$ rpki-client -vvf rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft File: CekFd0f2O6Ciga54ATZozt6kCrQ.mft (raw, json) Hash identifier: dgGMImfMrCjpT/35feQxFVoK+58Pu5KjJQWQQ2d7QdM= Subject key identifier: EF:55:E6:89:1C:4A:2B:AB:F7:94:01:D5:D3:E4:A8:71:A2:D4:FC:FA Authority key identifier: 09:E9:05:77:47:F6:3B:A0:A2:81:AE:78:01:36:68:CE:DE:A4:0A:B4 Certificate issuer: /CN=A91CDAFB/serialNumber=09E9057747F63BA0A281AE78013668CEDEA40AB4 Certificate serial: 0163 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CekFd0f2O6Ciga54ATZozt6kCrQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft Manifest number: 0161 Signing time: Fri 25 Apr 2025 03:05:12 +0000 Manifest this update: Fri 25 Apr 2025 03:05:12 +0000 Manifest next update: Fri 02 May 2025 03:05:12 +0000 Files and hashes: 1: CekFd0f2O6Ciga54ATZozt6kCrQ.crl (hash: 9xER8+x3OMZD/MEWJzGOO0th2gwltxR68Zkjr5qXPLg=) 2: 2815D106041A11EEA67A6B4DC4F9AE02.roa (hash: BGY/uPAB8s6bOk+iTJOiyTH1PPXIxJM6rQPQkuaz0DI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.crl rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CekFd0f2O6Ciga54ATZozt6kCrQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:05:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 355 (0x163) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CDAFB, serialNumber=09E9057747F63BA0A281AE78013668CEDEA40AB4 Validity Not Before: Apr 25 03:05:12 2025 GMT Not After : May 2 03:05:12 2025 GMT Subject: CN=680afbe8-0d63 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:09:66:bb:f3:fa:44:ce:be:42:69:00:f9:42: 97:a3:c2:80:7e:c5:8f:57:6e:4b:95:c2:72:09:f3: 18:84:23:52:f7:27:ca:de:1a:a0:ac:2b:ad:1c:4e: c1:27:85:7c:3f:dc:db:ac:dc:e8:ee:f8:36:10:88: 7a:b6:82:12:12:46:70:69:4b:5c:a1:ba:72:65:12: 62:24:af:47:21:c3:05:ef:ef:40:2e:f4:4f:51:0b: 7b:d7:1f:c7:8b:39:23:5c:3d:91:28:5d:db:f8:db: bd:ea:85:91:1f:d3:26:75:2c:5c:c8:eb:bf:f7:95: a2:ee:66:2d:70:8e:8f:26:46:8f:3f:c9:97:ec:36: 5c:8a:cd:e4:06:72:50:d7:78:b7:1e:f0:7d:51:bf: 51:aa:33:76:53:63:d7:9b:14:27:52:ac:5c:57:95: f9:ce:c9:6d:03:8e:0d:4b:e1:cd:29:b0:a4:39:be: 8a:09:6b:b7:42:ab:ef:e9:67:07:71:08:69:54:32: 03:0b:e0:c3:e1:25:6a:d3:13:e7:05:a0:a6:93:59: ca:95:db:85:0f:a1:61:0e:6a:32:c0:3b:ad:c1:ac: cb:0c:f7:5a:33:b1:d2:52:cd:47:32:83:ce:8c:00: fc:9b:aa:cc:8f:c2:76:b7:97:87:18:cc:ce:ba:64: 29:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:55:E6:89:1C:4A:2B:AB:F7:94:01:D5:D3:E4:A8:71:A2:D4:FC:FA X509v3 Authority Key Identifier: keyid:09:E9:05:77:47:F6:3B:A0:A2:81:AE:78:01:36:68:CE:DE:A4:0A:B4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CekFd0f2O6Ciga54ATZozt6kCrQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:ea:d5:af:74:37:07:71:e3:4c:0c:fe:d0:66:51:a5:0c:15: 7b:8b:7b:1c:77:68:bb:ee:89:40:a0:1e:e1:3a:f3:4b:a6:61: b6:78:34:63:57:8e:ff:79:d3:c7:38:ea:4c:fe:4e:b3:9d:a7: f6:9c:a0:ca:75:59:28:80:a0:64:ab:7c:2f:39:f0:f6:40:a5: 4b:7b:75:4c:29:c7:a8:2a:4a:75:55:09:49:ab:75:fb:6a:9a: eb:a0:72:68:cd:e9:f8:d1:41:69:fa:d1:30:3b:e2:7b:14:24: 14:2c:70:37:4b:23:7d:7f:c0:cf:9a:74:54:2f:6b:8b:f1:01: 16:e1:ef:29:ed:e6:8a:10:da:d4:8a:f5:69:d1:bb:4f:57:55: 03:5a:11:c9:e4:5c:72:5c:da:32:3f:c9:2f:fe:1d:7a:72:14: 92:a1:2f:d1:96:af:6b:78:d2:ac:22:cd:41:9b:e3:28:8f:26: b6:7c:f0:fe:91:07:d1:73:db:9b:44:72:a5:40:a5:f4:01:fd: d8:2e:83:8f:19:5a:fb:21:12:31:a0:c3:e9:bd:69:2f:b3:34: db:a0:2d:7b:c4:a6:90:fb:29:2d:b3:c2:3a:ca:56:8f:c1:f0: d9:fc:07:e3:a2:30:54:4a:85:ae:04:be:a3:de:d3:b6:35:0a: d9:a8:cc:f6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0RBRkIxMTAvBgNVBAUTKDA5RTkwNTc3NDdGNjNCQTBBMjgxQUU3ODAxMzY2OENF REVBNDBBQjQwHhcNMjUwNDI1MDMwNTEyWhcNMjUwNTAyMDMwNTEyWjAYMRYwFAYD VQQDEw02ODBhZmJlOC0wZDYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxglmu/P6RM6+QmkA+UKXo8KAfsWPV25LlcJyCfMYhCNS9yfK3hqgrCutHE7B J4V8P9zbrNzo7vg2EIh6toISEkZwaUtcobpyZRJiJK9HIcMF7+9ALvRPUQt71x/H izkjXD2RKF3b+Nu96oWRH9MmdSxcyOu/95Wi7mYtcI6PJkaPP8mX7DZcis3kBnJQ 13i3HvB9Ub9RqjN2U2PXmxQnUqxcV5X5zsltA44NS+HNKbCkOb6KCWu3Qqvv6WcH cQhpVDIDC+DD4SVq0xPnBaCmk1nKlduFD6FhDmoywDutwazLDPdaM7HSUs1HMoPO jAD8m6rMj8J2t5eHGMzOumQpPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO9V5okc Siur95QB1dPkqHGi1Pz6MB8GA1UdIwQYMBaAFAnpBXdH9jugooGueAE2aM7epAq0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDREFGQi9FQzBGNkEzODAz NDExMUVFQTUyMTUyNDdDNEY5QUUwMi9DZWtGZDBmMk82Q2lnYTU0QVRab3p0NmtD clEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Nla0ZkMGYyTzZDaWdhNTRBVFpvenQ2a0NyUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD REFGQi9FQzBGNkEzODAzNDExMUVFQTUyMTUyNDdDNEY5QUUwMi9DZWtGZDBmMk82 Q2lnYTU0QVRab3p0NmtDclEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAk6tWvdDcHceNMDP7QZlGlDBV7i3scd2i77olAoB7hOvNLpmG2eDRj V47/edPHOOpM/k6znaf2nKDKdVkogKBkq3wvOfD2QKVLe3VMKceoKkp1VQlJq3X7 aprroHJozen40UFp+tEwO+J7FCQULHA3SyN9f8DPmnRUL2uL8QEW4e8p7eaKENrU ivVp0btPV1UDWhHJ5FxyXNoyP8kv/h16chSSoS/Rlq9reNKsIs1Bm+Mojya2fPD+ kQfRc9ubRHKlQKX0Af3YLoOPGVr7IRIxoMPpvWkvszTboC17xKaQ+ykts8I6ylaP wfDZ/AfjojBUSoWuBL6j3tO2NQrZqMz2 -----END CERTIFICATE-----Generated at Sat Apr 26 14:21:10 2025 by rpki-client