Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft
File: nEKLhAc-vngu7TP5LkDdc2GgnKo.mft (raw, json)
Hash identifier: JycLYvW6emrDxImi8F1SJJ7Rb03r1ZELNp7717qwZkA=
Subject key identifier: C6:96:19:2D:E1:AF:4E:54:DF:56:97:E3:BB:13:0E:1E:94:AF:6E:76
Authority key identifier: 9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA
Certificate issuer: /CN=A91D8B6F/serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA
Certificate serial: 0855
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft
Manifest number: 0850
Signing time: Sat 12 Apr 2025 20:28:39 +0000
Manifest this update: Sat 12 Apr 2025 20:28:39 +0000
Manifest next update: Sat 19 Apr 2025 20:28:39 +0000
Files and hashes: 1: nEKLhAc-vngu7TP5LkDdc2GgnKo.crl (hash: qale35OQWHxzG44uS8vasmsDorGL5q0ImYChDHabP1U=)
2: FE60ECB0879311EB84047577C4F9AE02.roa (hash: 7JqfyMrbJ4CL7Io5TdtHAHWsu8lXWZvGXH4eXClkDWI=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl
rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 20:28:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2133 (0x855)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D8B6F, serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA
Validity
Not Before: Apr 12 20:28:39 2025 GMT
Not After : Apr 19 20:28:39 2025 GMT
Subject: CN=67faccf7-7d9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:70:2b:04:89:90:c8:b1:3d:d8:3d:01:8d:a0:
f1:d5:ce:1a:91:47:5e:bd:96:6a:e4:32:f2:7c:b2:
d6:8c:0e:5e:af:94:0f:1b:57:32:c1:0b:d7:9d:4f:
91:57:4b:1a:18:4a:41:1f:4d:df:1b:39:06:40:3f:
e9:ff:60:15:9a:4e:d6:08:14:63:83:eb:2b:91:29:
b5:0c:24:9c:c7:73:2b:df:12:d6:22:08:28:72:a6:
95:68:17:7d:50:c1:d2:a5:48:2d:ac:d6:bc:7e:74:
c5:3c:d1:93:f6:7d:9c:81:8e:b1:42:fd:ec:b1:70:
f9:b4:fe:01:3a:bf:6c:d3:67:38:72:3e:33:e4:7c:
9f:0e:77:aa:af:0b:91:53:32:b6:a5:2a:64:f9:6e:
67:a2:77:76:15:47:07:0d:cc:01:a0:ee:ec:00:12:
f7:f6:8a:24:79:c4:86:93:c0:21:01:39:19:f9:75:
5b:fc:93:64:f9:b7:c9:b3:23:a6:2c:89:b5:7b:58:
0a:96:95:e9:bf:8e:bb:61:4d:eb:2f:52:56:19:11:
35:4c:25:f8:b0:2b:2d:77:fc:ba:59:ec:50:87:ef:
4d:cc:b3:98:68:2c:94:f6:5b:3b:09:b7:48:ad:c5:
9f:64:75:fd:f6:23:67:3e:60:29:ee:be:db:71:a8:
a1:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:96:19:2D:E1:AF:4E:54:DF:56:97:E3:BB:13:0E:1E:94:AF:6E:76
X509v3 Authority Key Identifier:
keyid:9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
8d:a4:31:f6:59:f3:d2:cd:6f:1d:68:5d:18:9a:74:69:88:fa:
ba:96:52:52:5d:3e:01:4a:e6:22:d1:9f:0b:0c:4a:7e:56:d9:
e3:44:05:dc:06:7d:5f:74:a4:53:6f:6e:d7:77:de:9b:b2:be:
84:72:6f:83:6f:e7:55:60:0c:bb:3a:e7:a0:30:8d:8d:cc:99:
01:36:20:bb:6c:9b:7e:8b:fc:1b:0b:61:2b:b9:9c:17:3a:c8:
2e:0f:04:ba:e3:28:6a:c1:8f:39:5c:d6:eb:f8:88:36:5d:f7:
cd:14:64:7a:42:d6:40:d7:18:83:cd:d3:43:8d:05:ac:40:1d:
bb:e2:6f:53:69:ac:7e:67:8d:ab:69:78:2e:8a:df:30:e3:e3:
b1:5f:98:f1:11:be:1a:eb:fc:d6:28:52:18:9b:ed:81:f4:b7:
68:dd:d9:e8:ab:0e:a4:96:bf:a5:11:e1:45:40:c3:3d:f1:1e:
0a:f5:02:22:64:3b:ef:9c:a7:21:2f:58:d1:06:43:cd:2d:60:
a4:3a:d4:f4:61:bb:9d:80:23:7e:82:e1:8c:b7:a3:6f:a7:48:
48:92:1a:cd:09:59:76:c9:9d:57:3f:b0:3a:cf:05:1d:2d:82:
d9:c6:ce:fd:89:7f:fc:a7:91:f5:6d:04:ba:30:5a:39:79:b6:
06:01:60:73
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCFUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDhCNkYxMTAvBgNVBAUTKDlDNDI4Qjg0MDczRUJFNzgyRUVEMzNGOTJFNDBERDcz
NjFBMDlDQUEwHhcNMjUwNDEyMjAyODM5WhcNMjUwNDE5MjAyODM5WjAYMRYwFAYD
VQQDEw02N2ZhY2NmNy03ZDljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5HArBImQyLE92D0BjaDx1c4akUdevZZq5DLyfLLWjA5er5QPG1cywQvXnU+R
V0saGEpBH03fGzkGQD/p/2AVmk7WCBRjg+srkSm1DCScx3Mr3xLWIggocqaVaBd9
UMHSpUgtrNa8fnTFPNGT9n2cgY6xQv3ssXD5tP4BOr9s02c4cj4z5HyfDneqrwuR
UzK2pSpk+W5nond2FUcHDcwBoO7sABL39ookecSGk8AhATkZ+XVb/JNk+bfJsyOm
LIm1e1gKlpXpv467YU3rL1JWGRE1TCX4sCstd/y6WexQh+9NzLOYaCyU9ls7CbdI
rcWfZHX99iNnPmAp7r7bcaihjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMaWGS3h
r05U31aX47sTDh6Ur252MB8GA1UdIwQYMBaAFJxCi4QHPr54Lu0z+S5A3XNhoJyq
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOEI2Ri9FNDQ4QkYxOEM0
RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZuZ3U3VFA1TGtEZGMyR2du
S28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL25FS0xoQWMtdm5ndTdUUDVMa0RkYzJHZ25Lby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
OEI2Ri9FNDQ4QkYxOEM0RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZu
Z3U3VFA1TGtEZGMyR2duS28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCNpDH2WfPSzW8daF0YmnRpiPq6llJSXT4BSuYi0Z8LDEp+VtnjRAXc
Bn1fdKRTb27Xd96bsr6Ecm+Db+dVYAy7OuegMI2NzJkBNiC7bJt+i/wbC2EruZwX
OsguDwS64yhqwY85XNbr+Ig2XffNFGR6QtZA1xiDzdNDjQWsQB274m9Taax+Z42r
aXguit8w4+OxX5jxEb4a6/zWKFIYm+2B9Ldo3dnoqw6klr+lEeFFQMM98R4K9QIi
ZDvvnKchL1jRBkPNLWCkOtT0YbudgCN+guGMt6Nvp0hIkhrNCVl2yZ1XP7A6zwUd
LYLZxs79iX/8p5H1bQS6MFo5ebYGAWBz
-----END CERTIFICATE-----
Generated at Sun Apr 13 13:35:07 2025 by rpki-client