Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8534/6E6A462CFEDD11E5B4905D7CC4F9AE02/_h1b-QL6kS1-C16YDPkdvf0rtk8.mft
File: _h1b-QL6kS1-C16YDPkdvf0rtk8.mft (raw, json)
Hash identifier: rdiwlvlUU3Vm0oMXjtzGISrx72yJhtsli0TTs05zQXg=
Subject key identifier: AA:2F:8F:30:4A:75:48:3D:46:F8:00:64:DA:A6:D6:13:12:4A:EE:58
Authority key identifier: FE:1D:5B:F9:02:FA:91:2D:7E:0B:5E:98:0C:F9:1D:BD:FD:2B:B6:4F
Certificate issuer: /CN=A91F8534/serialNumber=FE1D5BF902FA912D7E0B5E980CF91DBDFD2BB64F
Certificate serial: 20C8
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_h1b-QL6kS1-C16YDPkdvf0rtk8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F8534/6E6A462CFEDD11E5B4905D7CC4F9AE02/_h1b-QL6kS1-C16YDPkdvf0rtk8.mft
Manifest number: 20B6
Signing time: Fri 28 Mar 2025 16:03:43 +0000
Manifest this update: Fri 28 Mar 2025 16:03:42 +0000
Manifest next update: Fri 04 Apr 2025 16:03:42 +0000
Files and hashes: 1: _h1b-QL6kS1-C16YDPkdvf0rtk8.crl (hash: 6QWpp4yBuM+lYVOTRbb/ju+TvydnmXnG/us5vx6P+0o=)
2: 173CA1AABCA011ED914D176DC4F9AE02.roa (hash: hUdH/uVzYkF0LtRZr5OEyKuVBZZQ6yEh3YtiBoLV0Iw=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8392 (0x20c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F8534
Validity
Not Before: Mar 28 16:03:42 2025 GMT
Not After : Apr 4 16:03:42 2025 GMT
Subject: CN=67e6c85e-60a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c7:8a:c6:b7:8d:fa:8d:8c:ec:9f:a4:fc:16:
e6:b1:d1:46:93:49:a7:be:2e:0e:2d:81:30:a2:32:
fb:83:3a:62:27:58:8e:54:3e:ce:e5:c7:f1:52:74:
04:6a:e9:d0:31:9b:62:0b:11:bc:8d:3a:c8:74:3b:
76:8b:ee:4f:3d:1e:ff:10:83:9b:eb:55:2a:ad:3e:
ce:65:49:11:5a:b3:d3:be:11:87:0c:19:7e:0e:f6:
8f:d2:5d:b1:b7:78:6f:90:d2:26:30:cd:d8:03:70:
21:a1:77:7e:5c:ab:ff:8f:8a:80:6d:c7:68:19:c6:
77:60:c8:ac:83:2e:35:bc:7d:84:3d:26:d4:9d:e1:
75:41:82:d3:66:49:fd:53:ce:ea:78:c7:3d:06:90:
71:a5:cc:69:3c:17:76:2d:38:ca:b5:0e:f0:04:7a:
e7:f1:11:9a:32:03:1a:41:58:60:7a:f3:93:b5:1c:
64:b8:b3:80:38:c9:aa:d0:71:3b:8a:b1:ea:39:66:
14:34:38:d2:cf:03:a9:86:1d:61:b4:64:16:d0:7e:
41:dc:75:87:be:ec:29:68:7c:2a:a7:3c:34:16:cb:
42:6e:87:5e:8e:af:83:b8:f2:98:7e:bd:be:4e:a1:
0b:f5:77:d2:b0:1e:34:1f:74:e6:72:b6:db:a6:80:
0c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:2F:8F:30:4A:75:48:3D:46:F8:00:64:DA:A6:D6:13:12:4A:EE:58
X509v3 Authority Key Identifier:
keyid:FE:1D:5B:F9:02:FA:91:2D:7E:0B:5E:98:0C:F9:1D:BD:FD:2B:B6:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F8534/6E6A462CFEDD11E5B4905D7CC4F9AE02/_h1b-QL6kS1-C16YDPkdvf0rtk8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_h1b-QL6kS1-C16YDPkdvf0rtk8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8534/6E6A462CFEDD11E5B4905D7CC4F9AE02/_h1b-QL6kS1-C16YDPkdvf0rtk8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
