Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5AAD/4B6506588DE911EB905C7315C4F9AE02/gyJEswLRZc14vcOiErC35vkL_GA.mft
File: gyJEswLRZc14vcOiErC35vkL_GA.mft (raw, json)
Hash identifier: SDJtbmfStjcvIaEq82Bhi5g4/9Z6bk982woOJsoNqgQ=
Subject key identifier: BF:7D:03:40:87:2D:36:3D:B5:29:98:92:E6:54:89:E5:04:DA:05:64
Authority key identifier: 83:22:44:B3:02:D1:65:CD:78:BD:C3:A2:12:B0:B7:E6:F9:0B:FC:60
Certificate issuer: /CN=A91F5AAD/serialNumber=832244B302D165CD78BDC3A212B0B7E6F90BFC60
Certificate serial: 0638
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gyJEswLRZc14vcOiErC35vkL_GA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F5AAD/4B6506588DE911EB905C7315C4F9AE02/gyJEswLRZc14vcOiErC35vkL_GA.mft
Manifest number: 0630
Signing time: Sat 12 Apr 2025 22:19:52 +0000
Manifest this update: Sat 12 Apr 2025 22:19:51 +0000
Manifest next update: Sat 19 Apr 2025 22:19:51 +0000
Files and hashes: 1: gyJEswLRZc14vcOiErC35vkL_GA.crl (hash: o52EC9Lyy2LE+9Y1TX12wy83BJudqlDx6ygJ1eBDWHk=)
2: D9A63D2E9D0711EBB708700BC4F9AE02.roa (hash: rIs0TSp/FOVS2yEmJo3gyqgsWO9NpZnz1xIrp85P4OI=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91F5AAD/4B6506588DE911EB905C7315C4F9AE02/gyJEswLRZc14vcOiErC35vkL_GA.crl
rsync://rpki.apnic.net/member_repository/A91F5AAD/4B6506588DE911EB905C7315C4F9AE02/gyJEswLRZc14vcOiErC35vkL_GA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gyJEswLRZc14vcOiErC35vkL_GA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 19 Apr 2025 22:19:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1592 (0x638)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F5AAD, serialNumber=832244B302D165CD78BDC3A212B0B7E6F90BFC60
Validity
Not Before: Apr 12 22:19:51 2025 GMT
Not After : Apr 19 22:19:51 2025 GMT
Subject: CN=67fae707-c619
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0e:9b:4c:e0:86:c7:70:61:ad:92:48:16:5a:
68:14:91:6d:db:4b:07:60:f6:14:72:5c:f2:ff:69:
3c:a4:c8:67:52:03:72:ee:23:8d:a9:0f:6a:58:44:
fe:43:a7:e5:fd:5c:9e:92:fa:01:ac:3b:55:15:90:
35:11:f6:c8:ae:3a:f5:fc:f8:be:4e:4c:c7:5e:e1:
b0:84:c3:94:4e:e7:24:c2:43:56:c9:8e:97:7c:47:
63:41:aa:b1:66:0c:de:6b:4c:90:6b:9f:7d:c8:9b:
32:ef:7c:cf:22:f9:ef:07:55:51:4d:4e:ac:a8:5d:
97:b0:f5:b6:c6:04:40:b9:66:19:1c:69:ca:47:42:
14:9d:75:d0:4b:5f:43:5e:ad:1e:34:fa:0f:68:1c:
58:bc:b1:15:74:a0:e7:bf:5a:2a:09:95:b8:88:40:
b3:c6:db:e1:f1:c9:71:32:ca:fd:0f:d3:51:a3:00:
5b:79:45:e2:a9:d9:8d:5c:7e:71:55:65:a1:19:77:
1a:de:fb:e4:23:58:11:df:e8:aa:8d:34:af:86:90:
45:bb:01:f9:ca:3f:00:e6:16:04:b0:15:0a:44:51:
78:69:0b:8c:8c:1e:d9:07:9d:31:a1:3a:1c:fc:48:
5f:29:05:39:1c:7f:21:74:f5:49:6f:af:fa:73:af:
39:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:7D:03:40:87:2D:36:3D:B5:29:98:92:E6:54:89:E5:04:DA:05:64
X509v3 Authority Key Identifier:
