$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.mft File: 8EZlk8K2zqnL8C4mqua_eQ9Sfqg.mft (raw, json) Hash identifier: P5d94pyA9sNKHDaNiJrNNHqy+/JkG4GLvclgecSd6Y8= Subject key identifier: DE:F4:25:E3:D4:8B:15:E3:8C:09:B5:0C:5F:A1:7A:D2:37:D0:7F:73 Authority key identifier: F0:46:65:93:C2:B6:CE:A9:CB:F0:2E:26:AA:E6:BF:79:0F:52:7E:A8 Certificate issuer: /CN=A91BF8D1/serialNumber=F0466593C2B6CEA9CBF02E26AAE6BF790F527EA8 Certificate serial: 0A40 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.mft Manifest number: 0A3A Signing time: Thu 24 Apr 2025 19:38:24 +0000 Manifest this update: Thu 24 Apr 2025 19:38:23 +0000 Manifest next update: Thu 01 May 2025 19:38:23 +0000 Files and hashes: 1: 8EZlk8K2zqnL8C4mqua_eQ9Sfqg.crl (hash: FX6GAU8fBZixQy6/nbiDc1yjYZepZM7lM3ggxKs78D8=) 2: 19250B84675711EAA928E22DC4F9AE02.roa (hash: BfaBbqdTeXcprKlCZnPR/VFXV6AoP9YV7kqFZXcvXOo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.crl rsync://rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:38:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2624 (0xa40) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BF8D1, serialNumber=F0466593C2B6CEA9CBF02E26AAE6BF790F527EA8 Validity Not Before: Apr 24 19:38:23 2025 GMT Not After : May 1 19:38:23 2025 GMT Subject: CN=680a9330-57f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:59:82:dd:55:bf:03:59:3c:d1:61:78:ef:95: cd:e2:1d:9a:f3:60:55:8a:f1:21:ea:a6:e5:2f:ce: 33:20:73:8e:9a:e6:f4:25:2a:47:d8:2d:6f:a1:d7: ee:c2:58:19:e2:64:37:2c:9d:29:c6:9f:e3:e2:3b: cb:de:84:5c:01:13:b9:d3:3c:9a:71:56:77:80:c7: 0d:16:15:1d:11:27:24:2c:20:92:07:78:9c:b8:89: ad:45:6d:e6:0d:78:42:71:f5:95:4d:14:1b:a9:45: b2:c1:07:44:4c:d3:58:cf:63:f9:d3:b5:37:fe:64: df:3b:60:a0:a0:df:a8:bc:2a:2e:5d:73:31:e8:74: c3:9b:82:f6:8c:98:4f:8a:b6:48:f0:a6:24:7f:44: dd:82:63:ed:ba:78:31:ae:de:09:63:48:e1:1e:f2: ea:76:46:e1:97:93:03:98:57:a8:80:56:bf:00:42: c5:53:b7:b5:9d:68:aa:81:94:c8:28:74:e2:fb:60: 78:4f:84:38:74:22:4d:40:3e:43:c4:08:70:92:29: 50:a4:97:df:1f:79:25:26:22:8f:3a:8c:a3:7c:d0: 3b:b6:3f:c3:35:09:d6:aa:aa:54:90:9f:e7:e6:58: ff:9a:2d:9b:b0:3f:fa:da:3f:6b:ab:12:f8:d0:0d: af:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:F4:25:E3:D4:8B:15:E3:8C:09:B5:0C:5F:A1:7A:D2:37:D0:7F:73 X509v3 Authority Key Identifier: keyid:F0:46:65:93:C2:B6:CE:A9:CB:F0:2E:26:AA:E6:BF:79:0F:52:7E:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 