$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft File: b8Lt8MURUqO-wRSaG9su2yk8nZU.mft (raw, json) Hash identifier: 8NMcIUk+q8kAvHiix0Vv4CFy+F00S17vDB+CdfwLjt8= Subject key identifier: FD:36:A1:A3:DA:54:0F:3C:10:93:B3:99:29:01:FA:58:B7:20:25:AA Authority key identifier: 6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95 Certificate issuer: /CN=A91AA28B/serialNumber=6FC2EDF0C51152A3BEC1149A1BDB2EDB293C9D95 Certificate serial: 0D4B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft Manifest number: 0D21 Signing time: Thu 24 Apr 2025 18:02:59 +0000 Manifest this update: Thu 24 Apr 2025 18:02:59 +0000 Manifest next update: Thu 01 May 2025 18:02:59 +0000 Files and hashes: 1: b8Lt8MURUqO-wRSaG9su2yk8nZU.crl (hash: Zh59jWYqkN3H2MgmEu5X9Y6Z+5pNXFOIp+S/yLJ5RUU=) 2: 4DD0C31C0E2011F0A0825648C4F9AE02.roa (hash: 8r7MWVk5x8o1qlWsJdhw0htq1GLcuT7GZDff98YKUWg=) 3: 11815E36135311EE94A8A114C4F9AE02.roa (hash: 4RiRLEUaqFnMyzAxg+jhTtVSLZnRrw+D1OLV5ZjDtiE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.crl rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:02:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3403 (0xd4b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA28B, serialNumber=6FC2EDF0C51152A3BEC1149A1BDB2EDB293C9D95 Validity Not Before: Apr 24 18:02:59 2025 GMT Not After : May 1 18:02:59 2025 GMT Subject: CN=680a7cd3-64ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:a7:89:cb:b1:74:44:3f:f4:81:b3:02:3e:b6: 77:bd:9e:5f:1c:12:32:fd:2b:61:50:40:4e:2f:19: d1:d3:14:6e:28:95:60:10:d1:df:34:ea:5f:27:0e: 92:25:89:58:f1:27:0d:19:ef:e6:15:97:b8:da:68: 5c:99:f8:db:dc:3f:ce:a5:77:aa:7f:b0:83:62:4c: 1b:5e:69:e8:35:43:d5:db:dc:2c:cd:99:82:6f:d5: c4:69:79:5e:87:50:20:e7:f6:5a:6b:3c:64:02:a4: 80:73:4b:78:2f:c9:f0:f9:6b:28:46:be:00:2b:d9: 32:a9:e5:f0:2e:12:99:84:7f:87:ac:14:1d:df:db: 79:4a:64:53:cc:67:29:9c:b8:cb:8e:c2:53:e4:dc: 0b:72:94:06:f8:77:3b:07:06:62:bc:e0:12:1d:7a: 7c:66:d5:2d:2b:5f:24:aa:af:3c:df:a8:61:41:5c: 09:e7:59:6c:51:5c:5d:a6:dd:f7:31:cd:40:1e:d2: 1c:04:72:b7:0f:7e:9c:b9:54:0d:38:47:ea:c8:8a: 50:98:1b:85:4f:e5:90:7a:3b:c9:bc:e9:e0:f1:32: ed:32:aa:0e:73:0d:09:c1:be:b2:ef:4c:52:d7:58: f0:4c:96:21:1d:df:96:de:6f:b6:db:b6:df:8a:3c: 9e:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:36:A1:A3:DA:54:0F:3C:10:93:B3:99:29:01:FA:58:B7:20:25:AA X509v3 Authority Key Identifier: keyid:6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:7e:c1:00:78:21:bf:57:de:16:9e:69:90:48:61:d0:3c:cc: f8:64:dd:28:93:b0:d9:23:27:69:64:1c:eb:f9:5f:13:c1:73: 44:dc:1c:98:e5:55:8a:44:0d:d0:ec:bd:82:71:4d:16:8d:b9: 29:bd:f5:7b:3d:cd:e3:3d:8f:40:d0:af:3c:2e:e8:89:40:34: 67:1d:3c:91:82:c8:67:b4:cb:19:78:af:75:44:bf:0a:f6:1e: da:e8:b7:b5:4f:d2:c8:19:2d:86:0e:03:d1:ff:10:2c:e2:95: 3e:f6:bd:03:df:05:e1:c1:ce:72:0d:e7:92:bc:3c:50:62:fd: 0d:99:5a:7a:41:ff:93:92:bc:59:62:50:8f:18:01:5b:27:53: ee:5b:90:49:a1:ce:00:01:04:90:36:e8:20:86:5d:8f:46:7e: cc:6a:99:66:31:37:da:ca:a3:10:19:18:61:25:85:ea:57:d4: a4:21:79:d3:5e:68:32:8b:13:2f:cf:78:93:20:d6:ff:57:e3: 19:27:bf:63:13:04:a9:ed:64:4d:bf:1b:85:d1:dd:1d:7c:26: 70:e7:ce:6f:3b:d7:4e:47:33:e6:b6:f3:d9:58:26:97:9d:c1: 86:13:c4:dc:d2:73:7c:64:e6:b8:12:04:68:c1:85:da:c0:51: 7b:9b:fe:14 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDUswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUEyOEIxMTAvBgNVBAUTKDZGQzJFREYwQzUxMTUyQTNCRUMxMTQ5QTFCREIyRURC MjkzQzlEOTUwHhcNMjUwNDI0MTgwMjU5WhcNMjUwNTAxMTgwMjU5WjAYMRYwFAYD VQQDEw02ODBhN2NkMy02NGFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu6eJy7F0RD/0gbMCPrZ3vZ5fHBIy/SthUEBOLxnR0xRuKJVgENHfNOpfJw6S JYlY8ScNGe/mFZe42mhcmfjb3D/OpXeqf7CDYkwbXmnoNUPV29wszZmCb9XEaXle h1Ag5/ZaazxkAqSAc0t4L8nw+WsoRr4AK9kyqeXwLhKZhH+HrBQd39t5SmRTzGcp nLjLjsJT5NwLcpQG+Hc7BwZivOASHXp8ZtUtK18kqq8836hhQVwJ51lsUVxdpt33 Mc1AHtIcBHK3D36cuVQNOEfqyIpQmBuFT+WQejvJvOng8TLtMqoOcw0Jwb6y70xS 11jwTJYhHd+W3m+227bfijyeaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP02oaPa VA88EJOzmSkB+li3ICWqMB8GA1UdIwQYMBaAFG/C7fDFEVKjvsEUmhvbLtspPJ2V MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTI4Qi8xRTAyNjRBQURC QzgxMUU5QkVBOTEwNTFDNEY5QUUwMi9iOEx0OE1VUlVxTy13UlNhRzlzdTJ5azhu WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I4THQ4TVVSVXFPLXdSU2FHOXN1MnlrOG5aVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QTI4Qi8xRTAyNjRBQURCQzgxMUU5QkVBOTEwNTFDNEY5QUUwMi9iOEx0OE1VUlVx Ty13UlNhRzlzdTJ5azhuWlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBNfsEAeCG/V94WnmmQSGHQPMz4ZN0ok7DZIydpZBzr+V8TwXNE3ByY 5VWKRA3Q7L2CcU0WjbkpvfV7Pc3jPY9A0K88LuiJQDRnHTyRgshntMsZeK91RL8K 9h7a6Le1T9LIGS2GDgPR/xAs4pU+9r0D3wXhwc5yDeeSvDxQYv0NmVp6Qf+TkrxZ YlCPGAFbJ1PuW5BJoc4AAQSQNugghl2PRn7MaplmMTfayqMQGRhhJYXqV9SkIXnT XmgyixMvz3iTINb/V+MZJ79jEwSp7WRNvxuF0d0dfCZw585vO9dORzPmtvPZWCaX ncGGE8Tc0nN8ZOa4EgRowYXawFF7m/4U -----END CERTIFICATE-----Generated at Sat Apr 26 04:33:16 2025 by rpki-client