Manifest
$ rpki-client -vvf rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
File: mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft (raw, json)
Hash identifier: mJh7DGXHYrAYKKNKlP4BIWzemqRhJI/UObqNV8WrLIg=
Subject key identifier: B9:26:88:50:73:B6:FC:EF:B2:DA:A2:20:F7:BF:74:26:12:47:1D:84
Authority key identifier: 98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
Certificate issuer: /CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Certificate serial: 034D
Authority info access: rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
Subject info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
Manifest number: 01A1
Signing time: Tue 15 Oct 2024 23:03:29 +0000
Manifest this update: Tue 15 Oct 2024 23:03:28 +0000
Manifest next update: Fri 22 Nov 2024 23:03:28 +0000
Files and hashes: 1: mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl (hash: jbEPltVMH9PYc4ypevrjfoTgBHfj1pN3hBvY8FxlZYU=)
2: DmWk9f02tb1o6zySNAiXjJB6p58.cer (hash: aZy9zlk2JJrfj4v9dKSzBnIpxX1CWnno6LtNwIxC3t0=)
3: dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer (hash: AHFOj5Y1AdPOu9gsAusD0t/Wps8m5kv210FFgbWBg7g=)
4: NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer (hash: pNVb25EZijors+W/qaj6sQStRUvWlrDNttDWj1aNTHs=)
5: DPzneFf88B852ZpitKpi5hWedvg.cer (hash: Q0b20xvIb9OTcKtAEh6DkNQgtZyxwUgyD+55R4EvV/U=)
6: lqhe9LjK9dTDWhV_ThJe5JS6-Tk.cer (hash: 0bd8fg7Cugm+k4AitgoAURsr4cxRRS/4lbnBphwV4ME=)
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Thu 21 Nov 2024 02:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 845 (0x34d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=apnic-rpki-root-intermediate/serialNumber=98142C9D0B41A3B9FB603D769848236FD1F31924
Validity
Not Before: Oct 15 23:03:28 2024 GMT
Not After : Nov 22 23:03:28 2024 GMT
Subject: CN=670ef4c0-0b15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a3:e4:98:9b:61:64:89:f2:0a:07:9b:e8:0e:
24:63:c5:fc:4d:83:26:76:e2:f8:37:dd:27:51:20:
9c:b9:a3:6f:c5:c3:40:41:99:cd:4b:f2:34:a9:14:
fd:f5:9b:db:df:01:de:f8:47:e2:76:ec:89:03:ee:
fe:a0:ca:be:c2:a0:d6:4e:da:6a:03:4d:84:81:cc:
0a:a0:24:dd:9e:71:96:2b:86:4e:fa:82:b3:6f:92:
c9:d3:a2:a7:6e:b1:83:24:bd:8e:7c:74:b0:d1:8c:
2e:4d:4a:d4:58:1a:0d:38:62:97:3f:33:17:62:32:
60:b2:84:84:d9:5e:94:79:c3:9c:c1:7f:b9:13:68:
a5:10:50:ad:6b:a4:b0:a0:af:39:24:45:86:f2:17:
f5:c5:6b:34:ca:67:d9:1a:2c:84:cd:f6:20:62:c7:
18:1a:e9:40:45:fc:26:af:e6:6e:18:01:cc:1e:9b:
1b:ed:fe:a5:29:5d:b1:2f:6c:f5:b2:02:9d:ad:d3:
1b:cc:1f:a0:20:f8:28:e4:45:bd:37:fc:70:ab:99:
57:c0:59:62:6e:c2:3d:9e:5f:b3:70:00:24:7c:2c:
36:9e:f5:02:10:98:b0:26:56:e1:79:d4:e2:43:f7:
29:e3:e0:b6:81:22:21:75:a5:4e:90:d7:3d:26:44:
1e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:26:88:50:73:B6:FC:EF:B2:DA:A2:20:F7:BF:74:26:12:47:1D:84
X509v3 Authority Key Identifier:
keyid:98:14:2C:9D:0B:41:A3:B9:FB:60:3D:76:98:48:23:6F:D1:F3:19:24
