$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB8A3/96650F38FD1711EC82898365C4F9AE02/L8Qw8eIVy9fgjyZDiDcDUALeMak.mft File: L8Qw8eIVy9fgjyZDiDcDUALeMak.mft (raw, json) Hash identifier: Pm5DMhEVb16VhYPDDxUfipDPR5ZtBg2pAPrGtENCEwk= Subject key identifier: B1:9D:DB:5F:77:07:3E:D9:57:AE:85:E6:65:B1:54:9E:42:FA:36:63 Authority key identifier: 2F:C4:30:F1:E2:15:CB:D7:E0:8F:26:43:88:37:03:50:02:DE:31:A9 Certificate issuer: /CN=A91CB8A3/serialNumber=2FC430F1E215CBD7E08F26438837035002DE31A9 Certificate serial: 0293 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L8Qw8eIVy9fgjyZDiDcDUALeMak.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB8A3/96650F38FD1711EC82898365C4F9AE02/L8Qw8eIVy9fgjyZDiDcDUALeMak.mft Manifest number: 0290 Signing time: Fri 25 Apr 2025 01:19:09 +0000 Manifest this update: Fri 25 Apr 2025 01:19:09 +0000 Manifest next update: Fri 02 May 2025 01:19:09 +0000 Files and hashes: 1: L8Qw8eIVy9fgjyZDiDcDUALeMak.crl (hash: gN5ocmEbQTa75/cypUKovIP7ZWFTEE/ZZLlm9xpe3m8=) 2: D2E9BA7EFD1911EC9E748466C4F9AE02.roa (hash: 3mXWOSXoGGGoIw3Jc45rTgdUlsOtzRtgn3W5YkMOraE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB8A3/96650F38FD1711EC82898365C4F9AE02/L8Qw8eIVy9fgjyZDiDcDUALeMak.crl rsync://rpki.apnic.net/member_repository/A91CB8A3/96650F38FD1711EC82898365C4F9AE02/L8Qw8eIVy9fgjyZDiDcDUALeMak.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L8Qw8eIVy9fgjyZDiDcDUALeMak.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:19:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 659 (0x293) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB8A3, serialNumber=2FC430F1E215CBD7E08F26438837035002DE31A9 Validity Not Before: Apr 25 01:19:09 2025 GMT Not After : May 2 01:19:09 2025 GMT Subject: CN=680ae30d-c446 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:a4:53:e0:45:47:f4:d2:6b:16:87:66:ed:ba: 6b:6a:0c:fa:19:d4:19:00:1f:01:59:b7:b1:f5:01: c0:5c:8e:e2:9c:7e:66:b9:79:03:65:95:f4:73:e7: 74:25:4c:0c:ef:5b:52:22:55:af:cb:9b:14:7e:06: d4:25:73:7c:d6:e4:4e:84:f3:2d:f0:f5:a0:7c:da: 6e:f1:cf:bd:28:63:fe:5a:57:78:83:95:b5:64:f5: 54:81:38:3c:7e:1d:c1:b8:63:f9:a8:73:32:3b:ef: 76:f8:56:24:75:ef:54:20:0e:6b:0f:7b:59:6e:1d: ed:00:c6:88:cb:9e:37:ca:55:2e:c3:8e:10:61:87: 15:99:38:5b:51:fc:2d:7c:57:04:8d:05:da:f6:de: b1:6c:e3:63:79:0a:29:e6:9c:16:80:64:40:36:31: 07:d6:56:30:61:25:c1:43:31:12:dc:e7:af:3b:c7: 99:ca:c7:98:6f:a8:4e:24:2e:9d:ed:08:49:15:57: 4d:b5:1c:80:5d:19:d4:df:89:0f:ef:ea:bc:32:d1: ff:43:ac:23:f8:f8:32:c2:d5:a6:d5:29:08:33:8d: 37:96:39:ed:92:28:bb:be:eb:ca:03:c4:fb:59:14: c2:6b:78:3d:ea:87:18:5b:6a:a4:0c:98:60:a6:33: 01:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:9D:DB:5F:77:07:3E:D9:57:AE:85:E6:65:B1:54:9E:42:FA:36:63 X509v3 Authority Key Identifier: keyid:2F:C4:30:F1:E2:15:CB:D7:E0:8F:26:43:88:37:03:50:02:DE:31:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB8A3/96650F38FD1711EC82898365C4F9AE02/L8Qw8eIVy9fgjyZDiDcDUALeMak.