Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8E25/F43441168A2E11E3B5B6E95E5911EA32/bwlMAO-I_YtwgT1trctUaHYyjNk.mft
File: bwlMAO-I_YtwgT1trctUaHYyjNk.mft (raw, json)
Hash identifier: XQhOfRCPbD1jWe9bcEwRSksHLIccMGTPBfXjtvMkkAk=
Subject key identifier: 1F:4D:C7:84:12:67:6D:7A:F0:5B:6B:AF:B2:78:83:9B:5D:1E:06:4B
Authority key identifier: 6F:09:4C:00:EF:88:FD:8B:70:81:3D:6D:AD:CB:54:68:76:32:8C:D9
Certificate issuer: /CN=A91F8E25/serialNumber=6F094C00EF88FD8B70813D6DADCB546876328CD9
Certificate serial: 2150
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bwlMAO-I_YtwgT1trctUaHYyjNk.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91F8E25/F43441168A2E11E3B5B6E95E5911EA32/bwlMAO-I_YtwgT1trctUaHYyjNk.mft
Manifest number: 2D7C
Signing time: Fri 28 Mar 2025 15:36:49 +0000
Manifest this update: Fri 28 Mar 2025 15:36:48 +0000
Manifest next update: Fri 04 Apr 2025 15:36:48 +0000
Files and hashes: 1: bwlMAO-I_YtwgT1trctUaHYyjNk.crl (hash: 3ppebjPD/ZDBCoSZxl8y96y/VjaFj1AT07wWtps8KMo=)
2: 85D25098E00111E596BC7D1BC4F9AE02.roa (hash: yPmzp7svc596dZgkn+L/aOnXkjFlSGZqF6O1C/6dQm0=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8528 (0x2150)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F8E25
Validity
Not Before: Mar 28 15:36:48 2025 GMT
Not After : Apr 4 15:36:48 2025 GMT
Subject: CN=67e6c211-4b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:94:ac:a5:3c:ec:f3:f2:1b:3b:0e:83:17:a9:
3f:26:c3:2a:5f:b4:d0:d0:96:a1:ea:2d:bf:2d:c4:
dd:78:31:1a:fc:f9:0e:60:6a:6f:fc:9d:ad:bf:0b:
3d:e3:b5:99:dc:c4:43:47:9e:44:da:6b:27:b7:3d:
73:44:b8:30:bd:1f:b5:91:d4:c7:47:4e:04:d6:60:
88:72:ce:ff:8b:79:d4:83:5f:f0:6e:af:b4:8c:28:
50:47:88:b1:31:41:ce:89:ab:25:df:dd:9a:c6:30:
49:c4:5c:bf:14:a1:62:60:8a:43:02:a1:79:0c:fb:
11:c6:af:86:3b:d8:c2:e4:5a:f2:bd:0f:fa:25:6f:
15:36:ea:ad:12:8a:b6:1a:cf:e0:bb:53:75:ad:72:
11:5b:18:26:ac:b0:a0:6b:a6:92:26:c2:e6:87:3c:
bd:dd:81:a9:42:8d:56:92:c0:25:50:00:4d:80:5b:
ca:6d:4c:b2:4a:9e:00:69:08:2b:6b:cb:cd:6c:da:
e5:92:a8:d9:49:9d:2b:85:70:22:ca:80:e0:cf:9b:
f5:55:62:e9:cf:a1:72:63:9c:48:e9:55:8d:4b:c7:
57:fb:e3:76:b8:af:3a:3b:30:6b:c7:28:f0:53:f7:
04:e0:dc:52:27:11:18:6f:12:89:7e:da:1c:00:2b:
ca:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:4D:C7:84:12:67:6D:7A:F0:5B:6B:AF:B2:78:83:9B:5D:1E:06:4B
X509v3 Authority Key Identifier:
keyid:6F:09:4C:00:EF:88:FD:8B:70:81:3D:6D:AD:CB:54:68:76:32:8C:D9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91F8E25/F43441168A2E11E3B5B6E95E5911EA32/bwlMAO-I_YtwgT1trctUaHYyjNk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bwlMAO-I_YtwgT1trctUaHYyjNk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8E25/F43441168A2E11E3B5B6E95E5911EA32/bwlMAO-I_YtwgT1trctUaHYyjNk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
