$ rpki-client -vvf rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/2o28OwmXQtOr0qiV3RM5iTuaj18.mft File: 2o28OwmXQtOr0qiV3RM5iTuaj18.mft (raw, json) Hash identifier: C/LF10jz+3yQj9zCm03RwO9Qmw3Cxngsrv5SXnqjCFo= Subject key identifier: 1E:73:82:C4:74:79:BE:50:74:6B:99:66:82:CA:26:E7:9A:BD:77:68 Authority key identifier: DA:8D:BC:3B:09:97:42:D3:AB:D2:A8:95:DD:13:39:89:3B:9A:8F:5F Certificate issuer: /CN=A916B0A3/serialNumber=DA8DBC3B099742D3ABD2A895DD1339893B9A8F5F Certificate serial: 0B69 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2o28OwmXQtOr0qiV3RM5iTuaj18.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/2o28OwmXQtOr0qiV3RM5iTuaj18.mft Manifest number: 31FD Signing time: Thu 24 Apr 2025 15:42:10 +0000 Manifest this update: Thu 24 Apr 2025 15:42:10 +0000 Manifest next update: Thu 01 May 2025 15:42:10 +0000 Files and hashes: 1: 2o28OwmXQtOr0qiV3RM5iTuaj18.crl (hash: 7iA5AXnGhp4ExKHEs9P748fbZ83K3m7DNKZ4lwU/x2M=) 2: 0B6054BA851E11EA86E0DF24C4F9AE02.roa (hash: MgTUngCCzikGCV51wBox1XfJC+wHmw6xDYqUAEuxnEk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/2o28OwmXQtOr0qiV3RM5iTuaj18.crl rsync://rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/2o28OwmXQtOr0qiV3RM5iTuaj18.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2o28OwmXQtOr0qiV3RM5iTuaj18.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:42:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2921 (0xb69) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916B0A3, serialNumber=DA8DBC3B099742D3ABD2A895DD1339893B9A8F5F Validity Not Before: Apr 24 15:42:10 2025 GMT Not After : May 1 15:42:10 2025 GMT Subject: CN=680a5bd2-325e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:5c:df:2e:e8:f1:d2:bc:9e:a6:7c:0a:f5:db: 12:99:d5:ed:35:8e:bc:6a:e1:be:9c:17:ca:58:33: a2:e4:01:05:c1:00:c0:e9:d3:3c:45:21:2a:66:7e: 34:23:f0:ac:3a:91:88:ea:31:58:04:e9:ed:a0:82: 22:f0:3e:82:e8:ce:56:18:95:4f:17:d3:30:dc:0e: 54:6b:20:61:e8:eb:e5:03:23:f9:36:ed:d4:a4:cd: 82:06:bb:db:0a:e6:5f:0b:f1:38:37:88:e9:97:21: cc:f2:64:24:59:21:1b:dc:74:f9:72:33:1e:8b:c2: 93:ed:bd:5f:59:11:d9:be:1e:3a:cd:6a:d4:83:fd: d0:5c:8a:35:5c:b4:f6:0d:99:79:de:c6:43:6b:7f: 7f:e4:e7:05:c4:c5:6d:35:0d:58:bb:9a:b1:89:fd: 97:f2:7b:89:58:cc:0b:d7:f7:56:75:2f:c6:a5:c4: a9:78:b1:e9:e0:86:22:13:e1:32:3f:d8:de:96:a7: 8c:62:15:00:ac:c9:c1:0e:8b:40:fd:94:86:38:8e: 5d:a1:80:40:81:2f:74:89:21:05:73:48:e2:9f:93: 74:4e:b8:48:16:0e:24:83:39:42:ce:9a:a5:a0:9a: 6e:b8:54:aa:01:ab:3f:cb:a0:e7:16:9a:58:1b:31: 53:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:73:82:C4:74:79:BE:50:74:6B:99:66:82:CA:26:E7:9A:BD:77:68 X509v3 Authority Key Identifier: keyid:DA:8D:BC:3B:09:97:42:D3:AB:D2:A8:95:DD:13:39:89:3B:9A:8F:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/2o28OwmXQtOr0qiV3RM5iTuaj18.