$ rpki-client -vvf rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft File: PB_di6MB3OPbPwvMJchpTOG83H0.mft (raw, json) Hash identifier: AxGNdDQ3Oqs6C93nCI6X1rv9J/C0nwE9OjV3968tyYg= Subject key identifier: 45:3C:14:CE:1B:C0:E4:7C:D8:A6:AA:11:9F:48:02:2E:2F:F2:9A:69 Authority key identifier: 3C:1F:DD:8B:A3:01:DC:E3:DB:3F:0B:CC:25:C8:69:4C:E1:BC:DC:7D Certificate issuer: /CN=A91A08FD/serialNumber=3C1FDD8BA301DCE3DB3F0BCC25C8694CE1BCDC7D Certificate serial: 0D6E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PB_di6MB3OPbPwvMJchpTOG83H0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft Manifest number: 0D65 Signing time: Thu 24 Apr 2025 17:55:56 +0000 Manifest this update: Thu 24 Apr 2025 17:55:56 +0000 Manifest next update: Thu 01 May 2025 17:55:56 +0000 Files and hashes: 1: PB_di6MB3OPbPwvMJchpTOG83H0.crl (hash: YEWre9qmLvsk4/MmVuNuIdUQbzU0yXtyEhjW6A9u4pE=) 2: 3802A98EC8AC11E9877DCE2FC4F9AE02.roa (hash: pTMoVBZCsEARFbs1aGExyarMu+r7tLUk6ACYjZUvCyg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.crl rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PB_di6MB3OPbPwvMJchpTOG83H0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:55:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3438 (0xd6e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A08FD, serialNumber=3C1FDD8BA301DCE3DB3F0BCC25C8694CE1BCDC7D Validity Not Before: Apr 24 17:55:56 2025 GMT Not After : May 1 17:55:56 2025 GMT Subject: CN=680a7b2c-f55f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:c8:36:b0:2b:ea:5a:7f:43:6c:37:9a:71:f2: 3a:19:70:13:aa:e5:66:9a:bb:8f:45:5f:18:72:b0: 19:8f:f6:ef:b5:f3:56:e7:54:94:07:d7:48:2b:17: 0b:3a:10:3e:63:a0:e6:ac:d2:02:04:d1:cb:85:8e: 63:2a:96:82:9a:54:ca:7c:ea:73:17:7a:12:10:b5: 7a:d3:ea:f0:46:75:99:e8:1c:43:dc:e6:17:1f:24: 9f:cd:7c:28:2b:f3:0e:ee:e2:c3:2e:d0:61:b3:db: 09:5f:97:3e:d2:1d:9a:9f:1d:2b:b6:5b:10:ec:21: e6:8c:7f:32:e9:81:f1:9f:61:0c:6b:22:f1:dd:24: dc:07:c9:4a:3e:da:5e:9f:8f:21:63:39:09:6a:8b: 52:be:46:26:c8:ba:42:d7:a1:9d:35:4e:76:4e:bf: d4:61:3e:59:1f:b3:fe:79:a0:6a:a4:59:0d:24:d7: 61:31:3b:24:fe:6d:e4:62:18:6e:5e:71:19:2c:bf: 14:ff:ea:48:15:29:97:be:3d:ea:e9:6b:62:e5:d9: 14:41:e8:35:f6:cd:e9:d1:7e:06:cd:64:67:6d:c0: a9:92:d3:09:b8:f8:98:be:12:39:92:b4:64:53:03: 6a:4d:ac:e6:d1:0d:cb:de:1d:db:cc:af:df:bf:f6: 48:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:3C:14:CE:1B:C0:E4:7C:D8:A6:AA:11:9F:48:02:2E:2F:F2:9A:69 X509v3 Authority Key Identifier: