$ rpki-client -vvf rpki.apnic.net/member_repository/A91C3A74/753D71EE3AB511E7B8609F1CC4F9AE02/jhH8tOi9Y9J7hOstUmcMoXT5xDw.mft File: jhH8tOi9Y9J7hOstUmcMoXT5xDw.mft (raw, json) Hash identifier: +Ng59mW+Gsn8zIWCjGUA+YRMLDsZ2WOj5f3HrRWfJwg= Subject key identifier: E6:7F:DF:CD:03:0A:DA:72:A4:8F:AF:C5:81:89:2A:57:CD:ED:2E:CE Authority key identifier: 8E:11:FC:B4:E8:BD:63:D2:7B:84:EB:2D:52:67:0C:A1:74:F9:C4:3C Certificate issuer: /CN=A91C3A74/serialNumber=8E11FCB4E8BD63D27B84EB2D52670CA174F9C43C Certificate serial: 1A72 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/jhH8tOi9Y9J7hOstUmcMoXT5xDw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C3A74/753D71EE3AB511E7B8609F1CC4F9AE02/jhH8tOi9Y9J7hOstUmcMoXT5xDw.mft Manifest number: 1A6B Signing time: Thu 24 Apr 2025 15:44:16 +0000 Manifest this update: Thu 24 Apr 2025 15:44:16 +0000 Manifest next update: Thu 01 May 2025 15:44:16 +0000 Files and hashes: 1: jhH8tOi9Y9J7hOstUmcMoXT5xDw.crl (hash: dNqxaSlb+6FjZkeDajCIkvOecPxqD5WQw9IepsjlLTs=) 2: AFA37450139811EA807F1A26C4F9AE02.roa (hash: EvR5gfpmDfAVmSaNBVyf31LRk9wTqTU6OTSsCqxA5UQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C3A74/753D71EE3AB511E7B8609F1CC4F9AE02/jhH8tOi9Y9J7hOstUmcMoXT5xDw.crl rsync://rpki.apnic.net/member_repository/A91C3A74/753D71EE3AB511E7B8609F1CC4F9AE02/jhH8tOi9Y9J7hOstUmcMoXT5xDw.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/jhH8tOi9Y9J7hOstUmcMoXT5xDw.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:44:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6770 (0x1a72) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C3A74, serialNumber=8E11FCB4E8BD63D27B84EB2D52670CA174F9C43C Validity Not Before: Apr 24 15:44:16 2025 GMT Not After : May 1 15:44:16 2025 GMT Subject: CN=680a5c50-5775 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:eb:45:ae:14:8c:25:62:5c:1d:78:b3:3b:19: 6c:f2:da:1a:dc:2e:75:8c:ab:72:4e:16:89:87:77: 61:cd:36:4f:20:fb:95:43:88:3f:dc:2a:58:95:39: d2:13:92:e3:5a:41:6c:53:56:10:d8:15:29:13:42: 32:63:32:ed:c7:0c:99:c1:4f:74:e9:e0:fa:41:53: da:94:6e:9c:f6:56:2c:f5:a3:f3:a8:0e:fb:4c:32: a5:70:a9:c2:8b:b7:a9:85:a0:b6:82:44:0a:40:1a: 2b:fa:77:0e:0f:83:8e:3b:d0:a0:09:f6:d3:69:04: ab:52:60:f5:4c:be:00:b3:e9:bb:61:01:6e:72:40: 71:c4:7b:df:9d:c5:97:4a:af:7f:60:12:94:37:3d: 47:31:69:07:95:a8:c5:24:4b:45:2e:20:49:f4:a0: bb:1a:b4:02:66:83:7e:fb:37:97:f7:69:48:a4:2f: a1:d9:d3:60:c5:17:a5:4b:15:49:02:b1:fa:76:d0: f4:27:6c:7d:de:07:de:0e:ca:4e:12:5d:5a:1e:3f: 74:5c:18:14:9b:88:e0:3d:63:aa:e9:07:a2:72:22: 90:b7:bf:8a:d1:e1:ed:84:6b:18:a9:ff:60:05:4f: 63:52:48:57:32:b2:49:b2:d8:83:0f:7f:05:ae:ab: 97:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:7F:DF:CD:03:0A:DA:72:A4:8F:AF:C5:81:89:2A:57:CD:ED:2E:CE X509v3 Authority Key Identifier: keyid:8E:11:FC:B4:E8:BD:63:D2:7B:84:EB:2D:52:67:0C:A1:74:F9:C4:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C3A74/753D71EE3AB511E7B8609F1CC4F9AE02/jhH8tOi9Y9J7hOstUmcMoXT5xDw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/jhH8tOi9Y9J7hOstUmcMoXT5xDw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C3A74/753D71EE3AB511E7B8609F1CC4F9AE02/jhH8tOi9Y9J7hOstUmcMoXT5xDw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:73:c9:94:db:a7:04:d8:dc:1e:15:8c:06:57:75:09:a4:81: d6:d1:cc:a7:c3:a9:45:d7:10:46:bb:40:7e:44:2a:e0:e0:dc: 33:cf:c5:87:fe:bf:e9:8e:86:06:e1:07:a1:b1:d8:0e:ba:52: 0b:89:55:32:3c:84:54:b4:37:3a:cf:62:d9:f1:cc:68:2a:0b: df:a1:b7:1f:95:f1:33:97:de:98:d0:32:5c:b5:c5:19:1b:cd: 42:e3:b2:b4:c3:e3:99:27:ac:a5:75:81:5f:64:91:1c:47:85: e0:21:c2:57:33:c0:c9:48:b4:a4:82:2c:6c:89:5e:87:93:d5: f5:58:8c:f2:d2:45:9e:aa:aa:0d:bd:72:56:3e:28:5e:1c:95: 5d:ca:a8:a8:d6:1d:a2:cc:41:07:7e:6d:45:b3:70:53:98:8c: 58:fd:5d:87:e0:f6:b6:d2:b9:f3:a9:41:ed:11:91:24:48:8c: 4b:5d:df:12:d0:f1:49:62:41:e5:cc:b1:62:2e:e9:e3:6b:8c: 38:84:7e:d7:cd:dc:28:aa:f1:0e:c9:56:43:3b:fd:a3:ab:7c: 4d:86:5d:1c:85:1a:5f:96:89:18:3e:15:69:b8:07:96:95:7f: 51:8c:c0:b5:d9:d8:03:fa:ef:c6:9e:0f:b7:75:da:d4:79:d3: 59:74:ab:8d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGnIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzNBNzQxMTAvBgNVBAUTKDhFMTFGQ0I0RThCRDYzRDI3Qjg0RUIyRDUyNjcwQ0Ex NzRGOUM0M0MwHhcNMjUwNDI0MTU0NDE2WhcNMjUwNTAxMTU0NDE2WjAYMRYwFAYD VQQDEw02ODBhNWM1MC01Nzc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr+tFrhSMJWJcHXizOxls8toa3C51jKtyThaJh3dhzTZPIPuVQ4g/3CpYlTnS E5LjWkFsU1YQ2BUpE0IyYzLtxwyZwU906eD6QVPalG6c9lYs9aPzqA77TDKlcKnC i7ephaC2gkQKQBor+ncOD4OOO9CgCfbTaQSrUmD1TL4As+m7YQFuckBxxHvfncWX Sq9/YBKUNz1HMWkHlajFJEtFLiBJ9KC7GrQCZoN++zeX92lIpC+h2dNgxRelSxVJ ArH6dtD0J2x93gfeDspOEl1aHj90XBgUm4jgPWOq6QeiciKQt7+K0eHthGsYqf9g BU9jUkhXMrJJstiDD38FrquXgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOZ/380D CtpypI+vxYGJKlfN7S7OMB8GA1UdIwQYMBaAFI4R/LTovWPSe4TrLVJnDKF0+cQ8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDM0E3NC83NTNENzFFRTNB QjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9qaEg4dE9pOVk5SjdoT3N0VW1jTW9YVDV4 RHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2poSDh0T2k5WTlKN2hPc3RVbWNNb1hUNXhEdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD M0E3NC83NTNENzFFRTNBQjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9qaEg4dE9pOVk5 SjdoT3N0VW1jTW9YVDV4RHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBpc8mU26cE2NweFYwGV3UJpIHW0cynw6lF1xBGu0B+RCrg4Nwzz8WH /r/pjoYG4QehsdgOulILiVUyPIRUtDc6z2LZ8cxoKgvfobcflfEzl96Y0DJctcUZ G81C47K0w+OZJ6yldYFfZJEcR4XgIcJXM8DJSLSkgixsiV6Hk9X1WIzy0kWeqqoN vXJWPiheHJVdyqio1h2izEEHfm1Fs3BTmIxY/V2H4Pa20rnzqUHtEZEkSIxLXd8S 0PFJYkHlzLFiLunja4w4hH7XzdwoqvEOyVZDO/2jq3xNhl0chRpflokYPhVpuAeW lX9RjMC12dgD+u/Gng+3ddrUedNZdKuN -----END CERTIFICATE-----Generated at Sat Apr 26 15:08:55 2025 by rpki-client