$ rpki-client -vvf rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.mft File: FF-_nuMXN-kcPNSE7AFq48jzgDw.mft (raw, json) Hash identifier: haMMkU7EtNqbS8/BA3jjbvJzngh6zbhOImgl8BX+HpA= Subject key identifier: 97:B6:AD:E9:86:D4:55:0C:32:C0:65:1E:99:C0:04:74:E5:24:36:C9 Authority key identifier: 14:5F:BF:9E:E3:17:37:E9:1C:3C:D4:84:EC:01:6A:E3:C8:F3:80:3C Certificate issuer: /CN=A91B978D/serialNumber=145FBF9EE31737E91C3CD484EC016AE3C8F3803C Certificate serial: 029E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FF-_nuMXN-kcPNSE7AFq48jzgDw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.mft Manifest number: 0299 Signing time: Fri 25 Apr 2025 01:17:59 +0000 Manifest this update: Fri 25 Apr 2025 01:17:58 +0000 Manifest next update: Fri 02 May 2025 01:17:58 +0000 Files and hashes: 1: FF-_nuMXN-kcPNSE7AFq48jzgDw.crl (hash: gv/w42TY4BnZSjB0ByLCOVqFvN3hCXtd5MZdamisru8=) 2: D5D64BB0FB6811EC863B8150C4F9AE02.roa (hash: QqynXUFn2t2DwRQgssbkvYUHxaAcBlMuvOzz1OFVxaQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.crl rsync://rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FF-_nuMXN-kcPNSE7AFq48jzgDw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:17:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 670 (0x29e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B978D, serialNumber=145FBF9EE31737E91C3CD484EC016AE3C8F3803C Validity Not Before: Apr 25 01:17:58 2025 GMT Not After : May 2 01:17:58 2025 GMT Subject: CN=680ae2c7-d497 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:17:cf:4f:fa:91:9a:d4:35:73:2e:ca:37:ea: 98:fb:aa:e5:06:cb:68:43:e5:44:83:59:95:bb:14: 2b:70:e4:d4:63:88:32:70:ff:eb:0a:13:d3:10:0e: 6f:68:94:34:af:38:f3:e3:47:16:21:3c:30:7c:be: 7e:76:ba:67:ee:c6:94:3e:19:85:37:84:04:55:87: 44:51:3b:4f:08:79:02:ed:c5:eb:04:5a:db:5a:f8: f6:c6:6c:0e:a7:dc:c3:ce:5f:3c:c2:1f:a7:a4:f5: 18:c2:0b:1e:2e:f9:6c:da:bc:49:fa:cc:9b:33:54: ca:87:01:14:1f:d3:09:5e:b5:d8:f6:ae:d0:04:50: 51:ca:5a:21:56:40:8a:f3:8d:bc:7c:fb:88:e6:f9: 55:4e:1d:8b:d2:00:52:7d:78:6c:89:0b:5d:48:ba: 08:69:a0:ea:8e:9b:48:eb:80:82:fd:ec:22:ee:08: bd:3c:78:23:54:66:0b:6d:35:df:e6:a7:92:0f:4a: ee:69:1f:03:3c:07:d6:32:bf:dc:f6:37:87:3e:f2: 9e:d6:11:d1:09:f9:6f:e1:e3:c7:d6:e7:3f:0e:17: f4:99:88:a3:0f:22:fb:51:f5:df:a7:e6:c2:ca:54: 22:83:32:19:e9:5d:10:92:10:05:ad:a8:a1:e0:28: 8d:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:B6:AD:E9:86:D4:55:0C:32:C0:65:1E:99:C0:04:74:E5:24:36:C9 X509v3 Authority Key Identifier: