Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft
File: XmtaBob1a6DA93-zvzGzhWMiCCQ.mft (raw, json)
Hash identifier: jczom8OyDTj1NepPpPD4emaMYQqtu0M+9TVY/+KAWbw=
Subject key identifier: D8:CA:58:77:C7:B1:D2:57:08:30:EA:0B:16:62:BF:71:D1:46:C2:8E
Authority key identifier: 5E:6B:5A:06:86:F5:6B:A0:C0:F7:7F:B3:BF:31:B3:85:63:22:08:24
Certificate issuer: /CN=A91FE107/serialNumber=5E6B5A0686F56BA0C0F77FB3BF31B38563220824
Certificate serial: 22C3
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft
Manifest number: 22AA
Signing time: Fri 28 Mar 2025 15:56:48 +0000
Manifest this update: Fri 28 Mar 2025 15:56:47 +0000
Manifest next update: Fri 04 Apr 2025 15:56:47 +0000
Files and hashes: 1: XmtaBob1a6DA93-zvzGzhWMiCCQ.crl (hash: ZKYRJtKpjig4ZfkfEsxx4fdcljfYXOscZgjN0e2nDvE=)
2: 44C007B0A0D611EDA2603C4EC4F9AE02.roa (hash: 0vCf/xwV9KMenpxoQYxOfrnjClEJSXbTz5F/3QVeMUQ=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8899 (0x22c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FE107
Validity
Not Before: Mar 28 15:56:47 2025 GMT
Not After : Apr 4 15:56:47 2025 GMT
Subject: CN=67e6c6bf-c0da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:8e:30:32:7f:9c:fe:b4:3b:1c:7a:09:87:fa:
d4:72:55:fa:3e:ba:e7:2b:32:08:1a:b4:c5:1c:53:
ea:e7:23:e6:66:ee:e4:06:9d:c4:c8:ad:e7:39:c3:
cc:ee:46:ff:e7:19:af:bf:5a:bb:52:cb:81:94:08:
d5:be:69:0e:f6:fc:b9:2c:b1:d2:0b:9e:47:2a:45:
2b:21:7e:9d:ee:bc:a4:1a:89:80:d7:e0:f9:bf:f5:
12:c6:06:08:5d:9c:20:42:83:a1:d7:6c:2c:a4:0b:
09:d5:d9:bf:7e:5f:4a:19:7b:aa:9e:06:f6:00:a9:
10:4f:4f:5d:8e:5f:d7:f4:a7:af:c4:73:1a:e4:a9:
8c:64:7a:37:de:70:47:c7:da:ed:9e:8a:d8:f3:b1:
bb:0e:07:3a:05:63:df:c7:e1:62:a5:99:a6:17:7a:
8f:57:27:79:22:9b:25:ab:cd:26:40:ba:39:fa:64:
af:77:75:41:d5:52:6a:11:2b:0e:bd:94:f1:3a:70:
40:c6:6c:94:2f:b2:44:2d:5c:77:ae:44:31:14:1a:
d6:cc:0a:b2:7f:86:2f:10:50:f2:a2:fc:46:05:a2:
6d:7d:e6:0b:d0:91:32:9f:79:03:93:b0:3d:0d:7a:
c8:6f:98:8c:f5:d9:f5:43:ff:87:cf:e7:4c:c7:66:
d3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:CA:58:77:C7:B1:D2:57:08:30:EA:0B:16:62:BF:71:D1:46:C2:8E
X509v3 Authority Key Identifier:
keyid:5E:6B:5A:06:86:F5:6B:A0:C0:F7:7F:B3:BF:31:B3:85:63:22:08:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XmtaBob1a6DA93-zvzGzhWMiCCQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE107/EE35C4469E6411E59D48FB60C4F9AE02/XmtaBob1a6DA93-zvzGzhWMiCCQ.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
