$ rpki-client -vvf rpki.apnic.net/member_repository/A91722A3/C02D85DE2B9B11EA972CDF46C4F9AE02/cIW1tFSazbW2wnBMhbp4h2D4iic.mft File: cIW1tFSazbW2wnBMhbp4h2D4iic.mft (raw, json) Hash identifier: 25MsWJwsuLf6EbzAmcLJopbvH91EWswXZXvHunIw+oY= Subject key identifier: EF:4C:85:B4:99:8B:49:E9:C1:6E:63:D4:44:CA:07:D2:B4:9E:0C:79 Authority key identifier: 70:85:B5:B4:54:9A:CD:B5:B6:C2:70:4C:85:BA:78:87:60:F8:8A:27 Certificate issuer: /CN=A91722A3/serialNumber=7085B5B4549ACDB5B6C2704C85BA788760F88A27 Certificate serial: 0B75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cIW1tFSazbW2wnBMhbp4h2D4iic.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91722A3/C02D85DE2B9B11EA972CDF46C4F9AE02/cIW1tFSazbW2wnBMhbp4h2D4iic.mft Manifest number: 0B6D Signing time: Thu 24 Apr 2025 18:59:08 +0000 Manifest this update: Thu 24 Apr 2025 18:59:07 +0000 Manifest next update: Thu 01 May 2025 18:59:07 +0000 Files and hashes: 1: cIW1tFSazbW2wnBMhbp4h2D4iic.crl (hash: yF+OLMMAxa1HBit5SbwtyRZQjYpo09vnc95XgKRU4Wk=) 2: 002DDDC22B9D11EA92F3094CC4F9AE02.roa (hash: sV6ALO0axr/VXMBheoOGm2xJXWMWbMsVRF9rlXmaHds=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91722A3/C02D85DE2B9B11EA972CDF46C4F9AE02/cIW1tFSazbW2wnBMhbp4h2D4iic.crl rsync://rpki.apnic.net/member_repository/A91722A3/C02D85DE2B9B11EA972CDF46C4F9AE02/cIW1tFSazbW2wnBMhbp4h2D4iic.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cIW1tFSazbW2wnBMhbp4h2D4iic.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:59:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2933 (0xb75) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91722A3, serialNumber=7085B5B4549ACDB5B6C2704C85BA788760F88A27 Validity Not Before: Apr 24 18:59:07 2025 GMT Not After : May 1 18:59:07 2025 GMT Subject: CN=680a89fc-f394 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:36:d3:bc:d9:34:04:e0:e0:28:97:0c:19:e4: 6c:de:37:73:e1:f5:9e:5b:1e:5a:d8:58:91:f6:6d: 4b:18:49:91:3e:da:23:39:5a:c0:7b:3e:b4:86:bd: 12:0b:a4:9f:63:f5:d0:fe:98:d1:dc:f5:6c:81:e3: 84:df:46:11:1e:23:b8:2f:40:33:50:b6:28:8a:f3: 19:eb:00:af:6a:ef:23:96:a4:2e:05:19:62:6e:0c: 8f:a4:c9:40:7f:09:ef:da:92:aa:d7:aa:0d:88:b2: 4f:3c:7a:0b:dd:f0:09:be:3d:51:37:a1:0f:2b:90: e5:46:0f:9a:ec:eb:54:6a:0b:b8:68:b8:f5:85:90: d1:dd:40:14:3e:dd:40:8d:1d:c1:d6:52:62:f8:57: 9b:67:c9:60:d6:3a:f5:13:df:ce:bc:8f:ca:5c:ee: ab:29:b3:47:85:53:7e:be:1a:d3:b5:45:91:b3:dd: 23:a2:13:c1:be:5a:bf:f3:dd:6d:41:a0:73:d9:b6: bf:05:f6:05:fa:6c:a9:e6:64:84:c4:47:35:50:b7: 29:e6:00:88:61:28:5b:84:84:f4:11:6c:a0:03:81: 36:52:d7:60:28:ea:21:37:ce:5d:01:1f:a5:b7:e3: f0:70:be:10:cc:6d:91:a4:68:e3:7f:c8:e4:49:fb: 85:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:4C:85:B4:99:8B:49:E9:C1:6E:63:D4:44:CA:07:D2:B4:9E:0C:79 X509v3 Authority Key Identifier: keyid:70:85:B5:B4:54:9A:CD:B5:B6:C2:70:4C:85:BA:78:87:60:F8:8A:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91722A3/C02D85DE2B9B11EA972CDF46C4F9AE02/cIW1tFSazbW2wnBMhbp4h2D4iic.