Manifest
$ rpki-client -vvf rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.mft
File: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.mft (raw, json)
Hash identifier: cn8hUftBgVnVqwH68Jg2LeU4Y6v31zthf1nH9EQbTjg=
Subject key identifier: FC:34:0C:16:B9:14:96:FA:92:BB:8F:36:EA:6F:81:83:21:69:D1:79
Authority key identifier: 96:A8:5E:F4:B8:CA:F5:D4:C3:5A:15:7F:4E:12:5E:E4:94:BA:F9:39
Certificate issuer: /CN=A90DC5BE/serialNumber=96A85EF4B8CAF5D4C35A157F4E125EE494BAF939
Certificate serial: 457F
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer
Subject info access: rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.mft
Manifest number: 4577
Signing time: Sat 26 Apr 2025 19:13:04 +0000
Manifest this update: Sat 26 Apr 2025 19:13:04 +0000
Manifest next update: Sat 03 May 2025 19:13:04 +0000
Files and hashes: 1: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.crl (hash: BrpJ5NhcnyWutZj0FMcO9RVEERsk3kTZpSif4dijIfI=)
2: 4kPzvoJVabsWrLN0vJjavmkLF8E.cer (hash: AYWGFvwUByg/qqQVdaQIffRzOvV/lSsH6Y0ettSlDW4=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.crl
rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sat 03 May 2025 19:13:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17791 (0x457f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=96A85EF4B8CAF5D4C35A157F4E125EE494BAF939
Validity
Not Before: Apr 26 19:13:04 2025 GMT
Not After : May 3 19:13:04 2025 GMT
Subject: CN=680d3040-6566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:87:87:f9:d0:5e:91:ae:2f:90:33:b7:04:ed:
05:0f:14:af:66:7c:a1:3c:13:72:3f:78:6e:95:02:
05:5e:6c:30:5a:92:99:17:64:ef:f6:66:9a:9f:d2:
c8:28:89:c8:a7:0a:72:c4:cb:05:b0:76:cd:0e:61:
5c:13:fe:88:43:1f:38:9c:0f:66:9b:af:c5:14:ad:
ab:ff:d6:6a:f9:d4:d5:94:97:51:fc:4a:be:08:fc:
07:f2:b3:04:1f:61:9e:1d:56:1e:cf:12:20:de:ef:
6d:3b:6c:b0:73:2b:44:10:3f:6e:81:f7:67:57:38:
f1:7f:d9:5f:6b:a3:aa:f8:e2:d2:0c:8c:e3:75:04:
30:ba:5f:24:ed:12:f4:25:7d:23:fa:58:b9:2d:d2:
2d:cd:4d:63:69:ba:29:bf:00:30:17:f3:c2:5a:70:
df:04:57:12:c0:d8:89:7e:ff:52:ee:34:12:2d:71:
69:30:f3:05:45:04:c8:c6:0d:e1:0a:06:7c:10:66:
25:73:22:2f:85:b4:ed:5f:da:45:50:a6:b4:c1:5a:
7b:4f:12:90:16:1b:92:24:e0:4c:07:12:6c:b5:a1:
f1:43:db:ab:49:b9:ff:97:b3:c4:23:46:59:77:7b:
ca:9b:ef:0c:28:62:d3:26:45:24:90:65:11:da:29:
7c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:34:0C:16:B9:14:96:FA:92:BB:8F:36:EA:6F:81:83:21:69:D1:79
X509v3 Authority Key Identifier:
keyid:96:A8:5E:F4:B8:CA:F5:D4:C3:5A:15:7F:4E:12:5E:E4:94:BA:F9:39
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/B4A1BEA61D6611E2B2CD8B7C72FD1FF2/lqhe9LjK9dTDWhV_ThJe5JS6-Tk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
cb:e7:a3:b3:ac:21:9c:a9:8d:52:dc:0e:36:02:d1:93:c6:3a:
24:43:fa:46:e7:46:81:56:a3:3f:3c:ef:7f:fd:05:2f:83:43:
c7:fd:95:f8:57:71:94:76:3b:34:7d:bc:20:7a:46:b6:fe:1b:
bf:68:fc:dd:7e:f3:b4:97:1c:c1:a2:18:d1:c6:46:f4:f2:e1:
36:c9:e3:85:b6:cf:54:73:37:11:1c:b6:cf:fe:cf:b5:7d:47:
66:01:cb:de:f7:b3:d9:8d:b3:75:cd:f9:02:42:56:cf:ef:9b:
a1:49:bd:01:fb:d8:27:1a:68:e3:ea:a8:1a:ca:5a:4a:4c:77:
c0:39:0c:99:4a:5c:5f:66:03:88:5f:8d:71:b5:e4:dc:5d:99:
d2:58:a7:f6:b6:fe:ce:44:e5:4c:44:b9:21:12:3d:76:54:0c:
c5:1a:03:15:b5:20:09:92:39:6c:61:59:bc:5b:e2:27:55:08:
a7:75:06:9a:35:28:92:ba:14:75:71:08:87:34:b3:b1:79:f9:
79:8b:02:37:00:0b:d5:1e:3a:59:03:0d:d0:38:ea:1e:3f:d2:
50:bb:c1:c5:8f:c1:02:ee:33:b6:e8:65:f1:b8:77:a6:89:13:
7d:bb:1b:ba:40:ba:24:b8:17:84:32:5b:a2:b5:3c:12:d1:9b:
90:3e:46:3a
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgICRX8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkw
REM1QkUxMTAvBgNVBAUTKDk2QTg1RUY0QjhDQUY1RDRDMzVBMTU3RjRFMTI1RUU0
OTRCQUY5MzkwHhcNMjUwNDI2MTkxMzA0WhcNMjUwNTAzMTkxMzA0WjAYMRYwFAYD
VQQDEw02ODBkMzA0MC02NTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3oeH+dBeka4vkDO3BO0FDxSvZnyhPBNyP3hulQIFXmwwWpKZF2Tv9maan9LI
KInIpwpyxMsFsHbNDmFcE/6IQx84nA9mm6/FFK2r/9Zq+dTVlJdR/Eq+CPwH8rME
H2GeHVYezxIg3u9tO2ywcytEED9ugfdnVzjxf9lfa6Oq+OLSDIzjdQQwul8k7RL0
JX0j+li5LdItzU1jabopvwAwF/PCWnDfBFcSwNiJfv9S7jQSLXFpMPMFRQTIxg3h
CgZ8EGYlcyIvhbTtX9pFUKa0wVp7TxKQFhuSJOBMBxJstaHxQ9urSbn/l7PEI0ZZ
d3vKm+8MKGLTJkUkkGUR2il8CwIDAQABo4IChzCCAoMwHQYDVR0OBBYEFPw0DBa5
FJb6kruPNupvgYMhadF5MB8GA1UdIwQYMBaAFJaoXvS4yvXUw1oVf04SXuSUuvk5
MA4GA1UdDwEB/wQEAwIHgDBzBgNVHR8EbDBqMGigZqBkhmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvQjRBMUJFQTYxRDY2MTFFMkIyQ0Q4QjdDNzJG
RDFGRjIvbHFoZTlMaks5ZFREV2hWX1RoSmU1SlM2LVRrLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS85ODA2NTJFMEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9scWhlOUxqSzlk
VERXaFZfVGhKZTVKUzYtVGsuY2VyMEoGA1UdIAEB/wRAMD4wPAYIKwYBBQUHDgIw
MDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBuaWMubmV0L1JQS0kvQ1BTLnBk
ZjCBtQYIKwYBBQUHAQsEgagwgaUwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNEExQkVBNjFENjYxMUUyQjJDRDhCN0M3MkZE
MUZGMi9scWhlOUxqSzlkVERXaFZfVGhKZTVKUzYtVGsubWZ0MDMGCCsGAQUFBzAN
hidodHRwczovL3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYB
BQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIA
AgUAMA0GCSqGSIb3DQEBCwUAA4IBAQDL56OzrCGcqY1S3A42AtGTxjokQ/pG50aB
VqM/PO9//QUvg0PH/ZX4V3GUdjs0fbwgeka2/hu/aPzdfvO0lxzBohjRxkb08uE2
yeOFts9UczcRHLbP/s+1fUdmAcve97PZjbN1zfkCQlbP75uhSb0B+9gnGmjj6qga
ylpKTHfAOQyZSlxfZgOIX41xteTcXZnSWKf2tv7OROVMRLkhEj12VAzFGgMVtSAJ
kjlsYVm8W+InVQindQaaNSiSuhR1cQiHNLOxefl5iwI3AAvVHjpZAw3QOOoeP9JQ
u8HFj8EC7jO26GXxuHemiRN9uxu6QLokuBeEMluitTwS0ZuQPkY6
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:17:51 2025 by rpki-client