$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft File: 0hsNWsWvkZAPUK2WADMT5R7WChA.mft (raw, json) Hash identifier: WU+mO+tJiH1bi6kDHuGZUrUiUaqd8pwrneWq8jtHDwo= Subject key identifier: 22:AA:67:6B:FA:1B:B4:DC:BD:DB:DF:B7:2F:8F:F8:85:71:50:C3:CC Authority key identifier: D2:1B:0D:5A:C5:AF:91:90:0F:50:AD:96:00:33:13:E5:1E:D6:0A:10 Certificate issuer: /CN=A91A0E9D/serialNumber=D21B0D5AC5AF91900F50AD96003313E51ED60A10 Certificate serial: 70 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft Manifest number: 67 Signing time: Fri 25 Apr 2025 06:06:15 +0000 Manifest this update: Fri 25 Apr 2025 06:06:14 +0000 Manifest next update: Fri 02 May 2025 06:06:14 +0000 Files and hashes: 1: 0hsNWsWvkZAPUK2WADMT5R7WChA.crl (hash: kUtasmHAp2VUIpMRckTBFS5lK1JAsex/iOJEYF9j5fk=) 2: 3996C94896D211EF924C486FC4F9AE02.roa (hash: jPKROmghkPyJWap1Ck0b+pE8AGKhobQAaRNerFhIWOA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.crl rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:06:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 112 (0x70) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A0E9D, serialNumber=D21B0D5AC5AF91900F50AD96003313E51ED60A10 Validity Not Before: Apr 25 06:06:14 2025 GMT Not After : May 2 06:06:14 2025 GMT Subject: CN=680b2656-3629 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e8:54:a1:76:79:c3:2d:96:1d:5b:a3:e1:9d: fa:50:ac:a4:f0:65:55:7c:e0:21:5d:d1:6e:4d:85: e6:93:5a:61:c1:a9:8f:ff:07:b1:4d:68:9a:88:94: 06:61:3e:ea:68:41:e7:4d:ce:31:b9:55:1f:68:e9: 1c:30:81:58:e5:4e:a3:be:24:93:72:93:2a:0a:69: e5:48:4c:25:84:a6:79:df:bd:0b:15:dd:31:1b:54: 29:2a:5c:f4:79:49:6c:dd:14:38:8a:f3:11:a2:c0: 0f:53:94:d1:ed:1a:df:c9:ab:df:00:27:34:f8:9c: 15:c0:aa:46:e2:1f:a7:ad:dc:07:b4:e1:00:6b:6b: 29:54:72:e3:d4:69:1c:3b:f4:d8:e9:57:e6:f4:90: 73:42:03:e4:dc:6e:00:fe:11:eb:ee:3e:19:cf:d0: 40:2f:5c:db:25:f2:2f:a2:15:a4:3f:4b:8a:96:73: 73:45:93:86:77:b1:70:36:59:e8:72:88:91:b6:db: 66:3e:89:ac:16:81:4a:d2:9d:c4:fc:87:8e:ff:25: d5:62:7c:e2:95:63:a4:c6:b3:7c:39:57:d9:ce:2b: 09:06:b4:42:35:a5:c9:fc:2e:3b:73:b1:75:5d:52: 01:5f:5d:b5:57:db:66:a0:8b:d7:6e:a6:8b:43:f4: 5b:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:AA:67:6B:FA:1B:B4:DC:BD:DB:DF:B7:2F:8F:F8:85:71:50:C3:CC X509v3 Authority Key Identifier: keyid:D2:1B:0D:5A:C5:AF:91:90:0F:50:AD:96:00:33:13:E5:1E:D6:0A:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ce:bd:9f:e6:0c:32:58:bd:1b:67:1b:4a:55:bd:40:05:f6:1b: 