Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91FEF3B/AC762200E9C611EF9FA17711C4F9AE02/o41Ie9XZqKiUgCdP5vfAYcYkvMA.mft
File: o41Ie9XZqKiUgCdP5vfAYcYkvMA.mft (raw, json)
Hash identifier: R7/H9JA6aI+XUdTo7CnXx+yOpxNAuNQhU2RAttLDACA=
Subject key identifier: D6:0B:2C:DD:50:4B:22:7C:52:96:5D:51:46:44:8A:44:9E:E9:63:55
Authority key identifier: A3:8D:48:7B:D5:D9:A8:A8:94:80:27:4F:E6:F7:C0:61:C6:24:BC:C0
Certificate issuer: /CN=A91FEF3B/serialNumber=A38D487BD5D9A8A89480274FE6F7C061C624BCC0
Certificate serial: 23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o41Ie9XZqKiUgCdP5vfAYcYkvMA.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91FEF3B/AC762200E9C611EF9FA17711C4F9AE02/o41Ie9XZqKiUgCdP5vfAYcYkvMA.mft
Manifest number: 22
Signing time: Thu 17 Apr 2025 06:37:41 +0000
Manifest this update: Thu 17 Apr 2025 06:37:40 +0000
Manifest next update: Thu 24 Apr 2025 06:37:40 +0000
Files and hashes: 1: o41Ie9XZqKiUgCdP5vfAYcYkvMA.crl (hash: WGx1MJB4R1kcqITVd28K70HyFmXTZt1mn6kbVOne7i4=)
2: 10800248E9C711EFA1589312C4F9AE02.roa (hash: MTqILFa0C+24gi6qk+nzk7lo5NR6f5WiYqHQ/SbCX2c=)
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91FEF3B/AC762200E9C611EF9FA17711C4F9AE02/o41Ie9XZqKiUgCdP5vfAYcYkvMA.crl
rsync://rpki.apnic.net/member_repository/A91FEF3B/AC762200E9C611EF9FA17711C4F9AE02/o41Ie9XZqKiUgCdP5vfAYcYkvMA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o41Ie9XZqKiUgCdP5vfAYcYkvMA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 24 Apr 2025 06:37:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35 (0x23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91FEF3B, serialNumber=A38D487BD5D9A8A89480274FE6F7C061C624BCC0
Validity
Not Before: Apr 17 06:37:40 2025 GMT
Not After : Apr 24 06:37:40 2025 GMT
Subject: CN=6800a1b5-339c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:69:99:da:dc:d5:15:75:b5:6d:73:f1:02:f5:
5e:66:c9:f3:23:26:d4:ce:ad:0c:8b:e9:18:7c:bc:
0d:b6:2b:be:71:a5:67:f0:dc:ca:5d:2c:b7:18:36:
22:a8:12:58:08:84:37:5b:ba:87:31:5a:2b:bc:26:
d4:21:c1:58:fc:c9:46:7b:ce:fb:eb:5e:21:64:18:
5e:4b:53:19:6c:64:80:ae:d4:4d:6f:5c:2d:fa:4e:
2e:de:6d:cf:13:8f:4b:39:3f:28:7c:e8:45:7c:7c:
a7:e7:23:01:c0:59:ed:cd:a4:d6:04:68:b9:fd:ef:
63:0b:ef:76:e0:43:f4:f1:cb:71:46:c5:f8:1d:16:
d4:80:34:ab:e6:ee:34:79:8e:a2:6f:bd:12:20:75:
fb:4b:77:d3:9f:2f:fe:04:dc:33:1d:32:78:4b:b7:
54:54:ee:92:9f:91:3d:04:6c:13:8f:f6:2e:39:0d:
6d:aa:5f:fb:8d:4a:14:6e:b1:25:1e:15:84:d7:22:
7a:06:74:33:59:15:b4:29:e4:27:38:62:af:21:57:
e6:60:78:51:aa:5a:c7:b2:aa:f0:bc:a6:d6:a9:3d:
7a:bd:fb:82:68:82:41:09:83:6f:5b:cc:01:81:8d:
94:f6:34:8b:e1:b8:a4:f1:bc:0a:75:53:fb:09:1b:
f5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:0B:2C:DD:50:4B:22:7C:52:96:5D:51:46:44:8A:44:9E:E9:63:55
X509v3 Authority Key Identifier:
