$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE216/AF57B6FCFE2811EAA7350158C4F9AE02/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.mft File: aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.mft (raw, json) Hash identifier: h+aFOIxGQdGyEelurf74a7R6EqAZ3VSjVJ/S1Wgz1m0= Subject key identifier: 08:7C:95:1F:B5:A4:DA:8A:19:00:0E:59:F5:4C:60:DD:3C:A0:5F:E8 Authority key identifier: 68:A4:FC:81:2D:01:91:36:3E:1C:4A:13:09:9F:53:B0:27:37:65:79 Certificate issuer: /CN=A91CE216/serialNumber=68A4FC812D0191363E1C4A13099F53B027376579 Certificate serial: 07A6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE216/AF57B6FCFE2811EAA7350158C4F9AE02/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.mft Manifest number: 07A1 Signing time: Thu 24 Apr 2025 21:04:08 +0000 Manifest this update: Thu 24 Apr 2025 21:04:07 +0000 Manifest next update: Thu 01 May 2025 21:04:07 +0000 Files and hashes: 1: aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.crl (hash: 3NKIs0Ri0u2TCl8SEAxh7T1SHe0jzcplYaD4xqGgNAs=) 2: 7F2355F2FE2A11EA8A51B85AC4F9AE02.roa (hash: IA44NsOrK26vTiCAA24OiQTy1Evi9ojQ75K61lOkBEo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE216/AF57B6FCFE2811EAA7350158C4F9AE02/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.crl rsync://rpki.apnic.net/member_repository/A91CE216/AF57B6FCFE2811EAA7350158C4F9AE02/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 21:04:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1958 (0x7a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE216, serialNumber=68A4FC812D0191363E1C4A13099F53B027376579 Validity Not Before: Apr 24 21:04:07 2025 GMT Not After : May 1 21:04:07 2025 GMT Subject: CN=680aa747-dc7c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:c9:c2:3b:37:c4:0d:35:b5:a9:c4:7d:88:0d: 35:a5:4b:45:e2:34:58:d1:70:3f:9f:85:b5:8c:32: 4f:02:7e:28:df:61:a7:89:80:31:2d:e6:ce:07:13: bc:ce:d0:a4:99:38:bb:84:48:2d:da:65:06:3f:44: f4:40:3f:9d:87:7b:38:1d:61:1c:28:68:39:46:7b: bc:95:4f:2b:71:00:9e:6f:84:0b:0f:4d:01:52:ee: 18:eb:40:23:ed:0f:7d:d4:48:31:36:fe:30:7a:36: fa:4f:13:e5:3b:3e:16:d6:09:14:b8:56:33:20:c4: 61:5b:cf:4a:5d:3a:3f:a1:c2:1e:31:fd:02:0e:58: 82:27:40:e1:9f:88:39:4d:c1:e7:fb:97:d6:74:09: c2:76:f3:5f:74:89:8f:67:c0:80:35:a8:e2:3f:c5: e9:fd:e5:41:e6:1c:31:2d:c4:98:e0:40:9c:23:50: 1b:63:4c:53:80:18:92:36:31:26:d6:47:2c:2f:44: 40:83:c4:6f:12:b7:1e:76:89:30:71:46:49:b2:db: 6b:0e:6f:a9:07:91:ec:d2:3f:2b:2b:9f:c2:d3:ba: 99:55:36:57:2e:d5:91:07:f7:77:7e:f7:cb:43:02: f2:f1:9d:16:3e:3c:cd:af:ec:9f:cb:ef:7d:d5:51: ed:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:7C:95:1F:B5:A4:DA:8A:19:00:0E:59:F5:4C:60:DD:3C:A0:5F:E8 X509v3 Authority Key Identifier: