$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE3A3/18823C8C050111EABD9B202CC4F9AE02/REDuIbNImmUKYWsSDY5b5Xku4Es.mft File: REDuIbNImmUKYWsSDY5b5Xku4Es.mft (raw, json) Hash identifier: rGVykvgMXAec0D9PSEHFuV8JV+v6ZsDFfoIXzRZfkPs= Subject key identifier: D3:23:3B:63:7A:3C:94:A9:62:A1:0C:6F:19:85:C2:04:85:36:28:CB Authority key identifier: 44:40:EE:21:B3:48:9A:65:0A:61:6B:12:0D:8E:5B:E5:79:2E:E0:4B Certificate issuer: /CN=A91CE3A3/serialNumber=4440EE21B3489A650A616B120D8E5BE5792EE04B Certificate serial: 0C38 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/REDuIbNImmUKYWsSDY5b5Xku4Es.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE3A3/18823C8C050111EABD9B202CC4F9AE02/REDuIbNImmUKYWsSDY5b5Xku4Es.mft Manifest number: 0C31 Signing time: Thu 24 Apr 2025 18:23:29 +0000 Manifest this update: Thu 24 Apr 2025 18:23:29 +0000 Manifest next update: Thu 01 May 2025 18:23:29 +0000 Files and hashes: 1: REDuIbNImmUKYWsSDY5b5Xku4Es.crl (hash: pkzbUUaTC++8IDrNEcvnddtCq5e5YIHEcdzARCcVhhI=) 2: 7155C8563E5E11EAB043A522C4F9AE02.roa (hash: kzRNRyDp5yy+6xuR6mT9mG0c89/n8LtjaHr1+0MkgX4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE3A3/18823C8C050111EABD9B202CC4F9AE02/REDuIbNImmUKYWsSDY5b5Xku4Es.crl rsync://rpki.apnic.net/member_repository/A91CE3A3/18823C8C050111EABD9B202CC4F9AE02/REDuIbNImmUKYWsSDY5b5Xku4Es.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/REDuIbNImmUKYWsSDY5b5Xku4Es.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:23:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3128 (0xc38) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE3A3, serialNumber=4440EE21B3489A650A616B120D8E5BE5792EE04B Validity Not Before: Apr 24 18:23:29 2025 GMT Not After : May 1 18:23:29 2025 GMT Subject: CN=680a81a1-e710 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:e9:08:b7:36:76:9f:80:a9:b3:50:4c:6e:6a: fd:ee:5e:79:c6:1e:b6:ac:4c:f4:c3:7f:c6:bb:b4: ff:e2:94:3b:59:f4:89:8a:ee:16:6f:e1:b5:0c:ac: 8e:e5:b1:c0:c3:0e:e7:88:b4:46:c7:b2:6f:39:f4: 6b:3d:ee:0f:75:b0:4d:56:6d:f0:7e:8c:36:01:3c: ab:f6:2c:82:fc:0a:b2:db:12:61:37:f9:1a:b3:9a: 2f:5d:b4:0e:bb:32:6f:3d:9d:5b:21:4c:fb:ef:d2: 6a:e5:7a:8e:53:1a:a7:42:03:f4:87:11:11:23:f3: 27:93:9e:e7:76:90:00:ce:98:28:ee:77:c5:16:e2: 10:7d:8c:82:35:f0:c9:01:91:a4:c6:86:58:d1:17: 1f:72:c5:08:0c:f0:6a:e6:03:81:a9:19:a8:d3:a7: ab:ba:a8:77:68:44:52:7a:6f:e3:59:09:1f:41:ec: cd:af:6f:08:1e:ed:67:1f:17:bc:9a:6f:1a:79:fc: d1:81:f5:73:ea:9c:e5:59:f9:34:7b:85:2e:07:c5: d4:cb:45:80:95:0e:a5:94:33:b3:d7:93:45:ad:c0: 1f:bd:13:44:d4:17:d2:85:f2:4b:15:3b:2f:e5:96: d4:ed:c2:5a:1a:e8:df:20:de:15:19:e1:8a:d0:68: 08:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:23:3B:63:7A:3C:94:A9:62:A1:0C:6F:19:85:C2:04:85:36:28:CB X509v3 Authority Key Identifier: keyid:44:40:EE:21:B3:48:9A:65:0A:61:6B:12:0D:8E:5B:E5:79:2E:E0:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE3A3/18823C8C050111EABD9B202CC4F9AE02/REDuIbNImmUKYWsSDY5b5Xku4Es.