keyid:A3:8D:48:7B:D5:D9:A8:A8:94:80:27:4F:E6:F7:C0:61:C6:24:BC:C0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91FEF3B/AC762200E9C611EF9FA17711C4F9AE02/o41Ie9XZqKiUgCdP5vfAYcYkvMA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o41Ie9XZqKiUgCdP5vfAYcYkvMA.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FEF3B/AC762200E9C611EF9FA17711C4F9AE02/o41Ie9XZqKiUgCdP5vfAYcYkvMA.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
2f:e4:03:e5:f3:dd:87:d7:a8:18:27:05:82:37:d0:fb:4d:7b:
44:59:13:fa:64:dd:2a:b8:b1:93:5b:8f:b1:60:c3:60:9f:ba:
bb:28:05:d3:57:c6:32:9f:bc:e0:bc:57:b0:cf:b2:4a:44:ed:
3e:95:f3:88:bc:2f:10:e9:8f:fd:ed:0c:2e:35:ad:d0:1c:39:
84:fe:ff:d5:91:c0:fa:12:b3:bc:11:75:c8:58:86:f7:43:28:
f1:33:d1:28:91:32:be:a5:9d:08:34:cd:04:e9:a7:8b:26:d0:
73:b0:cc:7c:c5:fb:63:4f:ce:87:23:a5:e7:c7:d1:72:e7:05:
3a:3b:ad:6a:9e:4a:52:bc:48:d0:fe:26:f7:eb:59:8d:00:39:
e2:08:8a:d6:ca:3d:75:98:eb:b5:ad:05:a3:5d:a7:45:d5:db:
6b:3b:69:0c:db:aa:e8:f6:80:25:69:49:33:4d:da:52:a9:f4:
80:b6:dc:eb:f1:2c:0c:60:1c:7d:52:62:e9:08:3c:e7:a4:aa:
e9:28:a4:97:ed:c5:eb:08:87:0f:32:94:5f:07:a6:12:f8:64:
2b:f3:29:2b:78:15:f8:98:b9:b4:19:3b:87:6b:01:52:7a:ae:
0e:9c:90:af:a1:d4:f0:61:0b:18:a8:50:fa:0f:a2:9a:8d:9c:
fc:1c:81:3a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG
RUYzQjExMC8GA1UEBRMoQTM4RDQ4N0JENUQ5QThBODk0ODAyNzRGRTZGN0MwNjFD
NjI0QkNDMDAeFw0yNTA0MTcwNjM3NDBaFw0yNTA0MjQwNjM3NDBaMBgxFjAUBgNV
BAMTDTY4MDBhMWI1LTMzOWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDIaZna3NUVdbVtc/EC9V5myfMjJtTOrQyL6Rh8vA22K75xpWfw3MpdLLcYNiKo
ElgIhDdbuocxWiu8JtQhwVj8yUZ7zvvrXiFkGF5LUxlsZICu1E1vXC36Ti7ebc8T
j0s5Pyh86EV8fKfnIwHAWe3NpNYEaLn972ML73bgQ/Txy3FGxfgdFtSANKvm7jR5
jqJvvRIgdftLd9OfL/4E3DMdMnhLt1RU7pKfkT0EbBOP9i45DW2qX/uNShRusSUe
FYTXInoGdDNZFbQp5Cc4Yq8hV+ZgeFGqWseyqvC8ptapPXq9+4JogkEJg29bzAGB
jZT2NIvhuKTxvAp1U/sJG/WBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU1gss3VBL
InxSll1RRkSKRJ7pY1UwHwYDVR0jBBgwFoAUo41Ie9XZqKiUgCdP5vfAYcYkvMAw
DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZFRjNCL0FDNzYyMjAwRTlD
NjExRUY5RkExNzcxMUM0RjlBRTAyL280MUllOVhacUtpVWdDZFA1dmZBWWNZa3ZN
QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG
RDFGRjIvbzQxSWU5WFpxS2lVZ0NkUDV2ZkFZY1lrdk1BLmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL
hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZF
RjNCL0FDNzYyMjAwRTlDNjExRUY5RkExNzcxMUM0RjlBRTAyL280MUllOVhacUtp
VWdDZFA1dmZBWWNZa3ZNQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h
cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA
MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL
BQADggEBAC/kA+Xz3YfXqBgnBYI30PtNe0RZE/pk3Sq4sZNbj7Fgw2CfursoBdNX
xjKfvOC8V7DPskpE7T6V84i8LxDpj/3tDC41rdAcOYT+/9WRwPoSs7wRdchYhvdD
KPEz0SiRMr6lnQg0zQTpp4sm0HOwzHzF+2NPzocjpefH0XLnBTo7rWqeSlK8SND+
JvfrWY0AOeIIitbKPXWY67WtBaNdp0XV22s7aQzbquj2gCVpSTNN2lKp9IC23Ovx
LAxgHH1SYukIPOekqukopJftxesIhw8ylF8HphL4ZCvzKSt4FfiYubQZO4drAVJ6
rg6ckK+h1PBhCxioUPoPopqNnPwcgTo=
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:31:36 2025 by rpki-client