Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft
File: MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft (raw, json)
Hash identifier: X2iJ35mNItx6WQ0rE8BbmDw4NT9A8yb/alQj5lfLx3o=
Subject key identifier: 63:99:89:13:80:78:D0:2E:6D:F1:51:C4:73:9D:3A:FD:23:D9:C7:9C
Authority key identifier: 32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8
Certificate issuer: /CN=A91DA023/serialNumber=3270F3ACD971EEDF84617548F72E51E22A503CF8
Certificate serial: 3466
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft
Manifest number: 3466
Signing time: Tue 08 Apr 2025 15:05:39 +0000
Manifest this update: Tue 08 Apr 2025 15:05:39 +0000
Manifest next update: Tue 15 Apr 2025 15:05:39 +0000
Files and hashes: 1: MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl (hash: IPpn2Pb6ymeOTX5UAD5z0TaHO/aadCC9aV20CXFOFUc=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl
rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Tue 15 Apr 2025 15:05:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13414 (0x3466)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DA023
Validity
Not Before: Apr 8 15:05:39 2025 GMT
Not After : Apr 15 15:05:39 2025 GMT
Subject: CN=67f53b43-e628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:1b:58:5f:a8:a4:26:7c:58:20:c4:e2:a9:22:
02:70:a4:11:fe:a8:10:98:59:db:7e:68:27:6a:e2:
fd:dd:d0:01:5f:c8:aa:fc:8d:4b:8f:97:b9:d3:91:
a8:89:82:9c:1e:35:4d:94:65:56:8c:85:02:ec:f2:
32:57:36:db:9b:ec:d1:8d:d5:95:8d:2f:9e:c2:ec:
1c:2e:5e:cb:15:a7:3c:27:77:1b:fa:97:24:a6:c0:
2f:b5:20:9a:dd:da:58:83:ea:db:0b:3e:ac:aa:52:
bd:c2:33:0e:29:f3:89:b3:13:d9:5d:db:90:19:07:
43:f2:1e:91:f3:50:ce:67:63:ac:a7:77:ab:0e:a5:
90:5d:51:59:e5:02:a7:13:9c:bd:40:57:b0:db:ee:
7a:0a:11:d4:bf:53:fc:6f:11:70:09:50:87:09:7a:
aa:65:24:4b:85:5f:f2:d0:54:a6:90:9d:0b:c1:3b:
cb:89:bd:9a:65:c5:5e:bb:fa:49:39:4a:2b:93:86:
a5:c5:46:e7:bf:98:e7:fc:03:25:0a:68:f1:ed:7c:
65:5c:c3:1e:9b:7a:cf:1c:b2:5c:c5:be:01:e1:c9:
51:c3:21:af:5a:e1:f0:d9:74:c8:01:5b:01:ed:f4:
1c:84:38:f9:12:d0:75:6e:8d:41:9b:f9:39:a0:eb:
4a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:99:89:13:80:78:D0:2E:6D:F1:51:C4:73:9D:3A:FD:23:D9:C7:9C
X509v3 Authority Key Identifier:
keyid:32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
33:f6:ca:aa:7c:b3:d2:91:bb:1e:e7:48:3c:24:a2:57:58:8e:
b6:57:1f:02:9b:31:ba:e2:1b:59:dd:4a:c8:48:e1:7f:18:e0:
40:d4:74:cc:a8:03:29:9d:70:47:f7:41:d1:42:d9:ce:78:43:
17:26:cd:62:3a:be:9a:54:c1:ab:96:33:19:e5:9a:58:61:65:
72:c2:fc:02:4d:f1:a0:51:0b:14:89:00:f0:03:33:dd:8d:f3:
a1:c7:60:5d:9d:ec:a8:22:10:0a:80:b9:c1:41:f6:c7:73:37:
fb:b3:5f:12:06:0d:91:0b:a8:8e:77:c1:11:9c:02:96:ae:2b:
e3:13:50:42:fa:96:fb:0b:51:c2:3e:0a:34:55:f1:00:05:77:
3d:93:59:99:36:bf:9c:8f:6e:fc:79:60:81:81:40:33:46:3a:
48:a1:71:7c:b0:a1:ec:f8:50:27:e3:da:8a:e3:ed:b5:0c:1b:
33:d4:3b:ae:91:ca:e2:af:01:bc:71:5a:13:5a:d9:49:d5:7c:
1e:a0:13:a1:81:2f:af:a1:59:9e:fc:cd:f1:ff:19:d3:9b:89:
84:e0:23:86:44:c4:e4:b8:44:4e:92:fc:cf:7f:75:96:d6:11:
0a:3a:16:c0:c5:94:78:3b:ad:42:f4:d0:41:53:f2:0e:cb:99:
4d:aa:74:8c
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICNGYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REEwMjMxMTAvBgNVBAUTKDMyNzBGM0FDRDk3MUVFREY4NDYxNzU0OEY3MkU1MUUy
MkE1MDNDRjgwHhcNMjUwNDA4MTUwNTM5WhcNMjUwNDE1MTUwNTM5WjAYMRYwFAYD
VQQDEw02N2Y1M2I0My1lNjI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5htYX6ikJnxYIMTiqSICcKQR/qgQmFnbfmgnauL93dABX8iq/I1Lj5e505Go
iYKcHjVNlGVWjIUC7PIyVzbbm+zRjdWVjS+ewuwcLl7LFac8J3cb+pckpsAvtSCa
3dpYg+rbCz6sqlK9wjMOKfOJsxPZXduQGQdD8h6R81DOZ2Osp3erDqWQXVFZ5QKn
E5y9QFew2+56ChHUv1P8bxFwCVCHCXqqZSRLhV/y0FSmkJ0LwTvLib2aZcVeu/pJ
OUork4alxUbnv5jn/AMlCmjx7XxlXMMem3rPHLJcxb4B4clRwyGvWuHw2XTIAVsB
7fQchDj5EtB1bo1Bm/k5oOtKhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGOZiROA
eNAubfFRxHOdOv0j2cecMB8GA1UdIwQYMBaAFDJw86zZce7fhGF1SPcuUeIqUDz4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTAyMy82RjE3MkRGMDFE
QTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0LUVZWFZJOXk1UjRpcFFQ
UGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL01uRHpyTmx4N3QtRVlYVkk5eTVSNGlwUVBQZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
QTAyMy82RjE3MkRGMDFEQTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0
LUVZWFZJOXk1UjRpcFFQUGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAz9sqqfLPSkbse50g8JKJXWI62Vx8CmzG64htZ3UrISOF/GOBA1HTM
qAMpnXBH90HRQtnOeEMXJs1iOr6aVMGrljMZ5ZpYYWVywvwCTfGgUQsUiQDwAzPd
jfOhx2BdneyoIhAKgLnBQfbHczf7s18SBg2RC6iOd8ERnAKWrivjE1BC+pb7C1HC
Pgo0VfEABXc9k1mZNr+cj278eWCBgUAzRjpIoXF8sKHs+FAn49qK4+21DBsz1Duu
kcrirwG8cVoTWtlJ1XweoBOhgS+voVme/M3x/xnTm4mE4COGRMTkuEROkvzPf3WW
1hEKOhbAxZR4O61C9NBBU/IOy5lNqnSM
-----END CERTIFICATE-----
Generated at Thu Apr 10 21:15:11 2025 by rpki-client