$ rpki-client -vvf rpki.apnic.net/member_repository/A917F4D3/68034C68626611ED8242C786C4F9AE02/kSbv5Q1eO1Mf7uRUmrML_npUVQc.mft File: kSbv5Q1eO1Mf7uRUmrML_npUVQc.mft (raw, json) Hash identifier: clIoljCutZ9WpH6qtNz1TM/QiTjAUEcLbMXERZCuDbk= Subject key identifier: DB:E7:09:F9:8D:0E:41:B5:6C:E6:42:E3:3B:C0:96:0F:F7:77:B6:AD Authority key identifier: 91:26:EF:E5:0D:5E:3B:53:1F:EE:E4:54:9A:B3:0B:FE:7A:54:55:07 Certificate issuer: /CN=A917F4D3/serialNumber=9126EFE50D5E3B531FEEE4549AB30BFE7A545507 Certificate serial: 01CE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSbv5Q1eO1Mf7uRUmrML_npUVQc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917F4D3/68034C68626611ED8242C786C4F9AE02/kSbv5Q1eO1Mf7uRUmrML_npUVQc.mft Manifest number: 01CB Signing time: Fri 25 Apr 2025 02:03:19 +0000 Manifest this update: Fri 25 Apr 2025 02:03:19 +0000 Manifest next update: Fri 02 May 2025 02:03:19 +0000 Files and hashes: 1: kSbv5Q1eO1Mf7uRUmrML_npUVQc.crl (hash: +BRbCh4twzn9d50VO8+yfQrJbOnUqprcqx9uvkpNRuA=) 2: 32091726626D11ED87BDAC82C4F9AE02.roa (hash: hbdkOUT0eBQ98Cc0oj/9P37h6+6Kubs6FMec8+3wPTM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917F4D3/68034C68626611ED8242C786C4F9AE02/kSbv5Q1eO1Mf7uRUmrML_npUVQc.crl rsync://rpki.apnic.net/member_repository/A917F4D3/68034C68626611ED8242C786C4F9AE02/kSbv5Q1eO1Mf7uRUmrML_npUVQc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSbv5Q1eO1Mf7uRUmrML_npUVQc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 462 (0x1ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917F4D3, serialNumber=9126EFE50D5E3B531FEEE4549AB30BFE7A545507 Validity Not Before: Apr 25 02:03:19 2025 GMT Not After : May 2 02:03:19 2025 GMT Subject: CN=680aed67-9513 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:46:45:5b:e7:74:a2:87:88:53:80:4c:d1:f4: 27:d0:7e:4e:dc:96:c4:f2:70:70:6a:7b:f5:62:30: 6f:3f:5d:05:e4:9d:fa:28:0a:f9:80:a6:73:ae:5f: 44:15:d5:8a:eb:a6:8d:54:d8:90:d0:35:67:24:56: e0:37:2d:52:26:52:c6:9f:0c:a7:78:41:9c:5d:e1: 33:08:02:af:17:39:4b:4d:12:93:6d:36:79:46:bf: e4:a4:4c:5d:0f:c5:03:6a:1d:3f:f5:67:01:a7:74: 9a:67:c8:a6:f4:5f:e6:76:c3:17:94:08:9b:41:a2: fb:3f:1e:3c:d7:0d:7b:63:e8:0d:4d:07:4b:d5:cd: d1:57:3c:2a:5f:a3:44:0e:30:93:12:6a:a9:92:bb: bd:fe:5a:8e:d5:61:00:b9:7d:53:7b:4c:28:b5:d9: 5b:a2:cf:4f:3a:d3:de:90:82:c4:29:26:96:68:0a: b7:9a:20:9a:36:35:cf:1b:99:a3:bf:b8:1b:2f:11: 72:41:b2:b5:29:4c:74:ae:af:76:87:58:6d:27:45: f8:67:52:b2:c3:9a:b0:53:9a:61:bc:52:b0:1e:5f: ea:8a:2a:09:0c:d4:e2:a0:3e:fb:2b:c6:e1:87:a0: 56:7e:d9:56:e0:26:9c:b0:44:b1:94:de:80:5c:88: d0:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:E7:09:F9:8D:0E:41:B5:6C:E6:42:E3:3B:C0:96:0F:F7:77:B6:AD X509v3 Authority Key Identifier: keyid:91:26:EF:E5:0D:5E:3B:53:1F:EE:E4:54:9A:B3:0B:FE:7A:54:55:07 