSeWtQYUttdEp1aVJVQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NTc3OC8zRERDMUFDMDE0RUMxMUVBQThCQUFFNUFDNEY5QUUwMi91TFZhOWF0bXFQ
LW5hUnlrUGFLbXRKdWlSVUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCjBbULL5CthajBJc6663U506J2y1GK9RJzK7+e0z9nxMXkKZ2R6QA1
bHnu4OYaM/VugjSERstPNlIoGYHWMV427EB68ITTXYZx6kbOu62BYu8QBAHlDs4R
Zjf3DsJdD5wsL8xEaxDLxXu5s2MvtzQHijMHoB1bHg1nSrcXw2ONi5EqZz+Rl88X
cwr2tXtOcHPM4D41hej3aIPpgx33rOtGHRuujo0ex2MroNnxVSzDvyjTZ+6D5FvN
VbkLkS8fR7Ko4mToS7/8mp6gFFpzriStTMn4jkzQKRUPO1hpGl0MwVmVAooummTP
7Et3KyldxAM49t68OYqgdal3bh5wNfKU
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:01:50 2025 by rpki-client