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L8Qw8eIVy9fgjyZDiDcDUALeMak.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB8A3/96650F38FD1711EC82898365C4F9AE02/L8Qw8eIVy9fgjyZDiDcDUALeMak.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:e1:90:06:23:f7:62:83:b7:0a:4c:05:28:ca:f9:cf:4d:1a: 1d:3a:ea:12:67:4d:be:64:08:40:94:92:57:a0:b2:e6:15:59: 69:57:50:57:77:fa:19:0f:12:fb:cb:cd:cd:c8:52:76:ff:f7: 7e:56:46:37:41:77:af:0d:30:0c:61:48:56:a5:28:f7:4c:ef: 24:ce:a6:48:39:e6:4c:38:8f:a7:0c:67:3e:c0:75:bc:d1:56: b9:6c:c6:6f:88:bc:d7:16:06:78:f9:a5:3f:16:39:12:d8:39: 07:6b:22:9f:a5:d7:26:92:81:20:24:c3:45:93:3e:90:89:95: fe:a9:fd:ea:10:c1:85:9c:d5:8a:dd:c5:3a:44:e0:de:ca:21: 92:db:5a:84:7e:b7:76:85:a2:2d:18:0e:c5:b1:e8:c5:68:f6: b8:2b:0d:59:a9:20:c2:76:ce:be:e3:60:97:0d:98:60:d3:59: 58:a6:a1:59:25:05:63:19:a7:45:91:51:eb:fc:de:a7:71:3b: 9d:68:28:cb:61:5c:bd:de:3a:75:52:aa:2a:44:a6:54:f5:ae: 12:c3:d1:5f:cc:04:2c:26:d5:76:68:1f:35:f6:75:26:d9:06: cc:38:44:34:6b:e8:d4:73:99:5a:17:9d:9b:a5:b2:e5:da:cb: 5d:47:fd:8e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICApMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0I4QTMxMTAvBgNVBAUTKDJGQzQzMEYxRTIxNUNCRDdFMDhGMjY0Mzg4MzcwMzUw MDJERTMxQTkwHhcNMjUwNDI1MDExOTA5WhcNMjUwNTAyMDExOTA5WjAYMRYwFAYD VQQDEw02ODBhZTMwZC1jNDQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqaRT4EVH9NJrFodm7bpragz6GdQZAB8BWbex9QHAXI7inH5muXkDZZX0c+d0 JUwM71tSIlWvy5sUfgbUJXN81uROhPMt8PWgfNpu8c+9KGP+Wld4g5W1ZPVUgTg8 fh3BuGP5qHMyO+92+FYkde9UIA5rD3tZbh3tAMaIy543ylUuw44QYYcVmThbUfwt fFcEjQXa9t6xbONjeQop5pwWgGRANjEH1lYwYSXBQzES3OevO8eZyseYb6hOJC6d 7QhJFVdNtRyAXRnU34kP7+q8MtH/Q6wj+PgywtWm1SkIM403ljntkii7vuvKA8T7 WRTCa3g96ocYW2qkDJhgpjMBEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLGd2193 Bz7ZV66F5mWxVJ5C+jZjMB8GA1UdIwQYMBaAFC/EMPHiFcvX4I8mQ4g3A1AC3jGp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjhBMy85NjY1MEYzOEZE MTcxMUVDODI4OTgzNjVDNEY5QUUwMi9MOFF3OGVJVnk5ZmdqeVpEaURjRFVBTGVN YWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0w4UXc4ZUlWeTlmZ2p5WkRpRGNEVUFMZU1hay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QjhBMy85NjY1MEYzOEZEMTcxMUVDODI4OTgzNjVDNEY5QUUwMi9MOFF3OGVJVnk5 ZmdqeVpEaURjRFVBTGVNYWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCS4ZAGI/dig7cKTAUoyvnPTRodOuoSZ02+ZAhAlJJXoLLmFVlpV1BX d/oZDxL7y83NyFJ2//d+VkY3QXevDTAMYUhWpSj3TO8kzqZIOeZMOI+nDGc+wHW8 0Va5bMZviLzXFgZ4+aU/FjkS2DkHayKfpdcmkoEgJMNFkz6QiZX+qf3qEMGFnNWK 3cU6RODeyiGS21qEfrd2haItGA7FsejFaPa4Kw1ZqSDCds6+42CXDZhg01lYpqFZ JQVjGadFkVHr/N6ncTudaCjLYVy93jp1UqoqRKZU9a4Sw9FfzAQsJtV2aB819nUm 2QbMOEQ0a+jUc5laF52bpbLl2stdR/2O -----END CERTIFICATE-----Generated at Sat Apr 26 04:29:49 2025 by rpki-client