43:25:d1:32:27:7b:20:b8:58:36:ba:1e:0e:d1:15:af:0f:a4: be:3d:02:fb:de:87:ba:ab:8b:4e:41:ea:56:f4:81:b9:ab:2e: a8:68:7e:30:f7:c5:3e:20:a8:fe:eb:59:91:32:cc:be:1f:c5: 6a:dd:7e:c1:f1:b0:5d:a0:c5:18:ba:41:c3:d7:fd:b2:49:0e: 08:9f:fd:7f:34:f6:3b:5d:dc:e4:03:a8:68:88:62:02:15:a2: 3a:de:a6:6c:f1:cb:3c:d5:3a:a8:e2:83:94:32:14:40:20:9f: 78:ed:4d:a1:14:21:c7:a0:bb:dc:f6:14:d6:fd:52:38:37:de: 36:4f:cc:e5:cb:52:1f:df:a5:92:09:5b:5c:98:f3:8e:1b:3b: b7:b6:cf:f3:e2:41:d2:ae:ac:d5:ea:17:e3:09:cb:a8:0f:36: cd:e1:dd:45:44:96:2a:17:74:ed:48:53:cf:9a:6e:39:87:95: 8f:8d:05:3a:63:8d:ae:b8:02:e5:e6:eb:ec:3e:6c:5f:60:26: 34:5d:ff:8f:71:65:2e:1d:e5:f3:66:d5:47:03:c0:bf:15:cb: e8:d3:7e:b1:0a:5c:57:bd:6b:fc:58:4d:e0:91:eb:98:4e:6f: 2f:25:c6:e0 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBcDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB MEU5RDExMC8GA1UEBRMoRDIxQjBENUFDNUFGOTE5MDBGNTBBRDk2MDAzMzEzRTUx RUQ2MEExMDAeFw0yNTA0MjUwNjA2MTRaFw0yNTA1MDIwNjA2MTRaMBgxFjAUBgNV BAMTDTY4MGIyNjU2LTM2MjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC76FShdnnDLZYdW6PhnfpQrKTwZVV84CFd0W5NheaTWmHBqY//B7FNaJqIlAZh PupoQedNzjG5VR9o6RwwgVjlTqO+JJNykyoKaeVITCWEpnnfvQsV3TEbVCkqXPR5 SWzdFDiK8xGiwA9TlNHtGt/Jq98AJzT4nBXAqkbiH6et3Ae04QBraylUcuPUaRw7 9NjpV+b0kHNCA+TcbgD+EevuPhnP0EAvXNsl8i+iFaQ/S4qWc3NFk4Z3sXA2Wehy iJG222Y+iawWgUrSncT8h47/JdVifOKVY6TGs3w5V9nOKwkGtEI1pcn8LjtzsXVd UgFfXbVX22agi9dupotD9FsBAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUIqpna/ob tNy929+3L4/4hXFQw8wwHwYDVR0jBBgwFoAU0hsNWsWvkZAPUK2WADMT5R7WChAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEwRTlELzk1NjlBREI0OTVE QjExRUZBNEUyRkI0NUM0RjlBRTAyLzBoc05Xc1d2a1pBUFVLMldBRE1UNVI3V0No QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMGhzTldzV3ZrWkFQVUsyV0FETVQ1UjdXQ2hBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEw RTlELzk1NjlBREI0OTVEQjExRUZBNEUyRkI0NUM0RjlBRTAyLzBoc05Xc1d2a1pB UFVLMldBRE1UNVI3V0NoQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAM69n+YMMli9G2cbSlW9QAX2G0Ml0TIneyC4WDa6Hg7RFa8PpL49Avve h7qri05B6lb0gbmrLqhofjD3xT4gqP7rWZEyzL4fxWrdfsHxsF2gxRi6QcPX/bJJ Dgif/X809jtd3OQDqGiIYgIVojrepmzxyzzVOqjig5QyFEAgn3jtTaEUIcegu9z2 FNb9Ujg33jZPzOXLUh/fpZIJW1yY844bO7e2z/PiQdKurNXqF+MJy6gPNs3h3UVE lioXdO1IU8+abjmHlY+NBTpjja64AuXm6+w+bF9gJjRd/49xZS4d5fNm1UcDwL8V y+jTfrEKXFe9a/xYTeCR65hOby8lxuA= -----END CERTIFICATE-----Generated at Sat Apr 26 03:45:29 2025 by rpki-client