Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft
File: oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft (raw, json)
Hash identifier: clmoforZyENm0DBb4fzMYdBCO8XMsnJzka3CTsjGiEg=
Subject key identifier: 3C:7C:BC:E3:43:5A:90:1F:F5:5C:9D:15:54:98:FE:7D:BE:3B:16:52
Authority key identifier: A2:24:36:84:22:3D:2C:25:C6:AF:17:6A:5F:02:FA:02:B2:4F:68:0B
Certificate issuer: /CN=A91E953B/serialNumber=A2243684223D2C25C6AF176A5F02FA02B24F680B
Certificate serial: 0112
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft
Manifest number: 0110
Signing time: Sat 29 Mar 2025 04:18:36 +0000
Manifest this update: Sat 29 Mar 2025 04:18:35 +0000
Manifest next update: Sat 05 Apr 2025 04:18:35 +0000
Files and hashes: 1: oiQ2hCI9LCXGrxdqXwL6ArJPaAs.crl (hash: EAqMk+f6ZTtEEsNVf4jgTT3RCaUYrEv9WCnMQYnGOmU=)
2: 12E1FD886C9C11EE9F3C5653C4F9AE02.roa (hash: QQ5QrwGTURdTMG/7o8+lIRwrf/ztbEh4ekM9cA/bz/4=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 274 (0x112)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E953B
Validity
Not Before: Mar 29 04:18:35 2025 GMT
Not After : Apr 5 04:18:35 2025 GMT
Subject: CN=67e7749b-662f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:8a:1c:75:85:1f:5a:2b:92:86:51:34:da:46:
58:8e:75:e2:02:6a:c1:b9:65:82:2f:e0:12:83:4a:
bb:82:2d:cd:d3:cd:bb:bb:c4:19:08:17:c4:03:01:
a6:32:ff:86:a7:71:34:f9:98:0f:fd:47:4d:8b:0b:
d4:4c:19:0a:5c:70:2a:d3:18:0f:9d:99:2b:be:46:
23:fb:c3:d9:e6:30:b6:ee:a3:47:a2:a8:2f:9a:7c:
b0:57:e2:d1:59:fc:33:f2:50:96:5b:cf:44:a6:b7:
6d:f4:08:2d:e5:82:96:e9:45:7f:01:18:f8:f0:b4:
30:72:04:84:21:aa:90:3c:97:9c:01:58:89:c8:8c:
50:26:df:37:f2:ca:af:0b:51:78:63:3b:37:8a:95:
0d:bc:a3:f3:23:38:93:bf:05:70:aa:ef:9b:d6:9e:
77:41:63:01:88:c7:34:62:9e:84:e0:76:a9:29:7a:
20:04:ba:ca:5c:98:54:be:b0:c3:43:05:f4:5b:e0:
ca:9f:2d:3e:5e:da:fb:b7:19:fa:2e:b9:d7:bf:05:
5b:8a:9f:fe:7c:eb:15:67:46:cd:67:51:45:3d:30:
b4:70:07:80:fc:2d:62:70:d1:4d:5f:f5:1e:34:56:
e1:ba:a0:3b:ec:7c:1e:a0:b7:c5:58:c6:c3:67:f0:
2f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:7C:BC:E3:43:5A:90:1F:F5:5C:9D:15:54:98:FE:7D:BE:3B:16:52
X509v3 Authority Key Identifier:
keyid:A2:24:36:84:22:3D:2C:25:C6:AF:17:6A:5F:02:FA:02:B2:4F:68:0B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
44:da:f5:62:fd:74:0a:cc:0c:e2:b3:db:22:f6:aa:73:3e:ec:
4c:e6:5c:32:67:cf:a2:1e:c9:04:0a:4f:da:fc:7e:72:f3:df:
81:d0:a9:a1:26:fc:de:45:ab:e0:a5:fd:81:4e:62:8b:05:ae:
b9:53:31:df:62:eb:fa:69:f4:3d:49:e8:1a:dc:17:3f:7f:d8:
3a:9a:4c:ae:77:5e:26:c0:1d:8f:9c:18:bc:42:c9:e6:92:8c:
bf:e0:0a:0c:ff:65:63:c3:83:7e:5e:1c:88:e1:de:69:03:b7:
82:05:52:07:dc:96:7a:75:8b:48:65:49:55:f1:18:0e:92:a5:
fc:1d:69:fc:0d:f4:7b:15:cd:2f:c9:45:dc:a8:2f:dd:49:d4:
25:39:66:a7:71:aa:e0:28:2c:06:7a:ef:2b:59:7b:ff:72:83:
14:80:3f:8e:03:cc:d4:28:a2:39:32:54:24:18:29:ce:75:b4:
c2:f0:ed:0f:a6:4a:5f:51:54:61:7e:ca:48:bc:97:89:4a:de:
c5:43:d0:f5:78:e1:c8:69:3d:1f:38:4c:89:1d:87:98:be:fe:
87:76:10:f4:cd:f3:bb:76:18:5b:51:ef:2a:97:a3:1d:fd:87:
5b:3c:6f:be:a5:58:09:4c:c6:ce:28:9c:db:df:23:6d:1c:f9:
9b:47:36:be
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICARIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTk1M0IxMTAvBgNVBAUTKEEyMjQzNjg0MjIzRDJDMjVDNkFGMTc2QTVGMDJGQTAy
QjI0RjY4MEIwHhcNMjUwMzI5MDQxODM1WhcNMjUwNDA1MDQxODM1WjAYMRYwFAYD
VQQDEw02N2U3NzQ5Yi02NjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA4oocdYUfWiuShlE02kZYjnXiAmrBuWWCL+ASg0q7gi3N0827u8QZCBfEAwGm
Mv+Gp3E0+ZgP/UdNiwvUTBkKXHAq0xgPnZkrvkYj+8PZ5jC27qNHoqgvmnywV+LR
Wfwz8lCWW89Eprdt9Agt5YKW6UV/ARj48LQwcgSEIaqQPJecAViJyIxQJt838sqv
C1F4Yzs3ipUNvKPzIziTvwVwqu+b1p53QWMBiMc0Yp6E4HapKXogBLrKXJhUvrDD
QwX0W+DKny0+Xtr7txn6LrnXvwVbip/+fOsVZ0bNZ1FFPTC0cAeA/C1icNFNX/Ue
NFbhuqA77HweoLfFWMbDZ/AvaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDx8vOND
WpAf9VydFVSY/n2+OxZSMB8GA1UdIwQYMBaAFKIkNoQiPSwlxq8Xal8C+gKyT2gL
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTUzQi9DOEQwMzkyMjZD
OUExMUVFODVCRkRGNEZDNEY5QUUwMi9vaVEyaENJOUxDWEdyeGRxWHdMNkFySlBh
QXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL29pUTJoQ0k5TENYR3J4ZHFYd0w2QXJKUGFBcy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
OTUzQi9DOEQwMzkyMjZDOUExMUVFODVCRkRGNEZDNEY5QUUwMi9vaVEyaENJOUxD
WEdyeGRxWHdMNkFySlBhQXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBE2vVi/XQKzAzis9si9qpzPuxM5lwyZ8+iHskECk/a/H5y89+B0Kmh
JvzeRavgpf2BTmKLBa65UzHfYuv6afQ9Sega3Bc/f9g6mkyud14mwB2PnBi8Qsnm
koy/4AoM/2Vjw4N+XhyI4d5pA7eCBVIH3JZ6dYtIZUlV8RgOkqX8HWn8DfR7Fc0v
yUXcqC/dSdQlOWancargKCwGeu8rWXv/coMUgD+OA8zUKKI5MlQkGCnOdbTC8O0P
pkpfUVRhfspIvJeJSt7FQ9D1eOHIaT0fOEyJHYeYvv6HdhD0zfO7dhhbUe8ql6Md
/YdbPG++pVgJTMbOKJzb3yNtHPmbRza+
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:54:21 2025 by rpki-client