8f:2f:d0:c5:d8:f3:7e:aa:ec:b3:69:30:87:41:79:25:27:ed:
4d:3c:4a:a5:65:72:d6:52:f7:3f:1b:e7:c4:d3:5d:20:58:f5:
f4:ed:a2:70:c8:cb:0b:70:2f:8a:61:af:19:be:d2:5d:8a:3d:
a8:87:d7:03:b4:26:98:f9:eb:8b:23:18:50:5e:5c:4d:23:5c:
93:c6:b7:f2:49:b0:cd:71:2b:39:5f:6f:2e:fb:46:95:4f:dc:
2b:d9:6a:96:bf:43:60:0d:61:d2:af:af:67:95:ba:c2:54:71:
a8:e5:fd:5d:24:30:04:ea:09:67:5b:c8:bf:9b:13:86:2a:0c:
9e:7d:fb:38:3e:4e:2a:e9:ce:ef:e0:8b:75:25:ef:45:75:97:
2b:86:82:62:eb:c1:b6:5c:5e:d4:30:e5:f0:b7:68:cf:af:3f:
ea:03:0e:ac:af:a0:ae:97:05:a5:58:72:e6:c3:95:fb:d2:74:
f2:95:6e:d9:cb:4c:b5:b8:91:d1:87:25:27:f8:b9:fc:f8:f8:
bd:f3:35:ba:9c:78:ea:db:45:b9:95:e5:bc:66:56:15:18:15:
d2:2f:11:31:69:8b:21:bc:57:bf:ad:a2:f2:df:c7:ad:f3:09:
21:77:3d:9b:57:e6:e2:d3:a1:ab:48:74:06:be:2e:9d:55:38:
33:a9:0d:da
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICIMgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
Rjg1MzQxMTAvBgNVBAUTKEZFMUQ1QkY5MDJGQTkxMkQ3RTBCNUU5ODBDRjkxREJE
RkQyQkI2NEYwHhcNMjUwMzI4MTYwMzQyWhcNMjUwNDA0MTYwMzQyWjAYMRYwFAYD
VQQDEw02N2U2Yzg1ZS02MGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvceKxreN+o2M7J+k/BbmsdFGk0mnvi4OLYEwojL7gzpiJ1iOVD7O5cfxUnQE
aunQMZtiCxG8jTrIdDt2i+5PPR7/EIOb61UqrT7OZUkRWrPTvhGHDBl+DvaP0l2x
t3hvkNImMM3YA3AhoXd+XKv/j4qAbcdoGcZ3YMisgy41vH2EPSbUneF1QYLTZkn9
U87qeMc9BpBxpcxpPBd2LTjKtQ7wBHrn8RGaMgMaQVhgevOTtRxkuLOAOMmq0HE7
irHqOWYUNDjSzwOphh1htGQW0H5B3HWHvuwpaHwqpzw0FstCbodejq+DuPKYfr2+
TqEL9XfSsB40H3TmcrbbpoAM+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKovjzBK
dUg9RvgAZNqm1hMSSu5YMB8GA1UdIwQYMBaAFP4dW/kC+pEtfgtemAz5Hb39K7ZP
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODUzNC82RTZBNDYyQ0ZF
REQxMUU1QjQ5MDVEN0NDNEY5QUUwMi9faDFiLVFMNmtTMS1DMTZZRFBrZHZmMHJ0
azguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19oMWItUUw2a1MxLUMxNllEUGtkdmYwcnRrOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
ODUzNC82RTZBNDYyQ0ZFREQxMUU1QjQ5MDVEN0NDNEY5QUUwMi9faDFiLVFMNmtT
MS1DMTZZRFBrZHZmMHJ0azgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCPL9DF2PN+quyzaTCHQXklJ+1NPEqlZXLWUvc/G+fE010gWPX07aJw
yMsLcC+KYa8ZvtJdij2oh9cDtCaY+euLIxhQXlxNI1yTxrfySbDNcSs5X28u+0aV
T9wr2WqWv0NgDWHSr69nlbrCVHGo5f1dJDAE6glnW8i/mxOGKgyeffs4Pk4q6c7v
4It1Je9FdZcrhoJi68G2XF7UMOXwt2jPrz/qAw6sr6CulwWlWHLmw5X70nTylW7Z
y0y1uJHRhyUn+Ln8+Pi98zW6nHjq20W5leW8ZlYVGBXSLxExaYshvFe/raLy38et
8wkhdz2bV+bi06GrSHQGvi6dVTgzqQ3a
-----END CERTIFICATE-----
Generated at Thu Apr 10 16:57:48 2025 by rpki-client