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2o28OwmXQtOr0qiV3RM5iTuaj18.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/2o28OwmXQtOr0qiV3RM5iTuaj18.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:2c:12:85:62:a3:39:38:07:b2:ad:68:f9:e1:a0:51:18:d3: b5:6a:86:21:0d:39:3c:59:ad:3e:51:64:5b:28:e0:26:ef:27: 8b:56:47:bf:06:00:c1:55:f6:32:4d:dd:6d:6e:8d:be:73:ff: 50:74:bc:f1:e0:ed:2c:08:b6:ce:58:ff:d9:ea:5d:59:3f:83: 43:e6:ca:56:41:3b:84:60:94:8f:ac:a3:71:30:a6:18:ef:c4: 53:6b:b8:f9:e4:4e:6c:61:e1:7b:65:83:97:25:54:cc:d4:5f: 2c:2a:5b:39:17:bd:55:cd:73:42:a6:ec:89:cc:97:32:11:64: db:57:24:c6:ff:f8:91:21:78:35:8d:10:ce:5d:5d:4a:f7:d6: 5f:8f:32:9c:9c:5b:9b:9f:46:80:e0:87:ef:a3:64:7c:85:ee: 87:b7:aa:94:fb:5b:b6:73:f1:87:dc:6e:e5:06:1d:77:2c:cb: e9:c5:72:44:14:b4:09:e4:a2:0a:25:93:12:06:c6:f5:d0:77: ca:4f:54:2d:0d:9c:84:4e:7f:90:bc:0e:db:2a:3b:96:21:c7: fa:f1:7c:b4:19:a7:80:52:08:72:9a:70:9f:ae:4a:f1:35:49: 82:20:07:50:5f:8d:93:6b:a1:ed:fd:3b:33:80:e9:cf:2e:6f: fe:2b:e2:17 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC2kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkIwQTMxMTAvBgNVBAUTKERBOERCQzNCMDk5NzQyRDNBQkQyQTg5NUREMTMzOTg5 M0I5QThGNUYwHhcNMjUwNDI0MTU0MjEwWhcNMjUwNTAxMTU0MjEwWjAYMRYwFAYD VQQDEw02ODBhNWJkMi0zMjVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq1zfLujx0ryepnwK9dsSmdXtNY68auG+nBfKWDOi5AEFwQDA6dM8RSEqZn40 I/CsOpGI6jFYBOntoIIi8D6C6M5WGJVPF9Mw3A5UayBh6OvlAyP5Nu3UpM2CBrvb CuZfC/E4N4jplyHM8mQkWSEb3HT5cjMei8KT7b1fWRHZvh46zWrUg/3QXIo1XLT2 DZl53sZDa39/5OcFxMVtNQ1Yu5qxif2X8nuJWMwL1/dWdS/GpcSpeLHp4IYiE+Ey P9jelqeMYhUArMnBDotA/ZSGOI5doYBAgS90iSEFc0jin5N0TrhIFg4kgzlCzpql oJpuuFSqAas/y6DnFppYGzFToQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB5zgsR0 eb5QdGuZZoLKJueavXdoMB8GA1UdIwQYMBaAFNqNvDsJl0LTq9Kold0TOYk7mo9f MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjBBMy83MUFERTFGRUQ4 MjgxMUU0QUE3QzhBNDdDNEY5QUUwMi8ybzI4T3dtWFF0T3IwcWlWM1JNNWlUdWFq MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJvMjhPd21YUXRPcjBxaVYzUk01aVR1YWoxOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QjBBMy83MUFERTFGRUQ4MjgxMUU0QUE3QzhBNDdDNEY5QUUwMi8ybzI4T3dtWFF0 T3IwcWlWM1JNNWlUdWFqMTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/LBKFYqM5OAeyrWj54aBRGNO1aoYhDTk8Wa0+UWRbKOAm7yeLVke/ BgDBVfYyTd1tbo2+c/9QdLzx4O0sCLbOWP/Z6l1ZP4ND5spWQTuEYJSPrKNxMKYY 78RTa7j55E5sYeF7ZYOXJVTM1F8sKls5F71VzXNCpuyJzJcyEWTbVyTG//iRIXg1 jRDOXV1K99ZfjzKcnFubn0aA4Ifvo2R8he6Ht6qU+1u2c/GH3G7lBh13LMvpxXJE FLQJ5KIKJZMSBsb10HfKT1QtDZyETn+QvA7bKjuWIcf68Xy0GaeAUghymnCfrkrx NUmCIAdQX42Ta6Ht/TszgOnPLm/+K+IX -----END CERTIFICATE-----Generated at Sat Apr 26 04:28:16 2025 by rpki-client