$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.mft File: B7Y7XcFse0rper0AhqMVbV10Rlk.mft (raw, json) Hash identifier: g+UROq6GnPiut7gjC2hIHE7ukJD8DoA6RFAjJWCnaIE= Subject key identifier: B6:06:90:2B:20:3C:C3:3A:06:60:86:D9:BA:47:0C:30:8F:3B:12:C1 Authority key identifier: 07:B6:3B:5D:C1:6C:7B:4A:E9:7A:BD:00:86:A3:15:6D:5D:74:46:59 Certificate issuer: /CN=A91C6E49/serialNumber=07B63B5DC16C7B4AE97ABD0086A3156D5D744659 Certificate serial: 01DB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B7Y7XcFse0rper0AhqMVbV10Rlk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.mft Manifest number: 01D7 Signing time: Fri 25 Apr 2025 01:58:22 +0000 Manifest this update: Fri 25 Apr 2025 01:58:21 +0000 Manifest next update: Fri 02 May 2025 01:58:21 +0000 Files and hashes: 1: B7Y7XcFse0rper0AhqMVbV10Rlk.crl (hash: ++rT/u84hOSTr9yJbOj19Cs7d9xnqwir+LqY6q8Dppw=) 2: 98FD8A0E538411ED8D781C7CC4F9AE02.roa (hash: lJnZtZDQNzdO0qp1p8vNJySg5lDyaZrljj6ja2HApOA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.crl rsync://rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B7Y7XcFse0rper0AhqMVbV10Rlk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:58:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 475 (0x1db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C6E49, serialNumber=07B63B5DC16C7B4AE97ABD0086A3156D5D744659 Validity Not Before: Apr 25 01:58:21 2025 GMT Not After : May 2 01:58:21 2025 GMT Subject: CN=680aec3d-1e8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:21:57:cd:35:e5:fc:95:be:84:30:83:c9:a1: 23:4c:87:3d:a9:93:03:f3:f1:cb:0f:f7:09:3f:5d: 83:b4:dd:45:8d:9e:87:1b:1d:e5:7d:32:a8:da:39: de:f7:3c:4d:6e:02:d6:8e:05:0a:91:65:4e:a8:5f: b3:df:bf:20:2d:4d:84:03:f4:d8:45:2f:57:3f:e5: d7:04:c1:d4:ab:f5:9c:5e:4c:1a:70:aa:32:e0:3c: 96:74:bf:28:ec:4c:a8:89:79:56:02:2b:ea:0e:94: 02:ac:9b:3a:6d:d4:cb:2a:dc:b3:a0:0f:50:3c:ef: be:10:a3:0b:f7:6f:f8:05:90:1f:08:ec:f7:14:fb: fe:f3:d4:15:83:fd:b7:ec:d4:b5:21:52:40:5b:93: c2:61:ce:0e:25:20:dc:68:2c:2a:9c:0c:8d:cb:f6: 9b:a1:18:d6:48:7b:72:93:1e:b7:a8:77:0a:cd:b5: ef:a3:cd:22:e7:26:b4:c4:07:64:8c:0f:42:74:d5: de:53:51:66:a8:30:47:0b:e4:12:be:97:26:25:e8: 34:53:f1:55:f7:f8:09:c4:93:b9:27:b5:ff:11:ef: ff:4f:b6:be:bf:91:09:6d:71:c4:a7:26:48:b2:2e: d5:5a:bb:54:ad:ac:3c:04:59:8b:fa:e5:15:99:b1: 26:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:06:90:2B:20:3C:C3:3A:06:60:86:D9:BA:47:0C:30:8F:3B:12:C1 X509v3 Authority Key Identifier: keyid:07:B6:3B:5D:C1:6C:7B:4A:E9:7A:BD:00:86:A3:15:6D:5D:74:46:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B7Y7XcFse0rper0AhqMVbV10Rlk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:b0:b5:5d:13:07:8c:16:21:84:27:37:4c:73:c0:d1:f2:e5: 2b:31:6d:d6:35:bc:09:c4:47:bd:28:44:f7:63:25:0c:06:16: 77:b5:6f:73:2d:f4:87:8e:ed:12:4b:ba:9b:42:00:be:aa:78: 7e:12:f9:9e:ba:3d:92:3b:f4:a1:cf:d8:6a:c2:a5:99:b2:1e: 76:94:ad:f8:14:5e:83:5d:f6:6a:34:50:f2:16:25:66:52:f3: 42:1e:e1:1b:07:04:a4:6e:cf:bf:99:ef:eb:a5:d1:ce:33:7d: bc:84:d3:4a:a7:9e:ec:eb:b3:d5:95:f6:65:14:87:c4:39:75: 41:f0:d3:81:67:27:60:a9:8f:e9:e0:42:95:20:88:b2:e4:27: 07:72:78:b7:8e:1f:3a:67:05:76:b7:04:90:21:99:3d:ec:32: 32:be:2b:d0:9d:8c:11:db:4b:73:03:d2:46:74:33:36:d0:1d: 77:9a:07:bb:68:3e:a8:14:84:8d:84:d0:d7:49:99:18:ed:95: 49:5c:88:57:9c:1b:6c:29:ea:e7:f8:cd:7b:ec:a5:a7:95:4f: 9c:fe:e9:be:67:48:00:72:ca:9a:bb:dc:66:f0:4b:04:c4:4c: d9:be:da:4a:54:74:8f:d4:09:e4:a6:13:75:fc:23:77:c9:57: d0:a0:7d:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzZFNDkxMTAvBgNVBAUTKDA3QjYzQjVEQzE2QzdCNEFFOTdBQkQwMDg2QTMxNTZE NUQ3NDQ2NTkwHhcNMjUwNDI1MDE1ODIxWhcNMjUwNTAyMDE1ODIxWjAYMRYwFAYD VQQDEw02ODBhZWMzZC0xZThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuyFXzTXl/JW+hDCDyaEjTIc9qZMD8/HLD/cJP12DtN1FjZ6HGx3lfTKo2jne 9zxNbgLWjgUKkWVOqF+z378gLU2EA/TYRS9XP+XXBMHUq/WcXkwacKoy4DyWdL8o 7EyoiXlWAivqDpQCrJs6bdTLKtyzoA9QPO++EKML92/4BZAfCOz3FPv+89QVg/23 7NS1IVJAW5PCYc4OJSDcaCwqnAyNy/aboRjWSHtykx63qHcKzbXvo80i5ya0xAdk jA9CdNXeU1FmqDBHC+QSvpcmJeg0U/FV9/gJxJO5J7X/Ee//T7a+v5EJbXHEpyZI si7VWrtUraw8BFmL+uUVmbEmPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLYGkCsg PMM6BmCG2bpHDDCPOxLBMB8GA1UdIwQYMBaAFAe2O13BbHtK6Xq9AIajFW1ddEZZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkU0OS9CMzNBQTdBNjUz ODExMUVEOEFBOThGNzdDNEY5QUUwMi9CN1k3WGNGc2UwcnBlcjBBaHFNVmJWMTBS bGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0I3WTdYY0ZzZTBycGVyMEFocU1WYlYxMFJsay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NkU0OS9CMzNBQTdBNjUzODExMUVEOEFBOThGNzdDNEY5QUUwMi9CN1k3WGNGc2Uw cnBlcjBBaHFNVmJWMTBSbGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBysLVdEweMFiGEJzdMc8DR8uUrMW3WNbwJxEe9KET3YyUMBhZ3tW9z LfSHju0SS7qbQgC+qnh+Evmeuj2SO/Shz9hqwqWZsh52lK34FF6DXfZqNFDyFiVm UvNCHuEbBwSkbs+/me/rpdHOM328hNNKp57s67PVlfZlFIfEOXVB8NOBZydgqY/p 4EKVIIiy5CcHcni3jh86ZwV2twSQIZk97DIyvivQnYwR20tzA9JGdDM20B13mge7 aD6oFISNhNDXSZkY7ZVJXIhXnBtsKern+M177KWnlU+c/um+Z0gAcsqau9xm8EsE xEzZvtpKVHSP1AnkphN1/CN3yVfQoH1E -----END CERTIFICATE-----Generated at Sat Apr 26 16:46:21 2025 by rpki-client