$ rpki-client -vvf rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.mft File: bxP1UQCfJIptmHQ2AE6FeVFWkns.mft (raw, json) Hash identifier: iYN+Zn6Yqmn90xBX0e98mJYH7glbEOmKOom7qGcsHrg= Subject key identifier: 58:F6:FE:9D:BA:2E:1F:72:E4:03:06:BA:22:71:FB:DC:4A:C1:DB:A2 Authority key identifier: 6F:13:F5:51:00:9F:24:8A:6D:98:74:36:00:4E:85:79:51:56:92:7B Certificate issuer: /CN=A91CAFC4/serialNumber=6F13F551009F248A6D987436004E85795156927B Certificate serial: 08EE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bxP1UQCfJIptmHQ2AE6FeVFWkns.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.mft Manifest number: 08DB Signing time: Thu 24 Apr 2025 20:20:15 +0000 Manifest this update: Thu 24 Apr 2025 20:20:15 +0000 Manifest next update: Thu 01 May 2025 20:20:15 +0000 Files and hashes: 1: bxP1UQCfJIptmHQ2AE6FeVFWkns.crl (hash: BLUyg/Ep2qt2gcxH9cpHow72xKA+Si2vbnFoVftFJE4=) 2: D2039A56AABC11EEA0370F2CC4F9AE02.roa (hash: V5P8MqryTvl9uPbcl4kRoIx/Fd4WpfSFp93LMG/SR30=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.crl rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bxP1UQCfJIptmHQ2AE6FeVFWkns.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:20:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2286 (0x8ee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CAFC4, serialNumber=6F13F551009F248A6D987436004E85795156927B Validity Not Before: Apr 24 20:20:15 2025 GMT Not After : May 1 20:20:15 2025 GMT Subject: CN=680a9cff-0035 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fa:eb:90:42:28:19:23:8b:89:e0:5c:80:43:30: fc:58:c2:6b:60:65:1d:e2:c8:2f:01:15:54:11:92: d6:b6:42:e3:07:b8:40:b6:14:c8:51:0d:a2:74:25: 79:75:ad:74:41:55:9d:b3:6d:7b:26:97:16:57:f8: 1b:e2:37:8f:6c:59:73:35:95:53:c7:5c:3e:e1:03: ae:78:84:55:06:75:65:3e:b3:45:b8:3a:92:50:d4: 58:b5:f3:5c:35:5a:fb:24:3d:17:0e:a7:c0:8b:30: b4:89:52:f9:5b:86:70:3b:c5:c4:8f:30:86:e9:76: 48:17:4a:57:a8:85:a1:82:d8:53:05:db:b0:c2:2a: af:6b:2f:d2:3d:1e:9e:c4:09:04:d8:37:89:fe:6d: ba:c1:0e:11:f0:c0:c1:d4:15:2e:de:04:31:61:ca: 14:36:34:5b:10:a4:96:0e:5c:15:d8:b8:9d:ad:3f: 88:3a:58:16:cf:ab:ae:a5:c3:eb:28:9d:14:7a:f5: 85:5a:39:15:db:f2:82:c5:c0:da:04:b3:9c:b0:0d: 91:4d:ba:fa:bb:af:0e:ac:60:19:1e:d8:c0:ad:0e: a7:09:8c:b9:02:21:4c:37:e5:4e:be:3a:29:a7:0f: 19:04:5e:8d:20:04:65:58:40:be:f1:b8:8e:2d:ce: 0a:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:F6:FE:9D:BA:2E:1F:72:E4:03:06:BA:22:71:FB:DC:4A:C1:DB:A2 X509v3 Authority Key Identifier: keyid:6F:13:F5:51:00:9F:24:8A:6D:98:74:36:00:4E:85:79:51:56:92:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bxP1UQCfJIptmHQ2AE6FeVFWkns.