Manifest
$ rpki-client -vvf rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
File: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft (raw, json)
Hash identifier: x/h+3bbgd1Ft8Zd1IykLOsEwnBLPFFgtd9Pt1eU6lGo=
Subject key identifier: DB:4A:38:7D:B2:AA:96:70:C6:5C:2E:45:DE:03:74:76:D9:B8:6A:8C
Authority key identifier: 0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
Certificate issuer: /CN=apnic-rpki-root-iana-origin
Certificate serial: F9
Authority info access: rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Subject info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
Manifest number: C6
Signing time: Tue 14 Jan 2025 05:15:05 +0000
Manifest this update: Tue 14 Jan 2025 05:15:04 +0000
Manifest next update: Fri 21 Feb 2025 05:15:04 +0000
Files and hashes: 1: C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl (hash: iXKXCYq9P91mh093a4SOxUekPRwqU4BlfihcCoZnxA0=)
2: mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer (hash: lcovCfR98AYveq+h8K/BcaczqQGqYTms5D3WtuPCw4o=)
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 249 (0xf9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-iana-origin
Validity
Not Before: Jan 14 05:15:04 2025 GMT
Not After : Feb 21 05:15:04 2025 GMT
Subject: CN=6785f2d9-83bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:73:f6:cf:b2:1d:3e:5f:3e:95:e3:ad:ab:6f:
b8:04:1e:33:fa:ee:9f:f2:12:eb:d1:25:2f:32:8a:
1a:35:43:73:07:7b:38:d3:0c:e1:de:42:e6:db:14:
b4:f7:80:73:43:5d:ea:05:64:f0:3b:6d:91:32:ea:
1a:e5:01:dd:6b:91:37:55:2a:1f:86:88:3b:10:c6:
b6:7b:a1:97:5f:71:7b:ac:81:4e:c2:b3:f9:ed:b3:
4d:9c:e9:77:36:55:b9:db:e3:b8:24:c8:fb:7f:fd:
7a:f0:96:73:b7:22:a7:02:6d:0c:67:00:2c:c5:e3:
ef:08:d6:16:54:a2:9b:61:3f:26:ef:87:93:35:19:
1f:7d:87:18:c6:5e:22:ef:53:dd:25:c6:95:ad:e0:
32:b2:81:b1:8b:44:61:b4:9d:60:94:35:c3:77:9d:
68:5c:1b:a9:56:23:98:fd:57:17:7e:c1:64:69:c3:
68:4c:99:1f:1e:57:76:32:23:1d:84:15:ff:d7:f2:
cf:0f:10:7a:79:ce:ab:ae:0c:3a:5e:da:b6:bc:9f:
74:bc:db:54:36:8a:a4:e9:2d:db:7b:6d:c4:e6:64:
87:3e:e8:62:83:a5:8e:15:15:d2:d5:4c:22:7c:c7:
05:71:dc:b9:f0:52:83:a9:41:49:05:fd:c2:14:fd:
1b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4A:38:7D:B2:AA:96:70:C6:5C:2E:45:DE:03:74:76:D9:B8:6A:8C
X509v3 Authority Key Identifier:
keyid:0B:9C:CA:90:DD:0D:7A:8A:37:66:6B:19:21:7F:E0:D8:40:37:B7:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
3a:f1:a8:7c:dc:97:0c:cc:21:33:01:e6:87:5e:31:6e:e7:03:
2e:bc:f7:f6:06:db:4f:25:8f:ff:aa:0f:ea:64:d0:c7:72:84:
7b:29:00:87:9d:c3:47:89:9b:0c:d0:68:68:f0:3d:61:e0:80:
45:69:99:3b:d8:03:38:ed:e5:b8:c7:d9:16:48:1a:c6:8d:06:
03:c2:57:2c:11:88:b0:89:43:bf:bf:43:56:64:f2:66:d3:8f:
15:64:bb:e1:4b:a9:ee:ec:be:59:7f:30:ca:ae:59:77:79:c3:
c3:0b:cf:90:d4:7f:7e:10:4c:eb:26:f8:74:55:b8:7f:df:8f:
2f:65:65:17:0e:ed:01:c4:93:78:aa:2c:59:9c:b7:5c:d8:ff:
f8:b9:c7:ef:e6:48:f8:d9:ed:00:a0:8a:29:18:44:0c:f1:73:
74:2b:71:e2:cb:56:05:98:1c:84:01:ab:6c:1e:98:3c:7d:a3:
0d:4c:c1:df:66:2a:e8:37:e1:6e:ba:77:e7:81:0d:39:e1:f6:
aa:19:3e:d2:3f:d8:09:65:50:55:60:8b:ee:ac:af:41:92:96:
42:36:3b:53:84:5c:17:a9:c1:a5:76:2a:91:b3:f3:ba:68:c2:
79:c1:82:b7:ee:ee:c4:bd:00:d8:28:85:6f:15:31:4a:0d:77:
0d:0f:af:87
-----BEGIN CERTIFICATE-----
MIIE6jCCA9KgAwIBAgICAPkwDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAxMbYXBu
aWMtcnBraS1yb290LWlhbmEtb3JpZ2luMB4XDTI1MDExNDA1MTUwNFoXDTI1MDIy
MTA1MTUwNFowGDEWMBQGA1UEAxMNNjc4NWYyZDktODNiZjCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBALpz9s+yHT5fPpXjratvuAQeM/run/IS69ElLzKK
GjVDcwd7ONMM4d5C5tsUtPeAc0Nd6gVk8DttkTLqGuUB3WuRN1UqH4aIOxDGtnuh
l19xe6yBTsKz+e2zTZzpdzZVudvjuCTI+3/9evCWc7cipwJtDGcALMXj7wjWFlSi
m2E/Ju+HkzUZH32HGMZeIu9T3SXGla3gMrKBsYtEYbSdYJQ1w3edaFwbqVYjmP1X
F37BZGnDaEyZHx5XdjIjHYQV/9fyzw8QennOq64MOl7atryfdLzbVDaKpOkt23tt
xOZkhz7oYoOljhUV0tVMInzHBXHcufBSg6lBSQX9whT9G48CAwEAAaOCAi4wggIq
MB0GA1UdDgQWBBTbSjh9sqqWcMZcLkXeA3R22bhqjDAfBgNVHSMEGDAWgBQLnMqQ
3Q16ijdmaxkhf+DYQDe3ojAOBgNVHQ8BAf8EBAMCB4AwcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2
NTExRTJCM0JDMjg2MTcyRkQxRkYyL0M1ektrTjBOZW9vM1ptc1pJWF9nMkVBM3Q2
SS5jcmwwXQYIKwYBBQUHAQEEUTBPME0GCCsGAQUFBzAChkFyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvYXBuaWMtcnBraS1yb290LWlhbmEtb3JpZ2lu
LmNlcjBKBgNVHSABAf8EQDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0
dHBzOi8vd3d3LmFwbmljLm5ldC9SUEtJL0NQUy5wZGYwfgYIKwYBBQUHAQsEcjBw
MG4GCCsGAQUFBzALhmJyc3luYzovL3Jwa2kuYXBuaWMubmV0L3JlcG9zaXRvcnkv
ODM4REIyMTQxNjY1MTFFMkIzQkMyODYxNzJGRDFGRjIvQzV6S2tOME5lb28zWm1z
WklYX2cyRUEzdDZJLm1mdDAVBggrBgEFBQcBCAEB/wQGMASgAgUAMCEGCCsGAQUF
BwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQELBQADggEBADrx
qHzclwzMITMB5odeMW7nAy689/YG208lj/+qD+pk0MdyhHspAIedw0eJmwzQaGjw
PWHggEVpmTvYAzjt5bjH2RZIGsaNBgPCVywRiLCJQ7+/Q1Zk8mbTjxVku+FLqe7s
vll/MMquWXd5w8MLz5DUf34QTOsm+HRVuH/fjy9lZRcO7QHEk3iqLFmct1zY//i5
x+/mSPjZ7QCgiikYRAzxc3QrceLLVgWYHIQBq2wemDx9ow1Mwd9mKug34W66d+eB
DTnh9qoZPtI/2AllUFVgi+6sr0GSlkI2O1OEXBepwaV2KpGz87pownnBgrfu7sS9
ANgohW8VMUoNdw0Pr4c=
-----END CERTIFICATE-----
Generated at Thu Apr 24 14:46:15 2025 by rpki-client