$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft File: RITQfaaNUwUM3PaxPAwFReZFfOU.mft (raw, json) Hash identifier: VZpx67PaGo1Rb30NEU6kSb3QjcDsScyCbUUY+fkxIfE= Subject key identifier: 70:F0:AA:4E:5C:71:04:7C:B0:DD:97:39:39:7C:1C:89:F1:A5:F1:61 Authority key identifier: 44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 Certificate issuer: /CN=A91B5CEA/serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Certificate serial: 01CE Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft Manifest number: 01CB Signing time: Fri 25 Apr 2025 02:04:31 +0000 Manifest this update: Fri 25 Apr 2025 02:04:31 +0000 Manifest next update: Fri 02 May 2025 02:04:31 +0000 Files and hashes: 1: RITQfaaNUwUM3PaxPAwFReZFfOU.crl (hash: ayf8XSAxOnpN8JJSXsDkn3bKiqRbhlh9lzygcOZA1m0=) 2: B3795CBC64F211ED9AEC046FC4F9AE02.roa (hash: EdWi73Mh5xQLy3TivA4ubB2nlEznz8QrqPnUKcwGaiM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:04:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 462 (0x1ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5CEA, serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Validity Not Before: Apr 25 02:04:31 2025 GMT Not After : May 2 02:04:31 2025 GMT Subject: CN=680aedaf-9178 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:b2:4c:4d:7a:57:41:53:48:97:ab:35:82:8b: 9f:10:1c:e2:47:6a:10:08:b9:fa:0e:cc:a5:ce:39: 44:64:79:22:89:c3:49:e4:58:2c:59:aa:60:f1:72: f8:4b:93:b0:d0:1d:f5:61:1d:d2:33:64:ae:77:8f: 48:22:f1:3d:4e:95:0d:57:3e:4e:e4:da:b6:5a:b2: af:07:11:d4:9f:a6:9c:22:48:0c:60:17:5a:b0:34: a2:a5:54:f1:5e:92:4a:57:d8:39:a9:6b:9a:e6:7a: 92:12:6c:e5:8d:18:1e:ab:ab:b8:45:59:5e:48:f1: a9:a9:8a:3d:51:f1:37:64:f2:c4:dc:36:0a:3f:47: 54:df:2f:d2:1c:32:89:f1:36:41:3e:65:ae:13:10: 27:84:37:30:9e:b3:fa:a4:81:59:91:12:0d:fd:76: 8b:96:10:0d:b7:16:ff:3b:24:94:57:df:47:fc:ee: de:3d:c4:90:26:6f:4e:66:47:f2:fe:e0:36:7a:ac: a2:82:65:e5:39:4c:c6:6f:3f:7f:dd:9e:c6:34:88: 86:3b:af:c3:68:81:e4:c1:c3:e7:95:f9:81:60:75: d5:4b:03:53:c5:98:97:c4:35:59:b5:03:06:4d:24: a1:e3:1e:cb:23:8a:a3:5b:24:50:f1:79:6c:cd:ed: 1f:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:F0:AA:4E:5C:71:04:7C:B0:DD:97:39:39:7C:1C:89:F1:A5:F1:61 X509v3 Authority Key Identifier: keyid:44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:92:7a:00:99:7b:9c:9b:57:8d:7f:0e:d2:45:68:3a:78:21: d3:3d:3a:94:1e:aa:6a:f6:69:2a:e3:54:65:b6:80:ef:03:dd: bf:1f:15:89:e8:97:20:eb:fa:19:f2:ee:79:3c:75:f3:84:e7: 1e:6d:c6:83:b6:b3:b6:9c:fd:33:a5:59:59:ce:f4:2f:b9:65: 0b:5c:b0:c2:ad:1d:02:82:55:6a:c4:0b:aa:84:12:9f:06:0b: d2:28:d5:8b:1d:42:0c:1f:d0:39:68:a2:51:78:b4:bb:ad:78: 03:76:5b:1d:e2:f2:14:37:01:3d:0d:5a:e6:33:6d:06:9a:3f: 75:9b:7c:14:a0:be:50:52:d9:66:6e:80:f6:fd:8c:f4:5f:1d: 26:c8:c6:fc:dc:eb:15:b8:29:ea:64:ea:31:b2:6e:44:92:8f: 07:f5:89:9f:be:c6:c0:cf:6f:0d:8e:5c:21:19:d9:50:3c:d3: aa:45:85:38:8a:2b:37:08:b8:fd:70:b9:d6:36:61:c2:bb:66: 2d:12:3d:90:b9:97:2e:f8:8b:4e:c7:35:09:2d:23:06:00:54: 5a:64:66:6f:d6:8d:4f:54:e1:9c:c9:4d:f6:a5:0a:5a:6e:6b: 8b:27:61:d3:ce:fa:33:61:2c:72:b1:6c:8f:ef:f9:9e:7e:4c: df:72:3b:0b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAc4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjVDRUExMTAvBgNVBAUTKDQ0ODREMDdEQTY4RDUzMDUwQ0RDRjZCMTNDMEMwNTQ1 RTY0NTdDRTUwHhcNMjUwNDI1MDIwNDMxWhcNMjUwNTAyMDIwNDMxWjAYMRYwFAYD VQQDEw02ODBhZWRhZi05MTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzbJMTXpXQVNIl6s1goufEBziR2oQCLn6DsylzjlEZHkiicNJ5FgsWapg8XL4 S5Ow0B31YR3SM2Sud49IIvE9TpUNVz5O5Nq2WrKvBxHUn6acIkgMYBdasDSipVTx XpJKV9g5qWua5nqSEmzljRgeq6u4RVleSPGpqYo9UfE3ZPLE3DYKP0dU3y/SHDKJ 8TZBPmWuExAnhDcwnrP6pIFZkRIN/XaLlhANtxb/OySUV99H/O7ePcSQJm9OZkfy /uA2eqyigmXlOUzGbz9/3Z7GNIiGO6/DaIHkwcPnlfmBYHXVSwNTxZiXxDVZtQMG TSSh4x7LI4qjWyRQ8Xlsze0fUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHDwqk5c cQR8sN2XOTl8HInxpfFhMB8GA1UdIwQYMBaAFESE0H2mjVMFDNz2sTwMBUXmRXzl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUNFQS8xRjYzQTU2ODY0 RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3VU0zUGF4UEF3RlJlWkZm T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL1JJVFFmYWFOVXdVTTNQYXhQQXdGUmVaRmZPVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NUNFQS8xRjYzQTU2ODY0RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3 VU0zUGF4UEF3RlJlWkZmT1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB8knoAmXucm1eNfw7SRWg6eCHTPTqUHqpq9mkq41RltoDvA92/HxWJ 6Jcg6/oZ8u55PHXzhOcebcaDtrO2nP0zpVlZzvQvuWULXLDCrR0CglVqxAuqhBKf BgvSKNWLHUIMH9A5aKJReLS7rXgDdlsd4vIUNwE9DVrmM20Gmj91m3wUoL5QUtlm boD2/Yz0Xx0myMb83OsVuCnqZOoxsm5Eko8H9YmfvsbAz28NjlwhGdlQPNOqRYU4 iis3CLj9cLnWNmHCu2YtEj2QuZcu+ItOxzUJLSMGAFRaZGZv1o1PVOGcyU32pQpa bmuLJ2HTzvozYSxysWyP7/mefkzfcjsL -----END CERTIFICATE-----Generated at Sat Apr 26 14:52:11 2025 by rpki-client