$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9324/22BF8D32E02F11ED95153D31C4F9AE02/cPEzmWaoGrwgfjvuM3CR2fLzydc.mft File: cPEzmWaoGrwgfjvuM3CR2fLzydc.mft (raw, json) Hash identifier: b1z8zr+oY0WO5R7H+w6P6EjYxd7edsIrYLZr4XN8zEs= Subject key identifier: 0B:60:64:BB:4F:50:66:06:3B:2E:AC:9E:A7:A3:BA:3E:BF:D4:92:BF Authority key identifier: 70:F1:33:99:66:A8:1A:BC:20:7E:3B:EE:33:70:91:D9:F2:F3:C9:D7 Certificate issuer: /CN=A91C9324/serialNumber=70F1339966A81ABC207E3BEE337091D9F2F3C9D7 Certificate serial: 017A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cPEzmWaoGrwgfjvuM3CR2fLzydc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9324/22BF8D32E02F11ED95153D31C4F9AE02/cPEzmWaoGrwgfjvuM3CR2fLzydc.mft Manifest number: 017A Signing time: Fri 25 Apr 2025 01:00:08 +0000 Manifest this update: Fri 25 Apr 2025 01:00:07 +0000 Manifest next update: Fri 02 May 2025 01:00:07 +0000 Files and hashes: 1: cPEzmWaoGrwgfjvuM3CR2fLzydc.crl (hash: 2qjjVD2fdoDuAqbbz+cnVsVipzmGO6NztuvJlCzt1ig=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9324/22BF8D32E02F11ED95153D31C4F9AE02/cPEzmWaoGrwgfjvuM3CR2fLzydc.crl rsync://rpki.apnic.net/member_repository/A91C9324/22BF8D32E02F11ED95153D31C4F9AE02/cPEzmWaoGrwgfjvuM3CR2fLzydc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cPEzmWaoGrwgfjvuM3CR2fLzydc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:00:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 378 (0x17a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9324, serialNumber=70F1339966A81ABC207E3BEE337091D9F2F3C9D7 Validity Not Before: Apr 25 01:00:07 2025 GMT Not After : May 2 01:00:07 2025 GMT Subject: CN=680ade98-180f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:7a:9c:c7:8a:df:f7:74:f0:9f:1e:fe:8a:f6: c7:66:aa:18:2e:a2:13:05:05:68:2c:b3:ec:0a:91: 7b:e3:ed:57:7c:05:53:00:01:c6:14:a3:7f:6c:e5: ef:5d:de:21:4d:a0:72:fd:29:61:3c:e9:e2:50:f1: d3:fe:9c:1b:d9:1f:cc:df:0b:c6:f8:f2:c2:66:24: 2f:c3:04:5f:e6:37:25:3f:73:5d:11:18:e5:5d:a1: 64:8b:12:7e:01:22:64:a1:60:e8:64:4f:bf:cf:7d: db:cf:09:11:91:3c:94:6e:ab:85:5a:58:86:9e:73: 20:39:88:88:ac:53:d0:e9:62:8f:6e:42:b2:8f:bf: 0c:86:de:06:5a:f5:a5:87:3a:e0:ac:6f:c7:67:8e: 04:8d:0b:8b:1b:c0:fc:ef:ec:d8:3d:e2:94:ce:1b: 64:89:3e:f1:f1:93:b3:1a:29:9c:53:4f:2e:a8:90: 47:c3:33:ee:70:64:a6:b6:b3:fc:31:d0:f4:c1:71: ac:fd:30:1e:c1:30:c9:71:43:06:30:e7:33:8f:47: ef:fd:cf:fa:da:e6:28:ea:0f:22:5e:aa:39:d8:91: 4b:99:48:4d:34:c0:2c:ab:5c:71:6b:0e:e4:6f:a0: d0:67:7b:49:fe:8b:3c:1d:43:24:50:99:24:c1:5f: 4e:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:60:64:BB:4F:50:66:06:3B:2E:AC:9E:A7:A3:BA:3E:BF:D4:92:BF X509v3 Authority Key Identifier: keyid:70:F1:33:99:66:A8:1A:BC:20:7E:3B:EE:33:70:91:D9:F2:F3:C9:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9324/22BF8D32E02F11ED95153D31C4F9AE02/cPEzmWaoGrwgfjvuM3CR2fLzydc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cPEzmWaoGrwgfjvuM3CR2fLzydc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9324/22BF8D32E02F11ED95153D31C4F9AE02/cPEzmWaoGrwgfjvuM3CR2fLzydc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b4:98:eb:e8:e2:5e:0f:69:6c:d9:0f:58:fc:5c:68:e4:7a:6b: 82:8d:98:53:7d:3a:ed:72:34:dc:32:bb:3f:4c:65:7f:5c:27: 77:49:36:ad:22:d0:60:fd:fe:dd:ec:55:64:92:49:5e:d0:76: a3:7b:59:31:31:0d:88:4c:40:fc:7b:ea:e0:53:62:7c:60:ea: d9:eb:2d:ad:e5:cf:9d:8b:cb:db:7f:49:58:6a:fa:7e:1a:01: 36:89:45:f1:6b:19:ee:5c:7b:5d:8e:8e:ca:87:06:0d:23:b0: cc:02:d0:97:34:b5:23:f3:8e:4c:71:10:86:34:58:88:41:8e: a7:df:11:63:a7:13:bf:15:15:6f:fb:b2:87:e3:4b:85:2f:22: 63:a4:50:41:24:fe:65:b7:57:df:13:8d:3c:de:10:64:c7:e2: 6d:bc:ea:f2:ae:35:5e:e9:28:f0:e5:70:e3:85:3a:f5:13:cc: 90:9e:1f:c2:cd:6e:fd:9c:b1:9b:c2:82:a2:60:c3:08:b6:06: 04:6c:d5:da:91:79:22:ab:97:2c:99:9d:7b:fa:cd:22:7e:69: 97:07:00:f9:43:14:79:10:bd:3b:57:83:2f:ae:34:51:99:db: 87:91:3d:53:68:43:69:b7:0b:b7:f6:df:0d:11:93:b5:b7:25: b5:a8:ba:1e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzkzMjQxMTAvBgNVBAUTKDcwRjEzMzk5NjZBODFBQkMyMDdFM0JFRTMzNzA5MUQ5 RjJGM0M5RDcwHhcNMjUwNDI1MDEwMDA3WhcNMjUwNTAyMDEwMDA3WjAYMRYwFAYD VQQDEw02ODBhZGU5OC0xODBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1Hqcx4rf93Twnx7+ivbHZqoYLqITBQVoLLPsCpF74+1XfAVTAAHGFKN/bOXv Xd4hTaBy/SlhPOniUPHT/pwb2R/M3wvG+PLCZiQvwwRf5jclP3NdERjlXaFkixJ+ ASJkoWDoZE+/z33bzwkRkTyUbquFWliGnnMgOYiIrFPQ6WKPbkKyj78Mht4GWvWl hzrgrG/HZ44EjQuLG8D87+zYPeKUzhtkiT7x8ZOzGimcU08uqJBHwzPucGSmtrP8 MdD0wXGs/TAewTDJcUMGMOczj0fv/c/62uYo6g8iXqo52JFLmUhNNMAsq1xxaw7k b6DQZ3tJ/os8HUMkUJkkwV9OPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAtgZLtP UGYGOy6snqejuj6/1JK/MB8GA1UdIwQYMBaAFHDxM5lmqBq8IH477jNwkdny88nX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTMyNC8yMkJGOEQzMkUw MkYxMUVEOTUxNTNEMzFDNEY5QUUwMi9jUEV6bVdhb0dyd2dmanZ1TTNDUjJmTHp5 ZGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2NQRXptV2FvR3J3Z2ZqdnVNM0NSMmZMenlkYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OTMyNC8yMkJGOEQzMkUwMkYxMUVEOTUxNTNEMzFDNEY5QUUwMi9jUEV6bVdhb0dy d2dmanZ1TTNDUjJmTHp5ZGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC0mOvo4l4PaWzZD1j8XGjkemuCjZhTfTrtcjTcMrs/TGV/XCd3STat ItBg/f7d7FVkkkle0Haje1kxMQ2ITED8e+rgU2J8YOrZ6y2t5c+di8vbf0lYavp+ GgE2iUXxaxnuXHtdjo7KhwYNI7DMAtCXNLUj845McRCGNFiIQY6n3xFjpxO/FRVv +7KH40uFLyJjpFBBJP5lt1ffE4083hBkx+JtvOryrjVe6Sjw5XDjhTr1E8yQnh/C zW79nLGbwoKiYMMItgYEbNXakXkiq5csmZ17+s0ifmmXBwD5QxR5EL07V4MvrjRR mduHkT1TaENptwu39t8NEZO1tyW1qLoe -----END CERTIFICATE-----Generated at Sat Apr 26 14:02:11 2025 by rpki-client