$ rpki-client -vvf rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft File: H8Tf0A2sNKjrhGPTlRwio0WDesk.mft (raw, json) Hash identifier: 3oboFTDMFIMreJe3l5aQ7BgMQ6+HJ4hFbCuAs3GlPnk= Subject key identifier: 46:8A:C1:E6:D1:A0:41:73:D1:F6:B1:9A:C8:3D:66:2E:E1:83:14:23 Authority key identifier: 1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9 Certificate issuer: /CN=A91B477B/serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9 Certificate serial: 068F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft Manifest number: 0682 Signing time: Thu 24 Apr 2025 22:06:21 +0000 Manifest this update: Thu 24 Apr 2025 22:06:20 +0000 Manifest next update: Thu 01 May 2025 22:06:20 +0000 Files and hashes: 1: H8Tf0A2sNKjrhGPTlRwio0WDesk.crl (hash: HilapB3HZD3JzucofmV6huSmD6c0lPbiWuqP3xZJj14=) 2: 22F72E28725311EBA9C51756C4F9AE02.roa (hash: jYjWFz3EGxandnR9opo8f6aMMLeOf+7OXo3+jH6tu9c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:06:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1679 (0x68f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B477B, serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9 Validity Not Before: Apr 24 22:06:20 2025 GMT Not After : May 1 22:06:20 2025 GMT Subject: CN=680ab5dc-c642 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:d5:79:63:d0:f3:23:ae:60:ef:bc:58:1e:b2: a1:f1:29:30:84:fb:14:1a:bd:8c:69:23:59:c0:25: 82:57:ac:e2:ff:dd:76:e9:b0:44:03:5a:d6:54:50: bd:de:45:08:02:a1:0e:e0:f2:47:32:65:c0:4a:4d: aa:c5:ea:29:21:e1:3f:a5:28:9a:81:85:5d:88:89: c5:7c:55:c9:87:71:a7:57:d9:48:dd:12:43:d6:0d: bf:76:07:97:f8:7b:d1:66:5f:88:05:dd:4a:c1:e2: d2:d8:b2:f0:17:53:22:81:ba:59:5e:66:e1:61:c3: 20:4d:ef:77:be:38:c0:c1:f4:28:f6:db:82:20:f8: bd:ee:c2:cf:26:97:da:2d:97:35:bc:00:26:24:c7: f0:57:a3:fb:a9:7e:05:cf:bb:aa:52:77:b5:3a:6d: 69:59:1e:f6:bd:3a:d5:9c:ac:80:e4:a4:50:50:d1: c3:54:af:93:0f:45:c1:14:f6:a7:fd:ad:e9:c9:ab: 28:e3:b4:6a:ed:b2:27:b8:72:13:2e:20:73:3a:54: 33:73:50:e3:57:7a:ed:72:62:07:b4:e6:60:33:d5: 44:b7:94:94:a4:18:78:0d:89:42:9e:81:d7:73:f5: e1:1d:1d:30:88:ba:b1:ef:0c:39:86:c0:7b:c4:76: 9d:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:8A:C1:E6:D1:A0:41:73:D1:F6:B1:9A:C8:3D:66:2E:E1:83:14:23 X509v3 Authority Key Identifier: keyid:1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 57:8b:e3:54:e6:40:4a:9c:cd:a9:c1:47:0f:69:4e:1a:a9:e8: 63:87:4f:6f:a1:d4:a6:c0:10:73:24:b0:a3:cb:12:e7:63:12: 1e:bf:69:bc:53:91:fa:7a:f4:5e:f7:8e:7c:c4:71:5e:cb:ca: 94:f2:99:f2:fe:97:51:a8:aa:9e:19:15:2b:95:54:b1:95:76: 26:0d:93:bd:4f:90:26:f0:72:53:10:a8:47:d7:76:1e:00:ba: 6f:b2:65:6b:ef:de:3c:5d:f3:e4:ff:08:7c:d6:55:0e:af:02: b9:88:df:98:43:dd:ab:fd:27:2f:50:e7:e2:24:26:31:68:af: c5:3b:aa:e1:30:54:b4:2c:2a:ac:02:e1:f2:26:97:b4:e2:df: b8:93:90:bf:ab:8c:13:5c:c7:12:d8:63:ce:ce:d9:af:76:cc: 14:d3:3f:bd:ef:e5:3b:0e:3c:75:0a:d7:96:8b:6f:c1:5b:b0: d3:8d:55:b7:35:07:bd:27:54:cd:8f:b5:d5:d2:62:f3:7a:92: f5:25:63:45:e3:df:c3:98:0a:79:a5:c6:85:f3:93:04:55:ae: c8:a7:4f:c8:b9:ef:54:6d:cf:ae:f6:89:2e:ef:60:d7:2d:61: 94:0a:2f:e5:32:11:f0:72:4c:c2:77:cd:fe:a2:35:9a:9f:16: bb:ed:74:e9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQ3N0IxMTAvBgNVBAUTKDFGQzRERkQwMERBQzM0QThFQjg0NjNEMzk1MUMyMkEz NDU4MzdBQzkwHhcNMjUwNDI0MjIwNjIwWhcNMjUwNTAxMjIwNjIwWjAYMRYwFAYD VQQDEw02ODBhYjVkYy1jNjQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA79V5Y9DzI65g77xYHrKh8SkwhPsUGr2MaSNZwCWCV6zi/9126bBEA1rWVFC9 3kUIAqEO4PJHMmXASk2qxeopIeE/pSiagYVdiInFfFXJh3GnV9lI3RJD1g2/dgeX +HvRZl+IBd1KweLS2LLwF1MigbpZXmbhYcMgTe93vjjAwfQo9tuCIPi97sLPJpfa LZc1vAAmJMfwV6P7qX4Fz7uqUne1Om1pWR72vTrVnKyA5KRQUNHDVK+TD0XBFPan /a3pyaso47Rq7bInuHITLiBzOlQzc1DjV3rtcmIHtOZgM9VEt5SUpBh4DYlCnoHX c/XhHR0wiLqx7ww5hsB7xHadyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEaKwebR oEFz0faxmsg9Zi7hgxQjMB8GA1UdIwQYMBaAFB/E39ANrDSo64Rj05UcIqNFg3rJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDc3Qi8xQzI1NjI3MDcy NTAxMUVCQjY0OEY4NEVDNEY5QUUwMi9IOFRmMEEyc05LanJoR1BUbFJ3aW8wV0Rl c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0g4VGYwQTJzTktqcmhHUFRsUndpbzBXRGVzay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDc3Qi8xQzI1NjI3MDcyNTAxMUVCQjY0OEY4NEVDNEY5QUUwMi9IOFRmMEEyc05L anJoR1BUbFJ3aW8wV0Rlc2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBXi+NU5kBKnM2pwUcPaU4aqehjh09vodSmwBBzJLCjyxLnYxIev2m8 U5H6evRe9458xHFey8qU8pny/pdRqKqeGRUrlVSxlXYmDZO9T5Am8HJTEKhH13Ye ALpvsmVr7948XfPk/wh81lUOrwK5iN+YQ92r/ScvUOfiJCYxaK/FO6rhMFS0LCqs AuHyJpe04t+4k5C/q4wTXMcS2GPOztmvdswU0z+97+U7Djx1CteWi2/BW7DTjVW3 NQe9J1TNj7XV0mLzepL1JWNF49/DmAp5pcaF85MEVa7Ip0/Iue9Ubc+u9oku72DX LWGUCi/lMhHwckzCd83+ojWanxa77XTp -----END CERTIFICATE-----Generated at Sat Apr 26 12:26:43 2025 by rpki-client