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
Signature Algorithm: sha256WithRSAEncryption
50:cf:88:54:2e:e4:c2:d1:e2:1c:90:6b:4f:4e:c1:a6:d5:da:
c8:dc:1f:3a:05:07:72:5a:f4:16:2b:7e:1c:93:d9:68:b6:18:
f7:a1:99:4f:8f:f5:f0:e9:9c:be:2e:eb:fc:4c:05:a5:41:0f:
a3:e9:87:c3:c0:ab:9e:9d:80:8c:05:fe:16:c4:1e:11:29:bf:
eb:b5:ae:2c:ba:08:57:b6:fb:f0:d1:26:6a:a0:01:44:b1:ab:
d4:d2:50:dd:51:42:25:f9:8d:0e:08:48:c9:ea:1d:b1:da:89:
46:98:44:51:79:c6:84:fd:2b:37:4a:c9:32:da:82:df:09:98:
6d:50:30:92:46:90:a5:a8:79:87:09:b9:8f:4c:3e:ba:ab:c1:
a4:3b:7a:ca:99:15:a0:c3:4b:9d:00:87:1b:d7:ed:3e:f0:e3:
01:d0:ea:b4:70:35:a9:fb:f0:96:39:64:e4:ef:62:15:14:8f:
7d:85:8d:fa:2d:1a:36:08:5c:90:83:27:0e:af:9b:0a:cc:6f:
64:87:2a:83:ba:d0:1e:2a:99:08:fd:5d:1d:b0:d7:eb:d6:32:
fc:b4:75:dd:bd:90:34:41:9d:da:ab:a9:7b:30:6e:1f:5e:df:
e1:22:ca:e6:37:dd:64:bd:27:4b:c4:2a:ab:63:12:76:62:86:
05:31:9b:f4
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgICA00wDQYJKoZIhvcNAQELBQAwWjElMCMGA1UEAxMcYXBu
aWMtcnBraS1yb290LWludGVybWVkaWF0ZTExMC8GA1UEBRMoOTgxNDJDOUQwQjQx
QTNCOUZCNjAzRDc2OTg0ODIzNkZEMUYzMTkyNDAeFw0yNDEwMTUyMzAzMjhaFw0y
NDExMjIyMzAzMjhaMBgxFjAUBgNVBAMTDTY3MGVmNGMwLTBiMTUwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUo+SYm2FkifIKB5voDiRjxfxNgyZ24vg3
3SdRIJy5o2/Fw0BBmc1L8jSpFP31m9vfAd74R+J27IkD7v6gyr7CoNZO2moDTYSB
zAqgJN2ecZYrhk76grNvksnToqdusYMkvY58dLDRjC5NStRYGg04Ypc/MxdiMmCy
hITZXpR5w5zBf7kTaKUQUK1rpLCgrzkkRYbyF/XFazTKZ9kaLITN9iBixxga6UBF
/Cav5m4YAcwemxvt/qUpXbEvbPWyAp2t0xvMH6Ag+CjkRb03/HCrmVfAWWJuwj2e
X7NwACR8LDae9QIQmLAmVuF51OJD9ynj4LaBIiF1pU6Q1z0mRB6rAgMBAAGjggJP
MIICSzAdBgNVHQ4EFgQUuSaIUHO2/O+y2qIg9790JhJHHYQwHwYDVR0jBBgwFoAU
mBQsnQtBo7n7YD12mEgjb9HzGSQwDgYDVR0PAQH/BAQDAgeAMHMGA1UdHwRsMGow
aKBmoGSGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS85ODA2NTJF
MEI3N0UxMUU3QTk2QTM5NTIxQTRGNEZCNC9tQlFzblF0Qm83bjdZRDEybUVnamI5
SHpHU1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5LzgzOERCMjE0MTY2NTExRTJCM0JDMjg2
MTcyRkQxRkYyL21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdTUS5jZXIwSgYDVR0g
AQH/BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5h
cG5pYy5uZXQvUlBLSS9DUFMucGRmMH4GCCsGAQUFBwELBHIwcDBuBggrBgEFBQcw
C4ZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5Lzk4MDY1MkUwQjc3
RTExRTdBOTZBMzk1MjFBNEY0RkI0L21CUXNuUXRCbzduN1lEMTJtRWdqYjlIekdT
US5tZnQwFQYIKwYBBQUHAQgBAf8EBjAEoAIFADAhBggrBgEFBQcBBwEB/wQSMBAw
BgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEBCwUAA4IBAQBQz4hULuTC0eIckGtP
TsGm1drI3B86BQdyWvQWK34ck9lothj3oZlPj/Xw6Zy+Luv8TAWlQQ+j6YfDwKue
nYCMBf4WxB4RKb/rta4sughXtvvw0SZqoAFEsavU0lDdUUIl+Y0OCEjJ6h2x2olG
mERRecaE/Ss3Ssky2oLfCZhtUDCSRpClqHmHCbmPTD66q8GkO3rKmRWgw0udAIcb
1+0+8OMB0Oq0cDWp+/CWOWTk72IVFI99hY36LRo2CFyQgycOr5sKzG9khyqDutAe
KpkI/V0dsNfr1jL8tHXdvZA0QZ3aq6l7MG4fXt/hIsrmN91kvSdLxCqrYxJ2YoYF
MZv0
-----END CERTIFICATE-----
Generated at Wed Oct 16 01:23:56 2024 by rpki-client on console.sobornost.net