Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: z1puBcs+nDkXXL0EGP+z3C8I6KAV8nYCdzbwN3Jq1a0=
Subject key identifier: C5:B7:65:4A:E5:8A:CD:4F:0F:2C:C5:BD:F9:69:24:E4:45:DB:A1:BE
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 0365
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 01AD
Signing time: Fri 22 Nov 2024 00:16:15 +0000
Manifest this update: Fri 22 Nov 2024 00:16:14 +0000
Manifest next update: Sun 29 Dec 2024 00:16:14 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: mAJwSuAymSpe/RbxB7c3VKpptxZ3PjTdIJndYa0aIv8=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: u59dbj+R4VJG/HcbUD2znmHNj2vIloAA8sVw4Yp0YDo=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: JQjpV8f8peaTQqUTJFb8FVW3Fzx39sH2ieMwnTIgxDc=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: pNVb25EZijors+W/qaj6sQStRUvWlrDNttDWj1aNTHs=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: wKY0cGpp+KSLzsc6nW+cHAb53ZNu72whSgmQ6mFSjL0=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: 0bd8fg7Cugm+k4AitgoAURsr4cxRRS/4lbnBphwV4ME=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 21 Dec 2024 22:39:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 869 (0x365)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Nov 22 00:16:14 2024 GMT
Not After : Dec 29 00:16:14 2024 GMT
Subject: CN=673fcd4f-814a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:96:85:62:61:a7:b8:c0:a7:58:dc:61:7f:19:
67:88:71:14:80:6a:7c:c9:28:50:4b:df:28:1c:ea:
2b:09:e8:d5:e4:ee:02:17:ee:6e:f1:1a:64:ef:df:
ed:29:c8:cb:2a:a8:92:14:b0:cc:08:f4:5b:12:b1:
7c:46:a0:2b:6d:7e:61:10:88:06:30:b9:c9:6c:ef:
9e:2d:40:59:77:44:30:8f:57:f2:19:76:a7:dc:6f:
96:85:81:72:17:ff:a0:a0:fa:f8:a1:ec:04:0f:21:
fa:54:1f:79:1a:ab:4e:10:d9:28:f0:fa:f2:c5:5f:
1a:e3:1f:88:e1:d9:0f:0d:3a:d3:4e:4e:c5:0b:96:
09:9e:5f:87:41:62:46:66:fe:c0:90:fc:97:1c:59:
74:6a:3a:de:d3:b8:c7:7a:cf:fa:0f:3a:d2:24:f5:
32:0d:71:8c:7c:38:8d:7c:c3:5f:d3:ad:b5:5c:9a:
85:f1:9a:91:f8:2c:15:09:9e:c4:12:a3:86:3e:5c:
52:c5:9c:db:fc:28:bd:de:74:e2:db:6e:e1:41:b9:
f5:37:5e:6f:16:65:09:49:5a:18:fa:38:4b:f4:08:
af:ab:94:6d:4f:78:ee:e4:ed:7b:c6:c5:25:50:54:
4d:e5:e2:9e:9c:92:41:66:30:f7:86:9d:3f:50:f0:
9d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B7:65:4A:E5:8A:CD:4F:0F:2C:C5:BD:F9:69:24:E4:45:DB:A1:BE
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
0e:4e:b3:aa:a7:e5:d5:93:e9:d9:b9:8d:39:37:db:c5:5c:a2:
0b:78:02:af:65:f7:88:9c:a8:90:a4:a3:be:cb:14:1e:aa:24:
a1:83:01:a5:ac:94:33:f1:8e:c5:10:b7:08:26:36:f5:74:46:
2e:62:ba:a4:b3:83:a7:a2:ff:f6:05:84:81:34:0a:ea:8b:8e:
5f:75:fb:87:e0:b4:7c:7e:0a:2f:6c:b7:a6:dc:77:94:b4:23:
dc:95:ff:fe:0c:08:e4:6b:8a:48:b6:16:13:7d:50:24:c0:5e:
46:c9:8a:3f:6f:3a:00:6c:93:3c:6c:f4:f3:af:a4:4d:eb:05:
16:a7:64:d8:a6:fb:09:16:1d:eb:52:5d:da:78:da:09:5a:4f:
ac:03:69:c0:6a:59:36:51:8b:03:98:03:ac:99:89:0f:b2:95:
7c:4c:b5:f2:f0:06:64:ef:83:fb:fa:fe:41:05:d2:1d:35:7e:
61:68:e5:af:91:57:ca:2f:fd:49:cf:4f:39:af:96:22:f3:58:
fc:a0:fc:d0:a7:61:90:d2:5b:dc:11:b9:cd:2f:12:aa:1b:e8:
5c:cd:88:41:b7:25:93:c3:97:8b:26:c1:0d:df:68:73:d0:d5:
85:47:2f:b1:fe:33:62:b5:ca:b6:e3:e3:5c:12:5e:97:9a:61:
76:50:4e:55
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICA2UwDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNDExMjIwMDE2MTRaFw0y
NDEyMjkwMDE2MTRaMBgxFjAUBgNVBAMTDTY3M2ZjZDRmLTgxNGEwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjloViYae4wKdY3GF/GWeIcRSAanzJKFBL
3ygc6isJ6NXk7gIX7m7xGmTv3+0pyMsqqJIUsMwI9FsSsXxGoCttfmEQiAYwucls
754tQFl3RDCPV/IZdqfcb5aFgXIX/6Cg+vih7AQPIfpUH3kaq04Q2Sjw+vLFXxrj
H4jh2Q8NOtNOTsULlgmeX4dBYkZm/sCQ/JccWXRqOt7TuMd6z/oPOtIk9TINcYx8
OI18w1/TrbVcmoXxmpH4LBUJnsQSo4Y+XFLFnNv8KL3edOLbbuFBufU3Xm8WZQlJ
Whj6OEv0CK+rlG1PeO7k7XvGxSVQVE3l4p6ckkFmMPeGnT9Q8J1ZAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUxbdlSuWKzU8PLMW9+Wkk5EXbob4wHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQAOTrOqp+XVk+nZuY05
N9vFXKILeAKvZfeInKiQpKO+yxQeqiShgwGlrJQz8Y7FELcIJjb1dEYuYrqks4On
ov/2BYSBNArqi45fdfuH4LR8fgovbLem3HeUtCPclf/+DAjka4pIthYTfVAkwF5G
yYo/bzoAbJM8bPTzr6RN6wUWp2TYpvsJFh3rUl3aeNoJWk+sA2nAalk2UYsDmAOs
mYkPspV8TLXy8AZk74P7+v5BBdIdNX5haOWvkVfKL/1Jz085r5Yi81j8oPzQp2GQ
0lvcEbnNLxKqG+hczYhBtyWTw5eLJsEN32hz0NWFRy+x/jNitcq24+NcEl6XmmF2
UE5V
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:21 2024 by rpki-client on console-fra.rpki-client.org