$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8DD5/D5A1A1C612A711E7ADB4DE4DC4F9AE02/1sP4E3joVAB4unmUQu7b7HgOD3s.mft File: 1sP4E3joVAB4unmUQu7b7HgOD3s.mft (raw, json) Hash identifier: Pnf01RHPUFCdyv9bZWMVDT7N1zanNZ7XbMEKC6wpCKc= Subject key identifier: 1A:36:10:32:D8:23:28:CF:C1:D0:3F:F9:CF:F8:68:5B:16:B7:DC:B1 Authority key identifier: D6:C3:F8:13:78:E8:54:00:78:BA:79:94:42:EE:DB:EC:78:0E:0F:7B Certificate issuer: /CN=A91C8DD5/serialNumber=D6C3F81378E8540078BA799442EEDBEC780E0F7B Certificate serial: 1B38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1sP4E3joVAB4unmUQu7b7HgOD3s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C8DD5/D5A1A1C612A711E7ADB4DE4DC4F9AE02/1sP4E3joVAB4unmUQu7b7HgOD3s.mft Manifest number: 1B2F Signing time: Thu 24 Apr 2025 16:17:45 +0000 Manifest this update: Thu 24 Apr 2025 16:17:44 +0000 Manifest next update: Thu 01 May 2025 16:17:44 +0000 Files and hashes: 1: 1sP4E3joVAB4unmUQu7b7HgOD3s.crl (hash: c2kR90vANxLzXDMnG8d30z+ioCjVfnVzqmrOuiw7EOE=) 2: 020A31F812B011E7A7C42661C4F9AE02.roa (hash: N/QKwYU99zSxNpR5M+QspbIb1HfEPDfTD2V5TEy4RLU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C8DD5/D5A1A1C612A711E7ADB4DE4DC4F9AE02/1sP4E3joVAB4unmUQu7b7HgOD3s.crl rsync://rpki.apnic.net/member_repository/A91C8DD5/D5A1A1C612A711E7ADB4DE4DC4F9AE02/1sP4E3joVAB4unmUQu7b7HgOD3s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1sP4E3joVAB4unmUQu7b7HgOD3s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:17:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6968 (0x1b38) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C8DD5, serialNumber=D6C3F81378E8540078BA799442EEDBEC780E0F7B Validity Not Before: Apr 24 16:17:44 2025 GMT Not After : May 1 16:17:44 2025 GMT Subject: CN=680a6428-4ec3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:48:df:9f:63:7d:ff:db:28:1f:07:9b:3a:a6: 3a:f0:d6:2e:ae:2d:a2:cf:5f:9b:7a:08:8e:fb:74: 36:79:49:84:17:4b:e4:63:88:96:eb:0f:42:be:27: c3:ab:8b:c4:3f:92:37:92:99:92:85:0b:9e:14:f5: 9d:8d:bc:cc:fe:b9:f1:91:ed:40:31:61:f8:43:c3: 73:82:5a:19:15:57:70:83:ab:ad:2b:7d:3f:64:d9: 95:76:79:4a:44:fc:8b:42:2b:8f:4e:64:fd:38:05: f3:c7:dd:26:b9:7a:25:d4:6b:bd:8d:25:fd:13:34: b1:3b:9f:1e:fa:8d:d6:ec:6c:d2:02:ac:91:9a:76: 7e:b8:b6:3d:bc:98:55:fb:cb:19:7f:51:da:8c:84: ff:8e:9b:9a:a5:02:ee:53:4f:3f:71:a3:e1:65:4c: 88:27:02:ca:b2:e2:34:66:56:e7:cb:eb:db:73:71: c8:1c:6c:e7:53:c4:d3:8b:aa:56:db:0b:e6:75:6e: c0:c8:46:ad:dc:2f:2d:2e:13:81:c2:67:04:df:e3: c8:4c:70:58:d5:cc:00:2f:23:91:0b:a1:eb:c5:45: 9a:7e:8e:36:8f:2b:be:db:17:ae:85:83:26:dc:d6: c2:69:93:44:5c:70:ab:f9:fe:24:5c:7f:41:4c:ad: 68:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:36:10:32:D8:23:28:CF:C1:D0:3F:F9:CF:F8:68:5B:16:B7:DC:B1 X509v3 Authority Key Identifier: