Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.mft
File: KMBgfZaDGj0YCTNFs3JY7jvX8-c.mft (raw, json)
Hash identifier: EkvBe4eqCDYy/uBzd7Fc6ex2M9HI+YeEZcqxKJB9OwE=
Subject key identifier: BD:AB:5D:94:88:78:D6:59:67:DF:D8:AB:D3:29:06:68:B8:1A:75:80
Authority key identifier: 28:C0:60:7D:96:83:1A:3D:18:09:33:45:B3:72:58:EE:3B:D7:F3:E7
Certificate issuer: /CN=A91C5AEE/serialNumber=28C0607D96831A3D18093345B37258EE3BD7F3E7
Certificate serial: 0122
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KMBgfZaDGj0YCTNFs3JY7jvX8-c.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.mft
Manifest number: 0120
Signing time: Sat 29 Mar 2025 04:06:48 +0000
Manifest this update: Sat 29 Mar 2025 04:06:48 +0000
Manifest next update: Sat 05 Apr 2025 04:06:48 +0000
Files and hashes: 1: KMBgfZaDGj0YCTNFs3JY7jvX8-c.crl (hash: IqWPUSpMeigl6svKEYhSanlLbJkUa4AJmKh+heL3Lm4=)
2: 21525A1C520B11EE8B79021AC4F9AE02.roa (hash: s8Vu/R6gOMwvLzsGf3nk9tFhiMljx1hOH6LnsMms3Vg=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 290 (0x122)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C5AEE
Validity
Not Before: Mar 29 04:06:48 2025 GMT
Not After : Apr 5 04:06:48 2025 GMT
Subject: CN=67e771d8-a1f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9f:a3:ef:b6:74:46:8b:fa:20:53:c9:8a:87:
6c:d7:94:9e:64:2f:cc:bc:ea:27:9c:5d:62:5c:c6:
fb:23:f7:9f:cf:ad:f1:f1:0e:0f:7c:33:ee:fb:c4:
5a:84:7d:ab:05:e0:93:df:ca:f5:0e:61:2c:c1:f7:
d1:6b:8d:e9:c8:f0:ba:d9:ad:a1:ef:49:b2:4a:ea:
04:88:f3:7e:b0:82:21:dd:f1:11:3f:74:5e:12:be:
27:9f:d5:57:72:34:9e:25:81:b2:0f:a2:6a:d6:14:
06:30:2e:4d:59:76:e7:8f:02:17:61:c1:56:19:3d:
92:d1:52:00:f2:49:34:6f:dc:44:8a:ab:0b:e9:17:
3f:e2:21:a3:0a:87:86:a9:b0:1f:c8:6c:9c:38:87:
b4:2a:43:62:8d:55:ea:5e:38:c7:86:38:bd:fc:0d:
e0:48:c7:a5:de:5e:47:5b:8b:79:bc:0b:de:a0:90:
84:8b:da:22:74:a6:99:90:e4:9c:02:d0:6b:2c:2a:
16:6d:4f:67:75:14:8f:a7:a0:59:3c:e2:c1:4c:60:
77:ba:3a:f8:48:85:f5:4b:4c:32:37:de:1c:4f:f6:
8c:29:91:ef:ec:b0:92:ef:44:65:a0:73:0e:ef:5a:
92:25:05:15:4b:58:a5:25:03:f7:33:57:83:32:2a:
33:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:AB:5D:94:88:78:D6:59:67:DF:D8:AB:D3:29:06:68:B8:1A:75:80
X509v3 Authority Key Identifier:
keyid:28:C0:60:7D:96:83:1A:3D:18:09:33:45:B3:72:58:EE:3B:D7:F3:E7
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KMBgfZaDGj0YCTNFs3JY7jvX8-c.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
