$ rpki-client -vvf rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft File: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft (raw, json) Hash identifier: O5f7I65c0QOxfSzL4MM1gXmlhO3zQ+KbYggTepHmT3o= Subject key identifier: 5E:D1:0E:DA:F7:A9:0A:06:E8:58:34:3F:E0:52:F5:11:1F:3D:5B:14 Authority key identifier: 91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 Certificate issuer: /CN=A91478C3/serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Certificate serial: 0E48 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft Manifest number: 0E40 Signing time: Thu 24 Apr 2025 17:43:31 +0000 Manifest this update: Thu 24 Apr 2025 17:43:31 +0000 Manifest next update: Thu 01 May 2025 17:43:31 +0000 Files and hashes: 1: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl (hash: np9TIsNV3eG/VS/nmr7KvS97wW1jTib7RIqCjXqsGSg=) 2: 36477FF69D2E11E99A95DC2AC4F9AE02.roa (hash: ZyYqi6bXWhaxHbfmn8t7NJwcl5ydCuydY4LMtE+EeW4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:43:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3656 (0xe48) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91478C3, serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Validity Not Before: Apr 24 17:43:31 2025 GMT Not After : May 1 17:43:31 2025 GMT Subject: CN=680a7843-d0e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:02:ab:29:e1:56:3c:75:04:9e:d2:99:73:e7: 24:2e:be:54:62:60:93:1f:50:94:74:6f:db:60:ed: 07:27:2a:73:ad:11:61:7e:74:fb:59:47:3d:50:94: 3a:14:60:09:5c:24:cd:ce:03:39:44:7f:dd:08:99: 14:bf:e0:c4:31:e2:5d:d5:66:be:41:97:1f:37:2a: da:e3:d9:75:21:09:76:cc:98:8d:96:b4:4b:60:26: 1e:d3:36:56:9a:1e:a9:a5:33:47:df:6e:57:42:3e: a2:fe:cd:e9:b5:5d:e0:9e:46:fe:47:89:22:08:30: 5e:ff:4e:4d:c9:46:30:c3:d7:9e:73:5b:f2:c9:b3: ea:9c:a0:42:5e:0d:4c:ed:e0:5f:54:6c:75:32:41: ea:b1:e3:df:c4:16:e9:07:11:17:6e:55:e6:92:dc: 0b:71:54:d1:19:94:0a:40:19:41:5b:f9:7c:70:8f: 10:1e:4c:c8:2c:6d:7a:4e:89:ad:a9:f9:71:7f:e9: 11:6b:dd:fd:fd:ba:70:31:16:c0:cf:dc:86:55:f8: d5:1f:f0:5e:e5:2e:0a:e9:ed:9b:ce:8e:65:7f:d6: 53:12:27:1c:f6:b2:ae:5d:62:1b:17:c8:7f:e2:70: 99:4f:6c:57:4e:4b:b7:0d:b7:d2:16:de:67:7c:a8: 14:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:D1:0E:DA:F7:A9:0A:06:E8:58:34:3F:E0:52:F5:11:1F:3D:5B:14 X509v3 Authority Key Identifier: keyid:91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:29:b3:66:d2:87:50:05:59:4d:e5:ae:96:7c:10:f8:e9:ec: 87:c3:59:df:fd:eb:5a:d7:7b:b6:67:52:9b:10:f0:c4:c3:e8: 8e:f6:88:b7:2d:60:07:48:e8:05:ec:c9:23:22:9c:90:f7:51: ee:78:f9:4a:33:8e:f2:48:8e:d5:1b:a5:54:4f:95:37:49:0d: cb:3b:95:90:8a:4b:c7:e7:f0:14:52:fe:4b:73:cf:c6:82:1f: 85:60:06:11:61:13:64:94:8f:72:b8:2d:07:38:ae:cc:55:22: 28:15:f4:07:1f:65:ec:fc:40:df:5b:0c:74:de:8b:a7:27:e0: de:af:cc:c6:6c:11:4d:0b:be:fe:39:e5:e8:f9:59:de:90:6a: 91:fb:9b:1d:d9:d7:1b:ff:81:6b:ee:18:96:40:7d:d8:c0:18: 58:41:41:1e:2c:8e:1d:0c:12:d5:7b:12:40:2a:24:f6:96:54: e4:4c:06:60:05:87:4f:c5:ab:42:f1:7e:41:b0:eb:0c:6e:69: 25:06:dc:94:1d:e7:0c:d9:56:ab:41:24:45:18:45:80:b3:66: fd:08:50:4d:23:84:02:a7:ff:50:ea:6c:b5:96:ec:91:bb:73: 85:54:71:63:5b:98:ee:d0:cf:90:8b:8c:ee:42:f7:fa:04:1e: 91:f0:e9:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDkgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDc4QzMxMTAvBgNVBAUTKDkxMkFCMzlGQzdCQkNCRUYxQ0YyNjdFOUQzRjcxOUM5 QTRGMEExMTQwHhcNMjUwNDI0MTc0MzMxWhcNMjUwNTAxMTc0MzMxWjAYMRYwFAYD VQQDEw02ODBhNzg0My1kMGUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3AKrKeFWPHUEntKZc+ckLr5UYmCTH1CUdG/bYO0HJypzrRFhfnT7WUc9UJQ6 FGAJXCTNzgM5RH/dCJkUv+DEMeJd1Wa+QZcfNyra49l1IQl2zJiNlrRLYCYe0zZW mh6ppTNH325XQj6i/s3ptV3gnkb+R4kiCDBe/05NyUYww9eec1vyybPqnKBCXg1M 7eBfVGx1MkHqsePfxBbpBxEXblXmktwLcVTRGZQKQBlBW/l8cI8QHkzILG16Tomt qflxf+kRa939/bpwMRbAz9yGVfjVH/Be5S4K6e2bzo5lf9ZTEicc9rKuXWIbF8h/ 4nCZT2xXTku3DbfSFt5nfKgUxQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF7RDtr3 qQoG6Fg0P+BS9REfPVsUMB8GA1UdIwQYMBaAFJEqs5/Hu8vvHPJn6dP3Gcmk8KEU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzhDMy9FM0Q5MTk0QzlE MkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3ktOGM4bWZwMF9jWnlhVHdv UlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tTcXpuOGU3eS04YzhtZnAwX2NaeWFUd29SUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzhDMy9FM0Q5MTk0QzlEMkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3kt OGM4bWZwMF9jWnlhVHdvUlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAtKbNm0odQBVlN5a6WfBD46eyHw1nf/eta13u2Z1KbEPDEw+iO9oi3 LWAHSOgF7MkjIpyQ91HuePlKM47ySI7VG6VUT5U3SQ3LO5WQikvH5/AUUv5Lc8/G gh+FYAYRYRNklI9yuC0HOK7MVSIoFfQHH2Xs/EDfWwx03ounJ+Der8zGbBFNC77+ OeXo+VnekGqR+5sd2dcb/4Fr7hiWQH3YwBhYQUEeLI4dDBLVexJAKiT2llTkTAZg BYdPxatC8X5BsOsMbmklBtyUHecM2VarQSRFGEWAs2b9CFBNI4QCp/9Q6my1luyR u3OFVHFjW5ju0M+Qi4zuQvf6BB6R8OmI -----END CERTIFICATE-----Generated at Sat Apr 26 14:24:26 2025 by rpki-client