$ rpki-client -vvf rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft File: bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft (raw, json) Hash identifier: cNPy9WJMUgYDXSGoX7Lkm348Gwkf7K9PeJcKUeMvWRk= Subject key identifier: AE:8E:EE:B7:E5:5D:95:B1:50:89:32:56:B1:FA:8C:F6:0D:9E:8E:4A Authority key identifier: 6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 Certificate issuer: /CN=A91A546E/serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420 Certificate serial: 0905 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft Manifest number: 08D0 Signing time: Thu 24 Apr 2025 20:25:15 +0000 Manifest this update: Thu 24 Apr 2025 20:25:14 +0000 Manifest next update: Thu 01 May 2025 20:25:14 +0000 Files and hashes: 1: bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl (hash: kfbqc1gDtxUTT0FDQ/BsboP1EZ79z8dEEg+KWMwFGmw=) 2: 46948AC87B8511EDB9E3E055C4F9AE02.roa (hash: ZxtXXsjPmgBn3QuaEolbOSfh14MSz6fJKNljAALoKTY=) 3: A69F92BE090911F084AAF925C4F9AE02.roa (hash: JAD+Foc1J+GOz5pKNPlHnr3Zrw5SjVxBWNoZZgDQ44M=) 4: 88252000B55C11ECA9565039C4F9AE02.roa (hash: ROM2aBA2uOLvGraWZ2OMfhtRxZ5DusfnSKSNI9N61E8=) 5: CCBF0CF6B55911EC9256FE19C4F9AE02.roa (hash: J9pnyjCXshJdQFSggqWmHXW0nySYEfDGHTCaX/EZOYk=) 6: CC3B5938B55911EC9256FE19C4F9AE02.roa (hash: Ejx3yVkwMIGPx4PH4VpagQp/pASvV9ahz0Vqhx7EKZo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:25:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2309 (0x905) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A546E, serialNumber=6C5A589F924CE9BED1FD89F5AFF630C927574420 Validity Not Before: Apr 24 20:25:14 2025 GMT Not After : May 1 20:25:14 2025 GMT Subject: CN=680a9e2a-fd70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:3e:bb:18:2d:96:30:ce:60:c0:d4:df:3b:9b: 81:75:78:a7:48:41:f0:d8:cf:35:c3:cc:39:33:db: fc:ee:8f:20:c3:5e:95:a5:74:fe:fa:7a:df:93:15: 08:a0:9b:4a:76:0d:15:cc:03:3e:ef:91:6f:7f:42: 68:96:1f:db:b1:be:2d:dd:55:9e:ff:13:c3:4b:91: c2:77:29:66:7e:97:64:f2:a7:69:23:a7:c9:b6:5d: 61:f7:78:a9:78:08:50:ec:3f:37:05:10:e8:20:ff: e6:49:fe:8d:0e:a6:4c:ec:ff:e4:ce:bf:9e:e0:fc: b2:60:de:c8:15:38:d2:5d:07:7a:5d:36:a4:ac:7f: 40:24:c6:c1:49:58:5b:55:d4:fc:7f:ad:87:89:7c: 4c:68:e2:5c:d5:fe:58:42:6d:74:fe:b2:b1:fb:e3: 55:f8:d4:e6:e4:d2:c9:04:e9:71:f4:2e:36:9b:56: c9:d8:d4:91:83:df:d5:2b:18:7a:ec:76:42:c9:b4: c7:53:9f:5b:7e:ea:8c:9a:20:ba:f0:1f:f2:7c:f3: 12:74:61:bb:30:d3:da:35:30:71:a3:14:af:cf:57: 0b:ea:a9:57:d7:0b:00:cc:79:12:71:2e:da:3b:08: 81:27:28:20:35:fc:00:9f:d6:b0:7d:7e:de:e6:22: e0:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:8E:EE:B7:E5:5D:95:B1:50:89:32:56:B1:FA:8C:F6:0D:9E:8E:4A X509v3 Authority Key Identifier: keyid:6C:5A:58:9F:92:4C:E9:BE:D1:FD:89:F5:AF:F6:30:C9:27:57:44:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bFpYn5JM6b7R_Yn1r_YwySdXRCA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A546E/0CD41DA8B76A11EA814F5084C4F9AE02/bFpYn5JM6b7R_Yn1r_YwySdXRCA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b7:b9:24:6d:97:62:b2:42:ae:4e:f9:bd:66:84:91:83:85:1d: 4e:28:2b:39:85:42:e1:e4:fb:35:f0:f1:b9:0d:67:79:e4:61: b7:c9:63:db:b9:0a:8f:be:01:2f:4d:98:7c:d6:30:d1:bd:0d: 87:66:40:92:c0:e4:58:2b:d4:c2:0f:2c:52:16:29:56:f3:f4: a5:54:2f:f6:5a:ee:d0:92:77:7c:af:b2:1b:ba:45:74:39:ce: c0:90:eb:b0:a5:ee:30:92:ed:09:3f:84:87:ed:f2:87:60:6e: 1d:dc:dd:47:2d:d4:bd:77:51:19:24:c8:e9:47:85:2e:76:65: ff:2a:d8:31:7e:1d:25:fa:41:ad:b7:cb:d3:fa:d0:ee:03:4b: 4f:c6:7c:7f:6c:be:c7:39:f8:39:d3:0d:78:fa:ae:2b:8a:96: 51:07:bf:b9:cf:cc:ed:2d:83:e9:25:7d:56:02:1e:a5:34:56: a3:e6:be:e6:57:9e:91:80:e3:19:e8:2e:6c:92:21:20:cd:b1: 02:a3:4f:11:08:96:cb:0d:56:a4:be:56:28:eb:27:7a:92:80: 37:6c:04:fb:a2:ce:1f:ae:e0:4c:67:25:d7:68:35:45:42:35: a7:22:ea:fc:63:8a:45:b4:db:38:12:5f:21:9c:a9:04:cd:e8: 08:6f:7b:66 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCQUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU0NkUxMTAvBgNVBAUTKDZDNUE1ODlGOTI0Q0U5QkVEMUZEODlGNUFGRjYzMEM5 Mjc1NzQ0MjAwHhcNMjUwNDI0MjAyNTE0WhcNMjUwNTAxMjAyNTE0WjAYMRYwFAYD VQQDEw02ODBhOWUyYS1mZDcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtj67GC2WMM5gwNTfO5uBdXinSEHw2M81w8w5M9v87o8gw16VpXT++nrfkxUI oJtKdg0VzAM+75Fvf0Jolh/bsb4t3VWe/xPDS5HCdylmfpdk8qdpI6fJtl1h93ip eAhQ7D83BRDoIP/mSf6NDqZM7P/kzr+e4PyyYN7IFTjSXQd6XTakrH9AJMbBSVhb VdT8f62HiXxMaOJc1f5YQm10/rKx++NV+NTm5NLJBOlx9C42m1bJ2NSRg9/VKxh6 7HZCybTHU59bfuqMmiC68B/yfPMSdGG7MNPaNTBxoxSvz1cL6qlX1wsAzHkScS7a OwiBJyggNfwAn9awfX7e5iLg/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK6O7rfl XZWxUIkyVrH6jPYNno5KMB8GA1UdIwQYMBaAFGxaWJ+STOm+0f2J9a/2MMknV0Qg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTQ2RS8wQ0Q0MURBOEI3 NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZiN1JfWW4xcl9Zd3lTZFhS Q0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JGcFluNUpNNmI3Ul9ZbjFyX1l3eVNkWFJDQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTQ2RS8wQ0Q0MURBOEI3NkExMUVBODE0RjUwODRDNEY5QUUwMi9iRnBZbjVKTTZi N1JfWW4xcl9Zd3lTZFhSQ0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC3uSRtl2KyQq5O+b1mhJGDhR1OKCs5hULh5Ps18PG5DWd55GG3yWPb uQqPvgEvTZh81jDRvQ2HZkCSwORYK9TCDyxSFilW8/SlVC/2Wu7Qknd8r7IbukV0 Oc7AkOuwpe4wku0JP4SH7fKHYG4d3N1HLdS9d1EZJMjpR4UudmX/Ktgxfh0l+kGt t8vT+tDuA0tPxnx/bL7HOfg50w14+q4ripZRB7+5z8ztLYPpJX1WAh6lNFaj5r7m V56RgOMZ6C5skiEgzbECo08RCJbLDVakvlYo6yd6koA3bAT7os4fruBMZyXXaDVF QjWnIur8Y4pFtNs4El8hnKkEzegIb3tm -----END CERTIFICATE-----Generated at Sat Apr 26 14:02:12 2025 by rpki-client