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917F4D3/68034C68626611ED8242C786C4F9AE02/kSbv5Q1eO1Mf7uRUmrML_npUVQc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSbv5Q1eO1Mf7uRUmrML_npUVQc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F4D3/68034C68626611ED8242C786C4F9AE02/kSbv5Q1eO1Mf7uRUmrML_npUVQc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:09:78:56:72:91:40:f9:59:1c:aa:77:25:5d:a2:f7:41:c1: 6a:cf:bc:a6:e4:d1:39:30:8f:72:59:7c:7e:df:12:1b:55:58: 2a:96:ad:fa:da:ed:c3:13:3b:4e:bc:06:8b:0e:46:6c:69:77: 0a:21:8b:a3:3b:5c:80:a4:16:69:7e:4b:b9:d5:cc:52:65:67: 2f:93:21:f3:99:01:e1:a5:39:55:d2:08:9a:eb:b5:f0:c0:5d: 6c:55:36:0b:9e:28:32:5d:d1:f9:e2:e8:62:f7:70:1f:23:e9: f1:9c:b9:f0:bb:79:d0:d6:6e:7a:b5:18:a7:a9:49:d6:35:13: 51:2e:7c:2e:1b:49:c5:97:7b:10:4d:f6:35:f5:86:b8:60:d3: e5:1c:03:c1:d1:91:81:a3:fb:a9:4e:de:04:20:68:8a:21:d5: 6a:b1:90:61:f5:62:1f:84:f7:bf:50:4f:f7:e9:51:98:11:68: 7e:05:38:0e:e2:34:0b:ca:b1:e1:3c:c7:2d:e0:85:2e:08:9a: 25:93:ae:bc:d6:65:e8:a0:da:75:59:b3:29:fa:f4:f8:03:83: 87:b6:47:af:97:2a:a5:0b:0c:f6:2d:a5:dd:37:54:9a:5c:98: 32:ed:a9:48:4a:9f:e4:2f:92:22:b4:86:24:59:ab:0b:8f:b9: 0c:7a:b1:3f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAc4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Y0RDMxMTAvBgNVBAUTKDkxMjZFRkU1MEQ1RTNCNTMxRkVFRTQ1NDlBQjMwQkZF N0E1NDU1MDcwHhcNMjUwNDI1MDIwMzE5WhcNMjUwNTAyMDIwMzE5WjAYMRYwFAYD VQQDEw02ODBhZWQ2Ny05NTEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0EZFW+d0ooeIU4BM0fQn0H5O3JbE8nBwanv1YjBvP10F5J36KAr5gKZzrl9E FdWK66aNVNiQ0DVnJFbgNy1SJlLGnwyneEGcXeEzCAKvFzlLTRKTbTZ5Rr/kpExd D8UDah0/9WcBp3SaZ8im9F/mdsMXlAibQaL7Px481w17Y+gNTQdL1c3RVzwqX6NE DjCTEmqpkru9/lqO1WEAuX1Te0wotdlbos9POtPekILEKSaWaAq3miCaNjXPG5mj v7gbLxFyQbK1KUx0rq92h1htJ0X4Z1Kyw5qwU5phvFKwHl/qiioJDNTioD77K8bh h6BWftlW4CacsESxlN6AXIjQrwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNvnCfmN DkG1bOZC4zvAlg/3d7atMB8GA1UdIwQYMBaAFJEm7+UNXjtTH+7kVJqzC/56VFUH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjREMy82ODAzNEM2ODYy NjYxMUVEODI0MkM3ODZDNEY5QUUwMi9rU2J2NVExZU8xTWY3dVJVbXJNTF9ucFVW UWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tTYnY1UTFlTzFNZjd1UlVtck1MX25wVVZRYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RjREMy82ODAzNEM2ODYyNjYxMUVEODI0MkM3ODZDNEY5QUUwMi9rU2J2NVExZU8x TWY3dVJVbXJNTF9ucFVWUWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQATCXhWcpFA+VkcqnclXaL3QcFqz7ym5NE5MI9yWXx+3xIbVVgqlq36 2u3DEztOvAaLDkZsaXcKIYujO1yApBZpfku51cxSZWcvkyHzmQHhpTlV0gia67Xw wF1sVTYLnigyXdH54uhi93AfI+nxnLnwu3nQ1m56tRinqUnWNRNRLnwuG0nFl3sQ TfY19Ya4YNPlHAPB0ZGBo/upTt4EIGiKIdVqsZBh9WIfhPe/UE/36VGYEWh+BTgO 4jQLyrHhPMct4IUuCJolk6681mXooNp1WbMp+vT4A4OHtkevlyqlCwz2LaXdN1Sa XJgy7alISp/kL5IitIYkWasLj7kMerE/ -----END CERTIFICATE-----Generated at Sat Apr 26 16:52:47 2025 by rpki-client