Manifest
$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft
File: 3af4p0oKdM_262MEKLbJ1w1XvXY.mft (raw, json)
Hash identifier: J+EzvfIGXC8Wzf+aU2IgZONK/jfmch7ztpQhXh+NzJs=
Subject key identifier: 45:4B:DF:B1:BE:A0:7F:36:86:1E:D1:4B:56:99:F4:5A:53:CB:B7:FC
Authority key identifier: DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76
Certificate issuer: /CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76
Certificate serial: 0D6D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft
Manifest number: 0D33
Signing time: Fri 31 Jan 2025 18:02:16 +0000
Manifest this update: Fri 31 Jan 2025 18:02:16 +0000
Manifest next update: Fri 07 Feb 2025 18:02:16 +0000
Files and hashes: 1: 3af4p0oKdM_262MEKLbJ1w1XvXY.crl (hash: uirUpFZ63NgB7T++RL0WKgvAkTdHZK741j0sSTXg+Pk=)
2: CE83F0E6F0E411EAA47C3968C4F9AE02.roa (hash: ZQBdoWyO873LcT1vKoBchR3Mc6PGkjTHNlXwZK5KBUA=)
3: E69AF38AB11C11EAACC28D2EC4F9AE02.roa (hash: vmjmVmXjdkD0vxVvLQigcrFyWXDcETievw8r2QIVv8s=)
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3437 (0xd6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76
Validity
Not Before: Jan 31 18:02:16 2025 GMT
Not After : Feb 7 18:02:16 2025 GMT
Subject: CN=679d1028-664c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d6:53:53:ef:f0:73:bb:f9:54:11:ba:6c:fc:
dd:46:0b:d5:db:db:8b:6d:f0:fe:06:2e:95:6f:3d:
e8:a3:d0:de:36:be:78:e5:84:fc:2b:d6:d0:c8:1f:
27:fc:da:41:c9:08:7d:91:ee:07:78:df:1e:a9:05:
8f:37:d5:e2:3f:fd:4d:a8:9e:d6:c5:49:f8:49:17:
af:21:29:57:e9:3a:0a:00:60:85:86:b3:9b:13:4e:
a5:c8:3e:ea:20:ab:85:23:bf:dc:e2:74:57:fe:1d:
40:e6:df:fc:23:e2:94:25:5b:ad:a3:ba:7d:44:4b:
a6:20:c8:6e:0e:dc:6f:39:9b:2e:fe:96:a4:fd:ef:
78:bb:37:87:e9:98:b2:f4:70:78:8e:7b:88:d5:ca:
95:28:20:c1:e5:a4:04:15:8f:3e:ce:f0:74:71:da:
5a:64:4a:8d:54:57:70:33:5c:fb:33:0f:b6:ee:28:
60:48:0e:68:97:aa:dc:c1:8f:15:d9:d3:cf:d0:b2:
c0:b8:d8:2c:cc:24:76:b4:f0:e8:ae:02:08:f0:e0:
17:cf:7b:8d:e1:b8:b8:73:fd:7b:ed:34:d0:9c:e8:
c4:1a:a2:5f:00:33:c7:63:16:a6:e0:b6:57:30:1d:
43:67:a6:e5:2d:c2:0b:9d:39:cf:40:2a:71:73:c4:
26:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:4B:DF:B1:BE:A0:7F:36:86:1E:D1:4B:56:99:F4:5A:53:CB:B7:FC
X509v3 Authority Key Identifier:
keyid:DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
19:5c:bc:53:d7:c7:7c:df:b4:e6:b8:f5:38:01:9c:6e:54:f2:
ef:59:ed:72:4b:6f:bf:a3:e5:d3:0b:0d:02:ba:c3:ae:d7:ac:
