$ rpki-client -vvf rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft File: oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft (raw, json) Hash identifier: jmP/GwyUjuvTdKwoP+c43nl/5R29Y/BzxuASgTte74A= Subject key identifier: D5:99:35:25:C9:2F:3E:5A:83:0F:13:74:A9:48:EA:75:4F:79:8B:59 Authority key identifier: A1:0F:57:83:C8:F9:A6:D9:4D:29:B4:AA:90:C5:6E:01:6B:B5:14:56 Certificate issuer: /CN=A91B65AC/serialNumber=A10F5783C8F9A6D94D29B4AA90C56E016BB51456 Certificate serial: D6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft Manifest number: D3 Signing time: Fri 25 Apr 2025 04:41:41 +0000 Manifest this update: Fri 25 Apr 2025 04:41:40 +0000 Manifest next update: Fri 02 May 2025 04:41:40 +0000 Files and hashes: 1: oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl (hash: qvaJeGQX1rWKCieuHZCZuPD7bP1IBAiwF7eYXYQwtKU=) 2: 48005D9EE5AE11EE9ECE4023C4F9AE02.roa (hash: WtIZQ/bC/mTF3o0eFavcTapTDeJCSmKxEjU8nMbUVMA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:41:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 214 (0xd6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B65AC, serialNumber=A10F5783C8F9A6D94D29B4AA90C56E016BB51456 Validity Not Before: Apr 25 04:41:40 2025 GMT Not After : May 2 04:41:40 2025 GMT Subject: CN=680b1285-427e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:17:eb:1f:7f:41:99:3d:68:0e:76:c3:a9:86: 7a:33:0a:0a:1a:04:96:31:52:1b:9a:55:b7:6a:b8: 85:47:4d:f2:08:3a:59:fa:ce:7f:8f:bb:0b:c6:5f: d9:80:16:ec:93:07:9b:26:ac:6f:18:bb:5a:c9:b1: cd:7d:a9:f9:96:c6:1a:3a:b3:2b:45:b0:74:53:9b: 40:4e:88:9c:29:f8:a4:cc:8f:f7:b8:96:3a:8d:d8: ee:83:81:ea:27:6c:35:5d:66:61:45:56:a2:1f:60: f9:c2:a4:52:fe:2f:ab:c4:ff:b1:91:b8:1c:a2:8f: 50:11:4e:95:9d:ba:f4:c1:be:e7:5b:0a:b2:f0:b4: eb:6f:47:b5:e3:80:90:70:03:24:1a:9f:d6:c2:59: 3f:11:c5:ad:f2:f6:4a:8f:58:b2:62:7d:33:9b:a8: 7a:70:d0:14:07:67:b3:e5:54:9b:b5:7b:cc:ca:a7: 68:2d:bd:f8:7b:03:d4:ec:0e:39:88:01:77:fe:0d: 1b:60:8d:6c:cf:42:50:73:d9:ea:39:9c:01:22:36: 99:6f:03:b2:67:1c:41:31:ed:50:53:02:fd:ff:e6: 0e:d2:af:3f:0e:65:77:c3:53:31:2f:0f:15:69:55: ec:52:92:b8:9d:94:5e:81:87:5a:e3:ad:a4:0e:8c: 9f:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:99:35:25:C9:2F:3E:5A:83:0F:13:74:A9:48:EA:75:4F:79:8B:59 X509v3 Authority Key Identifier: keyid:A1:0F:57:83:C8:F9:A6:D9:4D:29:B4:AA:90:C5:6E:01:6B:B5:14:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ca:b7:ef:7f:61:67:84:f1:ff:9d:04:f2:15:f4:6c:ed:0e:d8: 