$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB4BA/C73E18449C9E11ED91B7161DC4F9AE02/g7bn6iO9w6ONYLT_ou_1oY8dzWg.mft File: g7bn6iO9w6ONYLT_ou_1oY8dzWg.mft (raw, json) Hash identifier: a/JCj5Bksr9JuaGcvVhlzl2NoDQ/dEjNL4N/e9x6zp4= Subject key identifier: CF:13:A6:FB:97:38:AD:91:38:C3:BF:71:14:89:68:1E:78:AD:9B:B7 Authority key identifier: 83:B6:E7:EA:23:BD:C3:A3:8D:60:B4:FF:A2:EF:F5:A1:8F:1D:CD:68 Certificate issuer: /CN=A91AB4BA/serialNumber=83B6E7EA23BDC3A38D60B4FFA2EFF5A18F1DCD68 Certificate serial: 01AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g7bn6iO9w6ONYLT_ou_1oY8dzWg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB4BA/C73E18449C9E11ED91B7161DC4F9AE02/g7bn6iO9w6ONYLT_ou_1oY8dzWg.mft Manifest number: 01A8 Signing time: Tue 29 Apr 2025 03:20:18 +0000 Manifest this update: Tue 29 Apr 2025 03:20:18 +0000 Manifest next update: Tue 06 May 2025 03:20:18 +0000 Files and hashes: 1: g7bn6iO9w6ONYLT_ou_1oY8dzWg.crl (hash: xn7DnfYBo2kyezxWNscVtjIQnlKgMdSLRucA2RuWDb4=) 2: 93E8AC909CA111ED97E7FC20C4F9AE02.roa (hash: yz7MYEbOgQ8Al3poUxihFYnUX5uLUR4cvOqS22MeFsU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB4BA/C73E18449C9E11ED91B7161DC4F9AE02/g7bn6iO9w6ONYLT_ou_1oY8dzWg.crl rsync://rpki.apnic.net/member_repository/A91AB4BA/C73E18449C9E11ED91B7161DC4F9AE02/g7bn6iO9w6ONYLT_ou_1oY8dzWg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g7bn6iO9w6ONYLT_ou_1oY8dzWg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 06 May 2025 03:20:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 428 (0x1ac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB4BA, serialNumber=83B6E7EA23BDC3A38D60B4FFA2EFF5A18F1DCD68 Validity Not Before: Apr 29 03:20:18 2025 GMT Not After : May 6 03:20:18 2025 GMT Subject: CN=68104572-a6c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:b6:e6:ce:41:92:77:39:db:94:5c:b4:dd:4a: b0:b3:e3:e1:ca:16:55:46:4b:52:63:73:20:82:16: b3:12:8d:2f:e9:28:a7:1b:c5:1e:63:f8:de:20:68: b3:86:ba:57:09:ba:4e:87:07:52:db:f3:e4:e4:3e: 83:e5:74:d6:47:76:9a:55:48:b7:70:e1:b4:ee:f4: 99:0c:e8:de:c3:4b:e9:03:b2:f8:ed:8d:e4:63:c0: 7f:d9:99:c5:ea:e7:da:7c:8e:1d:67:f3:23:9c:5d: 35:15:32:6e:48:27:78:09:d5:97:ff:3a:22:90:31: c7:c3:8f:2e:fb:d3:61:fc:fd:df:6d:72:a4:97:2e: 5c:c6:15:dc:86:eb:39:56:19:e7:2d:cc:f5:b0:26: ec:b1:7d:be:0c:d3:79:7a:c3:cd:6c:b5:9c:95:67: d7:86:09:94:cd:04:41:a6:d6:92:79:a0:24:27:9b: d4:e8:2c:b1:9d:f6:c0:31:12:6b:2a:20:b4:f4:2f: 9e:bc:75:f7:47:c3:35:40:38:2e:0c:89:00:52:48: df:92:ec:33:f0:ba:a1:d5:69:b5:ab:76:67:82:27: 46:2d:71:b1:b9:56:e1:f9:a7:ce:2b:ca:dd:6e:31: 24:11:1c:1d:6e:ff:81:c2:ff:1b:2b:72:37:80:65: b6:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:13:A6:FB:97:38:AD:91:38:C3:BF:71:14:89:68:1E:78:AD:9B:B7 X509v3 Authority Key Identifier: keyid:83:B6:E7:EA:23:BD:C3:A3:8D:60:B4:FF:A2:EF:F5:A1:8F:1D:CD:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB4BA/C73E18449C9E11ED91B7161DC4F9AE02/g7bn6iO9w6ONYLT_ou_1oY8dzWg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g7bn6iO9w6ONYLT_ou_1oY8dzWg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB4BA/C73E18449C9E11ED91B7161DC4F9AE02/g7bn6iO9w6ONYLT_ou_1oY8dzWg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5c:f4:4d:a9:ce:46:f1:7f:2a:75:58:60:7a:af:7b:12:20:72: 3c:03:e7:f2:d3:e9:7f:07:e7:21:c2:73:0c:ed:d6:39:e9:a3: ae:a9:b6:ed:b3:d9:a1:87:f5:cc:97:36:8a:8d:d7:d5:20:1b: 8d:14:3c:62:9e:39:58:6f:3b:95:68:73:4f:66:2f:ff:d2:47: 84:1b:ce:21:63:44:60:5d:4c:0a:17:68:ea:8a:75:e1:6a:ee: 8f:b2:64:d9:8d:0e:19:85:22:2d:01:40:50:37:88:f6:39:0c: cf:bc:31:da:60:3f:e1:9c:e9:31:75:88:0b:f4:c7:a3:9e:ff: 7a:44:eb:c1:3f:45:f3:72:54:82:75:c0:7b:df:eb:87:7f:2a: b1:06:aa:0f:50:2b:f5:47:52:5a:84:72:33:5b:ed:0f:77:cb: 2c:56:a1:81:dd:7c:4c:da:b9:db:54:2f:de:bd:9b:5b:48:7d: 14:42:40:55:85:82:ab:f0:e6:1f:84:44:ce:a1:2d:b5:1d:b9: bb:0d:5b:14:8d:61:da:2c:dd:4b:9a:fd:07:45:cc:7b:aa:1a: b6:39:ef:d5:88:a6:03:b9:d0:54:f8:48:c1:f1:a7:89:64:f3: 0c:d9:83:1e:41:1e:ea:81:b5:ca:28:ec:e1:ca:bf:3a:d7:32: 46:8e:c4:7b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAawwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUI0QkExMTAvBgNVBAUTKDgzQjZFN0VBMjNCREMzQTM4RDYwQjRGRkEyRUZGNUEx OEYxRENENjgwHhcNMjUwNDI5MDMyMDE4WhcNMjUwNTA2MDMyMDE4WjAYMRYwFAYD VQQDEw02ODEwNDU3Mi1hNmM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1rbmzkGSdznblFy03Uqws+PhyhZVRktSY3MgghazEo0v6SinG8UeY/jeIGiz hrpXCbpOhwdS2/Pk5D6D5XTWR3aaVUi3cOG07vSZDOjew0vpA7L47Y3kY8B/2ZnF 6ufafI4dZ/MjnF01FTJuSCd4CdWX/zoikDHHw48u+9Nh/P3fbXKkly5cxhXchus5 VhnnLcz1sCbssX2+DNN5esPNbLWclWfXhgmUzQRBptaSeaAkJ5vU6CyxnfbAMRJr KiC09C+evHX3R8M1QDguDIkAUkjfkuwz8Lqh1Wm1q3ZngidGLXGxuVbh+afOK8rd bjEkERwdbv+Bwv8bK3I3gGW2UQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM8TpvuX OK2ROMO/cRSJaB54rZu3MB8GA1UdIwQYMBaAFIO25+ojvcOjjWC0/6Lv9aGPHc1o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjRCQS9DNzNFMTg0NDlD OUUxMUVEOTFCNzE2MURDNEY5QUUwMi9nN2JuNmlPOXc2T05ZTFRfb3VfMW9ZOGR6 V2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2c3Ym42aU85dzZPTllMVF9vdV8xb1k4ZHpXZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjRCQS9DNzNFMTg0NDlDOUUxMUVEOTFCNzE2MURDNEY5QUUwMi9nN2JuNmlPOXc2 T05ZTFRfb3VfMW9ZOGR6V2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBc9E2pzkbxfyp1WGB6r3sSIHI8A+fy0+l/B+chwnMM7dY56aOuqbbt s9mhh/XMlzaKjdfVIBuNFDxinjlYbzuVaHNPZi//0keEG84hY0RgXUwKF2jqinXh au6PsmTZjQ4ZhSItAUBQN4j2OQzPvDHaYD/hnOkxdYgL9Mejnv96ROvBP0XzclSC dcB73+uHfyqxBqoPUCv1R1JahHIzW+0Pd8ssVqGB3XxM2rnbVC/evZtbSH0UQkBV hYKr8OYfhETOoS21Hbm7DVsUjWHaLN1Lmv0HRcx7qhq2Oe/ViKYDudBU+EjB8aeJ ZPMM2YMeQR7qgbXKKOzhyr861zJGjsR7 -----END CERTIFICATE-----Generated at Tue Apr 29 07:45:15 2025 by rpki-client