$ rpki-client -vvf rpki.apnic.net/member_repository/A91376FB/92FB71A083F211ECBB251985C4F9AE02/iGoO5rx6vcCfqCLhFN9DXwsOhlo.mft File: iGoO5rx6vcCfqCLhFN9DXwsOhlo.mft (raw, json) Hash identifier: VQmaJCzcteCUGMjibKm007fOMhHCvs2BG+o8MIKdeUI= Subject key identifier: BD:53:20:99:BB:BE:C6:D4:AA:64:C0:A4:FB:1A:FA:0A:27:92:E9:DD Authority key identifier: 88:6A:0E:E6:BC:7A:BD:C0:9F:A8:22:E1:14:DF:43:5F:0B:0E:86:5A Certificate issuer: /CN=A91376FB/serialNumber=886A0EE6BC7ABDC09FA822E114DF435F0B0E865A Certificate serial: 03D1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iGoO5rx6vcCfqCLhFN9DXwsOhlo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91376FB/92FB71A083F211ECBB251985C4F9AE02/iGoO5rx6vcCfqCLhFN9DXwsOhlo.mft Manifest number: 03CB Signing time: Fri 25 Apr 2025 00:24:16 +0000 Manifest this update: Fri 25 Apr 2025 00:24:16 +0000 Manifest next update: Fri 02 May 2025 00:24:16 +0000 Files and hashes: 1: iGoO5rx6vcCfqCLhFN9DXwsOhlo.crl (hash: YZW3cRGzc/YN+D1VoBDXxqyGWyFf6pxgS3NL5zlNcvE=) 2: 25C61AECB7ED11ED9CF6A63EC4F9AE02.roa (hash: HjJMtBZQa4j3w+aIjRMqWS8V5BytX4DObhkkXgOg0NY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91376FB/92FB71A083F211ECBB251985C4F9AE02/iGoO5rx6vcCfqCLhFN9DXwsOhlo.crl rsync://rpki.apnic.net/member_repository/A91376FB/92FB71A083F211ECBB251985C4F9AE02/iGoO5rx6vcCfqCLhFN9DXwsOhlo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iGoO5rx6vcCfqCLhFN9DXwsOhlo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:24:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 977 (0x3d1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91376FB, serialNumber=886A0EE6BC7ABDC09FA822E114DF435F0B0E865A Validity Not Before: Apr 25 00:24:16 2025 GMT Not After : May 2 00:24:16 2025 GMT Subject: CN=680ad630-49f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:66:a0:34:7d:2a:47:89:1d:9a:70:2d:33:53: 6c:e8:2c:85:6b:2c:33:9b:48:3a:cb:d5:26:35:a9: 19:a7:ff:79:39:81:4e:df:c6:97:fe:11:53:43:7f: 73:cf:82:8c:0c:cd:38:66:99:2e:47:b1:a1:4a:78: a9:96:43:41:17:eb:3a:e9:be:09:7e:ef:ea:8b:1e: 52:12:10:fc:a0:e3:4f:70:7c:44:11:9d:4f:7f:eb: 2e:f5:ed:69:90:31:89:4e:ff:7f:85:d5:c5:2a:af: 2f:3a:b4:8f:a6:d5:6e:95:8d:56:32:3f:3c:bc:11: 7e:3b:d3:1d:53:f0:75:f5:1a:bd:5f:f2:ab:69:e1: ac:db:79:14:66:39:72:f0:e6:9a:21:7e:ff:39:e9: 25:95:38:23:43:2f:93:fc:ec:c5:59:21:c4:9f:9a: b8:05:29:5d:01:5c:f6:26:d6:85:d5:e9:78:3a:77: 52:8c:87:c7:0c:1d:37:48:7f:09:fa:09:be:1c:a7: 5e:a8:5d:3c:fd:3b:4d:df:a5:0c:4b:5e:8a:ca:db: 77:e1:11:db:f6:2a:ad:9f:0b:a6:33:45:90:c2:71: 67:ae:05:e0:20:73:e0:83:ea:cc:d1:25:74:2a:e8: 08:09:d0:c2:b6:1f:18:de:ec:68:b4:eb:1d:96:fb: 1b:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:53:20:99:BB:BE:C6:D4:AA:64:C0:A4:FB:1A:FA:0A:27:92:E9:DD X509v3 Authority Key Identifier: keyid:88:6A:0E:E6:BC:7A:BD:C0:9F:A8:22:E1:14:DF:43:5F:0B:0E:86:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91376FB/92FB71A083F211ECBB251985C4F9AE02/iGoO5rx6vcCfqCLhFN9DXwsOhlo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iGoO5rx6vcCfqCLhFN9DXwsOhlo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91376FB/92FB71A083F211ECBB251985C4F9AE02/iGoO5rx6vcCfqCLhFN9DXwsOhlo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:d3:ad:a4:71:34:c5:65:68:8d:fd:22:96:4f:aa:be:46:54: 12:3c:f3:b0:a8:db:be:a1:4e:57:c8:b2:c8:e9:37:ed:d7:3d: 6b:71:86:c2:f4:43:c6:df:83:d4:e6:a0:70:45:dc:47:d6:3c: 22:9d:3c:b0:95:3f:fe:23:d9:fa:ea:a0:a6:b9:91:c3:38:2e: 19:84:50:54:50:71:49:6e:e0:68:7c:ed:e6:51:49:ad:30:d8: d7:70:37:4d:3b:7d:b7:15:79:65:b6:10:f6:ef:44:42:47:93: b5:cd:59:03:81:bb:3a:9d:a2:75:2e:70:c8:8e:a2:1e:1b:33: dd:cb:0c:6d:13:c8:65:ef:8d:cd:b3:b0:9e:79:ce:b5:21:07: e5:7a:4d:fd:23:7f:00:78:fc:f5:20:b1:a4:95:53:3a:32:72: 89:2f:13:d7:b2:b1:1a:1c:77:3d:8c:bc:fd:03:b7:f8:66:bd: e5:59:c3:57:9f:f7:2a:3e:8e:8d:2a:93:3f:f2:85:f3:1a:e4: fb:8f:73:02:66:47:5c:02:9a:0c:18:df:ff:29:02:40:2b:b7: 7a:94:e9:a5:41:1b:33:b7:58:b6:b3:a9:d1:fa:41:9e:d1:b2: 02:f0:ce:4f:63:bb:8b:e4:33:d6:9b:28:7f:73:03:4f:8c:11: 61:44:d5:62 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA9EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mzc2RkIxMTAvBgNVBAUTKDg4NkEwRUU2QkM3QUJEQzA5RkE4MjJFMTE0REY0MzVG MEIwRTg2NUEwHhcNMjUwNDI1MDAyNDE2WhcNMjUwNTAyMDAyNDE2WjAYMRYwFAYD VQQDEw02ODBhZDYzMC00OWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0GagNH0qR4kdmnAtM1Ns6CyFaywzm0g6y9UmNakZp/95OYFO38aX/hFTQ39z z4KMDM04ZpkuR7GhSniplkNBF+s66b4Jfu/qix5SEhD8oONPcHxEEZ1Pf+su9e1p kDGJTv9/hdXFKq8vOrSPptVulY1WMj88vBF+O9MdU/B19Rq9X/KraeGs23kUZjly 8OaaIX7/OekllTgjQy+T/OzFWSHEn5q4BSldAVz2JtaF1el4OndSjIfHDB03SH8J +gm+HKdeqF08/TtN36UMS16Kytt34RHb9iqtnwumM0WQwnFnrgXgIHPgg+rM0SV0 KugICdDCth8Y3uxotOsdlvsbnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL1TIJm7 vsbUqmTApPsa+gonkundMB8GA1UdIwQYMBaAFIhqDua8er3An6gi4RTfQ18LDoZa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNzZGQi85MkZCNzFBMDgz RjIxMUVDQkIyNTE5ODVDNEY5QUUwMi9pR29PNXJ4NnZjQ2ZxQ0xoRk45RFh3c09o bG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lHb081cng2dmNDZnFDTGhGTjlEWHdzT2hsby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NzZGQi85MkZCNzFBMDgzRjIxMUVDQkIyNTE5ODVDNEY5QUUwMi9pR29PNXJ4NnZj Q2ZxQ0xoRk45RFh3c09obG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCU062kcTTFZWiN/SKWT6q+RlQSPPOwqNu+oU5XyLLI6Tft1z1rcYbC 9EPG34PU5qBwRdxH1jwinTywlT/+I9n66qCmuZHDOC4ZhFBUUHFJbuBofO3mUUmt MNjXcDdNO323FXllthD270RCR5O1zVkDgbs6naJ1LnDIjqIeGzPdywxtE8hl743N s7Ceec61IQflek39I38AePz1ILGklVM6MnKJLxPXsrEaHHc9jLz9A7f4Zr3lWcNX n/cqPo6NKpM/8oXzGuT7j3MCZkdcApoMGN//KQJAK7d6lOmlQRszt1i2s6nR+kGe 0bIC8M5PY7uL5DPWmyh/cwNPjBFhRNVi -----END CERTIFICATE-----Generated at Sat Apr 26 04:28:59 2025 by rpki-client