Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft
File: pSAa7m9KXB64p-HHhTv7srp1y9I.mft (raw, json)
Hash identifier: Fibgjrwyt8lKsjHStrW0gu1E/8VuTER1VGUkunna8ec=
Subject key identifier: B8:E8:23:18:3E:A2:01:E8:20:C6:36:97:CD:2D:3A:D9:62:51:AD:41
Authority key identifier: A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2
Certificate issuer: /CN=A91D1003/serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2
Certificate serial: 0B2C
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft
Manifest number: 0B22
Signing time: Thu 30 Jan 2025 19:16:17 +0000
Manifest this update: Thu 30 Jan 2025 19:16:16 +0000
Manifest next update: Thu 06 Feb 2025 19:16:16 +0000
Files and hashes: 1: pSAa7m9KXB64p-HHhTv7srp1y9I.crl (hash: urEGIE2fHSAgAOzpRcojPxr22UaV+LdGoi/Aau531D4=)
2: 0DC2568E320511EA8CF6B72DC4F9AE02.roa (hash: 1+11cacphPqsNd+omnkh++SqQDiBnfm5tRRdQKET7hw=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2860 (0xb2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91D1003/serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2
Validity
Not Before: Jan 30 19:16:16 2025 GMT
Not After : Feb 6 19:16:16 2025 GMT
Subject: CN=679bd000-39b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d6:e5:c8:68:6f:63:a0:26:f5:cf:ab:61:2f:
21:98:0b:75:00:34:b2:eb:83:a1:db:94:bf:5a:dc:
87:92:47:0b:5e:8d:fc:18:e1:96:9e:df:32:2c:95:
aa:1a:57:a7:35:81:df:2d:2b:e4:30:28:9c:2b:fd:
17:83:88:38:a3:95:47:08:3c:2d:1d:a1:99:d4:b7:
03:b5:76:44:e8:7b:d5:c1:0b:72:a9:dc:9d:25:b2:
99:97:40:fb:a7:5f:a9:fd:9e:04:2b:96:4f:c0:8f:
c5:93:28:75:2f:f9:51:24:0f:e9:5d:59:5e:2d:a6:
54:75:24:a5:d3:54:30:b2:7f:b8:2c:3a:ab:dd:27:
9b:82:22:47:cf:78:3d:c0:cb:4e:dd:2b:fd:7c:a8:
7d:b0:f1:11:3c:0f:19:28:5c:57:8b:60:0c:4c:da:
ab:46:77:ef:0b:bb:5b:59:00:d9:ec:f1:d8:21:b0:
a1:e7:b1:40:09:f9:ed:8a:f1:f7:1f:dc:e2:ba:c9:
7b:c7:ac:11:3c:64:5c:45:4b:53:12:1b:e3:9b:a2:
13:83:4f:d7:a1:bc:5b:d9:95:f6:d3:50:d2:55:4d:
eb:f3:23:a8:a8:00:d5:99:2a:09:6e:43:90:88:5b:
99:3e:c1:b3:8c:aa:9a:4c:fd:4f:ff:db:a6:ad:4d:
43:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:E8:23:18:3E:A2:01:E8:20:C6:36:97:CD:2D:3A:D9:62:51:AD:41
X509v3 Authority Key Identifier:
keyid:A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
63:64:a8:d0:89:5d:92:3f:92:f4:ef:56:53:1e:a1:02:c2:37:
ae:9e:fb:c2:dd:c1:14:72:6c:fa:d3:f1:ea:15:84:6b:b6:34:
9d:33:14:8c:1d:f5:ed:b0:da:ac:e7:24:f8:f9:6f:47:89:92:
a7:11:fc:5c:1b:08:97:bd:8b:ce:cb:bb:b8:82:36:d4:1c:e0:
91:d4:a3:c4:c6:8b:7d:5b:1f:ac:a7:02:5b:a9:b3:7f:3a:81:
2a:61:93:63:01:9f:14:20:0b:c7:d4:14:14:60:d1:76:0c:ad:
fa:fa:f1:d4:32:69:80:c7:72:71:33:88:f3:18:b2:fc:c2:e9:
b9:cc:c6:53:14:68:76:4b:64:a6:fa:f7:8b:9f:c0:b4:8b:ed:
7a:cc:e8:81:03:cc:15:8f:58:88:64:1b:f5:00:bb:76:32:07:
1c:aa:62:ec:aa:56:73:72:cb:91:f7:15:62:12:71:43:79:00:
57:74:ad:b7:25:09:6b:a3:04:e7:7c:c3:c9:dd:e6:d0:c5:44:
86:20:14:4e:d3:97:1f:88:03:aa:43:16:77:9e:39:5d:e9:99:
b9:ac:ec:fa:90:eb:54:e4:00:cf:06:fe:c3:3c:2d:0d:e5:09:
bf:df:19:39:7e:79:13:17:25:4e:2c:01:5e:4e:53:02:b8:15:
03:aa:80:ed
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICCywwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RDEwMDMxMTAvBgNVBAUTKEE1MjAxQUVFNkY0QTVDMUVCOEE3RTFDNzg1M0JGQkIy
QkE3NUNCRDIwHhcNMjUwMTMwMTkxNjE2WhcNMjUwMjA2MTkxNjE2WjAYMRYwFAYD
VQQDEw02NzliZDAwMC0zOWI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEApNblyGhvY6Am9c+rYS8hmAt1ADSy64Oh25S/WtyHkkcLXo38GOGWnt8yLJWq
GlenNYHfLSvkMCicK/0Xg4g4o5VHCDwtHaGZ1LcDtXZE6HvVwQtyqdydJbKZl0D7
p1+p/Z4EK5ZPwI/Fkyh1L/lRJA/pXVleLaZUdSSl01Qwsn+4LDqr3SebgiJHz3g9
wMtO3Sv9fKh9sPERPA8ZKFxXi2AMTNqrRnfvC7tbWQDZ7PHYIbCh57FACfntivH3
H9ziusl7x6wRPGRcRUtTEhvjm6ITg0/Xobxb2ZX201DSVU3r8yOoqADVmSoJbkOQ
iFuZPsGzjKqaTP1P/9umrU1DvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLjoIxg+
ogHoIMY2l80tOtliUa1BMB8GA1UdIwQYMBaAFKUgGu5vSlweuKfhx4U7+7K6dcvS
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTAwMy9BQTRFOTVDODMy
MDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hCNjRwLUhIaFR2N3NycDF5
OUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3BTQWE3bTlLWEI2NHAtSEhoVHY3c3JwMXk5SS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE
MTAwMy9BQTRFOTVDODMyMDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hC
NjRwLUhIaFR2N3NycDF5OUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQBjZKjQiV2SP5L071ZTHqECwjeunvvC3cEUcmz60/HqFYRrtjSdMxSM
HfXtsNqs5yT4+W9HiZKnEfxcGwiXvYvOy7u4gjbUHOCR1KPExot9Wx+spwJbqbN/
OoEqYZNjAZ8UIAvH1BQUYNF2DK36+vHUMmmAx3JxM4jzGLL8wum5zMZTFGh2S2Sm
+veLn8C0i+16zOiBA8wVj1iIZBv1ALt2MgccqmLsqlZzcsuR9xViEnFDeQBXdK23
JQlrowTnfMPJ3ebQxUSGIBRO05cfiAOqQxZ3njld6Zm5rOz6kOtU5ADPBv7DPC0N
5Qm/3xk5fnkTFyVOLAFeTlMCuBUDqoDt
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:52:28 2025 by rpki-client