Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft
File: -UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft (raw, json)
Hash identifier: YM+2dWwp45ZyjCztK4G7RG8QhpKnspN7Qz1NonrTOcg=
Subject key identifier: 76:91:55:6D:88:5B:FB:4D:76:08:CC:86:4E:C7:AF:96:13:E8:10:7F
Authority key identifier: F9:40:4A:A5:24:D4:35:7E:0C:CC:69:C7:D4:0D:3E:66:A2:E4:E6:DF
Certificate issuer: /CN=A9170C53/serialNumber=F9404AA524D4357E0CCC69C7D40D3E66A2E4E6DF
Certificate serial: 012E
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft
Manifest number: 012D
Signing time: Fri 31 Jan 2025 03:23:41 +0000
Manifest this update: Fri 31 Jan 2025 03:23:41 +0000
Manifest next update: Fri 07 Feb 2025 03:23:41 +0000
Files and hashes: 1: -UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl (hash: ZpY78dpu4T/jsxnXvzqhhhDh1tXLK52kv9sGRTD1Bmo=)
2: C3BB51160DAC11EFB00E6B16C4F9AE02.roa (hash: qg93oWWTuAPTiOr/0YJ1p+8YAjeXzMdg4Ry+BJ5sjwQ=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 302 (0x12e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9170C53/serialNumber=F9404AA524D4357E0CCC69C7D40D3E66A2E4E6DF
Validity
Not Before: Jan 31 03:23:41 2025 GMT
Not After : Feb 7 03:23:41 2025 GMT
Subject: CN=679c423d-dae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:aa:d4:1f:bd:45:01:0b:ec:b2:72:24:4e:ad:
ee:1d:64:b4:cd:ee:d7:55:b9:5d:25:ab:0b:2f:09:
98:9f:96:a6:7f:8e:9c:d3:c3:ef:4b:bd:0e:10:61:
f5:46:0a:83:9e:a2:06:18:35:27:03:a1:0f:20:f2:
55:b6:d0:3d:5c:21:79:fc:5a:38:1c:07:54:53:45:
72:d4:92:68:40:b8:01:79:cc:d9:0b:86:22:22:62:
ee:e7:7f:1b:8c:be:7c:1d:c1:fd:b4:0a:b4:3f:ce:
91:fd:22:45:f6:6c:c2:51:a0:f2:0b:88:66:a2:37:
e1:c7:da:65:fd:7c:6b:0c:22:15:e1:2c:56:a5:09:
e2:8d:d9:5c:91:2d:ff:84:69:6e:0c:de:34:ee:b6:
2d:00:69:a1:fe:2d:80:32:96:8d:07:15:82:a7:96:
b1:e4:f0:d9:0c:70:a4:a0:aa:8a:d4:61:4e:2f:fe:
9a:cd:37:36:9f:0e:cb:55:87:fa:f5:72:79:83:71:
82:02:70:38:3e:9b:30:f1:41:89:3e:b9:93:85:f9:
ea:33:4e:21:81:d4:7e:40:d9:83:d1:31:89:0d:45:
aa:b9:71:e2:8d:7d:30:25:85:be:c9:14:b1:8d:47:
b3:ab:c8:4a:7d:d5:55:a2:c8:7a:78:3b:08:6f:d3:
51:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:91:55:6D:88:5B:FB:4D:76:08:CC:86:4E:C7:AF:96:13:E8:10:7F
X509v3 Authority Key Identifier:
keyid:F9:40:4A:A5:24:D4:35:7E:0C:CC:69:C7:D4:0D:3E:66:A2:E4:E6:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
3b:2f:99:0c:24:9f:9c:db:d5:e3:06:d1:63:63:61:79:d2:6e:
3f:77:fb:1c:c1:5a:d2:08:9c:67:d4:22:b8:40:a2:76:57:ee:
b3:91:8a:7f:e3:44:12:cf:36:bf:02:50:84:d1:4b:37:07:6e:
0d:3a:2c:ac:6c:36:9c:e2:4e:3c:e5:c5:4d:7e:c5:4d:d4:37:
67:f3:71:7c:d3:ab:3a:95:dd:8c:46:52:49:5f:01:68:8a:17:
4d:bf:63:5b:0a:23:cc:62:2d:67:18:f9:b6:d7:1f:67:c0:90:
33:3b:22:b5:4a:20:7c:8d:02:23:43:15:37:b8:13:53:0b:b4:
4a:46:a8:c6:00:b8:a5:02:d1:f5:2c:c8:bd:37:29:34:3c:fe:
2c:a8:66:28:55:46:cd:82:41:3d:54:ad:4d:e2:83:ce:9d:7a:
3d:e9:9f:52:19:75:f9:d4:84:21:c7:6e:3c:37:39:6d:34:f0:
6a:b7:2a:02:69:fe:df:b7:29:14:74:60:ef:c4:0a:53:bb:04:
12:7a:55:01:0e:6c:0a:2d:0c:3d:c7:09:52:7b:f2:b9:fe:05:
96:5d:4d:c1:09:68:3d:70:65:b9:f6:9a:29:a8:64:f6:9b:d7:
62:d5:d5:d3:6a:1c:ad:77:a4:41:56:1a:d4:dd:f1:fe:02:0e:
40:c2:2b:a2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAS4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NzBDNTMxMTAvBgNVBAUTKEY5NDA0QUE1MjRENDM1N0UwQ0NDNjlDN0Q0MEQzRTY2
QTJFNEU2REYwHhcNMjUwMTMxMDMyMzQxWhcNMjUwMjA3MDMyMzQxWjAYMRYwFAYD
VQQDEw02NzljNDIzZC1kYWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyarUH71FAQvssnIkTq3uHWS0ze7XVbldJasLLwmYn5amf46c08PvS70OEGH1
RgqDnqIGGDUnA6EPIPJVttA9XCF5/Fo4HAdUU0Vy1JJoQLgBeczZC4YiImLu538b
jL58HcH9tAq0P86R/SJF9mzCUaDyC4hmojfhx9pl/XxrDCIV4SxWpQnijdlckS3/
hGluDN407rYtAGmh/i2AMpaNBxWCp5ax5PDZDHCkoKqK1GFOL/6azTc2nw7LVYf6
9XJ5g3GCAnA4Ppsw8UGJPrmThfnqM04hgdR+QNmD0TGJDUWquXHijX0wJYW+yRSx
jUezq8hKfdVVosh6eDsIb9NREQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHaRVW2I
W/tNdgjMhk7Hr5YT6BB/MB8GA1UdIwQYMBaAFPlASqUk1DV+DMxpx9QNPmai5Obf
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEM1My9EQjYzQzlBMjEx
NzYxMUVFOUM1NTlBM0VDNEY5QUUwMi8tVUJLcFNUVU5YNE16R25IMUEwLVpxTGs1
dDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyLy1VQktwU1RVTlg0TXpHbkgxQTAtWnFMazV0OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
MEM1My9EQjYzQzlBMjExNzYxMUVFOUM1NTlBM0VDNEY5QUUwMi8tVUJLcFNUVU5Y
NE16R25IMUEwLVpxTGs1dDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQA7L5kMJJ+c29XjBtFjY2F50m4/d/scwVrSCJxn1CK4QKJ2V+6zkYp/
40QSzza/AlCE0Us3B24NOiysbDac4k485cVNfsVN1Ddn83F806s6ld2MRlJJXwFo
ihdNv2NbCiPMYi1nGPm21x9nwJAzOyK1SiB8jQIjQxU3uBNTC7RKRqjGALilAtH1
LMi9Nyk0PP4sqGYoVUbNgkE9VK1N4oPOnXo96Z9SGXX51IQhx248NzltNPBqtyoC
af7ftykUdGDvxApTuwQSelUBDmwKLQw9xwlSe/K5/gWWXU3BCWg9cGW59popqGT2
m9di1dXTahytd6RBVhrU3fH+Ag5Awiui
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:06:13 2025 by rpki-client