keyid:3C:1F:DD:8B:A3:01:DC:E3:DB:3F:0B:CC:25:C8:69:4C:E1:BC:DC:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PB_di6MB3OPbPwvMJchpTOG83H0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:ba:95:34:29:cc:03:a7:96:97:94:e7:0c:a0:fc:72:50:c8: 6a:3c:bd:30:71:df:21:eb:78:70:e7:38:8e:34:b3:0f:a2:20: a4:92:b3:d0:f2:0f:a4:31:23:15:d6:67:50:fc:ba:03:ee:ce: 0c:94:ee:0b:db:6a:ed:c3:d8:8f:64:6a:f9:3f:df:c5:59:99: 9d:3f:f1:26:cd:d6:ee:f0:d1:99:ff:d5:b9:30:36:ee:1c:3f: 96:fb:0b:79:83:b7:f0:c8:2c:c6:06:be:c6:b0:36:3a:62:f8: fd:03:bb:40:13:95:c6:a3:61:24:bf:9d:5d:cd:3a:7a:8a:e1: 66:cb:70:db:5e:de:48:32:16:b2:a0:b3:97:2a:1f:1c:31:ef: b7:ec:54:e4:12:13:7b:ed:78:07:d5:a6:57:ae:5d:a4:d9:8a: 22:44:17:71:e4:ae:1e:e3:52:96:c9:01:6c:4d:3b:3e:3f:c7: 96:a7:95:bb:bf:85:81:95:18:3f:d7:a8:c2:e7:85:e0:54:6f: 0d:3e:c5:f9:a7:36:f6:14:fa:cc:6d:97:79:30:4b:92:b0:63: 22:bc:93:30:d4:46:52:ca:15:5e:9b:a1:d6:b7:52:4a:79:36: 22:1a:45:3c:fb:ad:ae:b4:7d:3f:65:5c:69:94:91:fa:56:10: df:07:1f:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDW4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTA4RkQxMTAvBgNVBAUTKDNDMUZERDhCQTMwMURDRTNEQjNGMEJDQzI1Qzg2OTRD RTFCQ0RDN0QwHhcNMjUwNDI0MTc1NTU2WhcNMjUwNTAxMTc1NTU2WjAYMRYwFAYD VQQDEw02ODBhN2IyYy1mNTVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz8g2sCvqWn9DbDeacfI6GXATquVmmruPRV8YcrAZj/bvtfNW51SUB9dIKxcL OhA+Y6DmrNICBNHLhY5jKpaCmlTKfOpzF3oSELV60+rwRnWZ6BxD3OYXHySfzXwo K/MO7uLDLtBhs9sJX5c+0h2anx0rtlsQ7CHmjH8y6YHxn2EMayLx3STcB8lKPtpe n48hYzkJaotSvkYmyLpC16GdNU52Tr/UYT5ZH7P+eaBqpFkNJNdhMTsk/m3kYhhu XnEZLL8U/+pIFSmXvj3q6Wti5dkUQeg19s3p0X4GzWRnbcCpktMJuPiYvhI5krRk UwNqTazm0Q3L3h3bzK/fv/ZIYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEU8FM4b wOR82KaqEZ9IAi4v8pppMB8GA1UdIwQYMBaAFDwf3YujAdzj2z8LzCXIaUzhvNx9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDhGRC85RjQyRUFEOEM4 QUIxMUU5ODI5RDI4MkZDNEY5QUUwMi9QQl9kaTZNQjNPUGJQd3ZNSmNocFRPRzgz SDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BCX2RpNk1CM09QYlB3dk1KY2hwVE9HODNIMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MDhGRC85RjQyRUFEOEM4QUIxMUU5ODI5RDI4MkZDNEY5QUUwMi9QQl9kaTZNQjNP UGJQd3ZNSmNocFRPRzgzSDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnupU0KcwDp5aXlOcMoPxyUMhqPL0wcd8h63hw5ziONLMPoiCkkrPQ 8g+kMSMV1mdQ/LoD7s4MlO4L22rtw9iPZGr5P9/FWZmdP/Emzdbu8NGZ/9W5MDbu HD+W+wt5g7fwyCzGBr7GsDY6Yvj9A7tAE5XGo2Ekv51dzTp6iuFmy3DbXt5IMhay oLOXKh8cMe+37FTkEhN77XgH1aZXrl2k2YoiRBdx5K4e41KWyQFsTTs+P8eWp5W7 v4WBlRg/16jC54XgVG8NPsX5pzb2FPrMbZd5MEuSsGMivJMw1EZSyhVem6HWt1JK eTYiGkU8+62utH0/ZVxplJH6VhDfBx+w -----END CERTIFICATE-----Generated at Sat Apr 26 12:19:26 2025 by rpki-client