$ rpki-client -vvf rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft File: D-jKZIcKPWORHI0tZRuinKztDso.mft (raw, json) Hash identifier: YdxUgVNYoxOmXGZW8NA08l1V4nD43OrlbVM586Ex8so= Subject key identifier: 0D:31:CC:F9:E4:30:77:3F:48:FA:2F:E0:94:3F:D4:5B:B8:8C:36:E5 Authority key identifier: 0F:E8:CA:64:87:0A:3D:63:91:1C:8D:2D:65:1B:A2:9C:AC:ED:0E:CA Certificate issuer: /CN=A91B428B/serialNumber=0FE8CA64870A3D63911C8D2D651BA29CACED0ECA Certificate serial: 09AB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft Manifest number: 09A4 Signing time: Thu 24 Apr 2025 19:56:48 +0000 Manifest this update: Thu 24 Apr 2025 19:56:47 +0000 Manifest next update: Thu 01 May 2025 19:56:47 +0000 Files and hashes: 1: D-jKZIcKPWORHI0tZRuinKztDso.crl (hash: qzv312lQ8HwAht8M8SeIiz0oxn+gV1CVNNJqqLZ3/Sk=) 2: 319DF660847811EA8EE07E81C4F9AE02.roa (hash: ZlFR2HTwg3fDW4lClQanT4TaI4rdoCBr8+QBrXHDB9w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.crl rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:56:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2475 (0x9ab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B428B, serialNumber=0FE8CA64870A3D63911C8D2D651BA29CACED0ECA Validity Not Before: Apr 24 19:56:47 2025 GMT Not After : May 1 19:56:47 2025 GMT Subject: CN=680a977f-a10b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:73:81:e5:85:1a:0f:20:14:3d:5c:44:b9:cd: 08:37:87:30:1a:08:4e:d6:01:2d:6d:82:4f:9a:50: 7b:65:b2:cd:98:14:13:32:4b:c6:e0:a8:b9:f9:03: 1f:ec:c1:9c:44:f5:f7:71:1e:fb:fc:ea:80:4f:78: 14:3a:3a:c5:15:1f:bf:a9:0e:17:23:e8:2f:a5:3e: 1b:00:20:88:7d:db:a4:91:55:91:a6:34:01:b7:ed: 55:34:83:4a:64:a4:25:6a:86:3a:4f:76:e3:e8:46: 14:7b:e6:99:73:06:55:69:5d:91:3c:14:34:0e:cf: c8:05:ce:bf:4c:b9:34:fc:11:1b:3e:2c:c0:01:da: 77:0c:c9:20:00:f0:a9:ad:21:6c:45:90:2c:b6:17: 64:97:e2:6a:1f:33:2c:85:fb:80:ed:a5:16:fc:46: f9:87:c6:26:9e:59:c6:97:e0:06:95:4d:22:d5:00: e2:be:48:df:16:ab:9e:d3:93:0b:15:c6:81:e3:be: a3:b7:9a:c0:bd:27:b5:4c:93:12:cf:bf:47:98:07: cf:82:d4:eb:4b:74:6d:15:f2:40:9f:27:d6:e8:78: 09:e5:ce:3b:c1:49:82:9b:a2:8a:bc:9b:72:04:ad: 71:ab:f7:77:ec:5a:3c:ea:4d:43:43:4b:ac:b7:59: 0e:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:31:CC:F9:E4:30:77:3F:48:FA:2F:E0:94:3F:D4:5B:B8:8C:36:E5 X509v3 Authority Key Identifier: keyid:0F:E8:CA:64:87:0A:3D:63:91:1C:8D:2D:65:1B:A2:9C:AC:ED:0E:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5c:43:83:47:2f:b7:df:4c:86:92:4c:e6:af:6a:30:93:47:28: 