keyid:D6:C3:F8:13:78:E8:54:00:78:BA:79:94:42:EE:DB:EC:78:0E:0F:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C8DD5/D5A1A1C612A711E7ADB4DE4DC4F9AE02/1sP4E3joVAB4unmUQu7b7HgOD3s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1sP4E3joVAB4unmUQu7b7HgOD3s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8DD5/D5A1A1C612A711E7ADB4DE4DC4F9AE02/1sP4E3joVAB4unmUQu7b7HgOD3s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:28:57:61:8b:e2:77:77:23:04:9f:cf:91:4e:08:e9:0c:29: 89:01:7b:de:ca:6a:bd:7c:76:0e:70:57:30:f5:84:98:eb:93: 23:2b:ff:05:08:54:3d:28:2e:e5:14:a6:d3:14:40:47:33:30: 68:f8:54:09:08:2e:bd:1b:35:a9:3a:7b:bf:10:15:70:48:bc: 09:0d:fb:5d:2a:ac:86:8e:66:0a:bf:cb:94:17:32:3f:fe:ca: 48:c4:29:f6:60:3f:47:cd:a4:2a:06:28:7b:72:f3:5f:6f:cc: 85:58:40:9b:cb:53:65:f1:e1:52:8f:70:52:68:9c:31:c1:8f: f8:2b:41:64:5d:8e:7e:02:52:25:8a:c5:b8:10:70:87:2c:45: 93:b0:2f:7c:f4:63:de:53:22:86:04:19:02:cb:47:d5:0a:19: f6:dd:12:ea:e2:ec:81:1e:dc:a5:a7:e8:63:46:44:6c:e7:6e: 58:8c:04:9f:bb:f9:7b:92:5f:77:6d:8a:fe:aa:ab:5c:6e:44: 9d:b3:f4:e9:03:7a:5a:67:c9:ab:24:24:fb:bb:b5:6d:96:ea: cb:cc:ba:11:d4:59:b9:d4:94:6c:6c:1c:16:24:d8:5e:1f:e6: a5:dc:5d:cc:e5:e2:89:17:6c:9a:2e:9a:3c:d7:0a:4c:60:0c: b2:7e:3b:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGzgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzhERDUxMTAvBgNVBAUTKEQ2QzNGODEzNzhFODU0MDA3OEJBNzk5NDQyRUVEQkVD NzgwRTBGN0IwHhcNMjUwNDI0MTYxNzQ0WhcNMjUwNTAxMTYxNzQ0WjAYMRYwFAYD VQQDEw02ODBhNjQyOC00ZWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA10jfn2N9/9soHwebOqY68NYuri2iz1+begiO+3Q2eUmEF0vkY4iW6w9CvifD q4vEP5I3kpmShQueFPWdjbzM/rnxke1AMWH4Q8NzgloZFVdwg6utK30/ZNmVdnlK RPyLQiuPTmT9OAXzx90muXol1Gu9jSX9EzSxO58e+o3W7GzSAqyRmnZ+uLY9vJhV +8sZf1HajIT/jpuapQLuU08/caPhZUyIJwLKsuI0Zlbny+vbc3HIHGznU8TTi6pW 2wvmdW7AyEat3C8tLhOBwmcE3+PITHBY1cwALyORC6HrxUWafo42jyu+2xeuhYMm 3NbCaZNEXHCr+f4kXH9BTK1oPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBo2EDLY IyjPwdA/+c/4aFsWt9yxMB8GA1UdIwQYMBaAFNbD+BN46FQAeLp5lELu2+x4Dg97 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOERENS9ENUExQTFDNjEy QTcxMUU3QURCNERFNERDNEY5QUUwMi8xc1A0RTNqb1ZBQjR1bm1VUXU3YjdIZ09E M3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFzUDRFM2pvVkFCNHVubVVRdTdiN0hnT0Qzcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OERENS9ENUExQTFDNjEyQTcxMUU3QURCNERFNERDNEY5QUUwMi8xc1A0RTNqb1ZB QjR1bm1VUXU3YjdIZ09EM3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB0KFdhi+J3dyMEn8+RTgjpDCmJAXveymq9fHYOcFcw9YSY65MjK/8F CFQ9KC7lFKbTFEBHMzBo+FQJCC69GzWpOnu/EBVwSLwJDftdKqyGjmYKv8uUFzI/ /spIxCn2YD9HzaQqBih7cvNfb8yFWECby1Nl8eFSj3BSaJwxwY/4K0FkXY5+AlIl isW4EHCHLEWTsC989GPeUyKGBBkCy0fVChn23RLq4uyBHtylp+hjRkRs525YjASf u/l7kl93bYr+qqtcbkSds/TpA3paZ8mrJCT7u7VtlurLzLoR1Fm51JRsbBwWJNhe H+al3F3M5eKJF2yaLpo81wpMYAyyfjsk -----END CERTIFICATE-----Generated at Sat Apr 26 16:40:37 2025 by rpki-client