$ rpki-client -vvf rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/kI54kDTxhBXYdZwmo0brgQ71pBU.mft File: kI54kDTxhBXYdZwmo0brgQ71pBU.mft (raw, json) Hash identifier: Xp9vO2Wcz9XR9L+ZZqjkJvl+65s++DT1VKC9Qu0NI1o= Subject key identifier: 3E:A9:56:B6:2F:38:72:19:EA:A4:FC:9A:CD:A1:25:57:52:AD:74:0A Authority key identifier: 90:8E:78:90:34:F1:84:15:D8:75:9C:26:A3:46:EB:81:0E:F5:A4:15 Certificate issuer: /CN=A911B4ED/serialNumber=908E789034F18415D8759C26A346EB810EF5A415 Certificate serial: 015B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI54kDTxhBXYdZwmo0brgQ71pBU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/kI54kDTxhBXYdZwmo0brgQ71pBU.mft Manifest number: 0159 Signing time: Fri 25 Apr 2025 03:10:32 +0000 Manifest this update: Fri 25 Apr 2025 03:10:32 +0000 Manifest next update: Fri 02 May 2025 03:10:32 +0000 Files and hashes: 1: kI54kDTxhBXYdZwmo0brgQ71pBU.crl (hash: HWrgGvs7VZq8YxbZciscW79ml0oRVzntAdX13NyZ15g=) 2: 86A2CEB60F3E11EEA4C55465C4F9AE02.roa (hash: LEuGWO/AHJLUDwLeABLdjtuQr5+JNGq1678nn2RoAyI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/kI54kDTxhBXYdZwmo0brgQ71pBU.crl rsync://rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/kI54kDTxhBXYdZwmo0brgQ71pBU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI54kDTxhBXYdZwmo0brgQ71pBU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:10:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 347 (0x15b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B4ED, serialNumber=908E789034F18415D8759C26A346EB810EF5A415 Validity Not Before: Apr 25 03:10:32 2025 GMT Not After : May 2 03:10:32 2025 GMT Subject: CN=680afd28-f814 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:ae:f7:09:8d:21:70:09:ba:df:fb:ad:1b:be: 20:5a:cf:b4:c3:95:4b:a8:cb:b8:3e:93:b4:a0:02: 7f:91:8c:a9:78:83:d5:46:0c:96:0b:db:5a:de:49: a8:e0:be:07:02:74:b9:8e:9f:d4:de:cf:cb:2c:e1: ed:05:86:aa:17:68:90:3c:0e:f0:75:63:04:be:67: 0b:07:8b:86:14:db:bc:5d:9c:f1:eb:0b:26:dc:42: 49:3a:4f:30:70:0a:be:7b:4c:80:79:99:f6:d9:88: 6c:75:ee:30:8d:8e:99:ef:bd:0b:68:23:a1:57:c8: ae:36:bc:fd:0e:62:71:29:a4:78:02:ff:64:68:0d: 88:8d:44:b9:93:a5:bf:02:25:79:b7:6b:71:66:6b: 92:ee:ba:5d:46:61:5f:e4:a6:99:be:00:17:01:0c: 7e:76:ff:fc:8d:92:81:66:d0:4f:77:96:71:82:f6: 16:07:5f:fb:f9:37:be:53:de:c7:bf:45:b5:90:78: 45:94:ab:a5:40:46:2e:a5:23:87:1e:61:7f:98:60: 01:88:d9:42:9b:b4:90:a1:05:aa:94:67:21:42:29: a5:62:ed:16:df:16:68:47:db:04:62:a9:7e:36:3f: 36:1b:72:f1:d4:9b:53:f0:de:6d:67:9e:7b:2b:41: f5:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:A9:56:B6:2F:38:72:19:EA:A4:FC:9A:CD:A1:25:57:52:AD:74:0A X509v3 Authority Key Identifier: keyid:90:8E:78:90:34:F1:84:15:D8:75:9C:26:A3:46:EB:81:0E:F5:A4:15 