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:71:87:5a:92:b8:66:d9:b9:4a:b2:a4:19:c1:e6:c2:a3:d4: 36:1c:49:e7:dd:41:4a:59:f2:81:f9:bc:a8:53:14:85:ee:f4: 40:0c:7a:67:53:0a:8b:cc:8e:08:1a:df:ef:32:38:71:ba:00: 54:4d:b6:f5:10:24:11:78:44:4c:48:7e:72:c1:7f:ae:49:5a: b3:aa:02:28:be:4e:4f:70:5f:c4:fd:b4:4f:81:64:b4:37:de: b8:90:55:c8:53:54:f5:df:0d:b7:a5:fd:d1:41:62:a8:a0:cc: be:a2:07:74:43:f4:23:28:f5:82:8f:15:db:f7:18:39:b7:81: ee:aa:86:81:f6:0e:4b:bf:3c:e2:b7:88:81:e5:3a:07:8f:23: 87:f6:49:cc:33:db:cb:92:51:e5:2e:5f:db:f9:f7:64:bc:ef: fe:72:cf:07:79:cf:5d:d4:aa:8b:eb:9f:d6:60:49:1d:98:89: c5:f1:43:ea:b9:cf:c2:b8:cb:e2:ac:74:56:99:a3:31:a2:04: eb:9c:59:39:62:07:87:91:e6:6f:4d:3a:50:05:75:37:89:0b: 78:c8:ec:78:f7:b9:b5:0a:a4:2c:67:ba:86:98:f1:39:b6:d7: 1c:32:c9:be:ee:ed:d2:95:5a:2b:a0:41:64:6e:0e:3d:ab:29: ab:cc:16:22 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCO4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0FGQzQxMTAvBgNVBAUTKDZGMTNGNTUxMDA5RjI0OEE2RDk4NzQzNjAwNEU4NTc5 NTE1NjkyN0IwHhcNMjUwNDI0MjAyMDE1WhcNMjUwNTAxMjAyMDE1WjAYMRYwFAYD VQQDEw02ODBhOWNmZi0wMDM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA+uuQQigZI4uJ4FyAQzD8WMJrYGUd4sgvARVUEZLWtkLjB7hAthTIUQ2idCV5 da10QVWds217JpcWV/gb4jePbFlzNZVTx1w+4QOueIRVBnVlPrNFuDqSUNRYtfNc NVr7JD0XDqfAizC0iVL5W4ZwO8XEjzCG6XZIF0pXqIWhgthTBduwwiqvay/SPR6e xAkE2DeJ/m26wQ4R8MDB1BUu3gQxYcoUNjRbEKSWDlwV2LidrT+IOlgWz6uupcPr KJ0UevWFWjkV2/KCxcDaBLOcsA2RTbr6u68OrGAZHtjArQ6nCYy5AiFMN+VOvjop pw8ZBF6NIARlWEC+8biOLc4KFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFj2/p26 Lh9y5AMGuiJx+9xKwduiMB8GA1UdIwQYMBaAFG8T9VEAnySKbZh0NgBOhXlRVpJ7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQUZDNC9CQzYwNjJEQ0FG OEExMUVBODU0MkQ4NUZDNEY5QUUwMi9ieFAxVVFDZkpJcHRtSFEyQUU2RmVWRldr bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2J4UDFVUUNmSklwdG1IUTJBRTZGZVZGV2tucy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QUZDNC9CQzYwNjJEQ0FGOEExMUVBODU0MkQ4NUZDNEY5QUUwMi9ieFAxVVFDZkpJ cHRtSFEyQUU2RmVWRldrbnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBjcYdakrhm2blKsqQZwebCo9Q2HEnn3UFKWfKB+byoUxSF7vRADHpn UwqLzI4IGt/vMjhxugBUTbb1ECQReERMSH5ywX+uSVqzqgIovk5PcF/E/bRPgWS0 N964kFXIU1T13w23pf3RQWKooMy+ogd0Q/QjKPWCjxXb9xg5t4HuqoaB9g5Lvzzi t4iB5ToHjyOH9knMM9vLklHlLl/b+fdkvO/+cs8Hec9d1KqL65/WYEkdmInF8UPq uc/CuMvirHRWmaMxogTrnFk5YgeHkeZvTTpQBXU3iQt4yOx497m1CqQsZ7qGmPE5 ttccMsm+7u3SlVoroEFkbg49qymrzBYi -----END CERTIFICATE-----Generated at Sat Apr 26 16:46:58 2025 by rpki-client