Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft
File: pSAa7m9KXB64p-HHhTv7srp1y9I.mft (raw, json)
Hash identifier: AlMaCV2e7jPIrY9zWdIDB3VZ1Rp0YH1l5QEOFJdbb7k=
Subject key identifier: 34:BB:D0:91:EC:F9:71:49:E1:61:68:13:C8:06:37:D1:9F:B2:F8:7C
Authority key identifier: A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2
Certificate issuer: /CN=A91D1003/serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2
Certificate serial: 0B49
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft
Manifest number: 0B3F
Signing time: Fri 28 Mar 2025 19:20:51 +0000
Manifest this update: Fri 28 Mar 2025 19:20:50 +0000
Manifest next update: Fri 04 Apr 2025 19:20:50 +0000
Files and hashes: 1: pSAa7m9KXB64p-HHhTv7srp1y9I.crl (hash: v2P2e01sGK30xGOGkSfIsvvrIEDCv66vsyisSAZDlsU=)
2: 0DC2568E320511EA8CF6B72DC4F9AE02.roa (hash: 1+11cacphPqsNd+omnkh++SqQDiBnfm5tRRdQKET7hw=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2889 (0xb49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1003
Validity
Not Before: Mar 28 19:20:50 2025 GMT
Not After : Apr 4 19:20:50 2025 GMT
Subject: CN=67e6f693-c582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:fb:ea:bb:b0:ae:63:c0:8c:3f:14:52:79:8a:
4c:a6:94:b5:cd:04:e0:13:21:7c:82:dc:32:87:d1:
72:be:f8:d8:33:7b:ed:ee:e4:50:f4:65:c2:af:a7:
e8:0d:aa:44:4c:ed:30:cd:68:40:7d:12:d2:7a:38:
e9:14:8b:c5:81:13:6e:0d:64:4b:37:4b:b7:4b:49:
89:6f:38:84:c5:c0:6e:6f:53:ad:42:4d:2b:24:45:
3f:a0:a3:cc:38:fb:47:45:2b:de:b2:8f:da:66:29:
38:3d:e8:d0:78:94:12:5b:59:f5:dd:cb:1b:9e:33:
12:17:f4:ec:34:a2:76:62:d8:92:dc:3e:92:61:f9:
9b:8b:b9:9d:ce:c2:c9:db:a4:48:86:40:fc:ab:8c:
e3:c9:89:aa:11:17:08:e7:05:87:1f:ef:6c:16:ec:
45:d5:71:8e:c5:ca:a9:dd:35:d4:84:b4:d5:d9:fc:
f2:08:98:32:60:20:86:52:a9:c5:aa:f2:d0:17:5b:
d0:6e:7f:94:a3:79:4c:e0:97:4c:50:c4:56:14:f9:
de:0c:19:9b:e7:4f:4b:68:94:68:2f:ec:58:8d:62:
2e:cb:79:8c:ab:0e:7b:44:21:52:cb:e9:49:2a:b2:
69:cc:47:74:16:b7:71:0c:2f:83:88:d1:87:9b:58:
5f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:BB:D0:91:EC:F9:71:49:E1:61:68:13:C8:06:37:D1:9F:B2:F8:7C
X509v3 Authority Key Identifier:
keyid:A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
32:f6:cd:4f:91:26:3d:89:63:dc:6f:bd:38:28:9c:79:3a:bf:
30:33:2b:09:e1:2a:42:5c:ae:ee:b9:6f:87:b5:2c:6c:05:42:
fb:68:88:45:7d:c7:06:d9:41:83:1a:3d:ac:8f:48:88:f0:43:
c0:11:bd:86:d5:10:ba:48:b3:a2:be:7c:16:11:df:28:01:63:
7c:0f:33:f0:0d:29:d7:88:6a:20:c0:6c:af:a2:61:80:41:44:
3c:2a:c2:3a:7c:b7:6f:bf:f2:c4:67:ab:14:e4:1f:82:0a:e9:
15:0b:46:5f:02:b1:f0:f4:07:eb:0d:7e:32:0d:73:66:f5:48:
78:f1:d3:a6:b8:68:db:98:44:d8:27:00:fa:b7:92:91:34:c5:
8c:bb:ef:e1:88:56:59:db:bc:f3:90:06:d8:c9:60:83:43:ab:
4e:38:b4:7f:95:3f:cb:97:68:6b:4e:93:7d:8b:ac:e9:e8:af:
1e:88:a3:94:27:b7:9b:30:e3:7c:4d:d5:e8:31:41:59:11:b1:
27:a4:5b:68:01:98:07:3e:ce:29:dd:cb:fe:6e:52:dd:8b:ca:
37:da:63:32:3e:29:1b:b9:14:c3:0a:b9:76:bb:0b:6e:eb:97:
db:ab:9b:35:d5:dc:95:f1:86:03:d3:6a:87:d3:c2:52:17:f1:
3e:52:39:a3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICC0kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDEwMDMxMTAvBgNVBAUTKEE1MjAxQUVFNkY0QTVDMUVCOEE3RTFDNzg1M0JGQkIy
QkE3NUNCRDIwHhcNMjUwMzI4MTkyMDUwWhcNMjUwNDA0MTkyMDUwWjAYMRYwFAYD
VQQDEw02N2U2ZjY5My1jNTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4/vqu7CuY8CMPxRSeYpMppS1zQTgEyF8gtwyh9FyvvjYM3vt7uRQ9GXCr6fo
DapETO0wzWhAfRLSejjpFIvFgRNuDWRLN0u3S0mJbziExcBub1OtQk0rJEU/oKPM
OPtHRSveso/aZik4PejQeJQSW1n13csbnjMSF/TsNKJ2YtiS3D6SYfmbi7mdzsLJ
26RIhkD8q4zjyYmqERcI5wWHH+9sFuxF1XGOxcqp3TXUhLTV2fzyCJgyYCCGUqnF
qvLQF1vQbn+Uo3lM4JdMUMRWFPneDBmb509LaJRoL+xYjWIuy3mMqw57RCFSy+lJ
KrJpzEd0FrdxDC+DiNGHm1hfKwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDS70JHs
+XFJ4WFoE8gGN9Gfsvh8MB8GA1UdIwQYMBaAFKUgGu5vSlweuKfhx4U7+7K6dcvS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTAwMy9BQTRFOTVDODMy
MDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hCNjRwLUhIaFR2N3NycDF5
OUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BTQWE3bTlLWEI2NHAtSEhoVHY3c3JwMXk5SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MTAwMy9BQTRFOTVDODMyMDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hC
NjRwLUhIaFR2N3NycDF5OUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAy9s1PkSY9iWPcb704KJx5Or8wMysJ4SpCXK7uuW+HtSxsBUL7aIhF
fccG2UGDGj2sj0iI8EPAEb2G1RC6SLOivnwWEd8oAWN8DzPwDSnXiGogwGyvomGA
QUQ8KsI6fLdvv/LEZ6sU5B+CCukVC0ZfArHw9AfrDX4yDXNm9Uh48dOmuGjbmETY
JwD6t5KRNMWMu+/hiFZZ27zzkAbYyWCDQ6tOOLR/lT/Ll2hrTpN9i6zp6K8eiKOU
J7ebMON8TdXoMUFZEbEnpFtoAZgHPs4p3cv+blLdi8o32mMyPikbuRTDCrl2uwtu
65fbq5s11dyV8YYD02qH08JSF/E+Ujmj
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:26:22 2025 by rpki-client