$ rpki-client -vvf rpki.apnic.net/member_repository/A91B62A9/D77F91421DA111E2BFCB309408B02CD2/sLiO7pE7KqjXtZU3FT782HAKkUA.mft File: sLiO7pE7KqjXtZU3FT782HAKkUA.mft (raw, json) Hash identifier: zemk4PbZUZsNKVzb4woOXjZ5ZZqA0UeiaAb2cXuR5uE= Subject key identifier: DA:0C:49:BF:12:19:AD:2B:39:17:C0:95:8B:45:E4:DA:71:A0:09:8E Authority key identifier: B0:B8:8E:EE:91:3B:2A:A8:D7:B5:95:37:15:3E:FC:D8:70:0A:91:40 Certificate issuer: /CN=A91B62A9/serialNumber=B0B88EEE913B2AA8D7B59537153EFCD8700A9140 Certificate serial: 3474 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sLiO7pE7KqjXtZU3FT782HAKkUA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B62A9/D77F91421DA111E2BFCB309408B02CD2/sLiO7pE7KqjXtZU3FT782HAKkUA.mft Manifest number: 3472 Signing time: Thu 24 Apr 2025 15:06:00 +0000 Manifest this update: Thu 24 Apr 2025 15:06:00 +0000 Manifest next update: Thu 01 May 2025 15:06:00 +0000 Files and hashes: 1: sLiO7pE7KqjXtZU3FT782HAKkUA.crl (hash: HcqC1oQV9ITo0EPk+OEmlCC4TjawUBje/Cv68npV0j0=) 2: 8146430A45BE11EF92C29882C4F9AE02.roa (hash: t0r89bYo/YLfBIznDm5VJcksHUIZupXS77KseDePVYw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B62A9/D77F91421DA111E2BFCB309408B02CD2/sLiO7pE7KqjXtZU3FT782HAKkUA.crl rsync://rpki.apnic.net/member_repository/A91B62A9/D77F91421DA111E2BFCB309408B02CD2/sLiO7pE7KqjXtZU3FT782HAKkUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sLiO7pE7KqjXtZU3FT782HAKkUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:05:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13428 (0x3474) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B62A9, serialNumber=B0B88EEE913B2AA8D7B59537153EFCD8700A9140 Validity Not Before: Apr 24 15:06:00 2025 GMT Not After : May 1 15:06:00 2025 GMT Subject: CN=680a5358-7c3a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:6f:7e:8e:ac:86:00:e6:9b:b0:4d:3d:73:7c: 47:60:c4:af:68:36:3c:4c:80:e2:3d:fd:d7:0a:b2: 1a:99:48:27:f9:8b:ad:a8:d4:77:c6:71:35:84:69: 9a:d5:3b:53:b8:44:90:81:d4:0c:4a:fc:41:12:5e: 2d:e6:8a:50:6f:37:d0:06:a7:b1:07:57:1b:e3:a1: 7d:5a:70:4a:9f:ee:c3:35:ae:2e:14:75:e6:ad:0d: 95:1f:52:6f:f4:09:71:99:90:e1:94:99:36:26:97: b4:bd:2b:a8:3b:19:c0:91:d3:df:bb:73:e3:e6:03: 7a:1b:3a:59:36:f7:75:a4:1a:ba:4d:c1:01:87:a8: 66:4f:3c:9b:e5:d6:d0:72:9b:c7:90:f8:c0:bb:7a: b5:fd:81:bf:49:63:15:0c:ab:52:44:3e:70:09:6b: 0e:ff:d7:f5:8f:96:7b:38:d5:03:62:27:07:c9:26: c2:bc:76:3d:10:f4:ef:9c:81:bc:81:8a:45:d1:28: 52:01:32:45:a2:bf:a4:2d:b3:c5:da:ed:16:12:d3: 21:71:58:0c:f1:9a:48:25:ff:6c:f6:c2:33:eb:36: 03:4e:0a:c6:3e:ba:ab:8f:2d:ae:8d:b7:cd:b8:9e: 19:62:0d:c3:76:1a:85:df:6a:5d:94:06:72:93:51: 61:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:0C:49:BF:12:19:AD:2B:39:17:C0:95:8B:45:E4:DA:71:A0:09:8E X509v3 Authority Key Identifier: keyid:B0:B8:8E:EE:91:3B:2A:A8:D7:B5:95:37:15:3E:FC:D8:70:0A:91:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B62A9/D77F91421DA111E2BFCB309408B02CD2/sLiO7pE7KqjXtZU3FT782HAKkUA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sLiO7pE7KqjXtZU3FT782HAKkUA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B62A9/D77F91421DA111E2BFCB309408B02CD2/sLiO7pE7KqjXtZU3FT782HAKkUA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:3b:05:f0:5d:2f:18:4c:92:69:00:87:04:0e:ad:d4:5e:ea: 59:01:cd:8b:64:07:75:85:95:3c:80:a4:5e:42:6e:f0:57:ea: e4:25:4b:af:b2:f2:8d:10:9f:52:dc:bc:19:49:85:96:11:fc: 72:84:8e:b6:8d:15:ad:ad:4d:39:59:d7:e5:0f:50:c3:7a:8d: 31:4f:a2:f5:fe:44:8a:91:bc:07:30:15:d6:a4:96:7f:eb:e3: d8:ba:dc:d5:6f:56:2a:20:fe:27:54:be:2b:c2:e1:28:aa:84: 9d:07:d3:54:ba:3b:40:a0:4f:d9:ee:77:a2:39:63:55:a3:7d: 1f:43:99:32:6e:d4:0e:a2:eb:65:b2:d4:c8:8f:42:9f:21:01: 02:e1:3f:c4:06:ce:e1:cb:04:f6:ae:9c:6d:fb:dc:57:67:75: 0a:92:fc:92:d0:a4:3e:08:dd:9e:35:c2:ff:e1:5e:a5:6a:1a: f0:d8:05:7a:82:47:16:85:fc:fe:d9:72:6e:4e:5f:2e:db:99: c6:16:4b:87:ab:cc:95:74:79:3d:0d:1f:8e:9f:b7:23:b8:ba: 38:2c:51:04:32:f3:5f:1b:8d:b7:27:a4:d9:3b:d7:58:04:fc: 1a:bf:67:c8:e3:88:49:16:e7:35:3a:af:f2:e3:7d:30:15:33: ac:f1:7f:33 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjYyQTkxMTAvBgNVBAUTKEIwQjg4RUVFOTEzQjJBQThEN0I1OTUzNzE1M0VGQ0Q4 NzAwQTkxNDAwHhcNMjUwNDI0MTUwNjAwWhcNMjUwNTAxMTUwNjAwWjAYMRYwFAYD VQQDEw02ODBhNTM1OC03YzNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr29+jqyGAOabsE09c3xHYMSvaDY8TIDiPf3XCrIamUgn+YutqNR3xnE1hGma 1TtTuESQgdQMSvxBEl4t5opQbzfQBqexB1cb46F9WnBKn+7DNa4uFHXmrQ2VH1Jv 9AlxmZDhlJk2Jpe0vSuoOxnAkdPfu3Pj5gN6GzpZNvd1pBq6TcEBh6hmTzyb5dbQ cpvHkPjAu3q1/YG/SWMVDKtSRD5wCWsO/9f1j5Z7ONUDYicHySbCvHY9EPTvnIG8 gYpF0ShSATJFor+kLbPF2u0WEtMhcVgM8ZpIJf9s9sIz6zYDTgrGPrqrjy2ujbfN uJ4ZYg3DdhqF32pdlAZyk1FhjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNoMSb8S Ga0rORfAlYtF5NpxoAmOMB8GA1UdIwQYMBaAFLC4ju6ROyqo17WVNxU+/NhwCpFA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjJBOS9ENzdGOTE0MjFE QTExMUUyQkZDQjMwOTQwOEIwMkNEMi9zTGlPN3BFN0txalh0WlUzRlQ3ODJIQUtr VUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3NMaU83cEU3S3FqWHRaVTNGVDc4MkhBS2tVQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NjJBOS9ENzdGOTE0MjFEQTExMUUyQkZDQjMwOTQwOEIwMkNEMi9zTGlPN3BFN0tx alh0WlUzRlQ3ODJIQUtrVUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJOwXwXS8YTJJpAIcEDq3UXupZAc2LZAd1hZU8gKReQm7wV+rkJUuv svKNEJ9S3LwZSYWWEfxyhI62jRWtrU05WdflD1DDeo0xT6L1/kSKkbwHMBXWpJZ/ 6+PYutzVb1YqIP4nVL4rwuEoqoSdB9NUujtAoE/Z7neiOWNVo30fQ5kybtQOoutl stTIj0KfIQEC4T/EBs7hywT2rpxt+9xXZ3UKkvyS0KQ+CN2eNcL/4V6lahrw2AV6 gkcWhfz+2XJuTl8u25nGFkuHq8yVdHk9DR+On7cjuLo4LFEEMvNfG423J6TZO9dY BPwav2fI44hJFuc1Oq/y430wFTOs8X8z -----END CERTIFICATE-----Generated at Sat Apr 26 13:36:19 2025 by rpki-client