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/REDuIbNImmUKYWsSDY5b5Xku4Es.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE3A3/18823C8C050111EABD9B202CC4F9AE02/REDuIbNImmUKYWsSDY5b5Xku4Es.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:f0:c4:6f:88:77:64:b3:78:4e:34:fe:6e:59:db:77:21:db: 95:bd:09:cf:08:c4:4e:04:04:89:de:0c:8c:7f:e6:fd:ea:25: 99:b1:72:e6:a9:a8:45:b2:d0:a4:09:d4:75:b1:4e:f9:36:3f: b4:c8:48:55:3c:5a:44:56:d1:9f:89:34:d5:40:04:b5:02:df: 95:0f:d3:3d:30:8a:7d:ab:fe:8f:cc:84:d2:f9:e7:fe:c7:fc: 20:2b:2a:ab:b4:5a:d2:7d:f3:58:5a:62:8e:8f:dd:04:57:1b: f0:7e:0b:4e:64:ef:9a:db:58:d7:00:26:3d:c8:89:74:54:3f: fd:43:92:bf:5a:61:6e:c5:bf:ec:5f:f8:aa:f1:a1:ca:c8:1a: 25:43:9e:ba:d5:4d:50:6d:69:d1:6f:b4:6b:b0:54:80:f0:ec: 4f:22:20:3a:0d:91:29:ef:25:63:85:89:ff:82:c6:61:32:16: b5:e5:f8:cd:35:23:db:90:88:7a:81:95:3f:1a:8f:fc:4b:f8: bc:c5:63:8d:c4:1d:c9:70:7b:43:f3:d5:56:2c:b9:ac:b4:89: d9:27:9e:2e:57:80:da:9b:0d:3c:8e:ba:02:75:ce:a3:7f:bc: 1b:5d:ac:e2:16:81:68:c6:16:9c:67:38:9b:c0:20:eb:b0:c2: 52:12:3d:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0UzQTMxMTAvBgNVBAUTKDQ0NDBFRTIxQjM0ODlBNjUwQTYxNkIxMjBEOEU1QkU1 NzkyRUUwNEIwHhcNMjUwNDI0MTgyMzI5WhcNMjUwNTAxMTgyMzI5WjAYMRYwFAYD VQQDEw02ODBhODFhMS1lNzEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuekItzZ2n4Cps1BMbmr97l55xh62rEz0w3/Gu7T/4pQ7WfSJiu4Wb+G1DKyO 5bHAww7niLRGx7JvOfRrPe4PdbBNVm3wfow2ATyr9iyC/Aqy2xJhN/kas5ovXbQO uzJvPZ1bIUz779Jq5XqOUxqnQgP0hxERI/Mnk57ndpAAzpgo7nfFFuIQfYyCNfDJ AZGkxoZY0RcfcsUIDPBq5gOBqRmo06eruqh3aERSem/jWQkfQezNr28IHu1nHxe8 mm8aefzRgfVz6pzlWfk0e4UuB8XUy0WAlQ6llDOz15NFrcAfvRNE1BfShfJLFTsv 5ZbU7cJaGujfIN4VGeGK0GgIVQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNMjO2N6 PJSpYqEMbxmFwgSFNijLMB8GA1UdIwQYMBaAFERA7iGzSJplCmFrEg2OW+V5LuBL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTNBMy8xODgyM0M4QzA1 MDExMUVBQkQ5QjIwMkNDNEY5QUUwMi9SRUR1SWJOSW1tVUtZV3NTRFk1YjVYa3U0 RXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JFRHVJYk5JbW1VS1lXc1NEWTViNVhrdTRFcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTNBMy8xODgyM0M4QzA1MDExMUVBQkQ5QjIwMkNDNEY5QUUwMi9SRUR1SWJOSW1t VUtZV3NTRFk1YjVYa3U0RXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBh8MRviHdks3hONP5uWdt3IduVvQnPCMROBASJ3gyMf+b96iWZsXLm qahFstCkCdR1sU75Nj+0yEhVPFpEVtGfiTTVQAS1At+VD9M9MIp9q/6PzITS+ef+ x/wgKyqrtFrSffNYWmKOj90EVxvwfgtOZO+a21jXACY9yIl0VD/9Q5K/WmFuxb/s X/iq8aHKyBolQ5661U1QbWnRb7RrsFSA8OxPIiA6DZEp7yVjhYn/gsZhMha15fjN NSPbkIh6gZU/Go/8S/i8xWONxB3JcHtD89VWLLmstInZJ54uV4Damw08jroCdc6j f7wbXaziFoFoxhacZzibwCDrsMJSEj0H -----END CERTIFICATE-----Generated at Sat Apr 26 13:49:41 2025 by rpki-client