$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6F2D/FD860F68BC6E11EBB8C64854C4F9AE02/r-73ovgxqXVbE7N-tum5HYHoqeg.mft File: r-73ovgxqXVbE7N-tum5HYHoqeg.mft (raw, json) Hash identifier: elE9mwbYNs5ERh/ZoKmN0LsNApI1tCubjYlAqwGrgFM= Subject key identifier: 67:BD:E5:B1:BD:3C:2E:8F:85:3B:DD:1B:54:48:AE:34:15:15:DD:4A Authority key identifier: AF:EE:F7:A2:F8:31:A9:75:5B:13:B3:7E:B6:E9:B9:1D:81:E8:A9:E8 Certificate issuer: /CN=A91A6F2D/serialNumber=AFEEF7A2F831A9755B13B37EB6E9B91D81E8A9E8 Certificate serial: 05C3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-73ovgxqXVbE7N-tum5HYHoqeg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A6F2D/FD860F68BC6E11EBB8C64854C4F9AE02/r-73ovgxqXVbE7N-tum5HYHoqeg.mft Manifest number: 05BF Signing time: Thu 24 Apr 2025 22:52:47 +0000 Manifest this update: Thu 24 Apr 2025 22:52:46 +0000 Manifest next update: Thu 01 May 2025 22:52:46 +0000 Files and hashes: 1: r-73ovgxqXVbE7N-tum5HYHoqeg.crl (hash: nK6AlgWS0G60NkJrIOUx713ZE4f5WA7k7wXukmawZ+w=) 2: C17E1DDCBC7111EBB1423E5FC4F9AE02.roa (hash: ei3bKZ/cpLIRgTqV0pdjcmnxhOkz7g6PWIVeDuQtGq8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A6F2D/FD860F68BC6E11EBB8C64854C4F9AE02/r-73ovgxqXVbE7N-tum5HYHoqeg.crl rsync://rpki.apnic.net/member_repository/A91A6F2D/FD860F68BC6E11EBB8C64854C4F9AE02/r-73ovgxqXVbE7N-tum5HYHoqeg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-73ovgxqXVbE7N-tum5HYHoqeg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:52:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1475 (0x5c3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A6F2D, serialNumber=AFEEF7A2F831A9755B13B37EB6E9B91D81E8A9E8 Validity Not Before: Apr 24 22:52:46 2025 GMT Not After : May 1 22:52:46 2025 GMT Subject: CN=680ac0bf-5ff1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:0a:f3:8f:69:ea:9e:05:4a:bc:fd:d8:67:a7: 9e:29:a8:8b:74:b4:f8:2c:84:3f:f8:e0:b0:4e:7e: 16:72:86:61:e2:0e:a3:a6:d1:e2:4f:64:be:4a:1d: 96:b3:85:bc:4a:b3:77:fa:ae:9c:aa:1e:a0:67:9b: ac:0a:47:a8:a0:54:53:35:a1:d1:52:d0:c3:23:52: 8e:ad:25:08:97:f1:15:f3:4d:bb:4f:c5:dd:d1:2d: b9:02:6f:71:05:d1:0b:be:25:50:b6:76:89:3d:10: 99:11:e0:79:bf:8e:b3:7e:9d:2b:71:55:ba:3d:9f: 84:f3:21:93:b9:8a:b1:0a:57:45:4b:e7:12:af:9d: 6a:f9:7c:7b:b9:4d:31:0d:97:ed:2a:9f:d5:62:7c: f8:93:cf:f1:f8:8f:e4:26:58:68:4e:f3:e0:ca:4e: 8e:17:a0:b7:f5:90:94:ce:1c:ff:7d:e7:13:7e:b0: 71:83:f0:84:de:58:da:5b:60:ef:a1:e1:ce:90:42: b9:f0:ea:29:2d:a7:a8:97:ed:df:e0:b2:26:39:ed: 32:cf:02:e2:e9:68:94:62:df:d0:9f:b9:b2:a0:7c: fa:95:20:53:1c:22:0b:26:16:5e:74:bf:cb:26:fe: 51:52:d5:3d:d0:2a:00:49:bd:e1:9c:ce:95:d3:44: 17:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:BD:E5:B1:BD:3C:2E:8F:85:3B:DD:1B:54:48:AE:34:15:15:DD:4A X509v3 Authority Key Identifier: keyid:AF:EE:F7:A2:F8:31:A9:75:5B:13:B3:7E:B6:E9:B9:1D:81:E8:A9:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A6F2D/FD860F68BC6E11EBB8C64854C4F9AE02/r-73ovgxqXVbE7N-tum5HYHoqeg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-73ovgxqXVbE7N-tum5HYHoqeg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6F2D/FD860F68BC6E11EBB8C64854C4F9AE02/r-73ovgxqXVbE7N-tum5HYHoqeg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption af:2c:f0:6a:e7:9d:20:eb:98:12:6e:6b:f3:c2:aa:dd:98:03: e6:3f:ef:30:9f:78:f8:9a:87:a2:0b:ac:a5:8c:f5:37:b1:d8: 1b:fb:0d:29:07:c5:66:89:24:df:df:ad:92:9c:45:5f:6b:7b: f1:83:74:1f:02:36:a8:89:08:a4:e4:bc:d5:72:d4:05:b0:bd: ff:d9:a9:90:62:6e:60:51:84:64:0f:81:8c:95:44:4d:1b:ba: aa:36:f4:1a:cc:0e:8d:1d:9e:26:7f:d5:02:f9:e4:0e:bb:12: 2d:3c:1f:ee:40:56:1b:d0:98:0b:3f:a8:2d:3d:3a:c5:9c:36: e3:4f:6d:54:5a:5c:74:c0:38:a2:2f:23:39:66:c9:37:0b:f8: 7f:e6:81:c6:c6:10:73:61:e0:99:33:91:23:d9:7e:b0:04:27: db:f5:99:51:c7:d0:ce:f8:28:c4:d6:53:a8:8f:8c:4e:e9:56: 9b:ff:62:fb:27:4d:f7:19:1b:ee:19:e2:1b:4f:69:0a:b2:78: 94:2b:1c:eb:e4:dd:b5:47:02:44:f1:95:0d:85:0b:7a:1a:c9: 8f:56:59:0e:75:a9:65:d6:fd:11:64:11:fa:59:4f:72:ae:6b: 29:78:e0:1e:2b:0a:cb:cd:7d:6c:f1:11:59:6a:ce:41:96:b0: c0:a4:dd:a3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBcMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTZGMkQxMTAvBgNVBAUTKEFGRUVGN0EyRjgzMUE5NzU1QjEzQjM3RUI2RTlCOTFE ODFFOEE5RTgwHhcNMjUwNDI0MjI1MjQ2WhcNMjUwNTAxMjI1MjQ2WjAYMRYwFAYD VQQDEw02ODBhYzBiZi01ZmYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxQrzj2nqngVKvP3YZ6eeKaiLdLT4LIQ/+OCwTn4WcoZh4g6jptHiT2S+Sh2W s4W8SrN3+q6cqh6gZ5usCkeooFRTNaHRUtDDI1KOrSUIl/EV8027T8Xd0S25Am9x BdELviVQtnaJPRCZEeB5v46zfp0rcVW6PZ+E8yGTuYqxCldFS+cSr51q+Xx7uU0x DZftKp/VYnz4k8/x+I/kJlhoTvPgyk6OF6C39ZCUzhz/fecTfrBxg/CE3ljaW2Dv oeHOkEK58OopLaeol+3f4LImOe0yzwLi6WiUYt/Qn7myoHz6lSBTHCILJhZedL/L Jv5RUtU90CoASb3hnM6V00QXewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGe95bG9 PC6PhTvdG1RIrjQVFd1KMB8GA1UdIwQYMBaAFK/u96L4Mal1WxOzfrbpuR2B6Kno MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNkYyRC9GRDg2MEY2OEJD NkUxMUVCQjhDNjQ4NTRDNEY5QUUwMi9yLTczb3ZneHFYVmJFN04tdHVtNUhZSG9x ZWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ItNzNvdmd4cVhWYkU3Ti10dW01SFlIb3FlZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NkYyRC9GRDg2MEY2OEJDNkUxMUVCQjhDNjQ4NTRDNEY5QUUwMi9yLTczb3ZneHFY VmJFN04tdHVtNUhZSG9xZWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCvLPBq550g65gSbmvzwqrdmAPmP+8wn3j4moeiC6yljPU3sdgb+w0p B8VmiSTf362SnEVfa3vxg3QfAjaoiQik5LzVctQFsL3/2amQYm5gUYRkD4GMlURN G7qqNvQazA6NHZ4mf9UC+eQOuxItPB/uQFYb0JgLP6gtPTrFnDbjT21UWlx0wDii LyM5Zsk3C/h/5oHGxhBzYeCZM5Ej2X6wBCfb9ZlRx9DO+CjE1lOoj4xO6Vab/2L7 J033GRvuGeIbT2kKsniUKxzr5N21RwJE8ZUNhQt6GsmPVlkOdall1v0RZBH6WU9y rmspeOAeKwrLzX1s8RFZas5BlrDApN2j -----END CERTIFICATE-----Generated at Sat Apr 26 04:26:33 2025 by rpki-client