39:b5:65:1b:64:72:c9:ee:76:e8:58:43:59:37:e3:f1:3a:84:
20:a7:3d:d8:16:85:2f:84:68:3a:bd:83:ef:fd:ba:b3:e9:6b:
4b:35:81:19:70:07:75:2a:8c:5c:6e:45:2d:d5:c4:bc:78:48:
87:e8:b9:af:fa:8e:8e:5f:3f:ce:af:e7:0a:10:08:83:7e:7c:
80:ab:7a:3a:9e:44:96:eb:75:fa:25:f7:94:cf:97:18:5d:a7:
86:6b:1a:f6:f1:40:9f:a1:86:d4:b6:04:4c:65:c3:1e:aa:2c:
1d:21:bd:56:35:01:86:7c:dd:64:c1:3d:e3:51:53:ed:c6:1e:
80:1f:9c:90:2a:41:d9:bb:30:86:f4:e6:33:63:c5:c1:a1:ba:
9d:df:bd:56:e2:4c:a5:fd:9e:0a:d7:29:51:fb:c4:cb:a6:71:
1c:1a:a4:ec:7d:5a:a3:f3:f9:27:bd:5c:70:9f:4e:32:50:c2:
cf:a1:cb:24:bd:ad:3d:72:46:26:79:44:55:75:25:38:41:2a:
5d:9f:a0:7d:c2:6d:4e:a1:6d:9c:98:f8:17:be:87:09:78:30:
cc:0a:1d:70:2a:69:b0:b5:cf:a7:82:f7:1f:e3:7b:d8:01:26:
c1:65:c5:ad:f8:00:63:e3:09:7b:7c:a1:09:52:20:4d:ee:8f:
9f:0f:df:7d
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICIVAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RjhFMjUxMTAvBgNVBAUTKDZGMDk0QzAwRUY4OEZEOEI3MDgxM0Q2REFEQ0I1NDY4
NzYzMjhDRDkwHhcNMjUwMzI4MTUzNjQ4WhcNMjUwNDA0MTUzNjQ4WjAYMRYwFAYD
VQQDEw02N2U2YzIxMS00YjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA7JSspTzs8/IbOw6DF6k/JsMqX7TQ0Jah6i2/LcTdeDEa/PkOYGpv/J2tvws9
47WZ3MRDR55E2msntz1zRLgwvR+1kdTHR04E1mCIcs7/i3nUg1/wbq+0jChQR4ix
MUHOiasl392axjBJxFy/FKFiYIpDAqF5DPsRxq+GO9jC5FryvQ/6JW8VNuqtEoq2
Gs/gu1N1rXIRWxgmrLCga6aSJsLmhzy93YGpQo1WksAlUABNgFvKbUyySp4AaQgr
a8vNbNrlkqjZSZ0rhXAiyoDgz5v1VWLpz6FyY5xI6VWNS8dX++N2uK86OzBrxyjw
U/cE4NxSJxEYbxKJftocACvKcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB9Nx4QS
Z2168Ftrr7J4g5tdHgZLMB8GA1UdIwQYMBaAFG8JTADviP2LcIE9ba3LVGh2MozZ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOEUyNS9GNDM0NDExNjhB
MkUxMUUzQjVCNkU5NUU1OTExRUEzMi9id2xNQU8tSV9ZdHdnVDF0cmN0VWFIWXlq
TmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2J3bE1BTy1JX1l0d2dUMXRyY3RVYUhZeWpOay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
OEUyNS9GNDM0NDExNjhBMkUxMUUzQjVCNkU5NUU1OTExRUEzMi9id2xNQU8tSV9Z
dHdnVDF0cmN0VWFIWXlqTmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA5tWUbZHLJ7nboWENZN+PxOoQgpz3YFoUvhGg6vYPv/bqz6WtLNYEZ
cAd1KoxcbkUt1cS8eEiH6Lmv+o6OXz/Or+cKEAiDfnyAq3o6nkSW63X6JfeUz5cY
XaeGaxr28UCfoYbUtgRMZcMeqiwdIb1WNQGGfN1kwT3jUVPtxh6AH5yQKkHZuzCG
9OYzY8XBobqd371W4kyl/Z4K1ylR+8TLpnEcGqTsfVqj8/knvVxwn04yUMLPocsk
va09ckYmeURVdSU4QSpdn6B9wm1OoW2cmPgXvocJeDDMCh1wKmmwtc+ngvcf43vY
ASbBZcWt+ABj4wl7fKEJUiBN7o+fD999
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:35:56 2025 by rpki-client