$ rpki-client -vvf rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/t3KDxTMROjkeMdlFJxhqz4OZol8.mft File: t3KDxTMROjkeMdlFJxhqz4OZol8.mft (raw, json) Hash identifier: vV7FcYQWQBFvfCdo/yHVxpjOysF+Xz3kVzybMfdTKEQ= Subject key identifier: B7:1B:BA:A1:8C:3B:74:90:73:E1:B1:CA:53:27:E5:52:2F:7C:78:D6 Authority key identifier: B7:72:83:C5:33:11:3A:39:1E:31:D9:45:27:18:6A:CF:83:99:A2:5F Certificate issuer: /CN=A91AEE4B/serialNumber=B77283C533113A391E31D94527186ACF8399A25F Certificate serial: 0AF0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t3KDxTMROjkeMdlFJxhqz4OZol8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/t3KDxTMROjkeMdlFJxhqz4OZol8.mft Manifest number: 0AE7 Signing time: Thu 24 Apr 2025 19:17:07 +0000 Manifest this update: Thu 24 Apr 2025 19:17:06 +0000 Manifest next update: Thu 01 May 2025 19:17:06 +0000 Files and hashes: 1: t3KDxTMROjkeMdlFJxhqz4OZol8.crl (hash: bLrPKqo4fNThEmqh74RVLOZ0JW3Aerrf8gS7VcfU+40=) 2: 02F1850E45A611EA81CD145AC4F9AE02.roa (hash: +dnFv6At/j+rB10C6K34OqDt094wwEbkgdTC71u4hkg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/t3KDxTMROjkeMdlFJxhqz4OZol8.crl rsync://rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/t3KDxTMROjkeMdlFJxhqz4OZol8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t3KDxTMROjkeMdlFJxhqz4OZol8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:17:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2800 (0xaf0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AEE4B, serialNumber=B77283C533113A391E31D94527186ACF8399A25F Validity Not Before: Apr 24 19:17:06 2025 GMT Not After : May 1 19:17:06 2025 GMT Subject: CN=680a8e33-00fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:a9:b2:ba:26:85:10:e4:6d:b8:7c:e9:ff:37: 50:60:c8:d8:da:ff:30:61:d6:37:fa:1e:62:9c:2b: aa:99:5e:80:0a:f8:b7:a2:18:08:2d:9d:30:08:52: c3:de:d5:00:f1:0a:9a:56:38:d0:45:ee:a9:da:8d: 0f:e4:25:57:21:31:21:07:70:28:e8:9d:11:72:81: cb:13:4b:cb:1d:82:cf:09:5e:2a:65:88:67:7e:5d: 3e:a5:04:09:10:9a:2f:3e:69:32:8a:be:77:3b:88: 04:fe:06:61:2e:52:c9:68:97:c4:1d:c3:ae:4c:56: 95:41:eb:30:67:ec:bf:4e:40:be:0f:00:7b:c1:73: 87:1d:df:39:10:df:2b:c3:24:93:28:ce:10:ba:66: ba:87:9d:40:4f:bf:49:f4:c8:77:e4:99:3d:57:64: 0a:b5:b0:2b:59:9f:c6:44:5e:25:19:a7:47:b9:8e: 56:aa:9e:aa:9f:d1:93:72:53:d8:39:07:64:b1:90: da:d6:c5:32:64:fa:d1:77:b3:92:3f:30:24:7d:b9: fc:a2:d9:26:8c:d4:66:35:bf:a3:86:93:a2:75:34: 0b:c5:da:1b:7a:a9:a9:2d:03:db:b6:5f:74:31:60: 23:88:a1:2d:fe:2e:71:ad:08:b9:72:97:a6:a2:eb: f6:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:1B:BA:A1:8C:3B:74:90:73:E1:B1:CA:53:27:E5:52:2F:7C:78:D6 X509v3 Authority Key Identifier: keyid:B7:72:83:C5:33:11:3A:39:1E:31:D9:45:27:18:6A:CF:83:99:A2:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/t3KDxTMROjkeMdlFJxhqz4OZol8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/t3KDxTMROjkeMdlFJxhqz4OZol8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AEE4B/63DFF80245A411EA942E0957C4F9AE02/t3KDxTMROjkeMdlFJxhqz4OZol8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:59:b6:78:1c:ea:66:e8:2f:1c:b9:3b:9f:27:4c:b0:d1:19: 93:94:8a:74:f4:92:1e:25:19:b6:89:d3:02:b8:60:3c:89:b6: 71:4d:98:e1:85:87:1c:eb:6b:be:17:41:ca:54:a7:ff:1f:42: 11:ab:0a:59:78:05:4b:1c:7e:62:48:d8:0a:09:9c:1b:59:6f: 7e:04:f5:1e:2d:67:a8:eb:9b:43:d0:fe:9b:85:90:fc:e6:76: 55:cb:e0:33:29:e3:b2:e9:91:87:57:a5:f1:75:44:54:0c:11: e2:a3:e3:67:a2:bd:20:c1:8b:c6:d8:0f:06:e9:a4:b6:61:4e: 77:86:4b:d2:2a:c7:43:a8:83:29:01:ef:6d:2c:9a:6c:47:9d: 89:7c:47:f9:30:60:57:78:4f:c5:f8:c0:e3:9b:33:b3:a3:a6: cd:a6:3e:04:dc:46:e8:ec:54:91:50:1e:21:11:1c:8f:46:8e: 40:2e:ca:50:55:2e:51:35:4b:ce:f7:f5:80:2d:25:51:08:83: ad:e6:08:21:44:92:0b:ca:e6:c4:13:aa:ea:db:2e:c6:f3:5f: ea:29:5c:ba:5a:9e:af:1d:a3:3d:88:85:69:0f:e0:e6:a1:68: 33:58:ca:94:55:23:2c:9f:ca:6e:2d:d3:41:3f:6e:a4:bc:ca: e2:93:83:10 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUVFNEIxMTAvBgNVBAUTKEI3NzI4M0M1MzMxMTNBMzkxRTMxRDk0NTI3MTg2QUNG ODM5OUEyNUYwHhcNMjUwNDI0MTkxNzA2WhcNMjUwNTAxMTkxNzA2WjAYMRYwFAYD VQQDEw02ODBhOGUzMy0wMGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4amyuiaFEORtuHzp/zdQYMjY2v8wYdY3+h5inCuqmV6ACvi3ohgILZ0wCFLD 3tUA8QqaVjjQRe6p2o0P5CVXITEhB3Ao6J0RcoHLE0vLHYLPCV4qZYhnfl0+pQQJ EJovPmkyir53O4gE/gZhLlLJaJfEHcOuTFaVQeswZ+y/TkC+DwB7wXOHHd85EN8r wySTKM4Quma6h51AT79J9Mh35Jk9V2QKtbArWZ/GRF4lGadHuY5Wqp6qn9GTclPY OQdksZDa1sUyZPrRd7OSPzAkfbn8otkmjNRmNb+jhpOidTQLxdobeqmpLQPbtl90 MWAjiKEt/i5xrQi5cpemouv2jQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLcbuqGM O3SQc+GxylMn5VIvfHjWMB8GA1UdIwQYMBaAFLdyg8UzETo5HjHZRScYas+DmaJf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRUU0Qi82M0RGRjgwMjQ1 QTQxMUVBOTQyRTA5NTdDNEY5QUUwMi90M0tEeFRNUk9qa2VNZGxGSnhocXo0T1pv bDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3QzS0R4VE1ST2prZU1kbEZKeGhxejRPWm9sOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RUU0Qi82M0RGRjgwMjQ1QTQxMUVBOTQyRTA5NTdDNEY5QUUwMi90M0tEeFRNUk9q a2VNZGxGSnhocXo0T1pvbDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCIWbZ4HOpm6C8cuTufJ0yw0RmTlIp09JIeJRm2idMCuGA8ibZxTZjh hYcc62u+F0HKVKf/H0IRqwpZeAVLHH5iSNgKCZwbWW9+BPUeLWeo65tD0P6bhZD8 5nZVy+AzKeOy6ZGHV6XxdURUDBHio+Nnor0gwYvG2A8G6aS2YU53hkvSKsdDqIMp Ae9tLJpsR52JfEf5MGBXeE/F+MDjmzOzo6bNpj4E3Ebo7FSRUB4hERyPRo5ALspQ VS5RNUvO9/WALSVRCIOt5gghRJILyubEE6rq2y7G81/qKVy6Wp6vHaM9iIVpD+Dm oWgzWMqUVSMsn8puLdNBP26kvMrik4MQ -----END CERTIFICATE-----Generated at Sat Apr 26 04:01:32 2025 by rpki-client