62:72:7f:d6:88:bf:21:5c:87:cd:e8:d8:50:71:c5:f2:1b:26: 5e:62:72:62:36:ac:13:ba:d9:74:2c:56:e5:8b:24:86:fd:01: 1e:f9:1d:b4:40:2e:34:32:bf:07:1e:19:d9:46:03:b6:68:9f: 83:ce:fb:b8:34:71:63:42:2d:c2:69:f4:ee:87:16:58:16:e8: f6:75:81:fb:77:bd:e1:5d:ac:40:7e:40:e7:c5:6d:8d:29:34: 25:cf:88:4f:6e:02:85:08:96:65:ce:0a:df:ea:ad:bf:94:19: a0:c6:83:49:25:c7:78:bc:12:de:6b:b1:a2:1d:de:d8:87:15: c7:36:8b:b8:3e:fb:18:23:82:a9:b4:bb:0c:f9:00:e4:00:a6: 63:0f:bc:91:aa:85:60:49:67:19:b9:25:0a:7a:6e:ad:84:4a: 10:fc:3a:73:cb:bc:f8:47:d7:3f:31:ec:1a:07:4d:4a:76:05: 81:05:fa:01:05:d6:a8:6d:c5:de:17:22:6c:42:38:d4:8a:7b: f2:aa:86:51:27:94:8d:c9:4f:a9:30:f8:a3:2f:56:2f:53:a3: ad:98:3d:dc:ad:1b:40:fa:04:9e:7c:39:3e:a4:32:3e:c0:27: b7:7b:c5:c1:e7:d8:32:f4:53:6f:94:08:89:48:44:19:6f:d5: 7e:55:a4:f9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCkAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkY4RDExMTAvBgNVBAUTKEYwNDY2NTkzQzJCNkNFQTlDQkYwMkUyNkFBRTZCRjc5 MEY1MjdFQTgwHhcNMjUwNDI0MTkzODIzWhcNMjUwNTAxMTkzODIzWjAYMRYwFAYD VQQDEw02ODBhOTMzMC01N2YyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzlmC3VW/A1k80WF475XN4h2a82BVivEh6qblL84zIHOOmub0JSpH2C1vodfu wlgZ4mQ3LJ0pxp/j4jvL3oRcARO50zyacVZ3gMcNFhUdESckLCCSB3icuImtRW3m DXhCcfWVTRQbqUWywQdETNNYz2P507U3/mTfO2CgoN+ovCouXXMx6HTDm4L2jJhP irZI8KYkf0TdgmPtungxrt4JY0jhHvLqdkbhl5MDmFeogFa/AELFU7e1nWiqgZTI KHTi+2B4T4Q4dCJNQD5DxAhwkilQpJffH3klJiKPOoyjfNA7tj/DNQnWqqpUkJ/n 5lj/mi2bsD/62j9rqxL40A2vwQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN70JePU ixXjjAm1DF+hetI30H9zMB8GA1UdIwQYMBaAFPBGZZPCts6py/AuJqrmv3kPUn6o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjhEMS83QzRFMzRCQzY3 NTUxMUVBQTA4NzMwMkJDNEY5QUUwMi84RVpsazhLMnpxbkw4QzRtcXVhX2VROVNm cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhFWmxrOEsyenFuTDhDNG1xdWFfZVE5U2ZxZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RjhEMS83QzRFMzRCQzY3NTUxMUVBQTA4NzMwMkJDNEY5QUUwMi84RVpsazhLMnpx bkw4QzRtcXVhX2VROVNmcWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBicn/WiL8hXIfN6NhQccXyGyZeYnJiNqwTutl0LFbliySG/QEe+R20 QC40Mr8HHhnZRgO2aJ+Dzvu4NHFjQi3CafTuhxZYFuj2dYH7d73hXaxAfkDnxW2N KTQlz4hPbgKFCJZlzgrf6q2/lBmgxoNJJcd4vBLea7GiHd7YhxXHNou4PvsYI4Kp tLsM+QDkAKZjD7yRqoVgSWcZuSUKem6thEoQ/Dpzy7z4R9c/MewaB01KdgWBBfoB BdaobcXeFyJsQjjUinvyqoZRJ5SNyU+pMPijL1YvU6OtmD3crRtA+gSefDk+pDI+ wCe3e8XB59gy9FNvlAiJSEQZb9V+VaT5 -----END CERTIFICATE-----Generated at Sat Apr 26 15:13:52 2025 by rpki-client