$ rpki-client -vvf rpki.apnic.net/member_repository/A91BEE1D/9ADADADEC70E11EF8067C466C4F9AE02/itYQrIti8qb8qCWJVdXxJJJ7OgA.mft File: itYQrIti8qb8qCWJVdXxJJJ7OgA.mft (raw, json) Hash identifier: kIodXZI/MdL+2jQIDkg1OLNlI2gRGdchfaTeHf4htBs= Subject key identifier: 0D:C5:3E:91:5A:94:26:D5:CB:F2:33:56:FF:02:BE:49:B2:7C:8F:EE Authority key identifier: 8A:D6:10:AC:8B:62:F2:A6:FC:A8:25:89:55:D5:F1:24:92:7B:3A:00 Certificate issuer: /CN=A91BEE1D/serialNumber=8AD610AC8B62F2A6FCA8258955D5F124927B3A00 Certificate serial: 3D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/itYQrIti8qb8qCWJVdXxJJJ7OgA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BEE1D/9ADADADEC70E11EF8067C466C4F9AE02/itYQrIti8qb8qCWJVdXxJJJ7OgA.mft Manifest number: 3D Signing time: Fri 25 Apr 2025 06:28:45 +0000 Manifest this update: Fri 25 Apr 2025 06:28:44 +0000 Manifest next update: Fri 02 May 2025 06:28:44 +0000 Files and hashes: 1: itYQrIti8qb8qCWJVdXxJJJ7OgA.crl (hash: LaiPr9GqHhdlMh+NSe1zoAPPbWSsl+jqRam2q8V/oeA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BEE1D/9ADADADEC70E11EF8067C466C4F9AE02/itYQrIti8qb8qCWJVdXxJJJ7OgA.crl rsync://rpki.apnic.net/member_repository/A91BEE1D/9ADADADEC70E11EF8067C466C4F9AE02/itYQrIti8qb8qCWJVdXxJJJ7OgA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/itYQrIti8qb8qCWJVdXxJJJ7OgA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:28:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61 (0x3d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BEE1D, serialNumber=8AD610AC8B62F2A6FCA8258955D5F124927B3A00 Validity Not Before: Apr 25 06:28:44 2025 GMT Not After : May 2 06:28:44 2025 GMT Subject: CN=680b2b9c-0b73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:c4:74:bb:f2:72:8c:41:6c:8c:d5:4f:ea:65: fe:06:e5:30:66:17:b2:e8:ca:04:04:0b:4d:b3:b0: e7:3c:d6:c1:49:8e:4c:73:06:8b:cf:eb:57:b7:51: b6:7a:ea:4a:36:18:b8:ce:6b:96:e5:cf:17:9f:83: 95:b9:40:32:40:d9:18:5b:e1:57:9d:3a:5e:ae:aa: 62:52:94:86:c1:4f:42:40:99:4c:d1:04:c8:7e:60: 54:ee:2f:55:ee:77:75:79:1f:5e:cc:ea:43:ae:53: d2:94:e3:04:0e:a3:0a:49:3a:ee:9f:58:19:f6:2a: 58:4a:10:cb:93:56:79:15:f1:8b:f4:26:0e:cf:42: 74:84:bf:81:20:77:22:11:da:f7:37:59:ba:f7:88: b1:95:cb:95:2a:ea:ef:b8:80:58:36:bb:5c:3e:9a: 8e:17:b1:04:d6:a8:98:68:a1:a6:04:9d:53:20:e2: 36:41:20:3c:a7:26:66:ca:b1:91:e2:56:ec:0f:f5: ab:b0:3c:ce:18:62:18:70:91:12:51:66:37:10:0d: 0e:aa:f9:03:bc:86:b6:eb:a7:b7:d4:40:af:7e:fa: 87:5f:ea:2f:d5:9b:b3:e3:92:ff:db:3d:03:53:c0: 3b:84:47:12:aa:6f:e6:0c:63:aa:f3:ee:a8:bb:04: a2:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:C5:3E:91:5A:94:26:D5:CB:F2:33:56:FF:02:BE:49:B2:7C:8F:EE X509v3 Authority Key Identifier: keyid:8A:D6:10:AC:8B:62:F2:A6:FC:A8:25:89:55:D5:F1:24:92:7B:3A:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BEE1D/9ADADADEC70E11EF8067C466C4F9AE02/itYQrIti8qb8qCWJVdXxJJJ7OgA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/itYQrIti8qb8qCWJVdXxJJJ7OgA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BEE1D/9ADADADEC70E11EF8067C466C4F9AE02/itYQrIti8qb8qCWJVdXxJJJ7OgA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b1:2e:57:7a:10:f4:7c:60:93:ec:26:d9:e7:ff:20:2e:50:a8: a3:d8:00:1b:60:0d:b0:3c:eb:37:98:6f:da:ac:3c:48:0a:94: 23:9c:24:02:3e:33:53:91:9a:a3:91:a4:74:af:e9:7c:20:e4: fe:b3:8a:bf:ff:d3:1d:6a:9b:09:e3:13:a6:58:cc:e7:ef:01: 5b:35:13:0e:d8:81:04:23:7c:60:50:7b:7c:eb:05:c9:c2:14: 44:3b:d9:f8:88:da:b0:76:ea:7c:84:0e:ea:5d:3d:3c:80:61: 38:1c:5b:c4:ef:1d:91:af:43:0b:11:30:41:87:5c:fb:a9:97: 9d:ea:64:09:85:05:d1:58:d8:55:a0:97:30:db:2a:c4:f6:80: 78:0f:b0:df:57:7e:f8:1a:f7:02:9a:e1:53:36:55:37:64:da: 9f:d7:df:92:b8:ae:50:65:d6:a7:0c:c0:53:51:f1:42:94:48: f7:bc:63:8a:4d:1f:92:6b:da:ce:eb:aa:93:a9:f2:a5:67:eb: c6:da:5c:a8:1b:8b:62:db:3c:97:d9:23:1e:77:ee:be:5f:50: 1e:68:99:0f:d5:e5:f4:31:27:79:ef:76:8b:63:e5:ca:57:d1: 87:75:a4:9f:e8:94:b4:59:b8:7a:33:bd:15:b8:b1:70:c7:f7: f1:77:2a:cc -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC RUUxRDExMC8GA1UEBRMoOEFENjEwQUM4QjYyRjJBNkZDQTgyNTg5NTVENUYxMjQ5 MjdCM0EwMDAeFw0yNTA0MjUwNjI4NDRaFw0yNTA1MDIwNjI4NDRaMBgxFjAUBgNV BAMTDTY4MGIyYjljLTBiNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDUxHS78nKMQWyM1U/qZf4G5TBmF7LoygQEC02zsOc81sFJjkxzBovP61e3UbZ6 6ko2GLjOa5blzxefg5W5QDJA2Rhb4VedOl6uqmJSlIbBT0JAmUzRBMh+YFTuL1Xu d3V5H17M6kOuU9KU4wQOowpJOu6fWBn2KlhKEMuTVnkV8Yv0Jg7PQnSEv4EgdyIR 2vc3Wbr3iLGVy5Uq6u+4gFg2u1w+mo4XsQTWqJhooaYEnVMg4jZBIDynJmbKsZHi VuwP9auwPM4YYhhwkRJRZjcQDQ6q+QO8hrbrp7fUQK9++odf6i/Vm7Pjkv/bPQNT wDuERxKqb+YMY6rz7qi7BKLxAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUDcU+kVqU JtXL8jNW/wK+SbJ8j+4wHwYDVR0jBBgwFoAUitYQrIti8qb8qCWJVdXxJJJ7OgAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJFRTFELzlBREFEQURFQzcw RTExRUY4MDY3QzQ2NkM0RjlBRTAyL2l0WVFySXRpOHFiOHFDV0pWZFh4SkpKN09n QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaXRZUXJJdGk4cWI4cUNXSlZkWHhKSko3T2dBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJF RTFELzlBREFEQURFQzcwRTExRUY4MDY3QzQ2NkM0RjlBRTAyL2l0WVFySXRpOHFi OHFDV0pWZFh4SkpKN09nQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALEuV3oQ9Hxgk+wm2ef/IC5QqKPYABtgDbA86zeYb9qsPEgKlCOcJAI+ M1ORmqORpHSv6Xwg5P6zir//0x1qmwnjE6ZYzOfvAVs1Ew7YgQQjfGBQe3zrBcnC FEQ72fiI2rB26nyEDupdPTyAYTgcW8TvHZGvQwsRMEGHXPupl53qZAmFBdFY2FWg lzDbKsT2gHgPsN9Xfvga9wKa4VM2VTdk2p/X35K4rlBl1qcMwFNR8UKUSPe8Y4pN H5Jr2s7rqpOp8qVn68baXKgbi2LbPJfZIx537r5fUB5omQ/V5fQxJ3nvdotj5cpX 0Yd1pJ/olLRZuHozvRW4sXDH9/F3Ksw= -----END CERTIFICATE-----Generated at Sat Apr 26 04:23:46 2025 by rpki-client