$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft File: BUM8OuqKSXAsmoLuyV0WtVA86mA.mft (raw, json) Hash identifier: WBeM+VnW69oc+eNoKBf7pH4J5yXT/DbRtNXsXFg1MWQ= Subject key identifier: 4C:54:1C:F6:5D:9C:D6:AB:BD:7C:52:F0:10:84:02:CF:FA:B5:B8:58 Authority key identifier: 05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 Certificate issuer: /CN=A91CFFA0/serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60 Certificate serial: 0D41 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft Manifest number: 0D1F Signing time: Thu 24 Apr 2025 18:01:34 +0000 Manifest this update: Thu 24 Apr 2025 18:01:34 +0000 Manifest next update: Thu 01 May 2025 18:01:34 +0000 Files and hashes: 1: BUM8OuqKSXAsmoLuyV0WtVA86mA.crl (hash: t0HOacsWsMEVoGNuXiundfPAtJ9HpAzn8zoqcoir22A=) 2: 83ECD7C40CCA11ED97820077C4F9AE02.roa (hash: tsWCAJh3hDUuF0jt3mDhnNo48pJ1cTxWnbkE+ZQXBxw=) 3: 0E3F36D8C43D11EBAB31777FC4F9AE02.roa (hash: BThAKf2icEZsZqpXgnFl9VpqvpRKYGs7e0515Blb0yw=) 4: 1F4E1CC014D311EA81309110C4F9AE02.roa (hash: zPumQuSa3V5Do5kU4HAy8QEzfyGrDVZPMvaKh+jhJxk=) 5: E6F0F39214CE11EA9E740182C4F9AE02.roa (hash: zpETj3vTU+4JGJFNH2bJangxDJpoV//my0UXRjaLeMk=) 6: 4CD3C8DC14D011EA93366A85C4F9AE02.roa (hash: JwI9xru2SKVmPRR5P37ZWy6F3njGvB5RFaYgtRHbNFY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3393 (0xd41) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFA0, serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60 Validity Not Before: Apr 24 18:01:34 2025 GMT Not After : May 1 18:01:34 2025 GMT Subject: CN=680a7c7e-8c0e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:3e:62:4c:a0:94:a0:e9:b2:b5:18:57:46:fb: 91:d6:dc:90:57:90:4c:48:08:30:5d:e7:86:8f:33: 85:54:d6:22:b4:64:2d:e1:d7:81:9b:03:79:16:22: d5:96:36:12:db:cc:bd:f2:e6:04:9c:1a:01:9f:6e: 93:bb:90:c5:dd:d6:f1:af:bf:03:24:6c:99:86:7f: c8:31:d9:28:bb:08:80:c3:57:75:d8:ab:ec:bb:01: c4:4e:e4:28:38:0f:c6:f1:c0:ba:c8:07:c8:7b:6a: 1f:36:48:9e:4c:14:26:a4:7f:e3:3a:47:aa:4a:9a: 2b:99:f0:03:22:a1:f1:ed:61:38:fb:4d:03:c5:c5: 27:94:b7:c3:d5:d6:36:db:41:4f:31:40:29:21:16: e4:e0:51:de:fe:20:4b:d8:86:29:b9:58:25:df:6b: 47:f6:54:36:74:85:32:7d:5b:91:df:35:52:a1:1b: 5e:3a:52:67:b4:88:bc:e4:a8:b2:4e:74:49:46:2b: 04:83:52:19:1f:98:4b:f2:7f:08:f5:ef:5a:31:8a: b3:d3:36:4b:4f:af:ae:c1:d6:38:c8:38:14:63:83: 77:c7:90:83:9c:89:01:e7:50:13:ce:3f:d3:08:08: 5a:ce:07:c8:55:d0:81:a6:8b:31:ce:c0:09:3c:d7: a8:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:54:1C:F6:5D:9C:D6:AB:BD:7C:52:F0:10:84:02:CF:FA:B5:B8:58 