$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft File: U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft (raw, json) Hash identifier: 9kOsTBTUg0Mn3wBLZDrorJEbLp5I2VZhAIOm6NQslCs= Subject key identifier: E1:D9:53:94:E7:5C:F0:53:D9:3C:9D:7D:C5:3E:FB:77:E9:F8:FB:5A Authority key identifier: 53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 Certificate issuer: /CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Certificate serial: 3550 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft Manifest number: 34D4 Signing time: Sat 26 Apr 2025 14:24:02 +0000 Manifest this update: Sat 26 Apr 2025 14:24:02 +0000 Manifest next update: Sat 03 May 2025 14:24:02 +0000 Files and hashes: 1: U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl (hash: c47KixywZ5wxHRZ8rCMd7aLTq5pjINST2diZ+puZUlo=) 2: DF8602D05E5B11ED994E491CC4F9AE02.roa (hash: KKCg2NooRoQGuF3KYpzz51c9C/45UUPObnLo2e5njhU=) 3: D0886954188811EC8E86754FC4F9AE02.roa (hash: yPv2xJqSMbxdqO3CUxzFvtSmE89AHilhOo/061TH8FU=) 4: AB9889725E5E11EDB5361D3BC4F9AE02.roa (hash: nfNjfg1IXDDhMM0k16fT6xDTUZvLHRQ/C+xvVXQFUFE=) 5: 99CF729E221011ED980A6F47C4F9AE02.roa (hash: iSQxLeiRN1fYoIns2yWqQhKW9w0d7Bh4Hi7g+FcoiAo=) 6: 491E49AECDCA11ED8F57D386C4F9AE02.roa (hash: GOobL3IcAmOzxEXI8Av9eECmrglVLT+e8Yk36aU9ns8=) 7: 9F3A919468D811EFB2FE405FC4F9AE02.roa (hash: ZaxlSh3XWBv2fOJrVopMAyhJjHEvnP8TGG96c6iuXcg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 14:24:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13648 (0x3550) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6F47, serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Validity Not Before: Apr 26 14:24:02 2025 GMT Not After : May 3 14:24:02 2025 GMT Subject: CN=680cec82-9314 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:b1:04:d0:cd:33:c5:05:68:f4:cf:f9:11:ac: bc:34:af:2f:4f:e3:87:71:14:47:b5:27:ec:db:fe: cd:f3:54:85:6f:42:ab:b8:6d:59:d2:48:4a:bd:c6: 0c:b7:c5:ce:fe:be:f4:53:d6:26:64:4c:b2:3f:30: 00:b3:74:50:2c:89:a9:a6:2b:71:ed:e2:3c:25:3e: 57:fa:20:e3:d1:6a:91:c3:61:f5:39:dd:27:3e:4d: 99:72:01:2c:3c:3a:0a:cd:c0:19:d2:7a:7a:77:2f: 7d:52:29:a1:fe:d7:58:71:b9:b7:68:2a:1c:b4:73: 08:d2:78:90:1d:b5:30:0b:a1:10:d1:90:41:5a:99: ef:bd:15:33:eb:c5:1a:53:09:bd:96:2e:a8:0c:73: 78:ba:f6:81:76:e2:5b:65:67:95:34:32:f0:18:e5: a7:04:a5:e9:bf:03:86:c3:bb:0a:93:36:58:fc:e2: 32:6c:2a:4d:44:25:0e:70:04:cd:d0:f1:36:85:71: 8a:6e:a6:08:ca:61:de:81:df:44:a2:c3:65:67:d0: 79:8a:55:d0:80:78:fa:d6:dc:0a:51:b0:6f:f1:72: 0e:c1:69:d1:e6:ca:0a:0d:7d:19:71:f4:1d:65:62: 72:50:f9:73:7c:1a:1b:4a:97:a4:9a:d8:5a:f0:6a: a2:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:D9:53:94:E7:5C:F0:53:D9:3C:9D:7D:C5:3E:FB:77:E9:F8:FB:5A X509v3 Authority Key Identifier: keyid:53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:6c:8b:c1:79:cf:10:d4:90:37:98:84:d5:b5:8a:9a:40:75: 6b:b6:62:61:9d:ad:2f:24:e9:83:30:a2:d7:4e:32:79:b2:7b: c2:d0:47:78:80:d2:1b:23:70:7f:73:0a:14:bf:a8:d7:49:4e: a5:c2:a1:a7:f6:c9:04:0a:62:c3:55:e0:9e:84:9e:f8:75:47: 0c:4b:cb:92:37:bd:df:2e:d9:ea:39:35:5b:7b:9e:0b:8a:51: 58:20:94:80:79:d1:6e:d1:14:23:ec:85:2d:ff:a2:31:04:99: 7f:f8:08:fb:6e:52:8c:4c:b7:a6:7b:d6:ec:b7:7b:58:5d:d7: 4a:4f:41:ce:17:a7:a5:7f:57:d0:27:22:d1:b5:86:96:2d:b5: c7:7e:07:49:67:44:d4:b8:ce:cc:10:ed:16:cb:9a:02:2b:fe: e7:8a:d5:c7:8c:33:f6:6f:75:b8:55:af:86:b0:cd:25:a3:14: 5f:bb:ee:51:7e:f7:71:2c:d0:d3:15:f9:b6:ec:65:ea:74:3c: 58:c1:d3:87:02:f8:09:12:5d:5c:3a:0f:09:ae:4d:12:8d:28: 07:85:6f:e7:34:12:9e:a0:63:cb:71:a4:b8:8f:d3:a1:4c:7d: bd:10:a6:37:77:39:60:ec:2a:4d:cf:ca:c9:f9:44:23:79:53: 62:e3:f2:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNVAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZGNDcxMTAvBgNVBAUTKDUzOEIwNzZFMEFBREQ4RkFFMjk3MEM5NTQzRTg0OUE5 MEZFNzM3NTIwHhcNMjUwNDI2MTQyNDAyWhcNMjUwNTAzMTQyNDAyWjAYMRYwFAYD VQQDEw02ODBjZWM4Mi05MzE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3bEE0M0zxQVo9M/5Eay8NK8vT+OHcRRHtSfs2/7N81SFb0KruG1Z0khKvcYM t8XO/r70U9YmZEyyPzAAs3RQLImppitx7eI8JT5X+iDj0WqRw2H1Od0nPk2ZcgEs PDoKzcAZ0np6dy99Uimh/tdYcbm3aCoctHMI0niQHbUwC6EQ0ZBBWpnvvRUz68Ua Uwm9li6oDHN4uvaBduJbZWeVNDLwGOWnBKXpvwOGw7sKkzZY/OIybCpNRCUOcATN 0PE2hXGKbqYIymHegd9EosNlZ9B5ilXQgHj61twKUbBv8XIOwWnR5soKDX0ZcfQd ZWJyUPlzfBobSpekmtha8GqivQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOHZU5Tn XPBT2TydfcU++3fp+PtaMB8GA1UdIwQYMBaAFFOLB24Krdj64pcMlUPoSakP5zdS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY0Ny9CNEE4NkMzODFE ODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQcmlsd3lWUS1oSnFRX25O MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U0c0hiZ3F0MlByaWx3eVZRLWhKcVFfbk4xSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NkY0Ny9CNEE4NkMzODFEODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQ cmlsd3lWUS1oSnFRX25OMUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3bIvBec8Q1JA3mITVtYqaQHVrtmJhna0vJOmDMKLXTjJ5snvC0Ed4 gNIbI3B/cwoUv6jXSU6lwqGn9skECmLDVeCehJ74dUcMS8uSN73fLtnqOTVbe54L ilFYIJSAedFu0RQj7IUt/6IxBJl/+Aj7blKMTLeme9bst3tYXddKT0HOF6elf1fQ JyLRtYaWLbXHfgdJZ0TUuM7MEO0Wy5oCK/7nitXHjDP2b3W4Va+GsM0loxRfu+5R fvdxLNDTFfm27GXqdDxYwdOHAvgJEl1cOg8Jrk0SjSgHhW/nNBKeoGPLcaS4j9Oh TH29EKY3dzlg7CpNz8rJ+UQjeVNi4/KT -----END CERTIFICATE-----Generated at Sat Apr 26 16:43:32 2025 by rpki-client