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cIW1tFSazbW2wnBMhbp4h2D4iic.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91722A3/C02D85DE2B9B11EA972CDF46C4F9AE02/cIW1tFSazbW2wnBMhbp4h2D4iic.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption af:1b:53:98:18:1b:3a:4f:4a:12:41:9c:0a:3d:c2:f8:80:47: 91:12:c2:32:99:ea:31:e1:1b:bb:98:5e:e9:d2:c2:2c:dc:c8: 1e:16:47:2f:92:02:10:13:a2:8f:70:6f:0b:92:8b:9b:d4:12: f6:cb:5e:b7:28:5c:64:32:a4:2e:6c:be:fc:de:5d:a4:10:69: 28:04:35:86:8d:a8:7a:40:dd:a5:b8:8b:7c:91:51:1f:b3:6c: ed:6d:a7:1f:be:33:45:65:46:a9:e4:9d:86:01:c2:3a:05:c8: 19:6b:5d:c9:b4:0f:5c:4e:49:c0:cb:09:0a:09:19:fe:57:49: 0f:ce:15:03:9a:15:6b:42:ae:93:0a:4f:ef:1e:63:ee:55:39: ea:fa:b2:88:08:73:97:25:b5:bd:78:b1:40:f4:b0:64:a1:af: ef:2d:eb:aa:dc:b9:28:d7:c8:ee:4d:c5:df:e0:fd:3e:0e:69: 35:73:b7:61:e1:5c:7e:59:54:77:84:8b:77:28:5f:bd:40:1b: 35:b7:03:67:91:a1:fa:e8:dd:fd:b6:fa:66:b8:9b:c2:d9:05: 74:c8:e8:55:a8:b7:7a:f7:fb:69:8b:93:26:c4:d0:d0:f5:68: 0a:47:29:47:2c:95:d6:b1:a7:66:8d:6f:bb:48:51:a6:31:85: 18:dc:0e:e0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC3UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzIyQTMxMTAvBgNVBAUTKDcwODVCNUI0NTQ5QUNEQjVCNkMyNzA0Qzg1QkE3ODg3 NjBGODhBMjcwHhcNMjUwNDI0MTg1OTA3WhcNMjUwNTAxMTg1OTA3WjAYMRYwFAYD VQQDEw02ODBhODlmYy1mMzk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4jbTvNk0BODgKJcMGeRs3jdz4fWeWx5a2FiR9m1LGEmRPtojOVrAez60hr0S C6SfY/XQ/pjR3PVsgeOE30YRHiO4L0AzULYoivMZ6wCvau8jlqQuBRlibgyPpMlA fwnv2pKq16oNiLJPPHoL3fAJvj1RN6EPK5DlRg+a7OtUagu4aLj1hZDR3UAUPt1A jR3B1lJi+FebZ8lg1jr1E9/OvI/KXO6rKbNHhVN+vhrTtUWRs90johPBvlq/891t QaBz2ba/BfYF+myp5mSExEc1ULcp5gCIYShbhIT0EWygA4E2UtdgKOohN85dAR+l t+PwcL4QzG2RpGjjf8jkSfuFoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO9MhbSZ i0npwW5j1ETKB9K0ngx5MB8GA1UdIwQYMBaAFHCFtbRUms21tsJwTIW6eIdg+Ion MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjJBMy9DMDJEODVERTJC OUIxMUVBOTcyQ0RGNDZDNEY5QUUwMi9jSVcxdEZTYXpiVzJ3bkJNaGJwNGgyRDRp aWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NJVzF0RlNhemJXMnduQk1oYnA0aDJENGlpYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MjJBMy9DMDJEODVERTJCOUIxMUVBOTcyQ0RGNDZDNEY5QUUwMi9jSVcxdEZTYXpi VzJ3bkJNaGJwNGgyRDRpaWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCvG1OYGBs6T0oSQZwKPcL4gEeREsIymeox4Ru7mF7p0sIs3MgeFkcv kgIQE6KPcG8Lkoub1BL2y163KFxkMqQubL783l2kEGkoBDWGjah6QN2luIt8kVEf s2ztbacfvjNFZUap5J2GAcI6BcgZa13JtA9cTknAywkKCRn+V0kPzhUDmhVrQq6T Ck/vHmPuVTnq+rKICHOXJbW9eLFA9LBkoa/vLeuq3Lko18juTcXf4P0+Dmk1c7dh 4Vx+WVR3hIt3KF+9QBs1twNnkaH66N39tvpmuJvC2QV0yOhVqLd69/tpi5MmxNDQ 9WgKRylHLJXWsadmjW+7SFGmMYUY3A7g -----END CERTIFICATE-----Generated at Sat Apr 26 14:55:52 2025 by rpki-client