keyid:14:5F:BF:9E:E3:17:37:E9:1C:3C:D4:84:EC:01:6A:E3:C8:F3:80:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FF-_nuMXN-kcPNSE7AFq48jzgDw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:98:d9:56:b3:08:2d:09:cb:71:8d:bc:08:26:1e:9f:c6:c0: 82:c9:55:4a:bc:f0:7f:82:5b:d1:82:c1:19:2d:3f:14:50:c5: 55:22:3d:20:77:d3:a4:25:b4:6f:64:3a:ee:e1:9e:c7:bf:08: 5a:fe:7c:77:1f:72:a0:08:92:0d:ed:7e:ac:b4:dc:60:ab:27: a4:02:65:93:00:6c:5b:4f:ff:20:90:e5:75:d7:4e:5d:2d:9d: cb:29:1b:ef:17:ab:e8:df:d1:11:05:b6:ae:89:73:7f:95:bd: ac:eb:76:59:47:0a:ce:14:e8:95:aa:eb:bf:fe:16:1b:05:47: f9:2b:99:3b:6a:ef:8a:9f:2e:2c:33:38:99:3c:e6:38:39:3d: fb:94:b3:fb:9c:e1:24:73:33:f5:bf:80:bc:fe:1e:88:3c:ce: e8:40:f4:39:df:ab:ce:1f:81:7a:ee:c5:49:cf:9c:5d:e4:d6: 66:f3:65:e6:6e:8a:39:85:95:cd:42:7a:fb:c7:bb:1d:bb:8c: 03:c5:8b:c7:d2:19:78:e6:6a:ed:af:d9:cc:03:38:75:e0:59: 0f:99:79:cd:47:27:e6:14:b4:16:1a:44:cd:09:ee:d5:09:ae: 93:b0:20:3c:32:c9:f9:71:0b:76:ec:6f:5c:ed:d9:ba:31:87: f1:51:72:86 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjk3OEQxMTAvBgNVBAUTKDE0NUZCRjlFRTMxNzM3RTkxQzNDRDQ4NEVDMDE2QUUz QzhGMzgwM0MwHhcNMjUwNDI1MDExNzU4WhcNMjUwNTAyMDExNzU4WjAYMRYwFAYD VQQDEw02ODBhZTJjNy1kNDk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwhfPT/qRmtQ1cy7KN+qY+6rlBstoQ+VEg1mVuxQrcOTUY4gycP/rChPTEA5v aJQ0rzjz40cWITwwfL5+drpn7saUPhmFN4QEVYdEUTtPCHkC7cXrBFrbWvj2xmwO p9zDzl88wh+npPUYwgseLvls2rxJ+sybM1TKhwEUH9MJXrXY9q7QBFBRylohVkCK 8428fPuI5vlVTh2L0gBSfXhsiQtdSLoIaaDqjptI64CC/ewi7gi9PHgjVGYLbTXf 5qeSD0ruaR8DPAfWMr/c9jeHPvKe1hHRCflv4ePH1uc/Dhf0mYijDyL7UfXfp+bC ylQigzIZ6V0QkhAFraih4CiNowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJe2remG 1FUMMsBlHpnABHTlJDbJMB8GA1UdIwQYMBaAFBRfv57jFzfpHDzUhOwBauPI84A8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTc4RC82N0I0NDgyOEZC NjYxMUVDQUJBMTAxNEZDNEY5QUUwMi9GRi1fbnVNWE4ta2NQTlNFN0FGcTQ4anpn RHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZGLV9udU1YTi1rY1BOU0U3QUZxNDhqemdEdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OTc4RC82N0I0NDgyOEZCNjYxMUVDQUJBMTAxNEZDNEY5QUUwMi9GRi1fbnVNWE4t a2NQTlNFN0FGcTQ4anpnRHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCYmNlWswgtCctxjbwIJh6fxsCCyVVKvPB/glvRgsEZLT8UUMVVIj0g d9OkJbRvZDru4Z7Hvwha/nx3H3KgCJIN7X6stNxgqyekAmWTAGxbT/8gkOV1105d LZ3LKRvvF6vo39ERBbauiXN/lb2s63ZZRwrOFOiVquu//hYbBUf5K5k7au+Kny4s MziZPOY4OT37lLP7nOEkczP1v4C8/h6IPM7oQPQ536vOH4F67sVJz5xd5NZm82Xm boo5hZXNQnr7x7sdu4wDxYvH0hl45mrtr9nMAzh14FkPmXnNRyfmFLQWGkTNCe7V Ca6TsCA8Msn5cQt27G9c7dm6MYfxUXKG -----END CERTIFICATE-----Generated at Sat Apr 26 12:31:50 2025 by rpki-client