2a:cc:f5:3a:df:39:d2:39:7c:a4:1f:1b:d3:67:7c:9c:14:db:
35:e0:ac:fd:41:5b:73:f8:b3:48:9f:aa:19:00:e1:a3:2e:1e:
24:48:b5:fe:ff:72:0a:c1:13:3e:e6:44:13:f1:5e:9e:a9:ea:
dc:9c:95:65:16:a8:4d:16:9d:90:ca:fe:e4:5e:d5:e5:13:88:
7c:94:9d:73:12:80:10:90:2c:0d:3d:24:43:de:ea:da:41:aa:
a1:31:74:e6:9d:4c:cb:89:00:63:50:23:68:19:84:8d:17:e4:
35:a5:c0:f6:5d:4a:07:8b:3b:76:92:2c:44:e4:c2:71:17:a4:
1b:f3:78:f9:34:7e:fc:c2:fa:05:73:91:2a:4d:52:3a:c4:3e:
fe:45:50:82:07:95:77:f0:b8:e6:0c:c5:f4:0b:38:ff:57:e4:
9f:6a:d3:91:60:c4:9c:42:ef:87:ce:81:9d:41:69:ce:70:c6:
84:0b:21:f6:0b:46:ab:17:1c:ba:4d:ef:e7:af:e5:14:a6:25:
98:14:fc:45:e2:6b:5f:40:d5:08:f5:bb:27:81:82:c8:17:c0:
b0:5f:d9:72:2b:47:5a:02:e8:3a:4a:c4:a8:61:99:e3:a3:02:
40:df:8e:23:84:e1:8a:ae:b6:af:d4:a6:36:18:3f:f1:f7:73:
7f:4f:bc:58
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICIsMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkUxMDcxMTAvBgNVBAUTKDVFNkI1QTA2ODZGNTZCQTBDMEY3N0ZCM0JGMzFCMzg1
NjMyMjA4MjQwHhcNMjUwMzI4MTU1NjQ3WhcNMjUwNDA0MTU1NjQ3WjAYMRYwFAYD
VQQDEw02N2U2YzZiZi1jMGRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA944wMn+c/rQ7HHoJh/rUclX6PrrnKzIIGrTFHFPq5yPmZu7kBp3EyK3nOcPM
7kb/5xmvv1q7UsuBlAjVvmkO9vy5LLHSC55HKkUrIX6d7rykGomA1+D5v/USxgYI
XZwgQoOh12wspAsJ1dm/fl9KGXuqngb2AKkQT09djl/X9KevxHMa5KmMZHo33nBH
x9rtnorY87G7Dgc6BWPfx+FipZmmF3qPVyd5Ipslq80mQLo5+mSvd3VB1VJqESsO
vZTxOnBAxmyUL7JELVx3rkQxFBrWzAqyf4YvEFDyovxGBaJtfeYL0JEyn3kDk7A9
DXrIb5iM9dn1Q/+Hz+dMx2bTeQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNjKWHfH
sdJXCDDqCxZiv3HRRsKOMB8GA1UdIwQYMBaAFF5rWgaG9WugwPd/s78xs4VjIggk
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTEwNy9FRTM1QzQ0NjlF
NjQxMUU1OUQ0OEZCNjBDNEY5QUUwMi9YbXRhQm9iMWE2REE5My16dnpHemhXTWlD
Q1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1htdGFCb2IxYTZEQTkzLXp2ekd6aFdNaUNDUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
RTEwNy9FRTM1QzQ0NjlFNjQxMUU1OUQ0OEZCNjBDNEY5QUUwMi9YbXRhQm9iMWE2
REE5My16dnpHemhXTWlDQ1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAqzPU63znSOXykHxvTZ3ycFNs14Kz9QVtz+LNIn6oZAOGjLh4kSLX+
/3IKwRM+5kQT8V6eqercnJVlFqhNFp2Qyv7kXtXlE4h8lJ1zEoAQkCwNPSRD3ura
QaqhMXTmnUzLiQBjUCNoGYSNF+Q1pcD2XUoHizt2kixE5MJxF6Qb83j5NH78wvoF
c5EqTVI6xD7+RVCCB5V38LjmDMX0Czj/V+SfatORYMScQu+HzoGdQWnOcMaECyH2
C0arFxy6Te/nr+UUpiWYFPxF4mtfQNUI9bsngYLIF8CwX9lyK0daAug6SsSoYZnj
owJA344jhOGKrrav1KY2GD/x93N/T7xY
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:13:30 2025 by rpki-client