$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB1F6/0F14015094C911EAB1DB627CC4F9AE02/CBzlpnA274VGmQv1lMzWMoB0BR0.mft File: CBzlpnA274VGmQv1lMzWMoB0BR0.mft (raw, json) Hash identifier: G/Za6ypwrWttkn50rJMe+37SamhtIRFM1F4hXndKGDQ= Subject key identifier: D2:75:7C:F1:C7:84:3C:A7:A7:BE:F2:AF:75:20:BD:64:34:FA:59:1A Authority key identifier: 08:1C:E5:A6:70:36:EF:85:46:99:0B:F5:94:CC:D6:32:80:74:05:1D Certificate issuer: /CN=A91AB1F6/serialNumber=081CE5A67036EF8546990BF594CCD6328074051D Certificate serial: 095D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CBzlpnA274VGmQv1lMzWMoB0BR0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB1F6/0F14015094C911EAB1DB627CC4F9AE02/CBzlpnA274VGmQv1lMzWMoB0BR0.mft Manifest number: 0953 Signing time: Thu 24 Apr 2025 20:06:22 +0000 Manifest this update: Thu 24 Apr 2025 20:06:21 +0000 Manifest next update: Thu 01 May 2025 20:06:21 +0000 Files and hashes: 1: CBzlpnA274VGmQv1lMzWMoB0BR0.crl (hash: g0/GhAwWLyY/Eq7Ublv68MVIibRMLf6WJ2cUad8cMsA=) 2: 59675AB20A4011F0AC302962C4F9AE02.roa (hash: tX8/5QgMtsCLrwoaol70And5FJnb3NLo6JwFspF8Ii4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB1F6/0F14015094C911EAB1DB627CC4F9AE02/CBzlpnA274VGmQv1lMzWMoB0BR0.crl rsync://rpki.apnic.net/member_repository/A91AB1F6/0F14015094C911EAB1DB627CC4F9AE02/CBzlpnA274VGmQv1lMzWMoB0BR0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CBzlpnA274VGmQv1lMzWMoB0BR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:06:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2397 (0x95d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB1F6, serialNumber=081CE5A67036EF8546990BF594CCD6328074051D Validity Not Before: Apr 24 20:06:21 2025 GMT Not After : May 1 20:06:21 2025 GMT Subject: CN=680a99bd-a9fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:f6:ff:c3:54:0c:b3:74:16:99:02:c4:72:c4: 92:ab:cc:fd:d6:1f:61:e9:5a:75:f2:bc:e0:ef:43: 43:76:6f:74:b0:16:18:5f:01:e6:9a:05:12:a0:e5: bb:1a:8f:7c:86:50:37:b2:7c:95:d8:f1:48:e2:5f: b7:f6:f2:84:30:8a:50:53:8e:07:11:49:ae:be:e1: 1f:af:44:65:c4:74:eb:02:98:fb:de:16:de:28:60: 93:e6:ca:69:cf:02:e3:32:e2:ed:a2:ac:28:91:8c: 17:42:08:a3:86:c2:34:e2:14:2e:e8:ca:d2:83:d2: 41:5d:bb:b3:63:4d:7d:d2:24:e0:3d:35:24:79:a5: 3c:70:39:97:f3:26:ea:c2:07:20:54:c4:33:85:af: b5:30:23:b4:47:be:e5:28:6b:84:bb:c1:24:18:70: ea:0e:65:d2:63:b6:95:e1:39:17:41:8f:a8:97:9f: 69:74:fc:c8:21:bf:89:96:cb:4c:bc:66:a8:c2:ca: 35:a8:bb:d0:52:18:4d:4e:fd:f5:ed:41:12:b7:ef: 99:16:ba:93:c2:44:c7:68:03:9e:79:84:70:1e:55: 5f:38:ac:55:64:45:22:11:ac:25:b5:12:48:a1:9b: bf:90:32:2c:ea:ea:38:92:b4:24:ec:39:71:9f:43: cd:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:75:7C:F1:C7:84:3C:A7:A7:BE:F2:AF:75:20:BD:64:34:FA:59:1A X509v3 Authority Key Identifier: keyid:08:1C:E5:A6:70:36:EF:85:46:99:0B:F5:94:CC:D6:32:80:74:05:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB1F6/0F14015094C911EAB1DB627CC4F9AE02/CBzlpnA274VGmQv1lMzWMoB0BR0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CBzlpnA274VGmQv1lMzWMoB0BR0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB1F6/0F14015094C911EAB1DB627CC4F9AE02/CBzlpnA274VGmQv1lMzWMoB0BR0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:40:b2:04:17:aa:90:01:07:13:7a:21:a6:a5:32:32:5b:70: df:7e:51:fb:08:c8:f8:55:b7:2c:1d:e3:7a:5f:40:16:89:53: 62:06:6d:4b:ec:32:f7:fc:c6:2e:02:45:2b:ed:0a:2f:f1:56: 10:c7:67:51:22:75:6c:db:fb:3a:04:1d:51:4b:01:3e:ab:06: e2:b6:7a:4f:63:76:70:de:9b:02:06:49:23:10:73:a9:bf:2f: e2:bd:6d:5d:13:ab:3d:14:d5:22:da:09:ab:4c:ad:e9:d4:d3: 87:02:aa:5a:cf:75:64:90:02:32:3e:67:44:3f:13:80:7c:7f: d5:0a:6d:b9:8b:17:96:72:7d:dc:9d:56:d1:e5:3c:fe:9f:c9: 08:3a:24:20:24:4c:46:b7:a9:61:cf:35:a8:b4:92:90:ac:23: 0e:11:e6:7d:9a:3b:14:dd:cf:07:b5:06:21:64:6c:83:2c:93: 75:90:7d:5d:c7:a3:57:81:70:bb:c9:04:57:01:b4:c8:22:6c: 28:e8:f4:e3:63:62:ff:19:60:11:16:5d:b7:42:17:ef:dc:a0: e6:eb:3a:8a:2e:da:31:6e:d1:4c:ae:9f:f9:1f:05:19:f8:48: 68:14:bd:62:1e:45:10:a1:9d:d6:94:13:c3:0c:ef:81:64:8f: 39:2f:10:90 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCV0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIxRjYxMTAvBgNVBAUTKDA4MUNFNUE2NzAzNkVGODU0Njk5MEJGNTk0Q0NENjMy ODA3NDA1MUQwHhcNMjUwNDI0MjAwNjIxWhcNMjUwNTAxMjAwNjIxWjAYMRYwFAYD VQQDEw02ODBhOTliZC1hOWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4Pb/w1QMs3QWmQLEcsSSq8z91h9h6Vp18rzg70NDdm90sBYYXwHmmgUSoOW7 Go98hlA3snyV2PFI4l+39vKEMIpQU44HEUmuvuEfr0RlxHTrApj73hbeKGCT5spp zwLjMuLtoqwokYwXQgijhsI04hQu6MrSg9JBXbuzY0190iTgPTUkeaU8cDmX8ybq wgcgVMQzha+1MCO0R77lKGuEu8EkGHDqDmXSY7aV4TkXQY+ol59pdPzIIb+JlstM vGaowso1qLvQUhhNTv317UESt++ZFrqTwkTHaAOeeYRwHlVfOKxVZEUiEawltRJI oZu/kDIs6uo4krQk7Dlxn0PNGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNJ1fPHH hDynp77yr3UgvWQ0+lkaMB8GA1UdIwQYMBaAFAgc5aZwNu+FRpkL9ZTM1jKAdAUd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjFGNi8wRjE0MDE1MDk0 QzkxMUVBQjFEQjYyN0NDNEY5QUUwMi9DQnpscG5BMjc0VkdtUXYxbE16V01vQjBC UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NCemxwbkEyNzRWR21RdjFsTXpXTW9CMEJSMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjFGNi8wRjE0MDE1MDk0QzkxMUVBQjFEQjYyN0NDNEY5QUUwMi9DQnpscG5BMjc0 VkdtUXYxbE16V01vQjBCUjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBaQLIEF6qQAQcTeiGmpTIyW3DfflH7CMj4VbcsHeN6X0AWiVNiBm1L 7DL3/MYuAkUr7Qov8VYQx2dRInVs2/s6BB1RSwE+qwbitnpPY3Zw3psCBkkjEHOp vy/ivW1dE6s9FNUi2gmrTK3p1NOHAqpaz3VkkAIyPmdEPxOAfH/VCm25ixeWcn3c nVbR5Tz+n8kIOiQgJExGt6lhzzWotJKQrCMOEeZ9mjsU3c8HtQYhZGyDLJN1kH1d x6NXgXC7yQRXAbTIImwo6PTjY2L/GWARFl23Qhfv3KDm6zqKLtoxbtFMrp/5HwUZ +EhoFL1iHkUQoZ3WlBPDDO+BZI85LxCQ -----END CERTIFICATE-----Generated at Sat Apr 26 04:26:38 2025 by rpki-client