00:91:ee:87:d7:50:15:46:d6:80:55:42:ed:0c:7e:02:44:03: 8e:5f:88:76:6f:7d:17:dd:f6:31:07:dc:a3:30:ba:11:81:5d: 5d:26:16:e7:11:2a:b7:a1:62:af:48:db:0f:30:78:b1:f0:25: 2f:70:52:31:e8:f9:c2:76:3f:d7:1d:c9:67:10:5d:2c:79:f6: a4:6e:bf:25:49:bb:22:5f:45:07:27:01:d3:ed:42:24:17:2d: 83:6c:1d:63:53:81:45:6a:2c:d1:90:27:9e:0c:a7:ef:f2:16: d2:a5:51:65:56:d0:f6:c4:66:19:34:7d:6a:49:5d:10:f0:57: b2:2c:d9:ac:f5:cc:21:a7:1f:e7:61:b6:6f:45:8a:50:44:c9: 1d:da:8e:0c:08:68:0c:29:6d:24:d1:88:0d:b0:a5:44:4a:6c: d4:fc:28:0d:a7:b5:2e:4b:8e:ee:a4:6f:8d:60:fc:65:42:9f: 4c:a2:5e:76:fa:fe:6e:b3:fe:6c:1c:a5:b6:d1:76:b1:d5:1d: 07:ed:15:27:9c:cf:00:c6:f6:e6:43:24:3d:8c:28:ca:0f:b5: ed:2b:d4:fe:01:d6:8e:88:37:c3:38:87:d5:be:87:be:54:13: 5f:79:ac:3d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY1QUMxMTAvBgNVBAUTKEExMEY1NzgzQzhGOUE2RDk0RDI5QjRBQTkwQzU2RTAx NkJCNTE0NTYwHhcNMjUwNDI1MDQ0MTQwWhcNMjUwNTAyMDQ0MTQwWjAYMRYwFAYD VQQDEw02ODBiMTI4NS00MjdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvRfrH39BmT1oDnbDqYZ6MwoKGgSWMVIbmlW3ariFR03yCDpZ+s5/j7sLxl/Z gBbskwebJqxvGLtaybHNfan5lsYaOrMrRbB0U5tAToicKfikzI/3uJY6jdjug4Hq J2w1XWZhRVaiH2D5wqRS/i+rxP+xkbgcoo9QEU6Vnbr0wb7nWwqy8LTrb0e144CQ cAMkGp/Wwlk/EcWt8vZKj1iyYn0zm6h6cNAUB2ez5VSbtXvMyqdoLb34ewPU7A45 iAF3/g0bYI1sz0JQc9nqOZwBIjaZbwOyZxxBMe1QUwL9/+YO0q8/DmV3w1MxLw8V aVXsUpK4nZRegYda462kDoyfzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNWZNSXJ Lz5agw8TdKlI6nVPeYtZMB8GA1UdIwQYMBaAFKEPV4PI+abZTSm0qpDFbgFrtRRW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjVBQy9DQjc0RjhCRUUx RTAxMUVFQUY2RTFFNjhDNEY5QUUwMi9vUTlYZzhqNXB0bE5LYlNxa01WdUFXdTFG RlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL29ROVhnOGo1cHRsTktiU3FrTVZ1QVd1MUZGWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NjVBQy9DQjc0RjhCRUUxRTAxMUVFQUY2RTFFNjhDNEY5QUUwMi9vUTlYZzhqNXB0 bE5LYlNxa01WdUFXdTFGRlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDKt+9/YWeE8f+dBPIV9GztDtgAke6H11AVRtaAVULtDH4CRAOOX4h2 b30X3fYxB9yjMLoRgV1dJhbnESq3oWKvSNsPMHix8CUvcFIx6PnCdj/XHclnEF0s efakbr8lSbsiX0UHJwHT7UIkFy2DbB1jU4FFaizRkCeeDKfv8hbSpVFlVtD2xGYZ NH1qSV0Q8FeyLNms9cwhpx/nYbZvRYpQRMkd2o4MCGgMKW0k0YgNsKVESmzU/CgN p7UuS47upG+NYPxlQp9Mol52+v5us/5sHKW20Xax1R0H7RUnnM8AxvbmQyQ9jCjK D7XtK9T+AdaOiDfDOIfVvoe+VBNfeaw9 -----END CERTIFICATE-----Generated at Sat Apr 26 16:59:23 2025 by rpki-client