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/kI54kDTxhBXYdZwmo0brgQ71pBU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kI54kDTxhBXYdZwmo0brgQ71pBU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B4ED/FA4B0AC40F3711EEAB9D9468C4F9AE02/kI54kDTxhBXYdZwmo0brgQ71pBU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:b5:d8:8b:65:21:17:f2:90:51:34:de:5c:7c:5a:35:12:a7: 95:8f:30:3b:88:b9:6b:cf:79:ea:45:bc:d3:0a:7d:62:3c:66: 93:c8:5d:1d:4d:3a:a4:e9:de:d0:6c:16:f7:d0:90:c5:eb:72: c8:98:90:28:47:ef:78:7d:f6:be:80:68:f2:d4:33:fb:35:27: 9b:d4:88:2e:4b:7d:0d:13:6a:fc:35:9e:d7:37:04:e3:35:56: 96:fa:a8:66:c6:0e:28:b7:f7:5a:f7:dd:47:aa:9a:df:1a:4b: 2e:b8:1c:66:45:fe:7d:aa:2e:f7:e1:46:5b:bf:87:0f:60:ed: ee:8b:2f:5b:da:4e:56:15:f2:1b:ac:d3:bf:95:06:a4:a8:c7: 26:3e:e9:e6:35:00:ad:a9:b4:13:da:76:5a:5b:fb:54:b4:c8: 85:c7:b5:69:f1:5b:82:8d:9e:b2:eb:be:eb:88:e3:85:39:d2: 6a:a1:66:55:a2:a7:79:75:75:05:14:a9:57:bd:75:e5:84:79: c9:93:f3:16:7e:55:a3:53:90:25:bb:b8:96:10:2b:98:93:75: 4b:33:40:5c:70:ae:a9:01:91:cb:e7:27:cf:fc:4f:2f:33:a3: 89:e9:69:d8:82:a0:69:59:90:ce:1d:69:91:f9:4d:2b:98:86: 19:88:ca:16 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI0RUQxMTAvBgNVBAUTKDkwOEU3ODkwMzRGMTg0MTVEODc1OUMyNkEzNDZFQjgx MEVGNUE0MTUwHhcNMjUwNDI1MDMxMDMyWhcNMjUwNTAyMDMxMDMyWjAYMRYwFAYD VQQDEw02ODBhZmQyOC1mODE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4673CY0hcAm63/utG74gWs+0w5VLqMu4PpO0oAJ/kYypeIPVRgyWC9ta3kmo 4L4HAnS5jp/U3s/LLOHtBYaqF2iQPA7wdWMEvmcLB4uGFNu8XZzx6wsm3EJJOk8w cAq+e0yAeZn22Yhsde4wjY6Z770LaCOhV8iuNrz9DmJxKaR4Av9kaA2IjUS5k6W/ AiV5t2txZmuS7rpdRmFf5KaZvgAXAQx+dv/8jZKBZtBPd5ZxgvYWB1/7+Te+U97H v0W1kHhFlKulQEYupSOHHmF/mGABiNlCm7SQoQWqlGchQimlYu0W3xZoR9sEYql+ Nj82G3Lx1JtT8N5tZ557K0H15QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD6pVrYv OHIZ6qT8ms2hJVdSrXQKMB8GA1UdIwQYMBaAFJCOeJA08YQV2HWcJqNG64EO9aQV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjRFRC9GQTRCMEFDNDBG MzcxMUVFQUI5RDk0NjhDNEY5QUUwMi9rSTU0a0RUeGhCWFlkWndtbzBicmdRNzFw QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tJNTRrRFR4aEJYWWRad21vMGJyZ1E3MXBCVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QjRFRC9GQTRCMEFDNDBGMzcxMUVFQUI5RDk0NjhDNEY5QUUwMi9rSTU0a0RUeGhC WFlkWndtbzBicmdRNzFwQlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBBtdiLZSEX8pBRNN5cfFo1EqeVjzA7iLlrz3nqRbzTCn1iPGaTyF0d TTqk6d7QbBb30JDF63LImJAoR+94ffa+gGjy1DP7NSeb1IguS30NE2r8NZ7XNwTj NVaW+qhmxg4ot/da991HqprfGksuuBxmRf59qi734UZbv4cPYO3uiy9b2k5WFfIb rNO/lQakqMcmPunmNQCtqbQT2nZaW/tUtMiFx7Vp8VuCjZ6y677riOOFOdJqoWZV oqd5dXUFFKlXvXXlhHnJk/MWflWjU5Alu7iWECuYk3VLM0BccK6pAZHL5yfP/E8v M6OJ6WnYgqBpWZDOHWmR+U0rmIYZiMoW -----END CERTIFICATE-----Generated at Sat Apr 26 12:39:34 2025 by rpki-client