keyid:83:22:44:B3:02:D1:65:CD:78:BD:C3:A2:12:B0:B7:E6:F9:0B:FC:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F5AAD/4B6506588DE911EB905C7315C4F9AE02/gyJEswLRZc14vcOiErC35vkL_GA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gyJEswLRZc14vcOiErC35vkL_GA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5AAD/4B6506588DE911EB905C7315C4F9AE02/gyJEswLRZc14vcOiErC35vkL_GA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
80:73:91:f0:7c:a3:3f:57:c3:1d:21:69:78:0d:71:78:9d:66:
45:6d:b5:4b:56:c0:f1:05:53:1d:ce:9a:0d:a6:8c:59:29:de:
f9:19:47:95:ef:2f:a7:83:85:85:db:fb:04:18:14:8e:d0:af:
43:7a:17:61:16:ab:7b:70:eb:f5:15:9e:8c:1f:07:9d:e8:06:
1d:3e:b6:24:0a:bc:f8:66:df:69:ba:52:33:d5:8b:85:5d:74:
2a:4c:67:37:52:5f:9a:cc:e6:95:d3:eb:f4:13:3b:66:49:86:
6a:7f:91:7a:86:ab:47:9b:5b:c4:fa:37:4e:12:50:d0:4f:1d:
c7:bb:61:58:cb:b2:ea:b9:e8:e5:bf:a4:fa:d5:d7:18:92:ad:
ab:99:6e:a5:75:b9:29:1c:86:3c:e2:78:41:e3:85:f5:7d:02:
11:04:5d:80:ef:6a:20:80:41:0f:80:ee:38:7a:6e:5c:70:a8:
40:2e:64:50:6d:eb:ae:8d:5a:e9:f7:88:7e:5f:02:ed:8b:0a:
74:05:4b:4e:aa:39:04:53:75:d2:60:6a:24:da:fb:da:80:d2:
4d:f2:90:c2:d8:19:ec:46:bc:d1:47:19:47:39:ca:b4:96:82:
53:33:b8:28:93:08:64:59:0b:a3:d8:26:9c:69:8b:bc:18:d5:
04:37:e6:2e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICBjgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjVBQUQxMTAvBgNVBAUTKDgzMjI0NEIzMDJEMTY1Q0Q3OEJEQzNBMjEyQjBCN0U2
RjkwQkZDNjAwHhcNMjUwNDEyMjIxOTUxWhcNMjUwNDE5MjIxOTUxWjAYMRYwFAYD
VQQDEw02N2ZhZTcwNy1jNjE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyw6bTOCGx3BhrZJIFlpoFJFt20sHYPYUclzy/2k8pMhnUgNy7iONqQ9qWET+
Q6fl/VyekvoBrDtVFZA1EfbIrjr1/Pi+TkzHXuGwhMOUTuckwkNWyY6XfEdjQaqx
Zgzea0yQa599yJsy73zPIvnvB1VRTU6sqF2XsPW2xgRAuWYZHGnKR0IUnXXQS19D
Xq0eNPoPaBxYvLEVdKDnv1oqCZW4iECzxtvh8clxMsr9D9NRowBbeUXiqdmNXH5x
VWWhGXca3vvkI1gR3+iqjTSvhpBFuwH5yj8A5hYEsBUKRFF4aQuMjB7ZB50xoToc
/EhfKQU5HH8hdPVJb6/6c685FQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL99A0CH
LTY9tSmYkuZUieUE2gVkMB8GA1UdIwQYMBaAFIMiRLMC0WXNeL3DohKwt+b5C/xg
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNUFBRC80QjY1MDY1ODhE
RTkxMUVCOTA1QzczMTVDNEY5QUUwMi9neUpFc3dMUlpjMTR2Y09pRXJDMzV2a0xf
R0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d5SkVzd0xSWmMxNHZjT2lFckMzNXZrTF9HQS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
NUFBRC80QjY1MDY1ODhERTkxMUVCOTA1QzczMTVDNEY5QUUwMi9neUpFc3dMUlpj
MTR2Y09pRXJDMzV2a0xfR0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCAc5HwfKM/V8MdIWl4DXF4nWZFbbVLVsDxBVMdzpoNpoxZKd75GUeV
7y+ng4WF2/sEGBSO0K9DehdhFqt7cOv1FZ6MHwed6AYdPrYkCrz4Zt9pulIz1YuF
XXQqTGc3Ul+azOaV0+v0EztmSYZqf5F6hqtHm1vE+jdOElDQTx3Hu2FYy7Lquejl
v6T61dcYkq2rmW6ldbkpHIY84nhB44X1fQIRBF2A72oggEEPgO44em5ccKhALmRQ
beuujVrp94h+XwLtiwp0BUtOqjkEU3XSYGok2vvagNJN8pDC2BnsRrzRRxlHOcq0
loJTM7gokwhkWQuj2CacaYu8GNUEN+Yu
-----END CERTIFICATE-----
Generated at Mon Apr 14 00:38:35 2025 by rpki-client