$ rpki-client -vvf rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.mft File: aBQMFYJe1QoDeBBSrd4uyhpv6jo.mft (raw, json) Hash identifier: L/+fY8a6E+1wp37aOIMFVHafJ+pHDKdHCBjEo2H5VaM= Subject key identifier: 5C:6D:41:ED:A0:46:AF:44:32:1C:4A:5A:07:61:D1:8F:F4:BA:C2:09 Authority key identifier: 68:14:0C:15:82:5E:D5:0A:03:78:10:52:AD:DE:2E:CA:1A:6F:EA:3A Certificate issuer: /CN=A91289A2/serialNumber=68140C15825ED50A03781052ADDE2ECA1A6FEA3A Certificate serial: 03B8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aBQMFYJe1QoDeBBSrd4uyhpv6jo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.mft Manifest number: 03B2 Signing time: Fri 25 Apr 2025 00:28:58 +0000 Manifest this update: Fri 25 Apr 2025 00:28:58 +0000 Manifest next update: Fri 02 May 2025 00:28:58 +0000 Files and hashes: 1: aBQMFYJe1QoDeBBSrd4uyhpv6jo.crl (hash: DZ+Tm6GJdOfdQTDnsUnHfnAH47qa3lSc3M8BcMXKBjU=) 2: 97E8ACD68E6611EC9EBE626FC4F9AE02.roa (hash: tLChoqAT+qMzYdiOem/hyADnIcDAlpuqVUc6loXrSu8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.crl rsync://rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aBQMFYJe1QoDeBBSrd4uyhpv6jo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:28:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 952 (0x3b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91289A2, serialNumber=68140C15825ED50A03781052ADDE2ECA1A6FEA3A Validity Not Before: Apr 25 00:28:58 2025 GMT Not After : May 2 00:28:58 2025 GMT Subject: CN=680ad74a-d6fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:06:06:33:bd:cd:fe:74:0d:c1:c7:88:e3:fa: 98:72:94:56:96:e1:0d:14:3f:a4:cd:ee:cd:7e:fc: 7b:c3:9d:ad:69:93:09:ff:af:06:7a:f4:02:db:47: 2e:bb:8e:81:87:fc:89:cf:99:d7:b9:e7:31:b4:05: 4b:82:6f:72:67:61:df:bd:cb:28:64:62:ef:6b:74: b1:e1:e7:02:bd:9d:94:7b:60:f5:87:ad:b7:00:9c: c3:36:3e:25:98:41:13:2b:f3:ba:91:aa:2e:c2:02: d8:9d:c7:13:76:c7:7e:30:28:4c:4d:6a:2c:6d:43: 90:89:8a:b3:e3:cb:3a:df:de:d6:29:14:96:5b:84: e3:a4:33:bc:33:36:5e:75:5d:b6:80:88:8b:fe:a5: 74:c6:a9:2e:ac:5e:67:c3:3b:e7:9f:8d:4d:bf:c7: d1:b8:d9:32:ca:db:ce:eb:53:78:6f:f2:f3:a2:ca: ea:61:01:1d:1d:c3:a8:91:79:a9:ae:bf:65:bd:f2: 50:84:d3:51:94:be:84:71:77:2c:a3:ab:93:68:d0: 0a:4a:5a:18:84:da:5c:54:0e:5b:03:5e:40:4b:07: 16:3a:fb:29:80:72:50:4e:e9:09:e6:20:18:1f:b1: f7:63:58:77:48:cf:38:fe:96:24:35:7d:1d:f3:bf: 65:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:6D:41:ED:A0:46:AF:44:32:1C:4A:5A:07:61:D1:8F:F4:BA:C2:09 X509v3 Authority Key Identifier: keyid:68:14:0C:15:82:5E:D5:0A:03:78:10:52:AD:DE:2E:CA:1A:6F:EA:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aBQMFYJe1QoDeBBSrd4uyhpv6jo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:cc:5a:1d:c5:c4:be:44:45:91:2d:15:35:d0:57:53:01:91: 68:86:ce:87:b5:67:2c:f4:eb:93:c1:44:1e:bf:ee:11:86:5e: 2a:03:69:aa:57:ed:7a:84:a6:82:98:5f:d4:f6:c0:f7:25:59: a1:46:98:13:60:51:88:5c:41:c0:ad:4a:25:fa:ce:91:5b:d8: 36:2c:53:d6:80:a3:84:37:c4:bd:21:33:48:13:da:2e:55:d0: 85:4d:e7:b9:9e:bd:19:0f:4b:da:e9:0b:94:e7:56:62:08:73: 1f:c7:d5:59:6c:90:83:6d:49:ce:8f:d5:c9:ec:a1:44:8a:25: 7a:71:c5:13:06:e8:81:ca:10:cb:4e:e0:71:49:b4:ad:fe:52: 0b:bf:c9:5a:c1:d7:cb:53:d6:6c:34:e0:7d:f0:d0:61:39:49: a2:8e:5c:fb:ac:cd:36:8c:b3:4b:c2:6a:44:8a:47:77:ed:bd: 35:2f:4b:c0:a6:ca:e1:26:42:22:96:42:e5:24:36:22:31:46: 3e:d0:dc:a8:6b:9d:08:08:62:91:b3:a2:62:c3:dc:85:5e:94: 1f:13:26:bb:a7:7e:d8:8a:46:a6:01:23:bc:4f:b0:38:72:a0: f1:87:20:7e:63:43:3f:54:e5:0a:22:0f:82:74:5b:bb:de:a3: 4b:20:a7:16 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA7gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjg5QTIxMTAvBgNVBAUTKDY4MTQwQzE1ODI1RUQ1MEEwMzc4MTA1MkFEREUyRUNB MUE2RkVBM0EwHhcNMjUwNDI1MDAyODU4WhcNMjUwNTAyMDAyODU4WjAYMRYwFAYD VQQDEw02ODBhZDc0YS1kNmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuwYGM73N/nQNwceI4/qYcpRWluENFD+kze7Nfvx7w52taZMJ/68GevQC20cu u46Bh/yJz5nXuecxtAVLgm9yZ2HfvcsoZGLva3Sx4ecCvZ2Ue2D1h623AJzDNj4l mEETK/O6kaouwgLYnccTdsd+MChMTWosbUOQiYqz48s6397WKRSWW4TjpDO8MzZe dV22gIiL/qV0xqkurF5nwzvnn41Nv8fRuNkyytvO61N4b/LzosrqYQEdHcOokXmp rr9lvfJQhNNRlL6EcXcso6uTaNAKSloYhNpcVA5bA15ASwcWOvspgHJQTukJ5iAY H7H3Y1h3SM84/pYkNX0d879lHQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFxtQe2g Rq9EMhxKWgdh0Y/0usIJMB8GA1UdIwQYMBaAFGgUDBWCXtUKA3gQUq3eLsoab+o6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODlBMi9GQjUyRjY0RThF NjMxMUVDOUUwMTVENkRDNEY5QUUwMi9hQlFNRllKZTFRb0RlQkJTcmQ0dXlocHY2 am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FCUU1GWUplMVFvRGVCQlNyZDR1eWhwdjZqby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy ODlBMi9GQjUyRjY0RThFNjMxMUVDOUUwMTVENkRDNEY5QUUwMi9hQlFNRllKZTFR b0RlQkJTcmQ0dXlocHY2am8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnzFodxcS+REWRLRU10FdTAZFohs6HtWcs9OuTwUQev+4Rhl4qA2mq V+16hKaCmF/U9sD3JVmhRpgTYFGIXEHArUol+s6RW9g2LFPWgKOEN8S9ITNIE9ou VdCFTee5nr0ZD0va6QuU51ZiCHMfx9VZbJCDbUnOj9XJ7KFEiiV6ccUTBuiByhDL TuBxSbSt/lILv8lawdfLU9ZsNOB98NBhOUmijlz7rM02jLNLwmpEikd37b01L0vA psrhJkIilkLlJDYiMUY+0Nyoa50ICGKRs6Jiw9yFXpQfEya7p37YikamASO8T7A4 cqDxhyB+Y0M/VOUKIg+CdFu73qNLIKcW -----END CERTIFICATE-----Generated at Sat Apr 26 12:55:50 2025 by rpki-client