$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft File: ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft (raw, json) Hash identifier: K3hZCp5mZfi9xEqssT43pTi3FFEMh6hGm5jNgEwiqA0= Subject key identifier: 56:73:B5:3B:55:82:35:64:F5:46:95:50:A4:92:AC:B8:0F:3B:04:0A Authority key identifier: A1:C2:39:65:70:40:17:72:42:9E:B8:CB:B0:DF:66:53:F1:67:8C:F6 Certificate issuer: /CN=A91CE6EC/serialNumber=A1C2396570401772429EB8CBB0DF6653F1678CF6 Certificate serial: 2571 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft Manifest number: 2566 Signing time: Thu 24 Apr 2025 15:45:49 +0000 Manifest this update: Thu 24 Apr 2025 15:45:49 +0000 Manifest next update: Thu 01 May 2025 15:45:49 +0000 Files and hashes: 1: ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl (hash: FiCxlpHrpNTm6l+iBjHhyBwwS5hfswegJGSUmHwrAAY=) 2: 96F26DD8E4A511EF8259C769C4F9AE02.roa (hash: Fcy0t/fzkFaWJQcPeRfi9B3H65XjHBViUmgSczRX2lU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:45:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9585 (0x2571) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE6EC, serialNumber=A1C2396570401772429EB8CBB0DF6653F1678CF6 Validity Not Before: Apr 24 15:45:49 2025 GMT Not After : May 1 15:45:49 2025 GMT Subject: CN=680a5cad-1107 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:2d:83:6c:f7:07:e8:3c:b4:78:fb:05:87:4b: 3d:33:2d:46:67:99:b0:94:5b:89:c7:b9:20:16:ba: 32:4c:c6:c3:ae:0f:47:b5:1c:ef:e8:b5:ff:f0:85: 8f:c6:6c:c4:17:37:a5:c8:10:3d:4b:32:fc:d3:21: df:95:a5:28:85:a7:d4:89:c5:e1:ca:62:b1:f4:c5: 03:07:08:2b:9c:d5:ac:da:45:cf:cf:81:ed:12:4e: 97:29:7c:15:65:47:ee:27:47:40:ff:4c:72:7c:5f: bb:aa:58:a5:85:19:ba:0c:53:39:e0:85:fe:56:cc: 7e:d5:54:51:4b:e9:60:c0:a5:26:32:74:be:90:23: 6d:5f:ad:be:cf:04:06:4c:8a:d3:02:ff:ec:64:00: a5:6c:a2:02:1d:56:da:11:0d:d7:62:92:51:09:1f: 7f:0c:b0:a5:d5:1d:f6:0a:a7:df:aa:31:c0:8b:ed: 0d:cf:77:b3:fa:ca:09:e6:52:52:df:e4:02:a5:0b: 98:2a:de:4b:ee:6d:55:f6:df:5e:0b:a6:ba:b8:0f: ab:e7:85:e4:03:6d:2c:0e:81:08:a6:a2:28:93:6b: 91:e9:e5:8e:75:96:4d:40:7d:ad:4a:e8:a3:82:8d: 0e:05:0d:13:7b:2a:c0:72:1c:de:1e:17:31:7f:b5: 0e:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:73:B5:3B:55:82:35:64:F5:46:95:50:A4:92:AC:B8:0F:3B:04:0A X509v3 Authority Key Identifier: keyid:A1:C2:39:65:70:40:17:72:42:9E:B8:CB:B0:DF:66:53:F1:67:8C:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:49:42:39:79:85:0e:07:2a:c2:8f:08:42:d5:d8:22:33:fa: 