$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft File: httX5pD30wkpOii6fFX7ivN9Xb0.mft (raw, json) Hash identifier: pwMk47DifQt6I6g9djV1YJ1wkPTrElzY/ukp4ZGQuGg= Subject key identifier: D5:9B:6D:8B:52:2E:73:9A:6D:79:95:C6:45:7B:59:58:EC:53:51:49 Authority key identifier: 86:DB:57:E6:90:F7:D3:09:29:3A:28:BA:7C:55:FB:8A:F3:7D:5D:BD Certificate issuer: /CN=A91A560A/serialNumber=86DB57E690F7D309293A28BA7C55FB8AF37D5DBD Certificate serial: 3666 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft Manifest number: 3665 Signing time: Thu 24 Apr 2025 14:32:57 +0000 Manifest this update: Thu 24 Apr 2025 14:32:57 +0000 Manifest next update: Thu 01 May 2025 14:32:57 +0000 Files and hashes: 1: httX5pD30wkpOii6fFX7ivN9Xb0.crl (hash: e8kfkOTscl4UFjV0yDuQwb97/6yXHoL5j/dO4lqE2Uc=) 2: 3B8DEC18F67C11EFA12FD55AC4F9AE02.roa (hash: nh94eTTHYj6LF33H1WS71VdzV0Cak2sfzem+EZwjKa8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.crl rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:32:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13926 (0x3666) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=86DB57E690F7D309293A28BA7C55FB8AF37D5DBD Validity Not Before: Apr 24 14:32:57 2025 GMT Not After : May 1 14:32:57 2025 GMT Subject: CN=680a4b99-8325 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:2c:4b:8a:a9:67:d1:27:8e:29:ff:b0:65:7e: 48:4a:eb:a1:4c:6f:6d:cf:78:24:a0:b6:59:df:fe: c7:65:fc:be:f0:eb:6c:ec:5c:e3:13:3a:1e:8d:11: c4:ba:36:00:a8:28:59:ae:75:50:a2:4c:e7:36:bf: 6e:f6:e9:98:bf:33:29:98:c5:f0:36:e0:2d:e9:6e: 42:6c:6d:b7:93:a1:36:f3:73:83:2d:57:b8:d8:58: e5:6d:1a:ef:5b:d3:d4:02:69:6a:ef:0e:3a:f9:c3: ab:98:c1:38:0e:d6:bf:a1:ef:65:62:10:4c:da:22: 94:50:bd:73:64:15:f8:67:d5:cc:b0:dd:90:47:2a: e9:c4:54:6f:c3:2b:27:c7:65:ca:65:60:b1:01:77: 01:82:3a:cf:fd:8e:8d:64:6a:0c:8b:32:bd:3d:ae: 55:f5:ca:75:05:98:06:1f:fe:e3:6d:a1:e5:53:37: 2f:ad:19:0b:07:15:a9:31:77:e9:11:43:dc:a0:39: 25:00:c1:11:40:73:dd:61:ef:b3:8b:96:e0:80:00: a3:0c:34:19:49:62:4c:d2:1c:89:9a:7c:b2:25:a1: 4f:64:60:ef:69:7e:d4:65:a3:c4:75:66:62:04:b8: b9:e0:d8:74:7f:42:27:be:f6:09:ce:18:7f:df:00: cb:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:9B:6D:8B:52:2E:73:9A:6D:79:95:C6:45:7B:59:58:EC:53:51:49 X509v3 Authority Key Identifier: keyid:86:DB:57:E6:90:F7:D3:09:29:3A:28:BA:7C:55:FB:8A:F3:7D:5D:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:7d:d4:1c:f1:51:d2:88:03:32:16:db:ad:5d:da:fc:97:e4: e8:93:88:60:79:63:16:aa:70:ae:bc:18:1e:37:c7:44:30:a6: 4a:32:2f:da:05:ea:1a:81:8b:5e:87:6f:76:8a:af:8d:f9:1c: 9a:aa:e8:d5:e8:a9:b0:f0:e5:b7:2d:02:1a:33:25:8f:9f:f4: b3:a1:5c:b2:3c:84:d6:6b:7b:2d:e1:57:a6:4b:69:6d:21:d0: a2:64:5e:6d:26:7c:f8:df:35:96:dc:56:b0:31:7e:1f:0f:17: a1:74:67:68:bc:26:fd:8d:a2:10:08:d3:91:95:4a:8a:38:48: 2a:af:90:e0:20:b4:2d:1e:54:7d:79:31:0d:22:bc:06:45:fd: 8c:be:85:ec:13:3b:ce:9e:c1:df:2a:0b:0e:1a:bf:1c:d0:91: b6:35:1d:a2:c8:e8:03:bc:13:31:ec:5b:d6:7c:1c:71:f3:e2: d8:50:5d:42:08:8d:f3:de:e7:eb:dc:fa:6c:77:af:de:c5:7c: cb:7c:a3:3d:21:8c:e1:bd:33:a3:69:e6:17:15:0c:ee:82:a6: df:8f:ba:83:68:c5:19:b2:a0:13:c7:d4:8f:90:34:08:a6:78: c7:92:31:8a:e5:0b:f4:e2:40:c3:22:84:13:2d:f3:c4:17:95: f0:1d:9f:55 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNmYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDg2REI1N0U2OTBGN0QzMDkyOTNBMjhCQTdDNTVGQjhB RjM3RDVEQkQwHhcNMjUwNDI0MTQzMjU3WhcNMjUwNTAxMTQzMjU3WjAYMRYwFAYD VQQDEw02ODBhNGI5OS04MzI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwixLiqln0SeOKf+wZX5ISuuhTG9tz3gkoLZZ3/7HZfy+8Ots7FzjEzoejRHE ujYAqChZrnVQokznNr9u9umYvzMpmMXwNuAt6W5CbG23k6E283ODLVe42FjlbRrv W9PUAmlq7w46+cOrmME4Dta/oe9lYhBM2iKUUL1zZBX4Z9XMsN2QRyrpxFRvwysn x2XKZWCxAXcBgjrP/Y6NZGoMizK9Pa5V9cp1BZgGH/7jbaHlUzcvrRkLBxWpMXfp EUPcoDklAMERQHPdYe+zi5bggACjDDQZSWJM0hyJmnyyJaFPZGDvaX7UZaPEdWZi BLi54Nh0f0InvvYJzhh/3wDLsQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNWbbYtS LnOabXmVxkV7WVjsU1FJMB8GA1UdIwQYMBaAFIbbV+aQ99MJKToounxV+4rzfV29 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9COTk1M0RCQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9odHRYNXBEMzB3a3BPaWk2ZkZYN2l2TjlY YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2h0dFg1cEQzMHdrcE9paTZmRlg3aXZOOVhiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTYwQS9COTk1M0RCQTFEOEExMUUyQTM4N0QwRTQwOEIwMkNEMi9odHRYNXBEMzB3 a3BPaWk2ZkZYN2l2TjlYYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBNfdQc8VHSiAMyFtutXdr8l+Tok4hgeWMWqnCuvBgeN8dEMKZKMi/a BeoagYteh292iq+N+RyaqujV6Kmw8OW3LQIaMyWPn/SzoVyyPITWa3st4VemS2lt IdCiZF5tJnz43zWW3FawMX4fDxehdGdovCb9jaIQCNORlUqKOEgqr5DgILQtHlR9 eTENIrwGRf2MvoXsEzvOnsHfKgsOGr8c0JG2NR2iyOgDvBMx7FvWfBxx8+LYUF1C CI3z3ufr3Ppsd6/exXzLfKM9IYzhvTOjaeYXFQzugqbfj7qDaMUZsqATx9SPkDQI pnjHkjGK5Qv04kDDIoQTLfPEF5XwHZ9V -----END CERTIFICATE-----Generated at Sat Apr 26 14:58:48 2025 by rpki-client