$ rpki-client -vvf rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/45B7SOaYfi_fztAe0B1As_Y9sRg.mft File: 45B7SOaYfi_fztAe0B1As_Y9sRg.mft (raw, json) Hash identifier: +HOowqqR5TqRV9wS65xaxGV3VGV7ZdCCkhWX3mRRr3w= Subject key identifier: EF:E1:BC:3F:B3:DC:FD:68:26:77:21:D7:33:54:08:C2:39:3C:49:29 Authority key identifier: E3:90:7B:48:E6:98:7E:2F:DF:CE:D0:1E:D0:1D:40:B3:F6:3D:B1:18 Certificate issuer: /CN=A91297A2/serialNumber=E3907B48E6987E2FDFCED01ED01D40B3F63DB118 Certificate serial: 0128 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45B7SOaYfi_fztAe0B1As_Y9sRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/45B7SOaYfi_fztAe0B1As_Y9sRg.mft Manifest number: 0123 Signing time: Fri 25 Apr 2025 03:49:38 +0000 Manifest this update: Fri 25 Apr 2025 03:49:37 +0000 Manifest next update: Fri 02 May 2025 03:49:37 +0000 Files and hashes: 1: 45B7SOaYfi_fztAe0B1As_Y9sRg.crl (hash: qdpdNrIyoCD2L1FJjekzeaOJoVZogzVSkv7hh+1C05g=) 2: 3802AF56829811EEB7C3F322C4F9AE02.roa (hash: /dryDqRy0DH6c/gZr4MBN4BosfeqNmHeRwKmrIx/CX8=) 3: B08503D8F8AA11EE91684140C4F9AE02.roa (hash: ZuM6BVmH6niQKuKQ1eCiPR55KnpBaOjGce45jTQXxyE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/45B7SOaYfi_fztAe0B1As_Y9sRg.crl rsync://rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/45B7SOaYfi_fztAe0B1As_Y9sRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45B7SOaYfi_fztAe0B1As_Y9sRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:49:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 296 (0x128) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91297A2, serialNumber=E3907B48E6987E2FDFCED01ED01D40B3F63DB118 Validity Not Before: Apr 25 03:49:37 2025 GMT Not After : May 2 03:49:37 2025 GMT Subject: CN=680b0651-8b8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:71:3a:a3:f7:c2:06:30:34:2a:1e:a1:1b:29: 38:43:f0:61:e2:78:b8:c5:d1:a4:57:e7:c0:31:26: 50:b3:71:ff:12:58:69:4e:61:59:fa:86:c9:32:ed: 71:f7:4d:d9:9a:19:bf:11:9e:25:8d:c5:92:d7:17: 67:48:31:e4:36:07:27:e1:1b:28:c8:40:f9:46:2d: fd:b3:1e:e8:62:ae:af:5a:95:42:ca:ad:49:28:09: 89:fe:2e:da:a1:0f:a5:de:c6:80:1d:8a:26:ff:7f: 97:e0:2c:b6:1c:79:fe:33:b2:52:15:23:2a:a1:6c: 6c:9e:20:98:36:13:80:5f:9a:6c:42:9a:c4:75:62: 9d:2e:a6:c2:41:82:ab:cb:1c:f9:6b:33:3b:cd:44: ab:74:0e:27:7c:10:ef:f9:2c:a8:da:4d:5b:ac:4d: 47:2f:a2:49:6c:cb:ce:3a:5b:8f:48:82:28:86:7b: 3a:40:14:c7:90:57:9e:9f:ff:ad:5a:03:6e:43:92: 59:c3:54:28:d0:e6:2e:46:ee:77:91:10:01:88:45: a5:8f:0e:bf:0f:9c:8a:c5:1b:8e:7d:d0:13:a6:84: 2f:80:09:a6:06:85:be:90:e3:ae:51:88:c9:e4:43: a0:7f:10:88:f4:74:f6:36:c2:1f:4d:b5:8c:7c:ed: ea:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:E1:BC:3F:B3:DC:FD:68:26:77:21:D7:33:54:08:C2:39:3C:49:29 X509v3 Authority Key Identifier: keyid:E3:90:7B:48:E6:98:7E:2F:DF:CE:D0:1E:D0:1D:40:B3:F6:3D:B1:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/45B7SOaYfi_fztAe0B1As_Y9sRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45B7SOaYfi_fztAe0B1As_Y9sRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91297A2/B3DFC8846D6211EEB307CE19C4F9AE02/45B7SOaYfi_fztAe0B1As_Y9sRg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:6b:ae:31:d0:cd:14:e9:2e:46:95:7d:83:3e:f0:2d:9b:34: 2d:58:e9:50:84:ce:f2:7f:bb:d2:da:99:1b:e3:8a:b8:39:39: 04:b9:58:a2:71:98:1b:0d:b2:34:3b:d6:ab:3c:15:0e:3b:fe: 4b:83:09:41:27:81:a6:02:22:af:c1:42:50:7b:e0:be:2e:1a: e2:ca:4c:b8:ae:8f:c5:21:87:b9:0a:e5:9b:49:34:63:b4:04: 2a:37:f2:3f:4c:8a:ff:a2:fb:3e:7e:5d:95:ca:b7:fc:d2:8a: 1e:41:65:b9:72:9b:40:71:b3:d3:8c:9f:61:f0:c4:b2:8f:4d: 60:ff:34:41:57:27:bb:67:93:db:93:68:e4:f1:d7:e2:6b:a4: d7:91:01:c5:11:a0:cb:52:5d:fa:6d:a0:ea:17:cf:72:fe:94: d8:26:71:25:68:ad:e7:f7:96:21:34:38:d4:7f:aa:73:92:7d: e5:51:ae:a4:f1:c3:2e:88:c1:c5:10:d2:48:33:5b:35:a1:27: 56:0e:6e:b8:3f:49:7f:88:17:6d:b6:d8:59:ef:96:f5:52:88: 3c:f7:a9:1a:0a:c6:81:7d:cc:0f:55:08:d6:26:d9:74:d4:0a: 99:d5:3a:c3:59:ed:96:f5:a7:c2:89:9e:3a:11:25:da:37:9f: 4f:56:fb:e3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjk3QTIxMTAvBgNVBAUTKEUzOTA3QjQ4RTY5ODdFMkZERkNFRDAxRUQwMUQ0MEIz RjYzREIxMTgwHhcNMjUwNDI1MDM0OTM3WhcNMjUwNTAyMDM0OTM3WjAYMRYwFAYD VQQDEw02ODBiMDY1MS04YjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuXE6o/fCBjA0Kh6hGyk4Q/Bh4ni4xdGkV+fAMSZQs3H/ElhpTmFZ+obJMu1x 903Zmhm/EZ4ljcWS1xdnSDHkNgcn4RsoyED5Ri39sx7oYq6vWpVCyq1JKAmJ/i7a oQ+l3saAHYom/3+X4Cy2HHn+M7JSFSMqoWxsniCYNhOAX5psQprEdWKdLqbCQYKr yxz5azM7zUSrdA4nfBDv+Syo2k1brE1HL6JJbMvOOluPSIIohns6QBTHkFeen/+t WgNuQ5JZw1Qo0OYuRu53kRABiEWljw6/D5yKxRuOfdATpoQvgAmmBoW+kOOuUYjJ 5EOgfxCI9HT2NsIfTbWMfO3q9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO/hvD+z 3P1oJnch1zNUCMI5PEkpMB8GA1UdIwQYMBaAFOOQe0jmmH4v387QHtAdQLP2PbEY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOTdBMi9CM0RGQzg4NDZE NjIxMUVFQjMwN0NFMTlDNEY5QUUwMi80NUI3U09hWWZpX2Z6dEFlMEIxQXNfWTlz UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzQ1QjdTT2FZZmlfZnp0QWUwQjFBc19ZOXNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OTdBMi9CM0RGQzg4NDZENjIxMUVFQjMwN0NFMTlDNEY5QUUwMi80NUI3U09hWWZp X2Z6dEFlMEIxQXNfWTlzUmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAta64x0M0U6S5GlX2DPvAtmzQtWOlQhM7yf7vS2pkb44q4OTkEuVii cZgbDbI0O9arPBUOO/5LgwlBJ4GmAiKvwUJQe+C+Lhriyky4ro/FIYe5CuWbSTRj tAQqN/I/TIr/ovs+fl2Vyrf80ooeQWW5cptAcbPTjJ9h8MSyj01g/zRBVye7Z5Pb k2jk8dfia6TXkQHFEaDLUl36baDqF89y/pTYJnElaK3n95YhNDjUf6pzkn3lUa6k 8cMuiMHFENJIM1s1oSdWDm64P0l/iBdttthZ75b1Uog896kaCsaBfcwPVQjWJtl0 1AqZ1TrDWe2W9afCiZ46ESXaN59PVvvj -----END CERTIFICATE-----Generated at Sat Apr 26 17:21:59 2025 by rpki-client