$ rpki-client -vvf rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.mft File: 2CVmixrBt_OBXwe82lfnSMSWSpo.mft (raw, json) Hash identifier: jbhXFg0ny8veMnEf/sM4o3wLTQVTO3IlDy3ooNIi0l4= Subject key identifier: C5:3C:8F:90:75:91:0B:1E:75:32:AF:47:D6:2F:C7:88:51:8B:56:A7 Authority key identifier: D8:25:66:8B:1A:C1:B7:F3:81:5F:07:BC:DA:57:E7:48:C4:96:4A:9A Certificate issuer: /CN=A91756C3/serialNumber=D825668B1AC1B7F3815F07BCDA57E748C4964A9A Certificate serial: 2D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CVmixrBt_OBXwe82lfnSMSWSpo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.mft Manifest number: 2C Signing time: Fri 25 Apr 2025 06:41:26 +0000 Manifest this update: Fri 25 Apr 2025 06:41:25 +0000 Manifest next update: Fri 02 May 2025 06:41:25 +0000 Files and hashes: 1: 2CVmixrBt_OBXwe82lfnSMSWSpo.crl (hash: UGPv6qxniNFW7Bxo7E+L4DEQSXhFdPG69eeQguRIQtY=) 2: 00078764E06811EF8716401DC4F9AE02.roa (hash: xskJHyJy9wOT0np+Xdp4jl5Zejz4/7Uevmd8xiyRBK0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.crl rsync://rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CVmixrBt_OBXwe82lfnSMSWSpo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:41:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45 (0x2d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91756C3, serialNumber=D825668B1AC1B7F3815F07BCDA57E748C4964A9A Validity Not Before: Apr 25 06:41:25 2025 GMT Not After : May 2 06:41:25 2025 GMT Subject: CN=680b2e96-f59d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:67:55:dd:d0:a7:c1:ec:ed:1b:34:12:2b:6b: 75:21:14:91:37:ee:03:e5:7d:08:27:90:e7:1e:27: ec:cf:73:31:90:72:f6:51:09:22:ab:30:2e:ba:ce: 0d:1c:ab:51:ea:29:6f:35:c9:29:48:70:94:19:b7: 86:07:8b:69:ca:06:06:27:6f:6a:cb:3d:7a:e3:bd: 71:bd:de:6e:bc:a0:e6:d3:65:b7:cf:ea:1c:4f:fd: ec:63:16:55:80:7b:7f:e8:e8:fa:84:89:77:9e:1e: a5:86:ee:2d:72:b0:07:65:c4:c0:a0:ea:4c:f5:c9: d5:d7:4f:cf:fd:0a:1f:c7:32:d0:3c:a9:44:19:8a: 37:ce:4f:21:d1:dd:1d:bf:2e:26:35:b1:a7:e7:6f: 42:50:77:18:3d:25:51:b7:59:02:5d:01:eb:1f:23: a2:43:e3:c3:bf:69:27:47:59:90:06:51:d7:59:db: b5:6f:8b:10:89:9f:b3:d6:9d:62:5f:44:9b:e4:32: ec:5c:c2:ab:8a:ae:06:d4:43:d2:fc:e8:00:45:8f: c9:93:d1:c0:d8:a6:91:7e:9a:2c:00:c9:01:82:1e: a2:09:2f:3f:6a:45:13:15:22:5b:c7:94:1a:92:3a: 1a:8e:9e:d2:05:a8:2c:a7:4e:16:07:14:e4:b2:e5: 6c:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:3C:8F:90:75:91:0B:1E:75:32:AF:47:D6:2F:C7:88:51:8B:56:A7 X509v3 Authority Key Identifier: keyid:D8:25:66:8B:1A:C1:B7:F3:81:5F:07:BC:DA:57:E7:48:C4:96:4A:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CVmixrBt_OBXwe82lfnSMSWSpo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3c:aa:c2:02:11:f5:05:2b:54:2e:b8:50:e5:d0:da:c5:f6:81: 04:5d:74:18:33:48:ca:1c:b5:0c:88:eb:a3:a6:57:7c:e4:e3: bd:16:99:c3:6f:df:a7:59:55:af:41:13:80:5d:61:5d:a0:43: 3b:78:ea:6a:19:fd:00:2c:1b:33:41:17:5a:4a:07:6b:42:10: 9c:1f:75:64:be:db:22:97:f3:13:e9:37:d1:f4:55:cf:e0:81: be:dc:28:39:8d:20:b1:96:71:37:2e:ea:ea:ca:8c:c8:54:0b: 68:de:73:69:05:42:0e:84:02:b9:44:ba:63:de:00:dc:89:06: b5:2c:5d:b7:64:2d:fe:0f:74:b4:fb:ea:a0:87:08:c7:35:5f: 98:dc:ca:dd:90:83:7e:18:ca:0f:35:eb:3f:7f:0a:61:f3:00: 97:be:ab:61:20:e0:81:02:92:fe:2e:7d:34:e6:c5:ab:3c:67: f8:1a:7a:95:68:b2:9f:43:07:fd:05:05:55:e1:d7:de:5f:35: 3b:88:50:66:c0:00:27:d5:ea:dd:b8:db:3d:60:99:64:92:46: 93:6e:fd:bd:74:91:b5:8a:b0:ee:e0:0f:13:87:7a:84:40:d5: 38:b5:3c:c0:88:77:42:22:63:e1:fc:bd:b6:fd:54:b4:1f:b6: 40:a4:35:25 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 NTZDMzExMC8GA1UEBRMoRDgyNTY2OEIxQUMxQjdGMzgxNUYwN0JDREE1N0U3NDhD NDk2NEE5QTAeFw0yNTA0MjUwNjQxMjVaFw0yNTA1MDIwNjQxMjVaMBgxFjAUBgNV BAMTDTY4MGIyZTk2LWY1OWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC3Z1Xd0KfB7O0bNBIra3UhFJE37gPlfQgnkOceJ+zPczGQcvZRCSKrMC66zg0c q1HqKW81ySlIcJQZt4YHi2nKBgYnb2rLPXrjvXG93m68oObTZbfP6hxP/exjFlWA e3/o6PqEiXeeHqWG7i1ysAdlxMCg6kz1ydXXT8/9Ch/HMtA8qUQZijfOTyHR3R2/ LiY1safnb0JQdxg9JVG3WQJdAesfI6JD48O/aSdHWZAGUddZ27VvixCJn7PWnWJf RJvkMuxcwquKrgbUQ9L86ABFj8mT0cDYppF+miwAyQGCHqIJLz9qRRMVIlvHlBqS OhqOntIFqCynThYHFOSy5WypAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUxTyPkHWR Cx51Mq9H1i/HiFGLVqcwHwYDVR0jBBgwFoAU2CVmixrBt/OBXwe82lfnSMSWSpow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1NkMzLzVCRjUxOTJBRTA2 NzExRUZCQzNEMTcxQkM0RjlBRTAyLzJDVm1peHJCdF9PQlh3ZTgybGZuU01TV1Nw by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMkNWbWl4ckJ0X09CWHdlODJsZm5TTVNXU3BvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1 NkMzLzVCRjUxOTJBRTA2NzExRUZCQzNEMTcxQkM0RjlBRTAyLzJDVm1peHJCdF9P Qlh3ZTgybGZuU01TV1Nwby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADyqwgIR9QUrVC64UOXQ2sX2gQRddBgzSMoctQyI66OmV3zk470WmcNv 36dZVa9BE4BdYV2gQzt46moZ/QAsGzNBF1pKB2tCEJwfdWS+2yKX8xPpN9H0Vc/g gb7cKDmNILGWcTcu6urKjMhUC2jec2kFQg6EArlEumPeANyJBrUsXbdkLf4PdLT7 6qCHCMc1X5jcyt2Qg34Yyg816z9/CmHzAJe+q2Eg4IECkv4ufTTmxas8Z/gaepVo sp9DB/0FBVXh195fNTuIUGbAACfV6t242z1gmWSSRpNu/b10kbWKsO7gDxOHeoRA 1Ti1PMCId0IiY+H8vbb9VLQftkCkNSU= -----END CERTIFICATE-----Generated at Sat Apr 26 03:43:57 2025 by rpki-client