$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.mft File: d0hrYQ0zOuvajyVcUBQRsB8Y_0k.mft (raw, json) Hash identifier: BP1UAFagK9lBxhczlQWbOEWMysnonZBbr1ySaPDo9RY= Subject key identifier: 97:C5:9F:41:FF:78:3C:FC:7F:AB:9C:17:3E:BD:46:68:94:42:D9:8F Authority key identifier: 77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49 Certificate issuer: /CN=A91C2CC7/serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49 Certificate serial: 0FAA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.mft Manifest number: 0F3A Signing time: Thu 24 Apr 2025 17:38:34 +0000 Manifest this update: Thu 24 Apr 2025 17:38:33 +0000 Manifest next update: Thu 01 May 2025 17:38:33 +0000 Files and hashes: 1: d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl (hash: f3pJ9LR5uN4HEWp0JQyCzx8LBkgGr4eZfi+zyfmz0xs=) 2: 931E0F7681C911EFA5B1D80BC4F9AE02.roa (hash: HvCeCNMd3cDYBcsUNmnAZgRE0yTF+p8FgFeiy4l06fs=) 3: B35E5B46334111EF9770A542C4F9AE02.roa (hash: UPuDmnzuzvNsFm0+p8zRrUqRDIqQAuxYTPJw8nD+iQM=) 4: B1F39E9C334111EF9770A542C4F9AE02.roa (hash: gH07d0tdWpzxCvfeG7l6D2uFfEY6tpwzzgDCtY/pYyE=) 5: 6AB0F2A2892611EEB5E27D69C4F9AE02.roa (hash: nicSmvXStk5YSg3xIJcJaFbSV0F719Jx8dhmknr9Hs0=) 6: B2A71CE2334111EF9770A542C4F9AE02.roa (hash: pfS5+RaNkCZt3S0EiNJ59HEgMt0xojAMbKbcs9rYZR4=) 7: B431D7F0334111EF9770A542C4F9AE02.roa (hash: dHg9iL3zja6HivHA12hRfViwVDzN8iW3RCu9SvZmDKM=) 8: 7BD12E3A480811EE8C512B0DC4F9AE02.roa (hash: PTHJR1ja6PHKnchzMzvjSZlwBo+yBYxt/AqG4ozJw5A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:38:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4010 (0xfaa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C2CC7, serialNumber=77486B610D333AEBDA8F255C501411B01F18FF49 Validity Not Before: Apr 24 17:38:33 2025 GMT Not After : May 1 17:38:33 2025 GMT Subject: CN=680a7719-cddb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:fa:e2:31:d8:b8:fe:ad:07:2a:67:54:19:d8: e7:20:a4:0c:91:db:f6:8f:05:ef:5d:df:81:af:97: 52:89:20:c6:70:8f:a4:77:6f:c6:ff:3c:84:7c:a0: 34:77:c2:92:88:59:a5:90:94:b7:dc:d5:f5:f7:b3: 16:9b:a2:ec:03:43:06:ae:b1:9d:0f:ac:e9:c2:cc: 29:37:88:62:e5:3c:49:a6:13:c8:41:01:ea:4b:c3: ae:72:2f:94:08:3c:82:36:c4:ac:bd:0d:1c:94:dc: 63:35:ee:a8:f6:60:f1:0e:cb:d4:5d:b5:72:66:5a: 3f:b0:b6:5a:44:9d:61:5c:a7:e7:da:ec:f1:bf:7a: 8b:18:d3:33:63:3b:38:f9:f7:3f:05:c4:28:2e:0b: 1a:c5:41:7e:fb:f8:95:a8:97:d5:62:7c:53:34:18: 48:12:cb:bf:da:ae:d3:b2:ca:fc:29:9b:82:56:56: 6e:15:d1:8c:e2:79:8c:43:43:51:3c:ff:f7:81:20: 14:a5:0b:39:41:cd:27:fb:38:a6:de:51:a0:fc:6a: c3:54:94:f6:52:7f:3a:4f:36:48:39:56:aa:cc:5c: af:01:c7:fa:f9:df:aa:a4:69:d2:23:d1:d2:56:49: 15:6b:ac:06:35:27:4e:21:df:ba:ee:e3:bf:18:fd: 99:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:C5:9F:41:FF:78:3C:FC:7F:AB:9C:17:3E:BD:46:68:94:42:D9:8F X509v3 Authority Key Identifier: keyid:77:48:6B:61:0D:33:3A:EB:DA:8F:25:5C:50:14:11:B0:1F:18:FF:49 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2CC7/791C6A347B3811E9BC0D3B32C4F9AE02/d0hrYQ0zOuvajyVcUBQRsB8Y_0k.