$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft File: nTwzrLEQPnH6H_PmAT6dwxEiafw.mft (raw, json) Hash identifier: hMyxvYMtl6vbLd+yNr/PNXISJIfccDZ4veeqkA+z2qo= Subject key identifier: 3F:AC:DB:DB:77:A9:64:74:A5:0B:A7:61:82:34:BA:2F:1F:02:0D:B1 Authority key identifier: 9D:3C:33:AC:B1:10:3E:71:FA:1F:F3:E6:01:3E:9D:C3:11:22:69:FC Certificate issuer: /CN=A91B1E8B/serialNumber=9D3C33ACB1103E71FA1FF3E6013E9DC3112269FC Certificate serial: 95 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft Manifest number: 93 Signing time: Fri 25 Apr 2025 05:26:21 +0000 Manifest this update: Fri 25 Apr 2025 05:26:21 +0000 Manifest next update: Fri 02 May 2025 05:26:21 +0000 Files and hashes: 1: nTwzrLEQPnH6H_PmAT6dwxEiafw.crl (hash: GJPf/cHbOAZQew6/O/yx4TQT//Fl1jORGHE17SqTv6Q=) 2: DD76C09AB16711EFBD483568C4F9AE02.roa (hash: lZ2oQ4wvz4evXveDE7LNoYJmc6E6jg/A59sR/rYBi6k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.crl rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:26:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 149 (0x95) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1E8B, serialNumber=9D3C33ACB1103E71FA1FF3E6013E9DC3112269FC Validity Not Before: Apr 25 05:26:21 2025 GMT Not After : May 2 05:26:21 2025 GMT Subject: CN=680b1cfd-2323 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:b7:e2:ed:88:2e:fa:25:19:7f:ba:37:c8:ad: 02:1c:98:3a:e8:e1:b5:50:d1:b1:c1:34:46:df:af: fa:34:6b:af:05:05:e2:22:bd:ec:39:49:3d:81:b3: 54:23:c2:65:2d:48:10:3a:d9:5f:12:5f:e1:c3:bb: 86:e2:29:de:32:d9:11:00:86:a4:ba:5f:6e:04:c5: 8b:63:24:50:7e:19:5c:61:e7:76:20:50:eb:af:28: 2b:24:71:40:82:5c:42:7c:69:0b:87:35:47:7c:19: 81:2c:c5:10:f7:e1:cf:ff:dd:49:22:0a:1b:10:d0: 31:4e:b4:27:08:24:35:51:45:b0:38:6c:d5:69:41: ef:cc:cf:e9:34:7d:b2:ac:4a:58:19:e6:78:81:0b: 2a:f7:f8:db:f1:0a:fb:72:70:6e:a6:65:4e:8c:47: 68:aa:c5:61:7d:d0:01:31:d0:8d:f2:7b:04:f7:ce: 20:63:54:db:c2:15:ac:b6:19:62:66:06:41:94:77: 87:8f:f0:80:1b:a0:65:b9:f4:4d:0d:01:1e:d7:d9: b1:ae:79:32:a5:f4:79:d1:7b:15:c7:7f:ea:8e:d2: 42:ed:e3:b7:57:cb:7b:6d:6f:8a:c8:4c:a3:70:d8: 46:01:61:c7:0e:a6:d9:76:ce:01:69:5f:64:11:42: d5:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:AC:DB:DB:77:A9:64:74:A5:0B:A7:61:82:34:BA:2F:1F:02:0D:B1 X509v3 Authority Key Identifier: keyid:9D:3C:33:AC:B1:10:3E:71:FA:1F:F3:E6:01:3E:9D:C3:11:22:69:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nTwzrLEQPnH6H_PmAT6dwxEiafw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1E8B/6291764445B611EF8AB30A31C4F9AE02/nTwzrLEQPnH6H_PmAT6dwxEiafw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 