X509v3 Authority Key Identifier: keyid:05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:4f:de:7d:09:52:f3:f3:16:90:51:23:b2:5e:1f:8c:ea:15: db:ef:2d:e4:39:7d:44:2b:db:1d:3e:6f:be:1f:3c:de:23:d3: f0:01:39:11:bc:19:f0:f2:1a:1e:33:5c:e2:d7:66:a4:ee:ed: 52:74:8c:32:95:5b:ed:1c:84:f8:e1:35:25:df:88:39:46:f7: 34:c1:59:d2:d2:7f:5a:8b:dd:3c:c4:c3:e9:55:d5:54:38:48: a6:e7:24:21:62:02:23:92:38:9a:0d:60:a3:2f:76:76:03:08: da:99:84:ce:94:57:9a:2a:e4:ba:4d:54:47:b2:bf:d8:0c:51: c4:8d:2c:5d:17:fe:3d:7d:f1:e9:f6:07:73:26:d1:21:89:ec: bc:98:45:f7:d8:33:df:6d:74:4d:3d:e9:38:e8:3b:e4:5f:4b: 03:ed:0d:b8:d9:4a:e0:a7:e2:6f:9c:aa:37:57:4e:4b:ed:68: 8e:ba:b8:df:c9:aa:71:14:1c:1b:f8:27:00:de:c7:04:a2:7e: c3:16:74:0b:fe:dd:c3:87:f9:f1:82:25:55:0f:ac:cf:57:ec: 50:ce:8f:66:53:16:9d:f3:c1:de:b5:a2:cc:af:ee:50:46:be: a2:d7:be:6a:f7:1e:55:06:6d:51:c6:17:ec:23:9e:b2:0c:bf: c7:10:c9:6f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZGQTAxMTAvBgNVBAUTKDA1NDMzQzNBRUE4QTQ5NzAyQzlBODJFRUM5NUQxNkI1 NTAzQ0VBNjAwHhcNMjUwNDI0MTgwMTM0WhcNMjUwNTAxMTgwMTM0WjAYMRYwFAYD VQQDEw02ODBhN2M3ZS04YzBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtz5iTKCUoOmytRhXRvuR1tyQV5BMSAgwXeeGjzOFVNYitGQt4deBmwN5FiLV ljYS28y98uYEnBoBn26Tu5DF3dbxr78DJGyZhn/IMdkouwiAw1d12KvsuwHETuQo OA/G8cC6yAfIe2ofNkieTBQmpH/jOkeqSpormfADIqHx7WE4+00DxcUnlLfD1dY2 20FPMUApIRbk4FHe/iBL2IYpuVgl32tH9lQ2dIUyfVuR3zVSoRteOlJntIi85Kiy TnRJRisEg1IZH5hL8n8I9e9aMYqz0zZLT6+uwdY4yDgUY4N3x5CDnIkB51ATzj/T CAhazgfIVdCBposxzsAJPNeorQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFExUHPZd nNarvXxS8BCEAs/6tbhYMB8GA1UdIwQYMBaAFAVDPDrqiklwLJqC7sldFrVQPOpg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xNTBCRjY5MEQ4 Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NYQXNtb0x1eVYwV3RWQTg2 bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0JVTThPdXFLU1hBc21vTHV5VjBXdFZBODZtQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkZBMC8xNTBCRjY5MEQ4Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NY QXNtb0x1eVYwV3RWQTg2bUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJT959CVLz8xaQUSOyXh+M6hXb7y3kOX1EK9sdPm++HzzeI9PwATkR vBnw8hoeM1zi12ak7u1SdIwylVvtHIT44TUl34g5Rvc0wVnS0n9ai908xMPpVdVU OEim5yQhYgIjkjiaDWCjL3Z2AwjamYTOlFeaKuS6TVRHsr/YDFHEjSxdF/49ffHp 9gdzJtEhiey8mEX32DPfbXRNPek46DvkX0sD7Q242Urgp+JvnKo3V05L7WiOurjf yapxFBwb+CcA3scEon7DFnQL/t3Dh/nxgiVVD6zPV+xQzo9mUxad88HetaLMr+5Q Rr6i175q9x5VBm1RxhfsI56yDL/HEMlv -----END CERTIFICATE-----Generated at Sat Apr 26 15:05:33 2025 by rpki-client