$ rpki-client -vvf rpki.apnic.net/member_repository/A91B65AC/D4F3DB9EE1E011EEAF6E1E68C4F9AE02/cwYbqQQBgewK602PbgA_g4_JxI8.mft File: cwYbqQQBgewK602PbgA_g4_JxI8.mft (raw, json) Hash identifier: kq+C0j5qPTxmf6rkcRhP4FvjJOvvZSFGwb8oHydMXaI= Subject key identifier: 26:D2:94:A2:B1:25:D8:EB:D8:65:6A:F7:10:1F:7C:6F:A1:15:7C:F0 Authority key identifier: 73:06:1B:A9:04:01:81:EC:0A:EB:4D:8F:6E:00:3F:83:8F:C9:C4:8F Certificate issuer: /CN=A91B65AC/serialNumber=73061BA9040181EC0AEB4D8F6E003F838FC9C48F Certificate serial: D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cwYbqQQBgewK602PbgA_g4_JxI8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B65AC/D4F3DB9EE1E011EEAF6E1E68C4F9AE02/cwYbqQQBgewK602PbgA_g4_JxI8.mft Manifest number: D2 Signing time: Fri 25 Apr 2025 04:41:39 +0000 Manifest this update: Fri 25 Apr 2025 04:41:38 +0000 Manifest next update: Fri 02 May 2025 04:41:38 +0000 Files and hashes: 1: cwYbqQQBgewK602PbgA_g4_JxI8.crl (hash: mtEmawkxNx5HqpJQLIio41KoKjyHS6nD2CpCMxTtD/s=) 2: 7D2E766CE5AF11EE9A0A642FC4F9AE02.roa (hash: Fb0vXPsGENJ9HpaLetk+Rjo+o9pYvcloVY8N7cgyCIk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B65AC/D4F3DB9EE1E011EEAF6E1E68C4F9AE02/cwYbqQQBgewK602PbgA_g4_JxI8.crl rsync://rpki.apnic.net/member_repository/A91B65AC/D4F3DB9EE1E011EEAF6E1E68C4F9AE02/cwYbqQQBgewK602PbgA_g4_JxI8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cwYbqQQBgewK602PbgA_g4_JxI8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:41:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 212 (0xd4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B65AC, serialNumber=73061BA9040181EC0AEB4D8F6E003F838FC9C48F Validity Not Before: Apr 25 04:41:38 2025 GMT Not After : May 2 04:41:38 2025 GMT Subject: CN=680b1282-c9c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:b2:73:a0:fa:15:e8:97:7e:8a:85:6d:f8:1b: 71:9e:9a:02:24:42:83:bb:65:c1:58:75:ac:b2:28: bd:45:48:7f:3a:ba:ff:60:87:cf:d8:2e:0c:22:ca: 23:75:b7:f3:d4:80:f2:92:7b:ba:0d:68:8f:6d:87: 66:a3:a9:a6:b6:76:61:66:cb:b1:21:37:69:7f:0f: 02:15:6f:87:7c:b5:f3:49:0e:72:3b:95:c1:ac:a0: 22:a7:6d:3f:5a:04:c6:a3:6a:e0:67:c7:4e:30:27: 92:4b:0c:97:ce:8f:d4:ae:20:98:69:ee:6b:2b:31: 4d:d0:c3:83:6d:c3:ee:4b:85:18:e5:13:df:79:53: 0a:a4:25:fc:26:f7:f0:32:18:a9:de:a4:72:55:2a: 37:65:8a:50:44:ef:93:74:c1:95:ce:d6:2c:2c:99: e5:33:7b:c2:39:70:61:2f:f1:00:fb:bb:bf:3c:01: dc:48:1b:b3:8c:33:1f:bd:4c:48:60:c1:9c:9f:19: b5:b4:f9:3e:82:10:ad:d5:a1:df:25:f5:0e:0b:14: c2:da:78:5c:62:9b:98:42:4b:9d:bd:3f:6d:d3:b6: 38:fe:7a:b0:3f:72:ab:ae:ca:92:bb:96:c4:dd:6c: fd:fd:d8:8b:40:7f:b0:7d:91:4a:30:a3:ef:ee:cb: 1a:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:D2:94:A2:B1:25:D8:EB:D8:65:6A:F7:10:1F:7C:6F:A1:15:7C:F0 X509v3 Authority Key Identifier: keyid:73:06:1B:A9:04:01:81:EC:0A:EB:4D:8F:6E:00:3F:83:8F:C9:C4:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B65AC/D4F3DB9EE1E011EEAF6E1E68C4F9AE02/cwYbqQQBgewK602PbgA_g4_JxI8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cwYbqQQBgewK602PbgA_g4_JxI8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B65AC/D4F3DB9EE1E011EEAF6E1E68C4F9AE02/cwYbqQQBgewK602PbgA_g4_JxI8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:48:a0:c2:91:dd:77:16:dd:4f:eb:71:48:5e:f1:0b:f9:d3: 3a:34:8a:da:bd:20:2b:50:17:ce:1d:8e:2c:7a:4c:01:2e:4e: 09:6a:a3:1a:5a:8d:74:3a:df:a6:de:01:68:1a:88:dc:72:32: dd:94:bd:00:77:61:a5:fa:ad:12:b4:95:c7:2b:9f:ba:fc:df: db:51:52:c0:08:2c:8b:b4:e5:e6:6b:90:03:39:9b:77:22:29: 16:ce:76:9e:a7:6e:5d:62:fb:cf:eb:f1:8d:7d:a5:25:e9:c1: c5:b4:99:6f:86:cc:e9:87:c9:be:97:b0:ca:d8:75:8a:33:b4: c2:8c:b5:ee:e6:1a:19:0f:95:52:b4:9b:11:22:83:71:65:45: 34:8d:cf:32:cd:6a:d1:88:e6:37:36:d0:ed:af:b6:c5:f7:4f: f6:41:82:a5:ac:28:c5:f6:72:76:36:d7:40:c2:32:9c:86:da: fd:e3:ed:70:a2:db:e2:34:1e:11:da:de:a7:03:8e:ad:8d:08: ce:4a:56:19:ae:d7:a2:8b:31:78:ea:ea:c1:ba:f4:ba:9a:d4: dc:4d:c1:c9:0f:fd:54:e9:2b:65:f8:21:30:53:71:77:58:23: f5:ab:7a:82:b3:f5:0b:18:d4:e7:ce:92:17:fb:e9:81:77:8a: 70:d4:22:63 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY1QUMxMTAvBgNVBAUTKDczMDYxQkE5MDQwMTgxRUMwQUVCNEQ4RjZFMDAzRjgz OEZDOUM0OEYwHhcNMjUwNDI1MDQ0MTM4WhcNMjUwNTAyMDQ0MTM4WjAYMRYwFAYD VQQDEw02ODBiMTI4Mi1jOWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzbJzoPoV6Jd+ioVt+BtxnpoCJEKDu2XBWHWssii9RUh/Orr/YIfP2C4MIsoj dbfz1IDyknu6DWiPbYdmo6mmtnZhZsuxITdpfw8CFW+HfLXzSQ5yO5XBrKAip20/ WgTGo2rgZ8dOMCeSSwyXzo/UriCYae5rKzFN0MODbcPuS4UY5RPfeVMKpCX8Jvfw Mhip3qRyVSo3ZYpQRO+TdMGVztYsLJnlM3vCOXBhL/EA+7u/PAHcSBuzjDMfvUxI YMGcnxm1tPk+ghCt1aHfJfUOCxTC2nhcYpuYQkudvT9t07Y4/nqwP3KrrsqSu5bE 3Wz9/diLQH+wfZFKMKPv7ssaWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCbSlKKx Jdjr2GVq9xAffG+hFXzwMB8GA1UdIwQYMBaAFHMGG6kEAYHsCutNj24AP4OPycSP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjVBQy9ENEYzREI5RUUx RTAxMUVFQUY2RTFFNjhDNEY5QUUwMi9jd1licVFRQmdld0s2MDJQYmdBX2c0X0p4 STguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2N3WWJxUVFCZ2V3SzYwMlBiZ0FfZzRfSnhJOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NjVBQy9ENEYzREI5RUUxRTAxMUVFQUY2RTFFNjhDNEY5QUUwMi9jd1licVFRQmdl d0s2MDJQYmdBX2c0X0p4STgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAxSKDCkd13Ft1P63FIXvEL+dM6NIravSArUBfOHY4sekwBLk4JaqMa Wo10Ot+m3gFoGojccjLdlL0Ad2Gl+q0StJXHK5+6/N/bUVLACCyLtOXma5ADOZt3 IikWznaep25dYvvP6/GNfaUl6cHFtJlvhszph8m+l7DK2HWKM7TCjLXu5hoZD5VS tJsRIoNxZUU0jc8yzWrRiOY3NtDtr7bF90/2QYKlrCjF9nJ2NtdAwjKchtr94+1w otviNB4R2t6nA46tjQjOSlYZrteiizF46urBuvS6mtTcTcHJD/1U6Stl+CEwU3F3 WCP1q3qCs/ULGNTnzpIX++mBd4pw1CJj -----END CERTIFICATE-----Generated at Sat Apr 26 15:07:08 2025 by rpki-client