$ rpki-client -vvf rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/4u3kp-qXJminlbJ7qdyH9LkNqJc.mft File: 4u3kp-qXJminlbJ7qdyH9LkNqJc.mft (raw, json) Hash identifier: aCCfls38af2T1zBZUdOMQwubJK9eSOaRPBnRDeX7P5Y= Subject key identifier: AD:87:92:54:D5:50:8E:41:A2:89:BA:4A:B1:5E:25:F6:E9:29:DE:A7 Authority key identifier: E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97 Certificate issuer: /CN=A9172D91/serialNumber=E2EDE4A7EA972668A795B27BA9DC87F4B90DA897 Certificate serial: 1664 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/4u3kp-qXJminlbJ7qdyH9LkNqJc.mft Manifest number: 1626 Signing time: Thu 24 Apr 2025 16:46:44 +0000 Manifest this update: Thu 24 Apr 2025 16:46:43 +0000 Manifest next update: Thu 01 May 2025 16:46:43 +0000 Files and hashes: 1: 4u3kp-qXJminlbJ7qdyH9LkNqJc.crl (hash: AX1rggoGee6kG0NPXILctepqJYjLuC0Vh3zikb0ISI8=) 2: 854D304E0C9B11EC8433FE7AC4F9AE02.roa (hash: pak3Iy8E0gYpnvDkmWBebcI4LeVYUCjbRqic1+nKIXc=) 3: 56C8FCACE38011EFBF195482C4F9AE02.roa (hash: YpgFRa2Rul9X6oABfgOzOCogI1xE9k1rvzUQOQyIs6c=) 4: 9C79DBD23E7911EBBFFAC96BC4F9AE02.roa (hash: v+Ks9nZk5YSGi8jwz8W2ujGkO89h3nHyAUbCbrfDviU=) 5: 2357FC145F8D11EF94E7303FC4F9AE02.roa (hash: Adsar2w8VAjS3SUaIO5TAhSv+c7iSEo6NtUlziAok5s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/4u3kp-qXJminlbJ7qdyH9LkNqJc.crl rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/4u3kp-qXJminlbJ7qdyH9LkNqJc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:46:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5732 (0x1664) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172D91, serialNumber=E2EDE4A7EA972668A795B27BA9DC87F4B90DA897 Validity Not Before: Apr 24 16:46:43 2025 GMT Not After : May 1 16:46:43 2025 GMT Subject: CN=680a6af3-2400 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:e2:eb:d8:ac:c5:e1:21:68:71:02:cf:28:c0: a4:70:39:bc:e8:e5:bc:7e:13:4b:b5:b3:85:25:2f: 7a:8b:dc:23:da:03:9d:36:82:b9:83:6d:23:e3:21: 9a:3b:f6:d7:a4:6e:1b:9f:da:47:dd:06:c4:14:b5: 34:57:4e:28:02:5a:0a:ab:1c:de:5f:24:14:82:77: ee:c9:4d:b0:57:d5:66:72:a8:09:ff:13:66:c1:15: b2:b5:b3:94:3b:0e:7d:a2:f0:2b:0d:5e:23:d8:a9: 08:fb:1b:58:5a:5b:ab:40:37:a8:3e:a6:17:27:41: 9d:cc:8e:c3:1a:23:2c:2a:7e:a3:69:b7:cd:31:5b: 9e:96:b1:cb:a6:11:56:46:f6:cc:7a:56:b6:5b:9b: 9e:18:3f:87:b8:35:8b:59:47:c1:86:bb:0f:10:24: 87:d8:51:5f:c4:af:17:57:77:46:e8:c3:c8:2d:c3: 6f:62:e0:3a:0c:e9:87:c8:bc:a0:6d:36:88:1b:50: 29:dd:e9:84:6e:ed:ca:86:d5:6b:8c:3f:21:6d:d9: 35:bd:40:78:c1:5e:7a:42:55:71:b9:b4:a1:90:f6: 55:3f:bb:d4:8f:d0:9e:36:ed:91:f5:68:1c:35:ac: 20:ac:29:0e:63:80:68:27:3d:77:4f:19:b0:2a:62: 15:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:87:92:54:D5:50:8E:41:A2:89:BA:4A:B1:5E:25:F6:E9:29:DE:A7 X509v3 Authority Key Identifier: keyid:E2:ED:E4:A7:EA:97:26:68:A7:95:B2:7B:A9:DC:87:F4:B9:0D:A8:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/4u3kp-qXJminlbJ7qdyH9LkNqJc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4u3kp-qXJminlbJ7qdyH9LkNqJc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172D91/EA672A5C19E711E8B243D57CC4F9AE02/4u3kp-qXJminlbJ7qdyH9LkNqJc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:d6:1d:ab:50:ef:49:08:9c:2b:39:85:46:2c:fd:15:64:85: a5:99:e5:17:82:ff:e0:af:f6:cd:4a:b0:18:c8:7d:52:ac:72: 96:38:c0:23:9b:dd:3e:48:bd:c4:0c:94:0e:55:79:95:5b:20: 84:64:9f:a0:57:1c:9b:cc:6a:a5:4a:80:b1:d1:7e:18:30:8c: de:36:1d:87:fe:d4:7d:36:e9:66:b5:bc:7c:9e:bc:d4:02:13: be:52:e8:02:da:67:3a:8c:c9:b1:cd:f5:74:ca:ee:45:d3:31: 7e:da:28:d3:7a:9d:74:5b:dc:c0:7b:3c:63:41:a9:2b:c5:f2: 6a:29:53:15:9f:af:74:e5:82:1c:b4:d5:ae:a1:4d:43:fc:8e: 80:77:b7:92:bf:a7:5b:ce:51:4f:15:4d:b1:80:38:b7:a9:62: d8:c3:34:22:88:f0:dc:cc:37:58:3c:f8:45:8f:f4:ae:57:f3: ba:b8:5d:06:77:3e:a0:e7:40:21:a9:9e:0a:ab:1b:9f:54:50: 87:70:fd:96:f6:21:63:af:82:0d:83:9d:a2:27:09:0c:0d:6e: a2:89:0b:cf:f7:58:54:a0:9c:43:5b:cc:42:8b:a3:04:36:bc: 9a:49:b3:0c:65:93:f0:0b:31:15:d0:fd:e4:80:3c:1c:31:cd: 01:ea:a3:2a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFmQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzJEOTExMTAvBgNVBAUTKEUyRURFNEE3RUE5NzI2NjhBNzk1QjI3QkE5REM4N0Y0 QjkwREE4OTcwHhcNMjUwNDI0MTY0NjQzWhcNMjUwNTAxMTY0NjQzWjAYMRYwFAYD VQQDEw02ODBhNmFmMy0yNDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAouLr2KzF4SFocQLPKMCkcDm86OW8fhNLtbOFJS96i9wj2gOdNoK5g20j4yGa O/bXpG4bn9pH3QbEFLU0V04oAloKqxzeXyQUgnfuyU2wV9VmcqgJ/xNmwRWytbOU Ow59ovArDV4j2KkI+xtYWlurQDeoPqYXJ0GdzI7DGiMsKn6jabfNMVuelrHLphFW RvbMela2W5ueGD+HuDWLWUfBhrsPECSH2FFfxK8XV3dG6MPILcNvYuA6DOmHyLyg bTaIG1Ap3emEbu3KhtVrjD8hbdk1vUB4wV56QlVxubShkPZVP7vUj9CeNu2R9Wgc NawgrCkOY4BoJz13TxmwKmIVkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK2HklTV UI5Boom6SrFeJfbpKd6nMB8GA1UdIwQYMBaAFOLt5KfqlyZop5Wye6nch/S5DaiX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkQ5MS9FQTY3MkE1QzE5 RTcxMUU4QjI0M0Q1N0NDNEY5QUUwMi80dTNrcC1xWEptaW5sYko3cWR5SDlMa05x SmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzR1M2twLXFYSm1pbmxiSjdxZHlIOUxrTnFKYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MkQ5MS9FQTY3MkE1QzE5RTcxMUU4QjI0M0Q1N0NDNEY5QUUwMi80dTNrcC1xWEpt aW5sYko3cWR5SDlMa05xSmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAb1h2rUO9JCJwrOYVGLP0VZIWlmeUXgv/gr/bNSrAYyH1SrHKWOMAj m90+SL3EDJQOVXmVWyCEZJ+gVxybzGqlSoCx0X4YMIzeNh2H/tR9Nulmtbx8nrzU AhO+UugC2mc6jMmxzfV0yu5F0zF+2ijTep10W9zAezxjQakrxfJqKVMVn6905YIc tNWuoU1D/I6Ad7eSv6dbzlFPFU2xgDi3qWLYwzQiiPDczDdYPPhFj/SuV/O6uF0G dz6g50AhqZ4KqxufVFCHcP2W9iFjr4INg52iJwkMDW6iiQvP91hUoJxDW8xCi6ME NryaSbMMZZPwCzEV0P3kgDwcMc0B6qMq -----END CERTIFICATE-----Generated at Sat Apr 26 04:28:15 2025 by rpki-client