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:7f:8b:0f:4d:39:17:8c:10:f2:19:7e:d0:a3:99:57:01:93: 05:97:b6:6b:aa:29:36:0c:6e:10:75:04:9e:12:74:30:c7:87: cf:87:34:c7:1c:d6:d6:29:e8:f7:b5:b7:f9:f4:13:83:48:bc: fb:f3:44:9f:48:82:26:53:a5:58:42:d1:8c:d9:3e:44:55:a7: 8b:99:d3:10:1a:23:68:10:04:75:27:be:54:39:98:4b:ad:c9: 31:49:41:13:7f:fe:6a:81:fd:4a:80:46:68:ea:57:3e:e1:bd: 4f:56:16:01:68:86:46:d1:87:eb:74:ff:ce:63:dc:de:a2:f9: df:0a:7f:70:21:b6:e4:db:dc:44:31:eb:b7:a3:f1:bd:1d:96: 5c:e2:a6:7d:06:65:d9:c6:29:2b:d8:2a:a1:e3:29:0c:35:15: b0:a9:7f:b0:b5:3a:d1:04:1e:e3:77:31:e0:65:01:f0:75:d2: 61:d2:b2:2e:76:12:da:5a:94:00:5e:0d:86:d5:cd:ca:2b:2c: 9a:4b:f3:ed:22:7b:ad:8f:fd:4f:d0:d5:1f:77:8f:7b:4d:55: e4:0d:b8:d9:75:b5:1e:29:0b:d8:22:e4:ba:42:bb:11:33:d6: 92:b7:21:f6:13:60:dd:19:4e:5b:68:c4:4c:02:0c:6e:bb:d0: 6a:bb:c3:8b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD6owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzJDQzcxMTAvBgNVBAUTKDc3NDg2QjYxMEQzMzNBRUJEQThGMjU1QzUwMTQxMUIw MUYxOEZGNDkwHhcNMjUwNDI0MTczODMzWhcNMjUwNTAxMTczODMzWjAYMRYwFAYD VQQDEw02ODBhNzcxOS1jZGRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5vriMdi4/q0HKmdUGdjnIKQMkdv2jwXvXd+Br5dSiSDGcI+kd2/G/zyEfKA0 d8KSiFmlkJS33NX197MWm6LsA0MGrrGdD6zpwswpN4hi5TxJphPIQQHqS8Ouci+U CDyCNsSsvQ0clNxjNe6o9mDxDsvUXbVyZlo/sLZaRJ1hXKfn2uzxv3qLGNMzYzs4 +fc/BcQoLgsaxUF++/iVqJfVYnxTNBhIEsu/2q7Tssr8KZuCVlZuFdGM4nmMQ0NR PP/3gSAUpQs5Qc0n+zim3lGg/GrDVJT2Un86TzZIOVaqzFyvAcf6+d+qpGnSI9HS VkkVa6wGNSdOId+67uO/GP2ZvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJfFn0H/ eDz8f6ucFz69RmiUQtmPMB8GA1UdIwQYMBaAFHdIa2ENMzrr2o8lXFAUEbAfGP9J MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMkNDNy83OTFDNkEzNDdC MzgxMUU5QkMwRDNCMzJDNEY5QUUwMi9kMGhyWVEwek91dmFqeVZjVUJRUnNCOFlf MGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2QwaHJZUTB6T3V2YWp5VmNVQlFSc0I4WV8way5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MkNDNy83OTFDNkEzNDdCMzgxMUU5QkMwRDNCMzJDNEY5QUUwMi9kMGhyWVEwek91 dmFqeVZjVUJRUnNCOFlfMGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA+f4sPTTkXjBDyGX7Qo5lXAZMFl7Zrqik2DG4QdQSeEnQwx4fPhzTH HNbWKej3tbf59BODSLz780SfSIImU6VYQtGM2T5EVaeLmdMQGiNoEAR1J75UOZhL rckxSUETf/5qgf1KgEZo6lc+4b1PVhYBaIZG0YfrdP/OY9zeovnfCn9wIbbk29xE Meu3o/G9HZZc4qZ9BmXZxikr2Cqh4ykMNRWwqX+wtTrRBB7jdzHgZQHwddJh0rIu dhLaWpQAXg2G1c3KKyyaS/PtInutj/1P0NUfd497TVXkDbjZdbUeKQvYIuS6QrsR M9aStyH2E2DdGU5baMRMAgxuu9Bqu8OL -----END CERTIFICATE-----Generated at Sat Apr 26 13:10:35 2025 by rpki-client