$ rpki-client -vvf rpki.apnic.net/member_repository/A91B37C4/A2ABA72C8BD911EF9F96BA4EC4F9AE02/snbxWm1Kl8SBkekr0WYfNovvIeQ.mft File: snbxWm1Kl8SBkekr0WYfNovvIeQ.mft (raw, json) Hash identifier: vvW0VsMnBrn86Ii3trfEXXhcV18+4rx+29+c+wvxd1U= Subject key identifier: 8C:14:7A:A3:68:2C:D4:AA:19:1A:BA:E2:8A:3B:9C:95:77:D2:A2:95 Authority key identifier: B2:76:F1:5A:6D:4A:97:C4:81:91:E9:2B:D1:66:1F:36:8B:EF:21:E4 Certificate issuer: /CN=A91B37C4/serialNumber=B276F15A6D4A97C48191E92BD1661F368BEF21E4 Certificate serial: 6A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/snbxWm1Kl8SBkekr0WYfNovvIeQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B37C4/A2ABA72C8BD911EF9F96BA4EC4F9AE02/snbxWm1Kl8SBkekr0WYfNovvIeQ.mft Manifest number: 67 Signing time: Fri 25 Apr 2025 06:00:01 +0000 Manifest this update: Fri 25 Apr 2025 06:00:01 +0000 Manifest next update: Fri 02 May 2025 06:00:01 +0000 Files and hashes: 1: snbxWm1Kl8SBkekr0WYfNovvIeQ.crl (hash: O3f1DvHMIzktg5S48I9CXhZt6/uDvuEOwlH3komJ8tQ=) 2: 3E4B01008BDA11EFA4A11684C4F9AE02.roa (hash: zwx+U9J08Id0maPwN81wQAKGfgxb2cKuo5oynZYPQgE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B37C4/A2ABA72C8BD911EF9F96BA4EC4F9AE02/snbxWm1Kl8SBkekr0WYfNovvIeQ.crl rsync://rpki.apnic.net/member_repository/A91B37C4/A2ABA72C8BD911EF9F96BA4EC4F9AE02/snbxWm1Kl8SBkekr0WYfNovvIeQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/snbxWm1Kl8SBkekr0WYfNovvIeQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:00:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 106 (0x6a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B37C4, serialNumber=B276F15A6D4A97C48191E92BD1661F368BEF21E4 Validity Not Before: Apr 25 06:00:01 2025 GMT Not After : May 2 06:00:01 2025 GMT Subject: CN=680b24e1-f5da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:9d:fe:0a:e4:cf:9a:bd:b3:69:81:77:c8:34: c5:ba:66:12:f0:77:a1:f8:35:6e:0d:a7:29:46:51: b0:91:26:83:cf:00:a3:fe:70:0d:b2:13:5f:fc:3e: 32:28:a5:8d:30:4e:58:ad:b2:49:89:08:b1:46:44: 40:51:a3:83:ac:63:00:0c:20:b2:1b:cc:7b:74:29: 15:06:b4:d5:46:5c:6b:d7:9b:d7:d0:f2:3c:f9:cb: 19:fd:52:b7:2c:a0:2d:e0:80:15:2a:5f:a1:9a:48: ea:b4:9f:59:32:5b:58:5b:20:a0:d5:ce:b7:fe:6a: 01:67:9c:35:d8:c8:97:30:08:ef:3f:43:60:48:4d: c6:fc:f8:9c:f4:c9:f9:25:aa:38:9a:6f:e9:4e:d8: 75:7f:b5:25:e4:7f:af:f1:04:50:73:ca:57:d2:51: 42:0a:e8:bb:65:4a:bc:6b:5d:90:2b:24:ba:f3:85: 02:24:62:70:7d:48:27:0e:e1:a3:a6:0d:9d:8c:f2: b3:8f:3f:77:55:28:38:6d:19:d2:aa:aa:d7:5b:15: d6:ec:bf:00:f0:b1:c1:fc:43:15:2e:78:f8:a0:4b: ed:e3:10:d6:f1:39:8e:9b:cc:d2:ff:6c:95:60:c2: 09:08:aa:d7:5a:6c:bf:e0:27:98:a5:f0:a2:ac:8d: 0c:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:14:7A:A3:68:2C:D4:AA:19:1A:BA:E2:8A:3B:9C:95:77:D2:A2:95 X509v3 Authority Key Identifier: keyid:B2:76:F1:5A:6D:4A:97:C4:81:91:E9:2B:D1:66:1F:36:8B:EF:21:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B37C4/A2ABA72C8BD911EF9F96BA4EC4F9AE02/snbxWm1Kl8SBkekr0WYfNovvIeQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/snbxWm1Kl8SBkekr0WYfNovvIeQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B37C4/A2ABA72C8BD911EF9F96BA4EC4F9AE02/snbxWm1Kl8SBkekr0WYfNovvIeQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:6f:41:16:c8:e4:8b:b4:bd:57:08:63:3c:d3:4e:5a:e8:6d: a1:6b:fd:4a:75:02:5c:4b:08:81:38:0d:bc:ed:e1:d4:2d:4d: d7:a6:69:cc:b2:d5:89:e9:ed:69:ac:a9:84:7b:f0:36:de:b6: c0:8a:d9:0d:70:5e:37:f1:04:5c:1e:38:92:bf:21:31:49:3c: 13:7a:b7:f8:a0:43:8e:36:a0:3f:de:23:16:14:64:1f:cf:7c: b3:6b:1f:da:9c:b4:0d:87:06:c3:3c:0e:7e:bf:92:72:00:6f: 33:21:da:b4:f9:1f:e9:0d:34:31:bb:6f:f1:62:11:7c:0a:3c: 1f:10:dd:91:17:6a:aa:0e:be:5b:63:a8:18:2e:41:c4:8f:e7: 56:01:3f:e6:a2:d8:06:45:78:9a:d1:b4:8b:4e:91:21:57:06: f4:49:84:7d:5c:ae:f9:f9:21:b1:0b:3c:c5:2c:6b:f2:f9:ed: d5:60:8d:98:64:47:fd:3e:ae:a9:10:01:6e:84:1a:8c:21:6b: 88:3a:60:f5:a1:1e:c9:21:84:b0:47:15:97:a5:9a:bd:ba:7b: 2f:9f:39:a2:17:3f:d6:a9:f6:76:87:b7:b6:0e:28:70:f9:b4: 15:f4:e1:c0:e3:26:fd:86:5f:80:80:45:c6:38:a8:b3:a7:37: 3a:d0:8b:c6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBajANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC MzdDNDExMC8GA1UEBRMoQjI3NkYxNUE2RDRBOTdDNDgxOTFFOTJCRDE2NjFGMzY4 QkVGMjFFNDAeFw0yNTA0MjUwNjAwMDFaFw0yNTA1MDIwNjAwMDFaMBgxFjAUBgNV BAMTDTY4MGIyNGUxLWY1ZGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCinf4K5M+avbNpgXfINMW6ZhLwd6H4NW4NpylGUbCRJoPPAKP+cA2yE1/8PjIo pY0wTlitskmJCLFGREBRo4OsYwAMILIbzHt0KRUGtNVGXGvXm9fQ8jz5yxn9Urcs oC3ggBUqX6GaSOq0n1kyW1hbIKDVzrf+agFnnDXYyJcwCO8/Q2BITcb8+Jz0yfkl qjiab+lO2HV/tSXkf6/xBFBzylfSUUIK6LtlSrxrXZArJLrzhQIkYnB9SCcO4aOm DZ2M8rOPP3dVKDhtGdKqqtdbFdbsvwDwscH8QxUuePigS+3jENbxOY6bzNL/bJVg wgkIqtdabL/gJ5il8KKsjQwXAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUjBR6o2gs 1KoZGrriijuclXfSopUwHwYDVR0jBBgwFoAUsnbxWm1Kl8SBkekr0WYfNovvIeQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIzN0M0L0EyQUJBNzJDOEJE OTExRUY5Rjk2QkE0RUM0RjlBRTAyL3NuYnhXbTFLbDhTQmtla3IwV1lmTm92dkll US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvc25ieFdtMUtsOFNCa2VrcjBXWWZOb3Z2SWVRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIz N0M0L0EyQUJBNzJDOEJEOTExRUY5Rjk2QkE0RUM0RjlBRTAyL3NuYnhXbTFLbDhT Qmtla3IwV1lmTm92dkllUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAB1vQRbI5Iu0vVcIYzzTTlrobaFr/Up1AlxLCIE4Dbzt4dQtTdemacyy 1Ynp7WmsqYR78DbetsCK2Q1wXjfxBFweOJK/ITFJPBN6t/igQ442oD/eIxYUZB/P fLNrH9qctA2HBsM8Dn6/knIAbzMh2rT5H+kNNDG7b/FiEXwKPB8Q3ZEXaqoOvltj qBguQcSP51YBP+ai2AZFeJrRtItOkSFXBvRJhH1crvn5IbELPMUsa/L57dVgjZhk R/0+rqkQAW6EGowha4g6YPWhHskhhLBHFZelmr26ey+fOaIXP9ap9naHt7YOKHD5 tBX04cDjJv2GX4CARcY4qLOnNzrQi8Y= -----END CERTIFICATE-----Generated at Sat Apr 26 13:49:27 2025 by rpki-client