13:ce:d8:9a:4e:bb:d0:2c:a0:63:36:e8:99:53:09:0e:f9:f3: e9:96:e4:d2:dd:d0:cb:dd:dc:38:78:26:93:00:0d:96:44:59: a0:1e:a8:80:27:6a:03:e4:93:f5:30:ca:07:26:c7:c1:a8:02: 66:10:60:76:9e:50:50:a0:18:19:28:d6:0b:14:51:41:48:c7: 16:34:4c:e0:4a:28:49:1a:92:51:1d:77:79:1e:67:be:25:d9: a1:0d:e2:e3:71:fb:f6:dd:de:1a:7a:1d:be:25:3c:72:7d:d4: 06:72:25:a2:1f:c4:81:d1:e4:4e:5f:95:fb:91:12:c6:4b:08: da:1f:37:44:f5:4c:68:02:92:8f:d0:13:a5:7c:6f:75:25:7b: 51:4e:b0:fe:0e:9b:ee:2b:05:9e:48:b7:20:3f:d5:72:7e:03: 7f:3a:96:f7:dd:88:f9:8b:48:da:cf:34:bc:ae:61:60:46:6f: 4b:09:77:31:d4:98:47:1e:16:6e:1b:25:19:e9:b3:a8:47:e6: 09:10:c8:ea:ec:fa:ed:c8:86:e9:3d:5c:cc:48:08:38:c0:fc: 63:6e:b3:23:f6:33:5f:ed:99:14:88:cb:f5:32:ba:66:e7:4b: 56:c8:f7:32 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJXEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U2RUMxMTAvBgNVBAUTKEExQzIzOTY1NzA0MDE3NzI0MjlFQjhDQkIwREY2NjUz RjE2NzhDRjYwHhcNMjUwNDI0MTU0NTQ5WhcNMjUwNTAxMTU0NTQ5WjAYMRYwFAYD VQQDEw02ODBhNWNhZC0xMTA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqy2DbPcH6Dy0ePsFh0s9My1GZ5mwlFuJx7kgFroyTMbDrg9HtRzv6LX/8IWP xmzEFzelyBA9SzL80yHflaUohafUicXhymKx9MUDBwgrnNWs2kXPz4HtEk6XKXwV ZUfuJ0dA/0xyfF+7qlilhRm6DFM54IX+Vsx+1VRRS+lgwKUmMnS+kCNtX62+zwQG TIrTAv/sZAClbKICHVbaEQ3XYpJRCR9/DLCl1R32CqffqjHAi+0Nz3ez+soJ5lJS 3+QCpQuYKt5L7m1V9t9eC6a6uA+r54XkA20sDoEIpqIok2uR6eWOdZZNQH2tSuij go0OBQ0TeyrAchzeHhcxf7UOpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFZztTtV gjVk9UaVUKSSrLgPOwQKMB8GA1UdIwQYMBaAFKHCOWVwQBdyQp64y7DfZlPxZ4z2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTZFQy9EM0FCNjAxNjE0 QzgxMUU1QTJGQ0VGMTVDNEY5QUUwMi9vY0k1WlhCQUYzSkNucmpMc045bVVfRm5q UFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29jSTVaWEJBRjNKQ25yakxzTjltVV9GbmpQWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTZFQy9EM0FCNjAxNjE0QzgxMUU1QTJGQ0VGMTVDNEY5QUUwMi9vY0k1WlhCQUYz SkNucmpMc045bVVfRm5qUFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAnSUI5eYUOByrCjwhC1dgiM/oTztiaTrvQLKBjNuiZUwkO+fPpluTS 3dDL3dw4eCaTAA2WRFmgHqiAJ2oD5JP1MMoHJsfBqAJmEGB2nlBQoBgZKNYLFFFB SMcWNEzgSihJGpJRHXd5Hme+JdmhDeLjcfv23d4aeh2+JTxyfdQGciWiH8SB0eRO X5X7kRLGSwjaHzdE9UxoApKP0BOlfG91JXtRTrD+DpvuKwWeSLcgP9VyfgN/Opb3 3Yj5i0jazzS8rmFgRm9LCXcx1JhHHhZuGyUZ6bOoR+YJEMjq7PrtyIbpPVzMSAg4 wPxjbrMj9jNf7ZkUiMv1Mrpm50tWyPcy -----END CERTIFICATE-----Generated at Sat Apr 26 12:20:18 2025 by rpki-client