55:85:09:91:49:dc:42:76:10:61:20:14:51:25:68:70:b8:89: f7:ec:39:33:ad:19:85:8b:66:06:e1:b1:d6:55:91:76:85:52: dc:44:57:57:8d:92:8f:01:d5:96:d0:4c:39:3a:54:a7:ff:c3: d3:76:8e:94:60:38:b3:70:0c:f6:a0:0b:6e:3b:b3:13:9e:d7: b5:78:b8:c9:3b:04:f2:46:0c:3d:6b:51:32:a7:e2:90:06:44: 5e:6c:2e:c7:c9:fb:63:d5:1a:66:d7:ea:dc:93:8f:f1:0f:25: 42:3b:22:53:83:43:37:a9:8a:ac:e2:fa:98:a7:6e:e9:5d:7b: 86:e2:69:c5:ec:c4:af:0b:1f:cf:4b:71:c8:d3:0f:b5:dd:a2: 8b:7c:60:43:16:e1:5d:8e:44:68:b9:4e:03:48:82:0a:31:16: df:ce:cb:e7:7b:39:96:ac:11:1f:be:8a:6a:c8:1c:98:b9:83: 40:61:b0:11:06:9d:ab:d7:db:4e:1d:80:23:ce:9d:cc:05:34: 98:17:c1:d8:dc:51:61:e6:23:35:c4:14:99:68:6d:c8:65:7d: 42:4a:b2:0d:d0:10:35:f8:81:84:a2:21:4e:82:e2:03:27:2c: fe:b4:8a:cc:f4:ee:34:4a:1b:a7:ed:a7:7a:a9:f9:ed:2a:1a: 2c:66:cd:7e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFFOEIxMTAvBgNVBAUTKDlEM0MzM0FDQjExMDNFNzFGQTFGRjNFNjAxM0U5REMz MTEyMjY5RkMwHhcNMjUwNDI1MDUyNjIxWhcNMjUwNTAyMDUyNjIxWjAYMRYwFAYD VQQDEw02ODBiMWNmZC0yMzIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqLfi7Ygu+iUZf7o3yK0CHJg66OG1UNGxwTRG36/6NGuvBQXiIr3sOUk9gbNU I8JlLUgQOtlfEl/hw7uG4ineMtkRAIakul9uBMWLYyRQfhlcYed2IFDrrygrJHFA glxCfGkLhzVHfBmBLMUQ9+HP/91JIgobENAxTrQnCCQ1UUWwOGzVaUHvzM/pNH2y rEpYGeZ4gQsq9/jb8Qr7cnBupmVOjEdoqsVhfdABMdCN8nsE984gY1TbwhWsthli ZgZBlHeHj/CAG6BlufRNDQEe19mxrnkypfR50XsVx3/qjtJC7eO3V8t7bW+KyEyj cNhGAWHHDqbZds4BaV9kEULV6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD+s29t3 qWR0pQunYYI0ui8fAg2xMB8GA1UdIwQYMBaAFJ08M6yxED5x+h/z5gE+ncMRImn8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUU4Qi82MjkxNzY0NDQ1 QjYxMUVGOEFCMzBBMzFDNEY5QUUwMi9uVHd6ckxFUVBuSDZIX1BtQVQ2ZHd4RWlh ZncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25Ud3pyTEVRUG5INkhfUG1BVDZkd3hFaWFmdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MUU4Qi82MjkxNzY0NDQ1QjYxMUVGOEFCMzBBMzFDNEY5QUUwMi9uVHd6ckxFUVBu SDZIX1BtQVQ2ZHd4RWlhZncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBVhQmRSdxCdhBhIBRRJWhwuIn37DkzrRmFi2YG4bHWVZF2hVLcRFdX jZKPAdWW0Ew5OlSn/8PTdo6UYDizcAz2oAtuO7MTnte1eLjJOwTyRgw9a1Eyp+KQ BkRebC7Hyftj1Rpm1+rck4/xDyVCOyJTg0M3qYqs4vqYp27pXXuG4mnF7MSvCx/P S3HI0w+13aKLfGBDFuFdjkRouU4DSIIKMRbfzsvnezmWrBEfvopqyByYuYNAYbAR Bp2r19tOHYAjzp3MBTSYF8HY3FFh5iM1xBSZaG3IZX1CSrIN0BA1+IGEoiFOguID Jyz+tIrM9O40Shun7ad6qfntKhosZs1+ -----END CERTIFICATE-----Generated at Sat Apr 26 13:06:51 2025 by rpki-client