$ rpki-client -vvf rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.mft File: rGoi8eThZQrPtSifXctdU5IPzzQ.mft (raw, json) Hash identifier: ELmKNflLBVCVZFAeLkl2mvS+J11ogDax2DF4TJZgHbY= Subject key identifier: 60:ED:52:CD:B9:A5:D9:FF:66:90:A8:BE:8E:BB:71:0C:5F:E3:5A:C3 Authority key identifier: AC:6A:22:F1:E4:E1:65:0A:CF:B5:28:9F:5D:CB:5D:53:92:0F:CF:34 Certificate issuer: /CN=A91422D7/serialNumber=AC6A22F1E4E1650ACFB5289F5DCB5D53920FCF34 Certificate serial: EC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGoi8eThZQrPtSifXctdU5IPzzQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.mft Manifest number: 03A6 Signing time: Fri 25 Apr 2025 01:12:00 +0000 Manifest this update: Fri 25 Apr 2025 01:11:59 +0000 Manifest next update: Fri 02 May 2025 01:11:59 +0000 Files and hashes: 1: rGoi8eThZQrPtSifXctdU5IPzzQ.crl (hash: laTbVVseZugXDqdLouRXJS7OAfQOOs8idGfk091Agvo=) 2: CE5F74E2BE5811EEA8C02E2AC4F9AE02.roa (hash: tIDiP3hNqVNzA0IqRbP/SuZVvzepUKW2qtpK5KHsOYE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.crl rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGoi8eThZQrPtSifXctdU5IPzzQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:11:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 236 (0xec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91422D7, serialNumber=AC6A22F1E4E1650ACFB5289F5DCB5D53920FCF34 Validity Not Before: Apr 25 01:11:59 2025 GMT Not After : May 2 01:11:59 2025 GMT Subject: CN=680ae160-a492 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:c2:ad:71:a7:f0:1d:79:44:77:55:26:17:98: 7f:69:f4:4b:fc:42:6f:a2:42:2e:f9:c3:29:b2:51: 01:e0:a2:1f:02:dc:ec:bf:d5:b9:68:92:a6:de:54: 44:13:81:fa:98:63:90:93:cc:d1:4a:6e:0d:89:50: 80:cc:d1:b5:f4:50:88:b0:52:9d:60:68:36:f9:56: 03:b9:d4:fb:2d:3b:4e:21:42:0b:ce:30:55:9b:b9: 9f:1d:5c:7d:02:46:03:1e:df:f9:31:34:bb:cf:fb: 38:0e:55:91:9b:c4:2e:04:fb:74:4c:e1:6b:c0:4b: e9:99:39:d6:2c:60:e3:2e:5f:6c:06:74:a2:77:ed: 1b:de:e3:80:d4:94:22:84:60:9c:88:f4:f6:87:9e: 03:b9:bf:d9:81:de:3f:e8:8d:61:7f:9d:3e:b1:a9: 41:d5:da:54:b6:18:95:42:0d:58:32:7f:62:59:ce: 70:38:6f:52:b6:db:91:7d:aa:90:7e:3b:be:24:56: c8:0c:2c:48:fe:2d:42:6e:32:5a:66:e3:34:ae:07: cc:1b:cc:a0:d1:21:b3:7d:c1:17:62:e3:b3:02:d1: 04:6d:17:78:4d:a4:48:74:38:07:2d:e6:e5:70:b6: 5e:1f:11:28:39:a7:15:94:db:2a:ec:e6:3a:9d:48: ad:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:ED:52:CD:B9:A5:D9:FF:66:90:A8:BE:8E:BB:71:0C:5F:E3:5A:C3 X509v3 Authority Key Identifier: keyid:AC:6A:22:F1:E4:E1:65:0A:CF:B5:28:9F:5D:CB:5D:53:92:0F:CF:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGoi8eThZQrPtSifXctdU5IPzzQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:52:c5:52:ea:2d:5e:f1:49:2c:47:23:79:87:aa:87:73:e8: 43:f9:b5:26:b6:27:a3:37:4c:31:b2:bb:13:b9:27:d9:19:04: 27:a9:1f:7e:47:3c:d6:6a:54:3d:15:62:d2:3d:3d:53:51:a0: e3:30:71:18:88:91:66:0c:d6:20:aa:c2:8d:d8:7e:a2:66:c5: 9a:63:85:e1:47:cb:70:dc:ac:a9:b9:9a:c3:7f:9e:6d:30:66: 7a:64:c1:79:e5:21:6a:20:36:d1:cc:0c:75:9f:1e:80:b0:d8: c0:ff:f8:33:a3:04:82:1e:cb:16:f5:ec:85:0b:e6:8c:2a:1f: 59:59:fa:0b:ad:8d:ea:8d:6a:6a:b3:7a:8f:3d:72:59:bf:92: 37:47:18:c0:4d:40:28:f7:b6:67:53:bc:07:c3:a3:04:a8:e9: 62:ed:1e:c0:24:1e:4a:3c:4b:d6:25:ce:49:9c:02:f8:eb:04: 8b:4f:46:00:47:9f:de:0c:76:2f:42:e9:5d:5b:ad:44:5f:1d: db:94:87:4e:47:20:6b:72:76:3b:3f:ef:2f:4f:17:f9:d2:80: 72:d6:f5:a9:a5:b8:08:74:7f:c2:47:b4:54:56:fc:32:6b:db: 7e:72:f1:4a:7d:bf:49:56:52:be:c6:f6:b1:19:d8:8c:bb:ee: 70:a9:ae:92 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDIyRDcxMTAvBgNVBAUTKEFDNkEyMkYxRTRFMTY1MEFDRkI1Mjg5RjVEQ0I1RDUz OTIwRkNGMzQwHhcNMjUwNDI1MDExMTU5WhcNMjUwNTAyMDExMTU5WjAYMRYwFAYD VQQDEw02ODBhZTE2MC1hNDkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwsKtcafwHXlEd1UmF5h/afRL/EJvokIu+cMpslEB4KIfAtzsv9W5aJKm3lRE E4H6mGOQk8zRSm4NiVCAzNG19FCIsFKdYGg2+VYDudT7LTtOIUILzjBVm7mfHVx9 AkYDHt/5MTS7z/s4DlWRm8QuBPt0TOFrwEvpmTnWLGDjLl9sBnSid+0b3uOA1JQi hGCciPT2h54Dub/Zgd4/6I1hf50+salB1dpUthiVQg1YMn9iWc5wOG9SttuRfaqQ fju+JFbIDCxI/i1CbjJaZuM0rgfMG8yg0SGzfcEXYuOzAtEEbRd4TaRIdDgHLebl cLZeHxEoOacVlNsq7OY6nUitewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGDtUs25 pdn/ZpCovo67cQxf41rDMB8GA1UdIwQYMBaAFKxqIvHk4WUKz7Uon13LXVOSD880 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjJENy81QjlGNzFEMkVE MzAxMUVDQkYwN0YwMTJDNEY5QUUwMi9yR29pOGVUaFpRclB0U2lmWGN0ZFU1SVB6 elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JHb2k4ZVRoWlFyUHRTaWZYY3RkVTVJUHp6US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MjJENy81QjlGNzFEMkVEMzAxMUVDQkYwN0YwMTJDNEY5QUUwMi9yR29pOGVUaFpR clB0U2lmWGN0ZFU1SVB6elEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAnUsVS6i1e8UksRyN5h6qHc+hD+bUmtiejN0wxsrsTuSfZGQQnqR9+ RzzWalQ9FWLSPT1TUaDjMHEYiJFmDNYgqsKN2H6iZsWaY4XhR8tw3KypuZrDf55t MGZ6ZMF55SFqIDbRzAx1nx6AsNjA//gzowSCHssW9eyFC+aMKh9ZWfoLrY3qjWpq s3qPPXJZv5I3RxjATUAo97ZnU7wHw6MEqOli7R7AJB5KPEvWJc5JnAL46wSLT0YA R5/eDHYvQuldW61EXx3blIdORyBrcnY7P+8vTxf50oBy1vWppbgIdH/CR7RUVvwy a9t+cvFKfb9JVlK+xvaxGdiMu+5wqa6S -----END CERTIFICATE-----Generated at Sat Apr 26 09:20:28 2025 by rpki-client