$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5377/F3C44A78CC5811EF99985D86C4F9AE02/kIDbUP8LdD_6MredDdXDGQIdbiQ.mft File: kIDbUP8LdD_6MredDdXDGQIdbiQ.mft (raw, json) Hash identifier: XsO/xYoF/EwsfFpkYiLDFQ+spN0KsdxX36pUQW3n8us= Subject key identifier: 00:25:32:B1:7D:1D:49:AA:33:B9:21:B0:C0:BC:EC:70:FF:FE:D1:B2 Authority key identifier: 90:80:DB:50:FF:0B:74:3F:FA:32:B7:9D:0D:D5:C3:19:02:1D:6E:24 Certificate issuer: /CN=A91B5377/serialNumber=9080DB50FF0B743FFA32B79D0DD5C319021D6E24 Certificate serial: 39 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kIDbUP8LdD_6MredDdXDGQIdbiQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5377/F3C44A78CC5811EF99985D86C4F9AE02/kIDbUP8LdD_6MredDdXDGQIdbiQ.mft Manifest number: 39 Signing time: Fri 25 Apr 2025 06:31:41 +0000 Manifest this update: Fri 25 Apr 2025 06:31:40 +0000 Manifest next update: Fri 02 May 2025 06:31:40 +0000 Files and hashes: 1: kIDbUP8LdD_6MredDdXDGQIdbiQ.crl (hash: P6F0qVIBTCZaQ4iPxBYzcC6vmjk665GGMH3M0rA1E30=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5377/F3C44A78CC5811EF99985D86C4F9AE02/kIDbUP8LdD_6MredDdXDGQIdbiQ.crl rsync://rpki.apnic.net/member_repository/A91B5377/F3C44A78CC5811EF99985D86C4F9AE02/kIDbUP8LdD_6MredDdXDGQIdbiQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kIDbUP8LdD_6MredDdXDGQIdbiQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:31:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57 (0x39) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5377, serialNumber=9080DB50FF0B743FFA32B79D0DD5C319021D6E24 Validity Not Before: Apr 25 06:31:40 2025 GMT Not After : May 2 06:31:40 2025 GMT Subject: CN=680b2c4c-9544 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:f5:fa:57:17:16:11:19:e0:24:9d:08:95:f5: ac:67:ee:6a:ba:f9:53:f1:79:38:7d:0d:8d:a3:d3: 3d:2e:28:cc:a4:0e:d6:85:f1:ee:75:21:0e:2e:53: ba:1b:d8:58:cb:d1:83:7f:5d:f1:0f:26:86:03:56: fe:0f:91:3a:c8:ec:db:0c:17:76:27:f5:0d:ab:34: 12:11:fc:c9:1a:d6:8b:7c:04:c5:be:cc:60:04:c4: b3:9e:ec:e0:12:5b:bf:88:f7:4a:34:f9:fd:8b:de: 32:c7:3e:87:44:43:e9:ac:0a:9e:c4:93:d7:65:49: c5:4e:e6:cf:48:f0:7a:5a:5b:02:bd:73:d1:a9:fd: 79:49:ef:1d:3b:e3:c2:5d:77:d2:56:68:25:a1:1b: 8a:5d:b0:0b:0d:90:11:1e:e4:b7:67:a4:58:59:47: b2:43:49:56:26:16:36:72:ad:8e:7c:e9:fa:b2:c9: e2:66:9b:c5:b2:24:a9:40:52:5d:d3:d5:01:c3:e3: c4:aa:46:be:62:51:d3:ef:8d:49:f8:19:b8:5b:15: 4d:3d:73:76:86:85:15:d4:78:c5:1b:4a:94:49:83: 0f:6c:e2:77:ba:7e:24:8d:cd:43:2f:78:f1:75:b1: 5f:59:71:b1:c7:80:7c:e3:77:82:8a:6b:ca:78:46: 13:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:25:32:B1:7D:1D:49:AA:33:B9:21:B0:C0:BC:EC:70:FF:FE:D1:B2 X509v3 Authority Key Identifier: keyid:90:80:DB:50:FF:0B:74:3F:FA:32:B7:9D:0D:D5:C3:19:02:1D:6E:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5377/F3C44A78CC5811EF99985D86C4F9AE02/kIDbUP8LdD_6MredDdXDGQIdbiQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kIDbUP8LdD_6MredDdXDGQIdbiQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5377/F3C44A78CC5811EF99985D86C4F9AE02/kIDbUP8LdD_6MredDdXDGQIdbiQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:7b:28:48:64:9d:40:1a:41:0c:28:fe:2f:18:83:c9:76:bc: 99:64:d4:3e:43:18:0c:f4:78:33:86:a9:67:8d:8f:f7:8f:ff: 3c:8c:3e:1a:eb:06:e3:1f:24:9e:72:4e:69:fd:d2:f3:97:ab: 1b:fd:9d:04:e7:5d:50:a9:2f:62:ab:4f:f3:b3:fa:70:93:f0: ae:a8:b9:a8:8d:c2:dd:10:b3:93:74:ac:72:91:20:60:6b:57: fe:b6:0e:23:11:25:4e:0b:e9:26:fd:1a:d3:38:6f:8c:2c:1f: 7a:fb:f8:95:7c:2b:b2:d6:01:a3:ec:16:23:58:1b:9c:bd:bd: 11:28:0d:00:d0:10:30:7c:65:f6:31:ec:7c:47:3e:6c:c0:b8: d1:93:fc:46:0d:6f:9b:f5:f6:19:78:ad:47:94:45:30:25:c8: 62:a1:52:49:79:32:44:ad:b3:dd:79:fa:dd:6e:19:72:59:54: d6:47:fd:46:78:8e:ad:fb:ad:85:9f:06:4e:50:e3:b3:36:ae: a6:0a:5c:52:99:ec:8a:c9:88:77:dc:f9:26:26:e3:96:a0:ca: 5a:b4:20:53:cc:63:1e:b0:47:ab:1e:b8:2b:2b:f3:fc:68:62: f3:3e:c4:8a:63:99:f2:cd:7d:aa:f6:d2:e0:14:8f:8b:83:5b: 82:53:3d:8f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NTM3NzExMC8GA1UEBRMoOTA4MERCNTBGRjBCNzQzRkZBMzJCNzlEMERENUMzMTkw MjFENkUyNDAeFw0yNTA0MjUwNjMxNDBaFw0yNTA1MDIwNjMxNDBaMBgxFjAUBgNV BAMTDTY4MGIyYzRjLTk1NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDJ9fpXFxYRGeAknQiV9axn7mq6+VPxeTh9DY2j0z0uKMykDtaF8e51IQ4uU7ob 2FjL0YN/XfEPJoYDVv4PkTrI7NsMF3Yn9Q2rNBIR/Mka1ot8BMW+zGAExLOe7OAS W7+I90o0+f2L3jLHPodEQ+msCp7Ek9dlScVO5s9I8HpaWwK9c9Gp/XlJ7x0748Jd d9JWaCWhG4pdsAsNkBEe5LdnpFhZR7JDSVYmFjZyrY586fqyyeJmm8WyJKlAUl3T 1QHD48SqRr5iUdPvjUn4GbhbFU09c3aGhRXUeMUbSpRJgw9s4ne6fiSNzUMvePF1 sV9ZcbHHgHzjd4KKa8p4RhPbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUACUysX0d SaozuSGwwLzscP/+0bIwHwYDVR0jBBgwFoAUkIDbUP8LdD/6MredDdXDGQIdbiQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI1Mzc3L0YzQzQ0QTc4Q0M1 ODExRUY5OTk4NUQ4NkM0RjlBRTAyL2tJRGJVUDhMZERfNk1yZWREZFhER1FJZGJp US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIva0lEYlVQOExkRF82TXJlZERkWERHUUlkYmlRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI1 Mzc3L0YzQzQ0QTc4Q0M1ODExRUY5OTk4NUQ4NkM0RjlBRTAyL2tJRGJVUDhMZERf Nk1yZWREZFhER1FJZGJpUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABh7KEhknUAaQQwo/i8Yg8l2vJlk1D5DGAz0eDOGqWeNj/eP/zyMPhrr BuMfJJ5yTmn90vOXqxv9nQTnXVCpL2KrT/Oz+nCT8K6ouaiNwt0Qs5N0rHKRIGBr V/62DiMRJU4L6Sb9GtM4b4wsH3r7+JV8K7LWAaPsFiNYG5y9vREoDQDQEDB8ZfYx 7HxHPmzAuNGT/EYNb5v19hl4rUeURTAlyGKhUkl5MkSts915+t1uGXJZVNZH/UZ4 jq37rYWfBk5Q47M2rqYKXFKZ7IrJiHfc+SYm45agylq0IFPMYx6wR6seuCsr8/xo YvM+xIpjmfLNfar20uAUj4uDW4JTPY8= -----END CERTIFICATE-----Generated at Sat Apr 26 04:28:54 2025 by rpki-client