$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4CAD/9FD97A0845C311EABEF5D439C4F9AE02/A6PIek8tglWUdvcc-u5ST_URNXk.mft File: A6PIek8tglWUdvcc-u5ST_URNXk.mft (raw, json) Hash identifier: HIeo/ZK32hlyzihDTX1YptCSGb7QXw8JgjdGCUGNzzY= Subject key identifier: D6:D7:80:BF:0B:07:CC:E0:B7:14:0F:1F:20:53:5A:35:BE:2F:50:1A Authority key identifier: 03:A3:C8:7A:4F:2D:82:55:94:76:F7:1C:FA:EE:52:4F:F5:11:35:79 Certificate issuer: /CN=A91A4CAD/serialNumber=03A3C87A4F2D82559476F71CFAEE524FF5113579 Certificate serial: 0AEC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6PIek8tglWUdvcc-u5ST_URNXk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4CAD/9FD97A0845C311EABEF5D439C4F9AE02/A6PIek8tglWUdvcc-u5ST_URNXk.mft Manifest number: 0AE4 Signing time: Thu 24 Apr 2025 19:17:30 +0000 Manifest this update: Thu 24 Apr 2025 19:17:29 +0000 Manifest next update: Thu 01 May 2025 19:17:29 +0000 Files and hashes: 1: A6PIek8tglWUdvcc-u5ST_URNXk.crl (hash: DoXE5Q20pvxkjJnAGt+2CUZEeFXuLRRD4XMAfRTFedc=) 2: 6553D6106C2B11EA87ED1160C4F9AE02.roa (hash: BZiEWDD0IL9/iTmQj4cpibFzXusaM/aZuvYBDfGJDK8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4CAD/9FD97A0845C311EABEF5D439C4F9AE02/A6PIek8tglWUdvcc-u5ST_URNXk.crl rsync://rpki.apnic.net/member_repository/A91A4CAD/9FD97A0845C311EABEF5D439C4F9AE02/A6PIek8tglWUdvcc-u5ST_URNXk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6PIek8tglWUdvcc-u5ST_URNXk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:17:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2796 (0xaec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4CAD, serialNumber=03A3C87A4F2D82559476F71CFAEE524FF5113579 Validity Not Before: Apr 24 19:17:29 2025 GMT Not After : May 1 19:17:29 2025 GMT Subject: CN=680a8e49-ef73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ca:d7:87:2e:8a:24:a6:53:a5:3f:9e:46:ac: 66:7e:a5:59:a0:fa:fc:33:62:ca:76:be:e7:f1:3b: ff:49:ba:9a:a5:f7:24:b7:a1:94:4d:44:6b:ce:1d: 60:5a:ae:68:c6:dc:f3:80:ee:a4:80:43:1a:66:96: db:1b:b2:4c:42:e4:a3:48:53:93:9f:46:d5:f6:a6: d3:2f:0e:73:94:9a:ab:83:44:90:7a:2a:86:1c:d4: e5:e1:42:0c:0d:13:68:83:e0:d0:bf:b6:ca:c8:7d: fb:47:0e:4b:7c:6c:76:87:fe:af:10:2b:e3:90:8c: 9b:e8:2d:8f:9f:e2:57:d3:24:21:91:da:26:7d:08: dd:41:e9:e0:10:d3:24:f5:ec:2e:15:a5:25:e1:86: 49:c3:e8:00:05:25:2f:61:e3:7b:76:d5:86:ec:86: 6b:37:1f:b3:a1:b6:f5:b0:8a:bd:aa:cc:20:7a:82: 66:5d:a8:09:62:d7:51:7f:e6:5e:97:58:c3:97:c5: 86:bc:3d:25:73:f1:06:6e:db:08:04:6d:a5:a6:20: b1:94:1b:78:d7:fe:00:1e:9c:c9:2a:64:47:81:f9: 2c:05:93:97:4d:30:e8:46:e1:44:90:7b:05:ff:b4: e6:7c:da:08:36:f7:39:d1:3b:76:a0:8a:e0:ce:48: 9e:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:D7:80:BF:0B:07:CC:E0:B7:14:0F:1F:20:53:5A:35:BE:2F:50:1A X509v3 Authority Key Identifier: keyid:03:A3:C8:7A:4F:2D:82:55:94:76:F7:1C:FA:EE:52:4F:F5:11:35:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4CAD/9FD97A0845C311EABEF5D439C4F9AE02/A6PIek8tglWUdvcc-u5ST_URNXk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/A6PIek8tglWUdvcc-u5ST_URNXk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4CAD/9FD97A0845C311EABEF5D439C4F9AE02/A6PIek8tglWUdvcc-u5ST_URNXk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:d0:0b:34:62:1d:83:3c:87:15:f3:14:3b:20:13:2e:0d:40: 5a:a1:d0:a8:5b:82:28:fc:ce:31:b6:b6:29:63:1c:ef:93:3a: cc:ba:f2:c8:9e:c1:5a:23:a9:0b:83:bd:cf:5a:d6:78:dc:4f: f4:7d:56:98:99:31:83:b1:ac:19:d8:07:51:cf:58:47:56:78: f1:05:dc:64:eb:27:84:50:7a:b8:c1:35:91:9f:6c:7b:ac:ee: ba:48:84:c4:fd:c4:28:8e:bb:6f:6d:ea:ae:69:df:14:b3:85: df:f1:c0:27:97:c3:03:81:96:51:ac:83:36:40:30:da:76:dd: 0d:ab:06:e0:2f:0a:43:57:4b:66:22:f2:fc:68:da:a9:9b:d4: d6:47:3a:43:ad:9b:35:45:c5:d1:2c:73:d4:59:74:35:56:14: 9e:64:e7:ce:c8:6d:7a:12:d2:f1:bb:d5:3f:69:17:a8:5c:70: a5:88:15:30:28:89:e2:5f:65:04:b4:b6:fd:67:cc:d7:39:37: 2f:61:89:a7:5c:49:73:18:42:87:6c:34:49:c4:6f:a7:43:1a: 27:a4:34:25:40:02:70:b2:bc:03:ad:8d:b7:cd:66:70:00:95: 98:8a:d2:59:c9:45:7e:f2:f1:ef:4e:05:2c:99:00:58:f4:01: 2e:06:1a:bc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCuwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTRDQUQxMTAvBgNVBAUTKDAzQTNDODdBNEYyRDgyNTU5NDc2RjcxQ0ZBRUU1MjRG RjUxMTM1NzkwHhcNMjUwNDI0MTkxNzI5WhcNMjUwNTAxMTkxNzI5WjAYMRYwFAYD VQQDEw02ODBhOGU0OS1lZjczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtMrXhy6KJKZTpT+eRqxmfqVZoPr8M2LKdr7n8Tv/Sbqapfckt6GUTURrzh1g Wq5oxtzzgO6kgEMaZpbbG7JMQuSjSFOTn0bV9qbTLw5zlJqrg0SQeiqGHNTl4UIM DRNog+DQv7bKyH37Rw5LfGx2h/6vECvjkIyb6C2Pn+JX0yQhkdomfQjdQengENMk 9ewuFaUl4YZJw+gABSUvYeN7dtWG7IZrNx+zobb1sIq9qswgeoJmXagJYtdRf+Ze l1jDl8WGvD0lc/EGbtsIBG2lpiCxlBt41/4AHpzJKmRHgfksBZOXTTDoRuFEkHsF /7TmfNoINvc50Tt2oIrgzkieZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNbXgL8L B8zgtxQPHyBTWjW+L1AaMB8GA1UdIwQYMBaAFAOjyHpPLYJVlHb3HPruUk/1ETV5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNENBRC85RkQ5N0EwODQ1 QzMxMUVBQkVGNUQ0MzlDNEY5QUUwMi9BNlBJZWs4dGdsV1VkdmNjLXU1U1RfVVJO WGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0E2UEllazh0Z2xXVWR2Y2MtdTVTVF9VUk5Yay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NENBRC85RkQ5N0EwODQ1QzMxMUVBQkVGNUQ0MzlDNEY5QUUwMi9BNlBJZWs4dGds V1VkdmNjLXU1U1RfVVJOWGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCP0As0Yh2DPIcV8xQ7IBMuDUBaodCoW4Io/M4xtrYpYxzvkzrMuvLI nsFaI6kLg73PWtZ43E/0fVaYmTGDsawZ2AdRz1hHVnjxBdxk6yeEUHq4wTWRn2x7 rO66SITE/cQojrtvbequad8Us4Xf8cAnl8MDgZZRrIM2QDDadt0NqwbgLwpDV0tm IvL8aNqpm9TWRzpDrZs1RcXRLHPUWXQ1VhSeZOfOyG16EtLxu9U/aReoXHCliBUw KIniX2UEtLb9Z8zXOTcvYYmnXElzGEKHbDRJxG+nQxonpDQlQAJwsrwDrY23zWZw AJWYitJZyUV+8vHvTgUsmQBY9AEuBhq8 -----END CERTIFICATE-----Generated at Sat Apr 26 16:38:09 2025 by rpki-client