keyid:68:A4:FC:81:2D:01:91:36:3E:1C:4A:13:09:9F:53:B0:27:37:65:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE216/AF57B6FCFE2811EAA7350158C4F9AE02/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE216/AF57B6FCFE2811EAA7350158C4F9AE02/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:a9:ec:38:70:a0:1b:e3:c6:13:ae:98:41:a6:fe:fd:cc:02: 24:65:0e:d6:c4:9e:1c:0a:06:bb:00:9f:9a:68:3a:12:ba:ed: cd:0d:23:e5:f0:86:20:f0:5d:47:15:2c:9c:8f:e8:4f:6d:82: 98:a3:3a:9f:af:48:7e:f3:52:1c:7f:7b:63:a1:56:6b:23:70: 08:7a:63:61:f8:71:2d:96:27:a4:9f:27:15:f2:90:31:b4:29: 8b:a8:3b:d8:ef:b0:f0:f2:bf:2b:d9:e5:64:d6:db:26:5a:51: 0a:73:d5:14:31:77:1d:79:da:f0:dc:5f:e1:3d:10:55:ab:0c: 21:4d:53:90:eb:fb:ea:02:fb:8b:ab:58:60:7e:38:da:7b:4e: bd:55:8c:eb:4c:e7:02:37:a4:ce:dc:36:1d:e0:d9:15:b1:23: 18:51:22:d3:19:99:b3:1d:4b:e4:9a:8c:71:82:cc:50:e5:80: ac:88:f8:95:98:c6:b6:f2:2c:69:a1:16:48:76:78:9b:6f:dd: d9:bc:44:83:92:ea:c9:29:39:e6:72:77:84:73:15:11:6c:39: 79:63:21:03:c3:e5:e4:ac:56:63:29:98:78:1b:35:8b:3a:1c: 5f:d5:b7:e7:98:ae:63:ef:7b:42:0c:dd:f3:d5:54:cd:da:fe: c6:22:7c:1e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB6YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0UyMTYxMTAvBgNVBAUTKDY4QTRGQzgxMkQwMTkxMzYzRTFDNEExMzA5OUY1M0Iw MjczNzY1NzkwHhcNMjUwNDI0MjEwNDA3WhcNMjUwNTAxMjEwNDA3WjAYMRYwFAYD VQQDEw02ODBhYTc0Ny1kYzdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyMnCOzfEDTW1qcR9iA01pUtF4jRY0XA/n4W1jDJPAn4o32GniYAxLebOBxO8 ztCkmTi7hEgt2mUGP0T0QD+dh3s4HWEcKGg5Rnu8lU8rcQCeb4QLD00BUu4Y60Aj 7Q991EgxNv4wejb6TxPlOz4W1gkUuFYzIMRhW89KXTo/ocIeMf0CDliCJ0Dhn4g5 TcHn+5fWdAnCdvNfdImPZ8CANajiP8Xp/eVB5hwxLcSY4ECcI1AbY0xTgBiSNjEm 1kcsL0RAg8RvErcedokwcUZJsttrDm+pB5Hs0j8rK5/C07qZVTZXLtWRB/d3fvfL QwLy8Z0WPjzNr+yfy+991VHtPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAh8lR+1 pNqKGQAOWfVMYN08oF/oMB8GA1UdIwQYMBaAFGik/IEtAZE2PhxKEwmfU7AnN2V5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTIxNi9BRjU3QjZGQ0ZF MjgxMUVBQTczNTAxNThDNEY5QUUwMi9hS1Q4Z1MwQmtUWS1IRW9UQ1o5VHNDYzNa WGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FLVDhnUzBCa1RZLUhFb1RDWjlUc0NjM1pYay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTIxNi9BRjU3QjZGQ0ZFMjgxMUVBQTczNTAxNThDNEY5QUUwMi9hS1Q4Z1MwQmtU WS1IRW9UQ1o5VHNDYzNaWGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFqew4cKAb48YTrphBpv79zAIkZQ7WxJ4cCga7AJ+aaDoSuu3NDSPl 8IYg8F1HFSycj+hPbYKYozqfr0h+81Icf3tjoVZrI3AIemNh+HEtlieknycV8pAx tCmLqDvY77Dw8r8r2eVk1tsmWlEKc9UUMXcdedrw3F/hPRBVqwwhTVOQ6/vqAvuL q1hgfjjae069VYzrTOcCN6TO3DYd4NkVsSMYUSLTGZmzHUvkmoxxgsxQ5YCsiPiV mMa28ixpoRZIdnibb93ZvESDkurJKTnmcneEcxURbDl5YyEDw+XkrFZjKZh4GzWL Ohxf1bfnmK5j73tCDN3z1VTN2v7GInwe -----END CERTIFICATE-----Generated at Sat Apr 26 15:19:22 2025 by rpki-client