$ rpki-client -vvf rpki.apnic.net/member_repository/A91912DD/DB4A6CFC10D311EA9BD1A55DC4F9AE02/BRnee0hmA7e6W2bauYkgP98ttJQ.mft File: BRnee0hmA7e6W2bauYkgP98ttJQ.mft (raw, json) Hash identifier: clWfYXuG2SaPqjaOETYo98lk5bL4AYo2joYntN6EVC4= Subject key identifier: EB:EC:FE:B1:96:34:12:09:31:8C:E0:DE:82:9D:C4:E6:8D:1C:6B:FE Authority key identifier: 05:19:DE:7B:48:66:03:B7:BA:5B:66:DA:B9:89:20:3F:DF:2D:B4:94 Certificate issuer: /CN=A91912DD/serialNumber=0519DE7B486603B7BA5B66DAB989203FDF2DB494 Certificate serial: 0BFF Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/BRnee0hmA7e6W2bauYkgP98ttJQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91912DD/DB4A6CFC10D311EA9BD1A55DC4F9AE02/BRnee0hmA7e6W2bauYkgP98ttJQ.mft Manifest number: 0BF8 Signing time: Thu 24 Apr 2025 16:42:49 +0000 Manifest this update: Thu 24 Apr 2025 16:42:48 +0000 Manifest next update: Thu 01 May 2025 16:42:48 +0000 Files and hashes: 1: BRnee0hmA7e6W2bauYkgP98ttJQ.crl (hash: ybnNJIcx9F8duWHbBrvg7ELoiEUtRhmO2yo+/kboaY4=) 2: 05BE20062C5811EAA90F4B0EC4F9AE02.roa (hash: KZLdlP1OQSAqnUANoQynhHKfuaNstAKbyzLi1TUSbtw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91912DD/DB4A6CFC10D311EA9BD1A55DC4F9AE02/BRnee0hmA7e6W2bauYkgP98ttJQ.crl rsync://rpki.apnic.net/member_repository/A91912DD/DB4A6CFC10D311EA9BD1A55DC4F9AE02/BRnee0hmA7e6W2bauYkgP98ttJQ.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/BRnee0hmA7e6W2bauYkgP98ttJQ.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:42:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3071 (0xbff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91912DD, serialNumber=0519DE7B486603B7BA5B66DAB989203FDF2DB494 Validity Not Before: Apr 24 16:42:48 2025 GMT Not After : May 1 16:42:48 2025 GMT Subject: CN=680a6a09-333b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:5b:34:de:74:62:40:c5:d4:5b:0b:36:ce:a0: 25:70:97:42:fe:3f:34:0b:10:b6:d2:9f:ef:e9:b9: 52:3d:c6:98:11:cb:85:b7:f3:e9:a4:82:7a:8d:c4: 5f:af:86:b0:f2:54:b8:bc:56:72:37:1b:69:03:b3: 79:ed:00:dd:95:1c:1e:27:b9:d2:5f:e5:3e:4c:46: cb:df:8c:db:34:2c:7e:a1:fd:aa:ea:42:a6:bf:69: c3:1e:f2:92:bd:58:fd:5c:09:14:1f:96:54:06:3a: f8:e6:c5:b8:cb:e8:68:4f:2d:c8:67:84:46:d1:15: 59:40:fe:d7:cd:e8:74:04:92:37:bc:92:91:21:3b: 99:59:a5:c8:8a:33:e6:b1:e4:a2:25:cd:73:58:18: f4:27:16:71:f3:fa:2a:a8:b0:03:ac:be:57:fd:e7: 22:ec:f8:23:49:48:65:31:b9:21:4e:d8:51:3a:8b: d1:a5:eb:ce:61:a9:93:b6:c8:f7:d8:f2:75:c3:b5: 21:40:cf:6b:fb:74:12:fd:20:b6:84:59:38:2b:57: af:17:e4:ee:a3:24:2f:bd:ae:94:97:74:5e:74:4f: 1c:8d:e5:b4:c0:fb:4a:01:77:69:99:9d:23:fa:73: c9:47:cb:50:cb:9a:5b:aa:eb:2c:29:0a:4e:35:79: c4:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:EC:FE:B1:96:34:12:09:31:8C:E0:DE:82:9D:C4:E6:8D:1C:6B:FE X509v3 Authority Key Identifier: