$ rpki-client -vvf rpki.apnic.net/member_repository/A91A91CB/650E600AEA5A11EFB84AE468C4F9AE02/iWZCPuKkFWMfevMU5NiEAHqEaLY.mft File: iWZCPuKkFWMfevMU5NiEAHqEaLY.mft (raw, json) Hash identifier: xM26QrPwKEbpVCtEwsaoncJCgGR6a3M9b4U6v/9CXEg= Subject key identifier: 89:CD:5A:7D:D3:D3:54:EA:6D:F7:BA:D3:DF:7B:16:D1:6B:DD:CA:E7 Authority key identifier: 89:66:42:3E:E2:A4:15:63:1F:7A:F3:14:E4:D8:84:00:7A:84:68:B6 Certificate issuer: /CN=A91A91CB/serialNumber=8966423EE2A415631F7AF314E4D884007A8468B6 Certificate serial: 27 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iWZCPuKkFWMfevMU5NiEAHqEaLY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A91CB/650E600AEA5A11EFB84AE468C4F9AE02/iWZCPuKkFWMfevMU5NiEAHqEaLY.mft Manifest number: 26 Signing time: Fri 25 Apr 2025 06:46:11 +0000 Manifest this update: Fri 25 Apr 2025 06:46:11 +0000 Manifest next update: Fri 02 May 2025 06:46:11 +0000 Files and hashes: 1: iWZCPuKkFWMfevMU5NiEAHqEaLY.crl (hash: 3VvFWBePDR8cgViXc7qb1h9RGMBTbkhpFi98OLjCQoM=) 2: 0EB302DCEA5B11EFABB07C6DC4F9AE02.roa (hash: gvmSDCYZSC63LrY5JrPQoisd5tgDkXkEX0SCy3pFzuY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A91CB/650E600AEA5A11EFB84AE468C4F9AE02/iWZCPuKkFWMfevMU5NiEAHqEaLY.crl rsync://rpki.apnic.net/member_repository/A91A91CB/650E600AEA5A11EFB84AE468C4F9AE02/iWZCPuKkFWMfevMU5NiEAHqEaLY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iWZCPuKkFWMfevMU5NiEAHqEaLY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:46:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39 (0x27) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A91CB, serialNumber=8966423EE2A415631F7AF314E4D884007A8468B6 Validity Not Before: Apr 25 06:46:11 2025 GMT Not After : May 2 06:46:11 2025 GMT Subject: CN=680b2fb3-851a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:14:35:06:dc:ea:04:dc:f0:c4:11:61:59:13: c6:7c:56:4b:10:7c:5f:f4:d6:e3:42:5d:27:47:d5: 48:41:a1:30:6f:71:41:64:21:c4:1a:21:45:19:19: c5:4b:bd:63:30:bf:6c:ee:7e:1b:ce:13:cb:05:a3: 60:ca:7c:23:4b:14:fb:a2:c2:9a:4c:ae:1e:61:a1: 9d:b6:78:ed:9b:37:ba:70:d2:a9:51:e0:86:0d:a5: ce:4c:22:e4:32:55:69:7d:83:da:9f:87:08:6e:2c: 84:d2:d6:1f:51:b6:5b:f6:58:89:1c:dd:29:ba:7b: de:65:e9:7f:44:7e:40:c9:1b:e7:0d:a9:1d:46:d7: fa:0d:f7:7f:63:a8:60:3a:1c:02:d8:70:b1:32:3f: 88:66:f6:79:81:d0:bf:b4:37:d4:00:3f:b6:39:ba: 6f:22:d4:c6:0c:ae:86:23:76:0f:4a:08:73:ba:23: 05:27:7c:c0:5b:6e:9e:ec:f3:4b:07:19:27:99:c9: 76:8c:db:94:76:31:03:21:e4:9c:f5:e7:a0:9f:8a: 55:8d:2d:2c:b5:7a:dc:62:08:c6:81:17:d1:76:db: 9f:c1:a2:8c:9e:3c:f9:c7:48:f7:31:b9:6e:eb:c0: 5e:7c:b7:e2:3a:40:5f:7c:05:51:b9:33:ab:bd:3e: 0e:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:CD:5A:7D:D3:D3:54:EA:6D:F7:BA:D3:DF:7B:16:D1:6B:DD:CA:E7 X509v3 Authority Key Identifier: keyid:89:66:42:3E:E2:A4:15:63:1F:7A:F3:14:E4:D8:84:00:7A:84:68:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A91CB/650E600AEA5A11EFB84AE468C4F9AE02/iWZCPuKkFWMfevMU5NiEAHqEaLY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iWZCPuKkFWMfevMU5NiEAHqEaLY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A91CB/650E600AEA5A11EFB84AE468C4F9AE02/iWZCPuKkFWMfevMU5NiEAHqEaLY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:fd:9e:2a:19:4f:4c:2b:66:bc:54:37:21:8a:b4:d7:0a:56: 71:7d:ee:1d:24:7e:d3:49:c2:d2:b7:22:8d:92:50:d4:1b:f9: 88:e6:7c:01:9c:cf:7a:02:ef:76:63:5e:7f:95:c6:47:4b:f3: 45:5b:24:01:58:e8:c7:4f:f8:67:3c:e9:b0:3d:1f:63:7d:21: cf:9b:3c:46:6e:ad:83:40:66:05:b7:52:3a:88:2f:ff:12:b6: 3b:0b:96:36:f6:0d:0f:dd:91:45:d8:a8:8f:93:56:a2:88:e2: 58:5c:83:9b:d7:df:69:26:85:90:9e:87:2a:66:0b:41:1a:64: 72:3a:28:aa:16:b7:69:ae:68:82:c1:8d:af:f2:ab:de:86:04: df:3a:74:3a:d5:78:9b:ec:65:ec:4d:38:a4:ad:74:a7:08:ed: 34:19:c8:7a:04:ae:9f:fe:55:ed:f0:dd:dc:fd:4e:9f:d0:e8: 23:be:e7:ea:f6:1a:ad:62:e8:99:1a:72:9b:44:de:aa:fe:c7: 37:62:57:f6:f2:b0:d1:51:c1:c7:fc:92:51:6e:3a:49:23:30: 4b:f5:0f:0a:cb:fd:1d:65:13:a8:f3:7c:b3:e4:12:e5:a3:95: fe:e1:24:94:a0:4b:b5:73:8f:18:56:fb:4b:73:d9:4e:55:6a: 2e:41:04:85 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB OTFDQjExMC8GA1UEBRMoODk2NjQyM0VFMkE0MTU2MzFGN0FGMzE0RTREODg0MDA3 QTg0NjhCNjAeFw0yNTA0MjUwNjQ2MTFaFw0yNTA1MDIwNjQ2MTFaMBgxFjAUBgNV BAMTDTY4MGIyZmIzLTg1MWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDOFDUG3OoE3PDEEWFZE8Z8VksQfF/01uNCXSdH1UhBoTBvcUFkIcQaIUUZGcVL vWMwv2zufhvOE8sFo2DKfCNLFPuiwppMrh5hoZ22eO2bN7pw0qlR4IYNpc5MIuQy VWl9g9qfhwhuLITS1h9Rtlv2WIkc3Sm6e95l6X9EfkDJG+cNqR1G1/oN939jqGA6 HALYcLEyP4hm9nmB0L+0N9QAP7Y5um8i1MYMroYjdg9KCHO6IwUnfMBbbp7s80sH GSeZyXaM25R2MQMh5Jz156CfilWNLSy1etxiCMaBF9F225/BooyePPnHSPcxuW7r wF58t+I6QF98BVG5M6u9Pg5TAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUic1afdPT VOpt97rT33sW0WvdyucwHwYDVR0jBBgwFoAUiWZCPuKkFWMfevMU5NiEAHqEaLYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5MUNCLzY1MEU2MDBBRUE1 QTExRUZCODRBRTQ2OEM0RjlBRTAyL2lXWkNQdUtrRldNZmV2TVU1TmlFQUhxRWFM WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaVdaQ1B1S2tGV01mZXZNVTVOaUVBSHFFYUxZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5 MUNCLzY1MEU2MDBBRUE1QTExRUZCODRBRTQ2OEM0RjlBRTAyL2lXWkNQdUtrRldN ZmV2TVU1TmlFQUhxRWFMWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGr9nioZT0wrZrxUNyGKtNcKVnF97h0kftNJwtK3Io2SUNQb+YjmfAGc z3oC73ZjXn+VxkdL80VbJAFY6MdP+Gc86bA9H2N9Ic+bPEZurYNAZgW3UjqIL/8S tjsLljb2DQ/dkUXYqI+TVqKI4lhcg5vX32kmhZCehypmC0EaZHI6KKoWt2muaILB ja/yq96GBN86dDrVeJvsZexNOKStdKcI7TQZyHoErp/+Ve3w3dz9Tp/Q6CO+5+r2 Gq1i6JkacptE3qr+xzdiV/bysNFRwcf8klFuOkkjMEv1DwrL/R1lE6jzfLPkEuWj lf7hJJSgS7VzjxhW+0tz2U5Vai5BBIU= -----END CERTIFICATE-----Generated at Sat Apr 26 04:36:54 2025 by rpki-client