$ rpki-client -vvf rpki.apnic.net/member_repository/A91764E1/6231A02EC67D11EE87027B3AC4F9AE02/cOiFV7DAgsmwbs9ZuPKKdwOmOAE.mft File: cOiFV7DAgsmwbs9ZuPKKdwOmOAE.mft (raw, json) Hash identifier: Cw/GO0vgcZ6Gr5ymcXaYEPFk98+/7Iqfa3fu5YqL5Iw= Subject key identifier: F3:80:74:71:65:64:14:07:52:13:DD:45:19:47:18:06:C9:22:C8:7D Authority key identifier: 70:E8:85:57:B0:C0:82:C9:B0:6E:CF:59:B8:F2:8A:77:03:A6:38:01 Certificate issuer: /CN=A91764E1/serialNumber=70E88557B0C082C9B06ECF59B8F28A7703A63801 Certificate serial: E5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cOiFV7DAgsmwbs9ZuPKKdwOmOAE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91764E1/6231A02EC67D11EE87027B3AC4F9AE02/cOiFV7DAgsmwbs9ZuPKKdwOmOAE.mft Manifest number: E3 Signing time: Fri 25 Apr 2025 04:30:33 +0000 Manifest this update: Fri 25 Apr 2025 04:30:32 +0000 Manifest next update: Fri 02 May 2025 04:30:32 +0000 Files and hashes: 1: cOiFV7DAgsmwbs9ZuPKKdwOmOAE.crl (hash: +2sCzO7hgynTudNosYNOJ8MeZvXSiA5vrluPqdSLy9w=) 2: 0C708FB4C67E11EE87B34958C4F9AE02.roa (hash: Emtdf6B32dUyriQRU+z92VLtRvSD7HNe+9gqK+EmXtg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91764E1/6231A02EC67D11EE87027B3AC4F9AE02/cOiFV7DAgsmwbs9ZuPKKdwOmOAE.crl rsync://rpki.apnic.net/member_repository/A91764E1/6231A02EC67D11EE87027B3AC4F9AE02/cOiFV7DAgsmwbs9ZuPKKdwOmOAE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cOiFV7DAgsmwbs9ZuPKKdwOmOAE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:30:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 229 (0xe5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91764E1, serialNumber=70E88557B0C082C9B06ECF59B8F28A7703A63801 Validity Not Before: Apr 25 04:30:32 2025 GMT Not After : May 2 04:30:32 2025 GMT Subject: CN=680b0fe9-2237 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:53:a9:3d:aa:8f:82:7e:ee:97:be:4e:d7:dc: 0d:52:9a:2f:a6:04:72:bd:9f:6b:1f:aa:fd:d3:2a: 31:e3:e3:0b:0d:6f:49:b7:34:90:99:79:3f:ba:c1: cc:14:93:19:dd:ea:14:40:1e:59:85:2f:63:45:9c: 04:e1:d0:11:c1:58:11:1f:ba:75:bc:39:46:3f:9d: fc:a8:99:d4:00:61:53:c8:45:f8:96:27:95:52:25: 90:16:a9:33:78:35:99:df:ce:31:c1:9b:8e:72:95: 8f:57:30:32:fd:e8:cf:06:2b:1c:3b:91:67:63:61: f8:a9:93:db:4a:fb:57:c0:fc:0e:9f:86:e4:d1:79: d0:70:aa:9f:f7:33:38:a5:87:e7:e9:52:a5:38:39: 0f:80:1a:9d:1b:b0:57:79:46:2d:6e:3e:ae:7c:44: f9:02:08:01:55:e0:5d:cf:88:14:b0:fa:23:de:d2: 09:c6:69:7c:ba:d6:e7:6a:17:c9:3f:21:13:d6:46: 06:6a:c8:e3:89:01:bd:af:2b:60:e3:9e:4f:cc:b9: a9:f1:fa:f0:39:d1:05:72:97:ad:11:c0:bd:66:61: b8:bc:68:06:e9:1c:3c:d3:56:0a:8a:bd:7e:87:a8: 30:ec:38:8a:3f:9d:2e:d7:ab:5a:86:7c:8c:de:46: 61:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:80:74:71:65:64:14:07:52:13:DD:45:19:47:18:06:C9:22:C8:7D X509v3 Authority Key Identifier: keyid:70:E8:85:57:B0:C0:82:C9:B0:6E:CF:59:B8:F2:8A:77:03:A6:38:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91764E1/6231A02EC67D11EE87027B3AC4F9AE02/cOiFV7DAgsmwbs9ZuPKKdwOmOAE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cOiFV7DAgsmwbs9ZuPKKdwOmOAE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91764E1/6231A02EC67D11EE87027B3AC4F9AE02/cOiFV7DAgsmwbs9ZuPKKdwOmOAE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:21:14:52:e0:1d:61:a5:76:74:6b:95:d2:aa:c2:75:3d:ed: 1a:50:2b:8f:06:c1:63:f1:f0:02:96:7d:de:47:5b:a5:3c:48: 89:e7:b4:6f:fa:0a:26:8b:67:58:54:06:7c:de:92:89:60:af: 26:e7:eb:16:11:74:75:b0:30:ae:9e:ef:55:f9:8e:c2:74:58: 4e:10:fa:5d:34:16:4f:26:0d:91:20:65:0a:62:ad:f1:c3:58: c2:ed:55:b2:65:56:60:fe:f2:6c:2a:13:fc:01:78:89:20:51: 64:41:6c:a3:5f:47:d8:0e:5c:17:b8:13:e7:17:4c:92:69:84: a4:53:60:8a:0e:ae:07:17:97:8e:e0:86:2a:0d:0b:7f:c4:a8: 22:06:d9:95:00:b3:cd:e6:ab:6d:88:cd:0f:3b:2c:3c:07:ef: 1a:6b:0b:a6:ab:c0:65:8b:77:29:98:a4:25:b6:4b:39:57:a7: 38:a0:7e:c2:d3:47:0f:67:98:aa:d4:e3:56:82:8b:95:e9:b1: bb:4a:f2:91:c0:59:ed:7c:e2:b5:d1:06:8d:bb:9e:b7:49:e9: cf:4c:8b:84:90:47:76:00:d5:73:f8:b1:1a:27:6b:8e:6d:4c: bc:17:b3:a3:25:4c:f9:d8:68:a1:66:1f:88:96:8a:cb:e7:00: 1d:7f:88:10 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzY0RTExMTAvBgNVBAUTKDcwRTg4NTU3QjBDMDgyQzlCMDZFQ0Y1OUI4RjI4QTc3 MDNBNjM4MDEwHhcNMjUwNDI1MDQzMDMyWhcNMjUwNTAyMDQzMDMyWjAYMRYwFAYD VQQDEw02ODBiMGZlOS0yMjM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqVOpPaqPgn7ul75O19wNUpovpgRyvZ9rH6r90yox4+MLDW9JtzSQmXk/usHM FJMZ3eoUQB5ZhS9jRZwE4dARwVgRH7p1vDlGP538qJnUAGFTyEX4lieVUiWQFqkz eDWZ384xwZuOcpWPVzAy/ejPBiscO5FnY2H4qZPbSvtXwPwOn4bk0XnQcKqf9zM4 pYfn6VKlODkPgBqdG7BXeUYtbj6ufET5AggBVeBdz4gUsPoj3tIJxml8utbnahfJ PyET1kYGasjjiQG9rytg455PzLmp8frwOdEFcpetEcC9ZmG4vGgG6Rw801YKir1+ h6gw7DiKP50u16tahnyM3kZhYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPOAdHFl ZBQHUhPdRRlHGAbJIsh9MB8GA1UdIwQYMBaAFHDohVewwILJsG7PWbjyincDpjgB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NjRFMS82MjMxQTAyRUM2 N0QxMUVFODcwMjdCM0FDNEY5QUUwMi9jT2lGVjdEQWdzbXdiczladVBLS2R3T21P QUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2NPaUZWN0RBZ3Ntd2JzOVp1UEtLZHdPbU9BRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NjRFMS82MjMxQTAyRUM2N0QxMUVFODcwMjdCM0FDNEY5QUUwMi9jT2lGVjdEQWdz bXdiczladVBLS2R3T21PQUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFIRRS4B1hpXZ0a5XSqsJ1Pe0aUCuPBsFj8fACln3eR1ulPEiJ57Rv +gomi2dYVAZ83pKJYK8m5+sWEXR1sDCunu9V+Y7CdFhOEPpdNBZPJg2RIGUKYq3x w1jC7VWyZVZg/vJsKhP8AXiJIFFkQWyjX0fYDlwXuBPnF0ySaYSkU2CKDq4HF5eO 4IYqDQt/xKgiBtmVALPN5qttiM0POyw8B+8aawumq8Bli3cpmKQltks5V6c4oH7C 00cPZ5iq1ONWgouV6bG7SvKRwFntfOK10QaNu563SenPTIuEkEd2ANVz+LEaJ2uO bUy8F7OjJUz52GihZh+IlorL5wAdf4gQ -----END CERTIFICATE-----Generated at Sun Apr 27 05:55:40 2025 by rpki-client