fb:6a:ab:de:19:b7:d1:a4:5e:46:49:c2:9d:a9:f8:94:f8:5a:
2b:c8:9a:d5:0a:c6:3b:ad:07:be:d2:33:fc:99:75:5d:af:01:
02:8c:ef:ec:d8:f4:06:80:f9:7a:a8:20:81:ce:0f:8b:c7:e3:
b3:8f:79:83:ef:e9:ca:bb:6b:c1:fa:4b:14:eb:dd:9f:06:10:
42:ff:4b:39:6b:fd:bf:95:94:28:b5:b0:af:ad:40:1e:a8:d8:
95:59:e0:15:f9:4b:04:ab:42:41:5d:e6:36:e5:1c:ca:86:de:
84:8f:d3:31:26:80:c0:02:02:0f:7f:82:92:41:14:cf:ac:4a:
69:1d:96:31:d9:8d:4d:3b:d1:2b:28:f6:d5:0c:e9:ec:90:f5:
00:e3:48:79:de:b5:62:2c:5b:f3:e5:e5:ff:19:69:da:1c:8d:
83:cb:39:f9:75:87:53:68:f6:a9:d0:ee:a6:a3:ef:1a:91:77:
da:22:cf:e2:52:b7:85:db:e5:bc:c6:e3:b9:8b:ee:a4:95:56:
7c:3a:43:db:4a:88:76:33:48:24:bb:2c:b2:82:a1:45:1c:32:
4e:ec:9f:d2
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICDW0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTdCQzQxMTAvBgNVBAUTKEREQTdGOEE3NEEwQTc0Q0ZGNkVCNjMwNDI4QjZDOUQ3
MEQ1N0JENzYwHhcNMjUwMTMxMTgwMjE2WhcNMjUwMjA3MTgwMjE2WjAYMRYwFAYD
VQQDEw02NzlkMTAyOC02NjRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAm9ZTU+/wc7v5VBG6bPzdRgvV29uLbfD+Bi6Vbz3oo9DeNr545YT8K9bQyB8n
/NpByQh9ke4HeN8eqQWPN9XiP/1NqJ7WxUn4SRevISlX6ToKAGCFhrObE06lyD7q
IKuFI7/c4nRX/h1A5t/8I+KUJVuto7p9REumIMhuDtxvOZsu/pak/e94uzeH6Ziy
9HB4jnuI1cqVKCDB5aQEFY8+zvB0cdpaZEqNVFdwM1z7Mw+27ihgSA5ol6rcwY8V
2dPP0LLAuNgszCR2tPDorgII8OAXz3uN4bi4c/177TTQnOjEGqJfADPHYxam4LZX
MB1DZ6blLcILnTnPQCpxc8QmuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEVL37G+
oH82hh7RS1aZ9FpTy7f8MB8GA1UdIwQYMBaAFN2n+KdKCnTP9utjBCi2ydcNV712
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yRDFBNTk1QUQ1
MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RNXzI2Mk1FS0xiSjF3MVh2
WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzNhZjRwMG9LZE1fMjYyTUVLTGJKMXcxWHZYWS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF
N0JDNC8yRDFBNTk1QUQ1MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RN
XzI2Mk1FS0xiSjF3MVh2WFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQAZXLxT18d837TmuPU4AZxuVPLvWe1yS2+/o+XTCw0CusOu16z7aqve
GbfRpF5GScKdqfiU+ForyJrVCsY7rQe+0jP8mXVdrwECjO/s2PQGgPl6qCCBzg+L
x+Ozj3mD7+nKu2vB+ksU692fBhBC/0s5a/2/lZQotbCvrUAeqNiVWeAV+UsEq0JB
XeY25RzKht6Ej9MxJoDAAgIPf4KSQRTPrEppHZYx2Y1NO9ErKPbVDOnskPUA40h5
3rViLFvz5eX/GWnaHI2Dyzn5dYdTaPap0O6mo+8akXfaIs/iUreF2+W8xuO5i+6k
lVZ8OkPbSoh2M0gkuyyygqFFHDJO7J/S
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:20:42 2025 by rpki-client