41:6a:8d:70:c2:a3:3e:b1:f9:dc:44:b1:d3:98:8c:8b:68:31:
eb:b0:85:2d:13:04:80:17:2d:19:2b:79:3a:7a:a2:2e:38:34:
4d:3a:60:a5:92:ce:0f:17:2c:61:7e:2e:79:eb:d5:d1:72:0f:
a4:9b:6f:30:f3:70:10:c1:d3:4d:25:2c:a0:36:6b:4f:8d:88:
f0:81:ad:c0:01:ee:24:0e:2d:96:35:49:59:ac:5e:3f:9f:b6:
5e:b3:fb:1a:44:28:9a:1a:ad:31:68:3d:ea:a9:d7:ae:85:d9:
d5:12:77:ef:fa:aa:2b:ad:5f:ce:9b:c8:7a:15:c9:be:2f:8c:
f1:79:d6:a3:dc:3f:7b:83:58:ef:91:1d:e5:95:03:62:76:6b:
1e:8c:e9:30:78:b1:71:a3:09:1a:c2:45:54:fa:4b:e3:57:19:
2e:2d:c9:00:a2:59:3b:b0:91:ea:77:ac:f1:e5:c0:07:5d:46:
e1:29:09:92:5e:82:ae:92:cb:a2:42:bd:b3:2c:d1:8c:46:8b:
09:ef:fb:21:75:c8:e9:7b:2d:bc:4a:4f:8e:a7:1e:dc:4c:f9:
c4:a5:8d:50:3d:fb:80:c1:42:41:56:01:8e:e3:37:37:21:50:
55:d1:03:60:00:9d:d3:c7:9b:e6:44:aa:a5:6a:fa:de:b9:43:
57:dd:64:74
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICASIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzVBRUUxMTAvBgNVBAUTKDI4QzA2MDdEOTY4MzFBM0QxODA5MzM0NUIzNzI1OEVF
M0JEN0YzRTcwHhcNMjUwMzI5MDQwNjQ4WhcNMjUwNDA1MDQwNjQ4WjAYMRYwFAYD
VQQDEw02N2U3NzFkOC1hMWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAxp+j77Z0Rov6IFPJiods15SeZC/MvOonnF1iXMb7I/efz63x8Q4PfDPu+8Ra
hH2rBeCT38r1DmEswffRa43pyPC62a2h70mySuoEiPN+sIIh3fERP3ReEr4nn9VX
cjSeJYGyD6Jq1hQGMC5NWXbnjwIXYcFWGT2S0VIA8kk0b9xEiqsL6Rc/4iGjCoeG
qbAfyGycOIe0KkNijVXqXjjHhji9/A3gSMel3l5HW4t5vAveoJCEi9oidKaZkOSc
AtBrLCoWbU9ndRSPp6BZPOLBTGB3ujr4SIX1S0wyN94cT/aMKZHv7LCS70RloHMO
71qSJQUVS1ilJQP3M1eDMiozcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL2rXZSI
eNZZZ9/Yq9MpBmi4GnWAMB8GA1UdIwQYMBaAFCjAYH2Wgxo9GAkzRbNyWO471/Pn
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNUFFRS8zRTM5MDFGMjUy
MDcxMUVFQjU3QjU4NzdDNEY5QUUwMi9LTUJnZlphREdqMFlDVE5GczNKWTdqdlg4
LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0tNQmdmWmFER2owWUNUTkZzM0pZN2p2WDgtYy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD
NUFFRS8zRTM5MDFGMjUyMDcxMUVFQjU3QjU4NzdDNEY5QUUwMi9LTUJnZlphREdq
MFlDVE5GczNKWTdqdlg4LWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBBao1wwqM+sfncRLHTmIyLaDHrsIUtEwSAFy0ZK3k6eqIuODRNOmCl
ks4PFyxhfi5569XRcg+km28w83AQwdNNJSygNmtPjYjwga3AAe4kDi2WNUlZrF4/
n7Zes/saRCiaGq0xaD3qqdeuhdnVEnfv+qorrV/Om8h6Fcm+L4zxedaj3D97g1jv
kR3llQNidmsejOkweLFxowkawkVU+kvjVxkuLckAolk7sJHqd6zx5cAHXUbhKQmS
XoKuksuiQr2zLNGMRosJ7/shdcjpey28Sk+Opx7cTPnEpY1QPfuAwUJBVgGO4zc3
IVBV0QNgAJ3Tx5vmRKqlavreuUNX3WR0
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:56:38 2025 by rpki-client