keyid:05:19:DE:7B:48:66:03:B7:BA:5B:66:DA:B9:89:20:3F:DF:2D:B4:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91912DD/DB4A6CFC10D311EA9BD1A55DC4F9AE02/BRnee0hmA7e6W2bauYkgP98ttJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/BRnee0hmA7e6W2bauYkgP98ttJQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91912DD/DB4A6CFC10D311EA9BD1A55DC4F9AE02/BRnee0hmA7e6W2bauYkgP98ttJQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:2a:57:06:fc:2c:db:c1:6d:c3:0f:1e:d9:7a:67:cb:a2:e9: e1:a5:ff:6b:f6:a1:e8:08:9c:f9:af:07:23:02:11:77:a3:3a: 8b:8d:58:df:ce:0e:1b:a0:56:b5:a1:29:76:88:39:71:3a:4a: 90:4b:43:f8:e0:c2:b5:2b:2f:ec:e5:c0:91:74:a7:42:b3:e6: 9c:1e:14:c7:e9:5c:d9:4b:7f:d7:d5:7d:06:07:6a:98:fd:49: ee:0f:56:80:07:68:c2:20:21:dc:b4:61:cd:86:54:b2:8a:16: 31:11:29:90:b5:77:76:ff:85:e5:53:58:af:51:21:7d:13:21: d6:a0:68:1f:c2:f9:2d:77:53:0d:b8:58:87:43:c3:c6:f6:ec: 9c:ce:0b:6e:b8:1c:d8:02:f7:b3:99:99:8b:ca:5d:e1:a7:ff: 7f:d9:4c:3e:90:49:e6:c0:6b:5e:5e:e7:f5:b5:87:1b:79:e7: 90:f7:38:e8:29:2c:94:fa:dd:60:4f:3f:25:49:c5:c5:b7:df: 77:3f:08:0a:2b:71:f4:59:e6:14:fd:0f:d6:79:cc:5b:4e:a3: 67:a7:0a:32:c9:3b:16:6f:2e:d8:e1:31:b2:ad:30:02:47:07: da:fd:10:11:4e:7d:1d:51:81:03:1d:c2:99:2a:9a:3a:39:15: 94:95:b2:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTEyREQxMTAvBgNVBAUTKDA1MTlERTdCNDg2NjAzQjdCQTVCNjZEQUI5ODkyMDNG REYyREI0OTQwHhcNMjUwNDI0MTY0MjQ4WhcNMjUwNTAxMTY0MjQ4WjAYMRYwFAYD VQQDEw02ODBhNmEwOS0zMzNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyls03nRiQMXUWws2zqAlcJdC/j80CxC20p/v6blSPcaYEcuFt/PppIJ6jcRf r4aw8lS4vFZyNxtpA7N57QDdlRweJ7nSX+U+TEbL34zbNCx+of2q6kKmv2nDHvKS vVj9XAkUH5ZUBjr45sW4y+hoTy3IZ4RG0RVZQP7Xzeh0BJI3vJKRITuZWaXIijPm seSiJc1zWBj0JxZx8/oqqLADrL5X/eci7PgjSUhlMbkhTthROovRpevOYamTtsj3 2PJ1w7UhQM9r+3QS/SC2hFk4K1evF+TuoyQvva6Ul3RedE8cjeW0wPtKAXdpmZ0j +nPJR8tQy5pbqussKQpONXnEpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOvs/rGW NBIJMYzg3oKdxOaNHGv+MB8GA1UdIwQYMBaAFAUZ3ntIZgO3ultm2rmJID/fLbSU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTJERC9EQjRBNkNGQzEw RDMxMUVBOUJEMUE1NURDNEY5QUUwMi9CUm5lZTBobUE3ZTZXMmJhdVlrZ1A5OHR0 SlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL0JSbmVlMGhtQTdlNlcyYmF1WWtnUDk4dHRKUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 MTJERC9EQjRBNkNGQzEwRDMxMUVBOUJEMUE1NURDNEY5QUUwMi9CUm5lZTBobUE3 ZTZXMmJhdVlrZ1A5OHR0SlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBCKlcG/CzbwW3DDx7ZemfLounhpf9r9qHoCJz5rwcjAhF3ozqLjVjf zg4boFa1oSl2iDlxOkqQS0P44MK1Ky/s5cCRdKdCs+acHhTH6VzZS3/X1X0GB2qY /UnuD1aAB2jCICHctGHNhlSyihYxESmQtXd2/4XlU1ivUSF9EyHWoGgfwvktd1MN uFiHQ8PG9uyczgtuuBzYAvezmZmLyl3hp/9/2Uw+kEnmwGteXuf1tYcbeeeQ9zjo KSyU+t1gTz8lScXFt993PwgKK3H0WeYU/Q/WecxbTqNnpwoyyTsWby7Y4TGyrTAC Rwfa/RARTn0dUYEDHcKZKpo6ORWUlbJo -----END CERTIFICATE-----Generated at Sat Apr 26 12:32:45 2025 by rpki-client