Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft
File: 3q8cjeT-PFHGkVP8r5_owq1vjiY.mft (raw, json)
Hash identifier: SpxrnIKhR6rLqVe4JSyVAEU+rzDIfA45X4Fx9pbvP/Q=
Subject key identifier: 85:84:74:3A:8D:9E:7B:94:EA:A8:BC:BC:CA:8A:9B:CD:40:3C:03:49
Authority key identifier: DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26
Certificate issuer: /CN=A917AC33/serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26
Certificate serial: DC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft
Manifest number: DA
Signing time: Fri 31 Jan 2025 04:41:49 +0000
Manifest this update: Fri 31 Jan 2025 04:41:48 +0000
Manifest next update: Fri 07 Feb 2025 04:41:48 +0000
Files and hashes: 1: 3q8cjeT-PFHGkVP8r5_owq1vjiY.crl (hash: i8b9YHfC31q0NLbyo5IwTnp4n8Og6gLzW587QqV2HJE=)
2: 1C2EA330925011EE9571EE40C4F9AE02.roa (hash: Z3NjmZHjrC5QDqZVrNc2A+wY2OMdX2iZifn6im8ttEc=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 220 (0xdc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A917AC33/serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26
Validity
Not Before: Jan 31 04:41:48 2025 GMT
Not After : Feb 7 04:41:48 2025 GMT
Subject: CN=679c548c-a62c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:08:f3:4d:a1:ca:c8:f4:f3:2c:f6:2d:41:5a:
d5:e8:12:20:fe:d3:d3:74:89:c1:94:d0:ae:15:d1:
d9:c3:2b:05:80:17:92:93:eb:bc:d5:19:45:da:2b:
38:25:f8:68:b5:ba:45:34:db:24:8b:ea:c5:fa:65:
e8:12:28:44:c2:a3:87:3a:47:11:2e:8e:ea:68:b6:
bb:b0:b3:24:8a:2f:10:1d:97:c8:8a:23:26:0e:3f:
2e:71:bf:2e:bd:c8:4f:b4:b4:12:14:76:97:6a:c8:
35:bf:e7:ee:54:76:51:d3:57:6a:f9:e7:34:cf:e6:
b1:66:d3:84:ac:fc:00:7b:9e:6d:c2:e7:b9:aa:63:
49:5d:89:9f:0c:9d:76:36:1d:b3:b8:39:6a:41:be:
ae:c5:12:5b:01:7f:e4:5b:0e:45:73:67:9d:e4:f1:
da:3e:1b:26:c2:5b:0e:ad:e8:4b:96:83:8b:d2:b4:
d8:89:a2:ba:6b:66:42:4c:4b:4e:0c:76:1e:dd:a1:
37:40:e8:9a:c6:26:2a:9e:f8:69:48:b7:72:d2:13:
7c:82:15:6d:f5:07:cc:23:28:0b:71:d4:93:4e:c0:
9b:86:1e:80:af:17:e9:5b:86:79:27:8a:1f:e0:70:
4a:d8:e8:8a:d7:f6:1b:85:a5:35:4c:66:7e:76:94:
01:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:84:74:3A:8D:9E:7B:94:EA:A8:BC:BC:CA:8A:9B:CD:40:3C:03:49
X509v3 Authority Key Identifier:
keyid:DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
0b:5a:d6:c6:2a:31:d9:cc:a9:ef:e8:7d:6d:a7:c1:fa:4b:a8:
6c:ec:49:bb:4c:98:73:27:2a:29:49:88:f3:7a:3d:02:2f:a5:
7f:27:26:76:2b:ce:b5:24:91:36:cd:72:34:f2:d6:1a:ae:1a:
49:e7:5e:5e:71:67:f3:f3:83:22:f7:84:04:85:8f:06:23:e3:
80:fc:2d:77:1d:9e:50:cb:a1:7f:80:fa:73:61:29:b4:d4:99:
8b:f0:dc:33:76:a3:8e:4a:7d:f2:68:af:4a:8a:33:67:d7:ee:
75:b6:d5:27:4c:09:f3:42:5f:71:0e:36:06:26:34:03:27:93:
34:9f:3a:ae:60:fc:e3:a9:55:35:29:4b:5e:1a:72:f1:e5:63:
98:e0:8e:ac:9d:7b:53:65:50:6a:06:d5:f8:63:36:3e:4d:dd:
05:7e:02:82:03:57:d1:8e:d9:f1:18:cb:7e:e6:f3:a1:92:47:
4f:c6:fb:16:c1:75:29:55:c0:db:4e:df:25:8e:f7:bb:de:e0:
8b:2a:06:53:0c:73:96:1f:84:26:45:19:a8:48:41:95:de:f9:
be:57:99:c9:82:b4:e0:89:22:5f:7d:97:13:cf:c2:37:08:64:
91:da:b2:ba:ed:11:21:eb:3c:78:dd:94:a1:ab:d5:53:21:1a:
41:f4:07:95
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICANwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
N0FDMzMxMTAvBgNVBAUTKERFQUYxQzhERTRGRTNDNTFDNjkxNTNGQ0FGOUZFOEMy
QUQ2RjhFMjYwHhcNMjUwMTMxMDQ0MTQ4WhcNMjUwMjA3MDQ0MTQ4WjAYMRYwFAYD
VQQDEw02NzljNTQ4Yy1hNjJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA5QjzTaHKyPTzLPYtQVrV6BIg/tPTdInBlNCuFdHZwysFgBeSk+u81RlF2is4
JfhotbpFNNski+rF+mXoEihEwqOHOkcRLo7qaLa7sLMkii8QHZfIiiMmDj8ucb8u
vchPtLQSFHaXasg1v+fuVHZR01dq+ec0z+axZtOErPwAe55twue5qmNJXYmfDJ12
Nh2zuDlqQb6uxRJbAX/kWw5Fc2ed5PHaPhsmwlsOrehLloOL0rTYiaK6a2ZCTEtO
DHYe3aE3QOiaxiYqnvhpSLdy0hN8ghVt9QfMIygLcdSTTsCbhh6ArxfpW4Z5J4of
4HBK2OiK1/YbhaU1TGZ+dpQBBQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIWEdDqN
nnuU6qi8vMqKm81APANJMB8GA1UdIwQYMBaAFN6vHI3k/jxRxpFT/K+f6MKtb44m
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUMzMy9CMEJGQUMzNDky
NEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBGSEdrVlA4cjVfb3dxMXZq
aVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNxOGNqZVQtUEZIR2tWUDhyNV9vd3ExdmppWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3
QUMzMy9CMEJGQUMzNDkyNEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBG
SEdrVlA4cjVfb3dxMXZqaVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQALWtbGKjHZzKnv6H1tp8H6S6hs7Em7TJhzJyopSYjzej0CL6V/JyZ2
K861JJE2zXI08tYarhpJ515ecWfz84Mi94QEhY8GI+OA/C13HZ5Qy6F/gPpzYSm0
1JmL8NwzdqOOSn3yaK9KijNn1+51ttUnTAnzQl9xDjYGJjQDJ5M0nzquYPzjqVU1
KUteGnLx5WOY4I6snXtTZVBqBtX4YzY+Td0FfgKCA1fRjtnxGMt+5vOhkkdPxvsW
wXUpVcDbTt8ljve73uCLKgZTDHOWH4QmRRmoSEGV3vm+V5nJgrTgiSJffZcTz8I3
CGSR2rK67REh6zx43ZShq9VTIRpB9AeV
-----END CERTIFICATE-----
Generated at Fri Apr 25 08:54:25 2025 by rpki-client