20:36:8c:06:8d:c2:e7:10:64:79:51:2a:c7:b6:5f:35:45:63: 5b:aa:9b:2c:0c:da:a4:14:58:b3:7d:ac:f6:1b:77:16:22:ff: 4a:80:00:50:c8:7e:01:46:70:6f:36:07:1c:74:3e:28:00:76: de:e8:61:9b:40:ea:c0:b7:c1:ed:1b:57:0d:ea:f5:bb:a5:f0: 80:8b:21:3f:24:3f:7b:09:06:e2:a8:2a:b9:d9:ab:9e:67:a3: b9:a9:1f:37:af:b5:6e:81:65:1a:f7:95:26:32:96:d2:05:e5: 24:4c:23:db:a2:c4:55:e5:f1:f4:fa:22:36:a1:48:7d:83:36: 53:25:11:46:79:3c:7d:a2:d8:b8:4c:ac:6a:2d:76:8c:d3:f0: 13:23:11:f4:9e:6e:03:c8:cc:eb:2b:4e:25:46:9e:c1:92:ab: f7:a8:3a:7a:11:e7:4a:bf:a1:6f:6f:8f:dc:dd:11:55:21:0c: 3c:02:57:9a:ec:09:8d:0e:a0:d8:01:35:23:ee:0b:72:81:21: 7c:62:82:d8:7b:80:bf:80:03:da:43:db:c2:c5:ed:d7:92:ce: 64:75:68:24:a1:91:d5:9b:b9:ac:0b:bd:dc:80:d9:1c:0d:9a: c6:94:99:0d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCaswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQyOEIxMTAvBgNVBAUTKDBGRThDQTY0ODcwQTNENjM5MTFDOEQyRDY1MUJBMjlD QUNFRDBFQ0EwHhcNMjUwNDI0MTk1NjQ3WhcNMjUwNTAxMTk1NjQ3WjAYMRYwFAYD VQQDEw02ODBhOTc3Zi1hMTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvnOB5YUaDyAUPVxEuc0IN4cwGghO1gEtbYJPmlB7ZbLNmBQTMkvG4Ki5+QMf 7MGcRPX3cR77/OqAT3gUOjrFFR+/qQ4XI+gvpT4bACCIfdukkVWRpjQBt+1VNINK ZKQlaoY6T3bj6EYUe+aZcwZVaV2RPBQ0Ds/IBc6/TLk0/BEbPizAAdp3DMkgAPCp rSFsRZAsthdkl+JqHzMshfuA7aUW/Eb5h8YmnlnGl+AGlU0i1QDivkjfFque05ML FcaB476jt5rAvSe1TJMSz79HmAfPgtTrS3RtFfJAnyfW6HgJ5c47wUmCm6KKvJty BK1xq/d37Fo86k1DQ0ust1kOIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA0xzPnk MHc/SPov4JQ/1Fu4jDblMB8GA1UdIwQYMBaAFA/oymSHCj1jkRyNLWUbopys7Q7K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDI4Qi8zQTBCNkMwQzg0 NzcxMUVBQjNCNDM2ODBDNEY5QUUwMi9ELWpLWkljS1BXT1JISTB0WlJ1aW5LenRE c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QtaktaSWNLUFdPUkhJMHRaUnVpbkt6dERzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDI4Qi8zQTBCNkMwQzg0NzcxMUVBQjNCNDM2ODBDNEY5QUUwMi9ELWpLWkljS1BX T1JISTB0WlJ1aW5LenREc28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBcQ4NHL7ffTIaSTOavajCTRyggNowGjcLnEGR5USrHtl81RWNbqpss DNqkFFizfaz2G3cWIv9KgABQyH4BRnBvNgccdD4oAHbe6GGbQOrAt8HtG1cN6vW7 pfCAiyE/JD97CQbiqCq52aueZ6O5qR83r7VugWUa95UmMpbSBeUkTCPbosRV5fH0 +iI2oUh9gzZTJRFGeTx9oti4TKxqLXaM0/ATIxH0nm4DyMzrK04lRp7Bkqv3qDp6 EedKv6Fvb4/c3RFVIQw8Alea7AmNDqDYATUj7gtygSF8YoLYe4C/gAPaQ9vCxe3X ks5kdWgkoZHVm7msC73cgNkcDZrGlJkN -----END CERTIFICATE-----Generated at Sat Apr 26 17:08:16 2025 by rpki-client