$ rpki-client -vvf rpki.apnic.net/member_repository/A912E3C7/8E608A8AB26711EFA565A849C4F9AE02/MnO_dM_TfcKwgKpPGtntXtY-YyA.mft File: MnO_dM_TfcKwgKpPGtntXtY-YyA.mft (raw, json) Hash identifier: prptZgFhSXUpIrNxzsAinBGfE/WrlLeVyNujve+gNhY= Subject key identifier: 1F:34:05:F5:28:50:C8:73:36:3B:61:E7:9D:D2:D4:3D:EA:67:7B:EC Authority key identifier: 32:73:BF:74:CF:D3:7D:C2:B0:80:AA:4F:1A:D9:ED:5E:D6:3E:63:20 Certificate issuer: /CN=A912E3C7/serialNumber=3273BF74CFD37DC2B080AA4F1AD9ED5ED63E6320 Certificate serial: 4A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnO_dM_TfcKwgKpPGtntXtY-YyA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912E3C7/8E608A8AB26711EFA565A849C4F9AE02/MnO_dM_TfcKwgKpPGtntXtY-YyA.mft Manifest number: 4A Signing time: Fri 25 Apr 2025 06:20:42 +0000 Manifest this update: Fri 25 Apr 2025 06:20:41 +0000 Manifest next update: Fri 02 May 2025 06:20:41 +0000 Files and hashes: 1: MnO_dM_TfcKwgKpPGtntXtY-YyA.crl (hash: KFLjn7+sqPC7u7D9qWIUVGG3Mr+ckup0sAhps2hH4ys=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912E3C7/8E608A8AB26711EFA565A849C4F9AE02/MnO_dM_TfcKwgKpPGtntXtY-YyA.crl rsync://rpki.apnic.net/member_repository/A912E3C7/8E608A8AB26711EFA565A849C4F9AE02/MnO_dM_TfcKwgKpPGtntXtY-YyA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnO_dM_TfcKwgKpPGtntXtY-YyA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:20:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74 (0x4a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912E3C7, serialNumber=3273BF74CFD37DC2B080AA4F1AD9ED5ED63E6320 Validity Not Before: Apr 25 06:20:41 2025 GMT Not After : May 2 06:20:41 2025 GMT Subject: CN=680b29b9-b03b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:d1:7f:66:39:ea:04:4a:7a:52:a9:82:8a:ec: a3:2d:11:85:bf:b7:96:aa:3e:ef:60:c6:5b:9f:b6: c5:62:4c:7b:1d:80:11:b4:fe:4c:27:72:82:c9:f9: e0:81:85:ce:bd:08:16:f4:62:69:ef:22:80:bc:23: 64:f1:c4:6d:b9:02:3a:e1:5e:62:92:36:fa:d1:a1: b1:c1:29:59:1d:3a:aa:ee:aa:21:b8:19:30:89:eb: fb:ee:53:06:d8:0d:ff:f8:84:b1:ab:ea:4e:eb:e4: fe:08:0b:60:9e:37:22:8c:40:20:94:6d:af:c7:d1: 4e:84:1a:ea:44:0c:b7:6c:ec:41:fa:aa:2b:a2:0d: 5e:ab:8e:7b:64:4d:a0:90:72:44:a6:22:f8:13:7f: b5:5f:b7:e2:6f:3a:b3:0d:ef:7e:a8:00:07:3b:13: 76:d0:c9:14:40:5e:f2:af:e1:8b:82:df:4b:cc:52: d5:3b:16:f8:44:85:08:7a:31:5f:23:a4:88:13:d2: fa:30:34:cf:46:89:2e:07:3f:6d:f3:19:61:db:0e: 17:55:29:3c:81:e7:d2:43:08:09:b5:4d:56:db:e5: 5d:b8:fa:27:d1:34:a7:65:08:92:8c:97:47:bc:aa: f3:42:14:d7:c0:2a:8b:9c:ef:34:33:20:cd:d5:b1: 81:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:34:05:F5:28:50:C8:73:36:3B:61:E7:9D:D2:D4:3D:EA:67:7B:EC X509v3 Authority Key Identifier: keyid:32:73:BF:74:CF:D3:7D:C2:B0:80:AA:4F:1A:D9:ED:5E:D6:3E:63:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912E3C7/8E608A8AB26711EFA565A849C4F9AE02/MnO_dM_TfcKwgKpPGtntXtY-YyA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnO_dM_TfcKwgKpPGtntXtY-YyA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E3C7/8E608A8AB26711EFA565A849C4F9AE02/MnO_dM_TfcKwgKpPGtntXtY-YyA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 78:c3:23:3c:14:3a:b9:81:ee:22:57:16:1b:6c:20:18:79:69: ac:be:42:75:73:64:2f:fa:4f:c8:1d:35:d8:db:61:71:df:b2: ee:d8:3f:ab:38:af:3b:43:1c:dc:3b:12:c7:f6:5e:22:1c:56: 8b:23:1e:b7:96:25:5e:a1:14:4d:8c:c5:f7:e3:71:94:66:94: c6:6c:d7:51:08:a6:53:ff:41:d3:ec:ed:b1:c3:41:4e:b7:31: 7e:df:07:3e:99:56:eb:63:12:e7:24:66:48:fb:da:f1:21:8d: 0f:93:bd:f2:f8:b0:fc:f9:7e:f7:d4:08:1e:88:dd:9b:44:49: 31:96:f7:e6:38:f2:6e:59:dc:f8:fe:83:5e:62:91:c9:f1:9f: 0a:80:e7:6a:1a:ab:a6:39:2e:a6:8d:b1:68:46:24:dc:70:f8: 13:3a:21:dd:a6:1b:6f:96:bc:c4:dc:80:e4:90:d1:80:f2:5b: e1:83:46:3b:ee:10:ed:de:fd:9e:61:09:65:86:56:83:1d:92: 2a:f6:77:e6:42:36:42:87:12:70:b4:dc:d5:49:5c:c9:78:0e: c1:fb:40:c6:3e:a7:83:53:a2:40:fb:46:6a:8b:fd:26:f6:23: e6:43:63:22:67:b6:eb:7d:f7:fb:d6:2f:1d:56:a1:b6:01:70: fc:4f:5c:20 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBSjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy RTNDNzExMC8GA1UEBRMoMzI3M0JGNzRDRkQzN0RDMkIwODBBQTRGMUFEOUVENUVE NjNFNjMyMDAeFw0yNTA0MjUwNjIwNDFaFw0yNTA1MDIwNjIwNDFaMBgxFjAUBgNV BAMTDTY4MGIyOWI5LWIwM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC00X9mOeoESnpSqYKK7KMtEYW/t5aqPu9gxluftsViTHsdgBG0/kwncoLJ+eCB hc69CBb0YmnvIoC8I2TxxG25AjrhXmKSNvrRobHBKVkdOqruqiG4GTCJ6/vuUwbY Df/4hLGr6k7r5P4IC2CeNyKMQCCUba/H0U6EGupEDLds7EH6qiuiDV6rjntkTaCQ ckSmIvgTf7Vft+JvOrMN736oAAc7E3bQyRRAXvKv4YuC30vMUtU7FvhEhQh6MV8j pIgT0vowNM9GiS4HP23zGWHbDhdVKTyB59JDCAm1TVbb5V24+ifRNKdlCJKMl0e8 qvNCFNfAKouc7zQzIM3VsYG7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUHzQF9ShQ yHM2O2HnndLUPepne+wwHwYDVR0jBBgwFoAUMnO/dM/TfcKwgKpPGtntXtY+YyAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJFM0M3LzhFNjA4QThBQjI2 NzExRUZBNTY1QTg0OUM0RjlBRTAyL01uT19kTV9UZmNLd2dLcFBHdG50WHRZLVl5 QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvTW5PX2RNX1RmY0t3Z0twUEd0bnRYdFktWXlBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJF M0M3LzhFNjA4QThBQjI2NzExRUZBNTY1QTg0OUM0RjlBRTAyL01uT19kTV9UZmNL d2dLcFBHdG50WHRZLVl5QS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHjDIzwUOrmB7iJXFhtsIBh5aay+QnVzZC/6T8gdNdjbYXHfsu7YP6s4 rztDHNw7Esf2XiIcVosjHreWJV6hFE2MxffjcZRmlMZs11EIplP/QdPs7bHDQU63 MX7fBz6ZVutjEuckZkj72vEhjQ+TvfL4sPz5fvfUCB6I3ZtESTGW9+Y48m5Z3Pj+ g15ikcnxnwqA52oaq6Y5LqaNsWhGJNxw+BM6Id2mG2+WvMTcgOSQ0YDyW+GDRjvu EO3e/Z5hCWWGVoMdkir2d+ZCNkKHEnC03NVJXMl4DsH7QMY+p4NTokD7RmqL/Sb2 I+ZDYyJntut99/vWLx1WobYBcPxPXCA= -----END CERTIFICATE-----Generated at Sat Apr 26 12:36:57 2025 by rpki-client