$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDD82/197F9D9291E211E99768890EC4F9AE02/9EAYGB7lxiQOE5Q5WlzMTS9iMaQ.mft File: 9EAYGB7lxiQOE5Q5WlzMTS9iMaQ.mft (raw, json) Hash identifier: NtsgfJDb+Ud4OZDnGnPD6cZOCQdNeG5WJvCyN1T6Uhg= Subject key identifier: DF:EA:D4:E4:8C:63:D1:48:AA:C1:84:87:33:E3:5E:A4:E3:CB:E7:A8 Authority key identifier: F4:40:18:18:1E:E5:C6:24:0E:13:94:39:5A:5C:CC:4D:2F:62:31:A4 Certificate issuer: /CN=A91BDD82/serialNumber=F44018181EE5C6240E1394395A5CCC4D2F6231A4 Certificate serial: 0125 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9EAYGB7lxiQOE5Q5WlzMTS9iMaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BDD82/197F9D9291E211E99768890EC4F9AE02/9EAYGB7lxiQOE5Q5WlzMTS9iMaQ.mft Manifest number: 0FA5 Signing time: Thu 24 Apr 2025 17:41:46 +0000 Manifest this update: Thu 24 Apr 2025 17:41:46 +0000 Manifest next update: Thu 01 May 2025 17:41:46 +0000 Files and hashes: 1: 9EAYGB7lxiQOE5Q5WlzMTS9iMaQ.crl (hash: Kh/1PZsBAek6ZizNSkN9uBdzIa9hvjwrLhqxNoPklA4=) 2: 324967826D8D11EE9883B985C4F9AE02.roa (hash: tVncRVnPr+nSHEeWNP/pEvYFdoB6fcCQNCn7dCwbFNs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BDD82/197F9D9291E211E99768890EC4F9AE02/9EAYGB7lxiQOE5Q5WlzMTS9iMaQ.crl rsync://rpki.apnic.net/member_repository/A91BDD82/197F9D9291E211E99768890EC4F9AE02/9EAYGB7lxiQOE5Q5WlzMTS9iMaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9EAYGB7lxiQOE5Q5WlzMTS9iMaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:41:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 293 (0x125) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDD82, serialNumber=F44018181EE5C6240E1394395A5CCC4D2F6231A4 Validity Not Before: Apr 24 17:41:46 2025 GMT Not After : May 1 17:41:46 2025 GMT Subject: CN=680a77da-212d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:14:60:4f:4b:95:b0:6b:40:82:32:2d:85:8f: e3:ca:40:71:e7:fe:66:23:0e:c6:a7:77:58:f9:a8: 9d:8f:a4:66:86:d9:5d:ab:3f:16:f0:5d:37:d9:29: 23:db:ee:c5:37:2d:44:1b:39:22:7e:f9:f5:e3:a4: e0:eb:69:2e:00:5d:b3:fa:da:94:be:d6:9c:43:02: 2f:df:be:6e:aa:41:41:a9:8b:2f:a5:39:54:a5:aa: 5e:6a:6a:00:f2:85:bb:45:31:7f:60:fc:42:0d:5f: 7f:59:31:4a:f5:5b:e5:c6:dc:28:d8:1b:41:63:7e: b0:b5:f3:6f:41:53:21:c5:59:6b:de:28:5a:0c:fa: ac:e3:6d:7f:9a:0d:a6:13:a8:e0:38:c8:ae:38:bc: 55:73:37:6d:6d:8b:e8:a7:fe:6b:8f:5b:4a:03:f8: 1d:d4:fb:b2:6f:72:10:95:b0:9a:78:b4:2c:f7:ce: 81:90:58:f8:ac:0d:1b:98:e2:9b:f2:25:fd:02:b9: a6:ea:82:21:f6:41:00:a1:43:6e:40:20:d3:ae:8c: fc:3c:91:a1:e0:b0:a6:eb:32:2b:44:46:2c:26:b8: 90:28:f5:64:14:70:57:ba:f4:f6:1a:c4:f3:1c:f2: 54:ab:a3:e0:ad:83:92:82:bb:24:c5:0c:b4:f9:a4: 24:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:EA:D4:E4:8C:63:D1:48:AA:C1:84:87:33:E3:5E:A4:E3:CB:E7:A8 X509v3 Authority Key Identifier: keyid:F4:40:18:18:1E:E5:C6:24:0E:13:94:39:5A:5C:CC:4D:2F:62:31:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BDD82/197F9D9291E211E99768890EC4F9AE02/9EAYGB7lxiQOE5Q5WlzMTS9iMaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9EAYGB7lxiQOE5Q5WlzMTS9iMaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDD82/197F9D9291E211E99768890EC4F9AE02/9EAYGB7lxiQOE5Q5WlzMTS9iMaQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption af:38:60:88:20:8f:44:61:cd:9f:a7:fc:36:1a:ba:32:86:63: d0:f5:ef:50:04:8e:6d:71:ec:af:83:a2:eb:cd:35:98:ba:db: 45:5d:84:d1:e6:04:d4:87:2f:44:89:cc:e3:19:cd:64:e1:f0: a5:c8:f4:d7:3b:9e:bb:a0:46:44:b7:e0:a1:d2:d2:4e:aa:c7: 66:c7:be:66:3c:94:14:10:6a:84:38:3a:5e:8b:96:0c:ca:41: 59:29:dc:33:89:20:0a:ad:47:99:6d:0e:21:f4:e5:0f:db:ea: cf:ff:ce:52:75:b1:ba:d4:05:be:6a:20:08:8f:5d:c5:49:b2: dd:b3:cf:fb:69:16:05:46:07:28:79:04:39:04:65:65:e2:ff: eb:4a:85:e1:17:47:25:84:5a:b1:59:1f:4f:43:28:25:6a:68: bb:c5:ff:ac:7a:06:04:79:d7:4e:46:6c:b2:02:94:d9:0c:b4: 04:be:87:d4:5e:f4:64:68:12:bf:fe:f3:39:ce:79:ff:e8:a7: 97:e2:5a:aa:a6:df:6f:4a:63:32:bb:6f:3a:2a:66:db:08:a2: c4:e0:45:f1:49:ce:8f:bb:f2:84:7b:76:3c:57:f8:bf:e1:65: a0:eb:f9:fd:0d:19:5b:0d:34:62:c6:12:56:7e:42:3c:2c:07: 9b:c1:9d:a3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkREODIxMTAvBgNVBAUTKEY0NDAxODE4MUVFNUM2MjQwRTEzOTQzOTVBNUNDQzRE MkY2MjMxQTQwHhcNMjUwNDI0MTc0MTQ2WhcNMjUwNTAxMTc0MTQ2WjAYMRYwFAYD VQQDEw02ODBhNzdkYS0yMTJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAthRgT0uVsGtAgjIthY/jykBx5/5mIw7Gp3dY+aidj6Rmhtldqz8W8F032Skj 2+7FNy1EGzkifvn146Tg62kuAF2z+tqUvtacQwIv375uqkFBqYsvpTlUpapeamoA 8oW7RTF/YPxCDV9/WTFK9Vvlxtwo2BtBY36wtfNvQVMhxVlr3ihaDPqs421/mg2m E6jgOMiuOLxVczdtbYvop/5rj1tKA/gd1Puyb3IQlbCaeLQs986BkFj4rA0bmOKb 8iX9Armm6oIh9kEAoUNuQCDTroz8PJGh4LCm6zIrREYsJriQKPVkFHBXuvT2GsTz HPJUq6PgrYOSgrskxQy0+aQkfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN/q1OSM Y9FIqsGEhzPjXqTjy+eoMB8GA1UdIwQYMBaAFPRAGBge5cYkDhOUOVpczE0vYjGk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCREQ4Mi8xOTdGOUQ5Mjkx RTIxMUU5OTc2ODg5MEVDNEY5QUUwMi85RUFZR0I3bHhpUU9FNVE1V2x6TVRTOWlN YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzlFQVlHQjdseGlRT0U1UTVXbHpNVFM5aU1hUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC REQ4Mi8xOTdGOUQ5MjkxRTIxMUU5OTc2ODg5MEVDNEY5QUUwMi85RUFZR0I3bHhp UU9FNVE1V2x6TVRTOWlNYVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCvOGCIII9EYc2fp/w2GroyhmPQ9e9QBI5tceyvg6LrzTWYuttFXYTR 5gTUhy9EiczjGc1k4fClyPTXO567oEZEt+Ch0tJOqsdmx75mPJQUEGqEODpei5YM ykFZKdwziSAKrUeZbQ4h9OUP2+rP/85SdbG61AW+aiAIj13FSbLds8/7aRYFRgco eQQ5BGVl4v/rSoXhF0clhFqxWR9PQyglami7xf+segYEeddORmyyApTZDLQEvofU XvRkaBK//vM5znn/6KeX4lqqpt9vSmMyu286KmbbCKLE4EXxSc6Pu/KEe3Y8V/i/ 4WWg6/n9DRlbDTRixhJWfkI8LAebwZ2j -----END CERTIFICATE-----Generated at Sat Apr 26 04:34:50 2025 by rpki-client