$ rpki-client -vvf rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DxfzfbyUhNluGgq8eKT5ys1e2oo.mft File: DxfzfbyUhNluGgq8eKT5ys1e2oo.mft (raw, json) Hash identifier: 8GH5yTO0LvlRZFJgxqGCPWi2hToilCJ3BSY+7C9jkTY= Subject key identifier: 60:C3:CA:3B:7F:80:86:08:9C:BF:00:1C:2D:1F:A7:1E:F7:FC:96:C6 Authority key identifier: 0F:17:F3:7D:BC:94:84:D9:6E:1A:0A:BC:78:A4:F9:CA:CD:5E:DA:8A Certificate issuer: /CN=A91B036A/serialNumber=0F17F37DBC9484D96E1A0ABC78A4F9CACD5EDA8A Certificate serial: 0126 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DxfzfbyUhNluGgq8eKT5ys1e2oo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DxfzfbyUhNluGgq8eKT5ys1e2oo.mft Manifest number: 0105 Signing time: Fri 25 Apr 2025 04:36:13 +0000 Manifest this update: Fri 25 Apr 2025 04:36:13 +0000 Manifest next update: Fri 02 May 2025 04:36:13 +0000 Files and hashes: 1: DxfzfbyUhNluGgq8eKT5ys1e2oo.crl (hash: 5xTX2JjaFEJVSI72kUIjw9tnhDdUa4gyEmSvDSeirWE=) 2: 860FE244E7F211EEA82C4340C4F9AE02.roa (hash: MOt4/rtczZ2XuWNA4OgwbPaAH6x2sV9WPLPyaiDEfR8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DxfzfbyUhNluGgq8eKT5ys1e2oo.crl rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DxfzfbyUhNluGgq8eKT5ys1e2oo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DxfzfbyUhNluGgq8eKT5ys1e2oo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:36:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 294 (0x126) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B036A, serialNumber=0F17F37DBC9484D96E1A0ABC78A4F9CACD5EDA8A Validity Not Before: Apr 25 04:36:13 2025 GMT Not After : May 2 04:36:13 2025 GMT Subject: CN=680b113d-57f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:6c:70:b4:35:1e:4b:07:e4:5d:58:5e:b6:61: 90:ea:4c:e1:59:9b:3a:7f:fd:84:ad:30:8f:f4:c7: 7a:9f:e6:e6:4e:87:70:83:dd:2c:ed:72:3d:76:10: b9:46:60:c6:c5:03:c4:1c:5d:44:e0:af:5d:18:ce: 4e:aa:f9:1b:77:2a:ca:b6:d1:84:81:65:02:2e:13: 33:6f:f7:28:51:16:d8:2e:65:a4:d1:34:23:66:ae: 2f:30:8f:6a:77:7f:1b:23:17:61:6b:13:96:f9:a7: 7c:45:97:4f:90:69:97:21:6b:f0:b2:18:bc:9f:a8: 09:a6:ae:2e:b2:bf:ea:e6:4b:e2:5c:ee:fa:98:54: fd:7a:9c:49:7d:d1:e0:d9:3b:a9:3d:b1:dc:7c:b4: 06:ed:7e:eb:33:27:23:88:c4:6b:8f:a3:9c:af:01: e2:68:7d:ac:7e:07:cc:22:46:78:7c:2e:83:07:c2: 86:50:2b:43:d6:f8:b0:80:65:24:eb:c7:fa:62:94: 89:46:c2:04:d0:65:44:54:22:7d:06:af:f3:ea:59: 05:29:24:eb:18:ed:e9:62:6e:6e:61:ee:4e:4b:e1: 67:a9:d8:18:f9:65:fe:a8:37:e3:07:7c:99:97:2a: d0:77:91:35:f2:e9:45:5c:0a:ae:3a:e8:d2:46:0b: 86:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:C3:CA:3B:7F:80:86:08:9C:BF:00:1C:2D:1F:A7:1E:F7:FC:96:C6 X509v3 Authority Key Identifier: keyid:0F:17:F3:7D:BC:94:84:D9:6E:1A:0A:BC:78:A4:F9:CA:CD:5E:DA:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DxfzfbyUhNluGgq8eKT5ys1e2oo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DxfzfbyUhNluGgq8eKT5ys1e2oo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B036A/BBC2F776D1F111EE86051A61C4F9AE02/DxfzfbyUhNluGgq8eKT5ys1e2oo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 53:69:61:7a:79:ad:3e:3a:d3:13:87:75:fd:d0:e4:7e:f6:b3: 78:46:82:81:c3:46:8e:3a:bc:30:e1:8a:fd:84:95:65:6e:98: aa:b3:12:c3:9c:fe:0c:60:1b:2b:0a:23:19:1f:df:1c:ec:c7: 69:3c:c9:93:e4:ca:65:97:59:f2:de:78:03:23:36:e7:12:d8: 8e:14:ce:9a:16:e4:20:95:62:d1:7c:fb:04:0d:72:40:75:b4: a8:f6:e8:c8:e6:d0:13:68:c3:78:05:27:9e:b7:98:16:e5:da: 53:50:31:91:ed:d4:37:6c:ad:8a:87:ed:fa:75:5e:92:0b:18: 33:bc:f9:10:c7:57:c9:3c:5b:2c:ca:29:2b:e9:ef:7b:2d:bb: fa:87:3f:63:9f:55:b6:35:ca:f5:ec:c1:c0:65:06:c2:74:6a: 68:ca:d6:60:23:0a:61:b0:81:ee:5b:72:e4:5a:84:8c:79:03: f9:00:37:b4:35:3b:33:75:83:08:dc:24:d7:93:ae:b8:cd:b7: ab:b4:c4:a7:0b:29:3a:f5:6b:ff:96:25:30:be:25:e2:96:8f: a7:ec:7a:04:8f:2f:60:79:76:26:4b:51:02:65:f1:8b:02:e3: fb:30:69:ae:12:5b:cc:50:79:af:76:20:f5:1a:13:ca:4a:cb: f3:8d:05:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjAzNkExMTAvBgNVBAUTKDBGMTdGMzdEQkM5NDg0RDk2RTFBMEFCQzc4QTRGOUNB Q0Q1RURBOEEwHhcNMjUwNDI1MDQzNjEzWhcNMjUwNTAyMDQzNjEzWjAYMRYwFAYD VQQDEw02ODBiMTEzZC01N2Y0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvWxwtDUeSwfkXVhetmGQ6kzhWZs6f/2ErTCP9Md6n+bmTodwg90s7XI9dhC5 RmDGxQPEHF1E4K9dGM5OqvkbdyrKttGEgWUCLhMzb/coURbYLmWk0TQjZq4vMI9q d38bIxdhaxOW+ad8RZdPkGmXIWvwshi8n6gJpq4usr/q5kviXO76mFT9epxJfdHg 2TupPbHcfLQG7X7rMycjiMRrj6OcrwHiaH2sfgfMIkZ4fC6DB8KGUCtD1viwgGUk 68f6YpSJRsIE0GVEVCJ9Bq/z6lkFKSTrGO3pYm5uYe5OS+FnqdgY+WX+qDfjB3yZ lyrQd5E18ulFXAquOujSRguGowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGDDyjt/ gIYInL8AHC0fpx73/JbGMB8GA1UdIwQYMBaAFA8X8328lITZbhoKvHik+crNXtqK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDM2QS9CQkMyRjc3NkQx RjExMUVFODYwNTFBNjFDNEY5QUUwMi9EeGZ6ZmJ5VWhObHVHZ3E4ZUtUNXlzMWUy b28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0R4ZnpmYnlVaE5sdUdncThlS1Q1eXMxZTJvby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MDM2QS9CQkMyRjc3NkQxRjExMUVFODYwNTFBNjFDNEY5QUUwMi9EeGZ6ZmJ5VWhO bHVHZ3E4ZUtUNXlzMWUyb28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBTaWF6ea0+OtMTh3X90OR+9rN4RoKBw0aOOrww4Yr9hJVlbpiqsxLD nP4MYBsrCiMZH98c7MdpPMmT5Mpll1ny3ngDIzbnEtiOFM6aFuQglWLRfPsEDXJA dbSo9ujI5tATaMN4BSeet5gW5dpTUDGR7dQ3bK2Kh+36dV6SCxgzvPkQx1fJPFss yikr6e97Lbv6hz9jn1W2Ncr17MHAZQbCdGpoytZgIwphsIHuW3LkWoSMeQP5ADe0 NTszdYMI3CTXk664zbertMSnCyk69Wv/liUwviXilo+n7HoEjy9geXYmS1ECZfGL AuP7MGmuElvMUHmvdiD1GhPKSsvzjQVT -----END CERTIFICATE-----Generated at Sat Apr 26 15:19:07 2025 by rpki-client