$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.mft File: PdCVvno70d2CniomSfx-gafv40w.mft (raw, json) Hash identifier: Z7Oo4fWWU/wzt6Pty5J67qBh4j24xqnyswOxwd3HbJg= Subject key identifier: 68:96:D3:69:2C:5F:6E:A6:C5:0C:A3:20:CB:6B:A1:FC:70:48:EF:6E Authority key identifier: 3D:D0:95:BE:7A:3B:D1:DD:82:9E:2A:26:49:FC:7E:81:A7:EF:E3:4C Certificate issuer: /CN=A91C8307/serialNumber=3DD095BE7A3BD1DD829E2A2649FC7E81A7EFE34C Certificate serial: 44 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PdCVvno70d2CniomSfx-gafv40w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.mft Manifest number: 43 Signing time: Fri 25 Apr 2025 06:26:13 +0000 Manifest this update: Fri 25 Apr 2025 06:26:13 +0000 Manifest next update: Fri 02 May 2025 06:26:13 +0000 Files and hashes: 1: PdCVvno70d2CniomSfx-gafv40w.crl (hash: VezizKb1IeraIxr1h/TrvIs/2R3KzhbeGVSgZOEVdzQ=) 2: DEDB3932BED411EF835BB47AC4F9AE02.roa (hash: O2sa7pTiQKdOhkw1Yh9cM+13JLJmRbo0IeSALJBybOk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.crl rsync://rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PdCVvno70d2CniomSfx-gafv40w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:26:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68 (0x44) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C8307, serialNumber=3DD095BE7A3BD1DD829E2A2649FC7E81A7EFE34C Validity Not Before: Apr 25 06:26:13 2025 GMT Not After : May 2 06:26:13 2025 GMT Subject: CN=680b2b05-dc1c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:d4:25:1b:f7:81:1a:63:bf:b9:bf:87:3d:85: 93:e7:da:f5:ba:8b:68:e5:85:e8:6a:ca:b5:87:a9: 1a:83:65:03:b5:a1:8d:92:cb:48:c5:ed:c7:22:1e: 5a:99:df:6a:e3:a7:39:c2:eb:fd:53:d8:eb:2c:03: 3d:f1:8f:60:d3:b7:2f:33:fa:85:79:67:c5:7e:e1: 75:e4:16:6b:a9:95:18:a7:3a:b5:4c:76:e3:aa:d5: cc:e2:58:f9:42:63:69:70:df:cc:3a:87:ee:e6:95: 37:a1:43:a0:02:49:e6:2b:1e:75:41:2e:2a:06:37: c5:b1:43:89:41:b9:ba:d4:c6:1c:f5:a9:3e:7b:50: 70:52:d9:b8:87:31:15:e9:99:84:41:d9:13:79:bd: 34:b6:df:06:ce:06:f8:a0:43:05:09:06:7a:e3:bc: c3:25:81:11:6e:4d:d2:f1:63:47:54:dc:1b:a6:35: 09:c1:31:9d:71:63:15:4b:1b:2c:84:5a:99:3f:43: 73:07:0b:92:da:3b:d4:a6:47:81:76:52:21:8e:9b: b1:4b:e7:c1:3f:19:5f:f0:f7:05:0c:15:af:40:d9: e1:7c:f4:26:ec:f1:45:f7:7a:3c:2e:cf:54:b4:63: e2:a5:be:6d:79:a7:87:4a:90:5e:3c:53:86:8a:87: 83:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:96:D3:69:2C:5F:6E:A6:C5:0C:A3:20:CB:6B:A1:FC:70:48:EF:6E X509v3 Authority Key Identifier: keyid:3D:D0:95:BE:7A:3B:D1:DD:82:9E:2A:26:49:FC:7E:81:A7:EF:E3:4C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PdCVvno70d2CniomSfx-gafv40w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:05:b1:64:5a:c0:7e:95:a0:20:4e:21:a2:97:1e:ec:49:72: a6:d7:c0:09:a6:36:bf:bc:8c:c4:bd:39:2c:1a:22:c8:78:3e: 5e:0e:f3:5a:90:1f:8e:39:b9:f6:55:1e:cb:8f:fe:df:ff:ab: 97:c6:54:1d:73:cf:8e:c7:5d:38:86:eb:4f:ac:1e:54:34:f1: 71:ff:df:d9:1a:6a:8d:be:8e:cf:b6:d2:38:c2:89:38:06:4c: f9:09:9d:3a:11:46:e7:95:b6:f2:81:23:05:0a:58:d5:db:d8: 75:b3:46:db:41:23:43:a1:0f:1e:40:0d:d0:d9:e1:1d:e5:9e: b1:97:4d:29:f2:ef:e9:b3:b0:21:a4:4c:42:a9:07:ee:95:88: 2a:13:4e:1d:e8:17:90:0c:83:8f:80:4c:18:61:a7:c0:ca:aa: 5f:56:e7:3d:2f:bc:14:26:13:34:9f:95:f8:14:c6:15:49:14: dc:89:ef:91:db:a5:5e:85:d4:57:e4:01:c9:85:14:90:2f:68: 73:8b:39:25:be:b3:36:45:7c:69:72:aa:41:a2:68:79:fb:e3: dd:3a:38:60:4a:96:9b:84:f5:4c:b9:c2:40:33:17:8d:04:89: 80:89:61:9b:32:82:ff:5e:9c:4d:c9:4e:c4:3c:dc:29:a8:4f: 25:cc:85:95 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBRDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD ODMwNzExMC8GA1UEBRMoM0REMDk1QkU3QTNCRDFERDgyOUUyQTI2NDlGQzdFODFB N0VGRTM0QzAeFw0yNTA0MjUwNjI2MTNaFw0yNTA1MDIwNjI2MTNaMBgxFjAUBgNV BAMTDTY4MGIyYjA1LWRjMWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC51CUb94EaY7+5v4c9hZPn2vW6i2jlhehqyrWHqRqDZQO1oY2Sy0jF7cciHlqZ 32rjpznC6/1T2OssAz3xj2DTty8z+oV5Z8V+4XXkFmuplRinOrVMduOq1cziWPlC Y2lw38w6h+7mlTehQ6ACSeYrHnVBLioGN8WxQ4lBubrUxhz1qT57UHBS2biHMRXp mYRB2RN5vTS23wbOBvigQwUJBnrjvMMlgRFuTdLxY0dU3BumNQnBMZ1xYxVLGyyE Wpk/Q3MHC5LaO9SmR4F2UiGOm7FL58E/GV/w9wUMFa9A2eF89Cbs8UX3ejwuz1S0 Y+Klvm15p4dKkF48U4aKh4ORAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUaJbTaSxf bqbFDKMgy2uh/HBI724wHwYDVR0jBBgwFoAUPdCVvno70d2CniomSfx+gafv40ww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM4MzA3LzM0MzJGNjBDQkVD RDExRUY5OEM3NDEzMkM0RjlBRTAyL1BkQ1Z2bm83MGQyQ25pb21TZngtZ2FmdjQw dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUGRDVnZubzcwZDJDbmlvbVNmeC1nYWZ2NDB3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM4 MzA3LzM0MzJGNjBDQkVDRDExRUY5OEM3NDEzMkM0RjlBRTAyL1BkQ1Z2bm83MGQy Q25pb21TZngtZ2FmdjQwdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIsFsWRawH6VoCBOIaKXHuxJcqbXwAmmNr+8jMS9OSwaIsh4Pl4O81qQ H445ufZVHsuP/t//q5fGVB1zz47HXTiG60+sHlQ08XH/39kaao2+js+20jjCiTgG TPkJnToRRueVtvKBIwUKWNXb2HWzRttBI0OhDx5ADdDZ4R3lnrGXTSny7+mzsCGk TEKpB+6ViCoTTh3oF5AMg4+ATBhhp8DKql9W5z0vvBQmEzSflfgUxhVJFNyJ75Hb pV6F1FfkAcmFFJAvaHOLOSW+szZFfGlyqkGiaHn74906OGBKlpuE9Uy5wkAzF40E iYCJYZsygv9enE3JTsQ83CmoTyXMhZU= -----END CERTIFICATE-----Generated at Sat Apr 26 13:36:11 2025 by rpki-client