$ rpki-client -vvf rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.mft File: CJy1orM7eG11SgfWgKnElBQmGeE.mft (raw, json) Hash identifier: 96+Uk3Wmh1ao2T5fWG5huXuut+XIFWIfIkdzgweJ7Q8= Subject key identifier: 43:3F:D1:45:A6:C4:AE:2F:8C:75:C8:66:A0:3E:1C:94:E3:FD:C3:F8 Authority key identifier: 08:9C:B5:A2:B3:3B:78:6D:75:4A:07:D6:80:A9:C4:94:14:26:19:E1 Certificate issuer: /CN=A91D0C18/serialNumber=089CB5A2B33B786D754A07D680A9C494142619E1 Certificate serial: 7F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CJy1orM7eG11SgfWgKnElBQmGeE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.mft Manifest number: 7E Signing time: Sun 27 Apr 2025 05:30:39 +0000 Manifest this update: Sun 27 Apr 2025 05:30:38 +0000 Manifest next update: Sun 04 May 2025 05:30:38 +0000 Files and hashes: 1: CJy1orM7eG11SgfWgKnElBQmGeE.crl (hash: dRXlJWnGK5/+DZ05JkDc+C1tWmow3KIrtPcL2XZuDUM=) 2: EEE0092A646611EFA25D167EC4F9AE02.roa (hash: PB6LRHoIMyYv1uIUIe4A3HeqPVxI7OtzvXNUbqHxj3Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.crl rsync://rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CJy1orM7eG11SgfWgKnElBQmGeE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 05:30:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 127 (0x7f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D0C18, serialNumber=089CB5A2B33B786D754A07D680A9C494142619E1 Validity Not Before: Apr 27 05:30:38 2025 GMT Not After : May 4 05:30:38 2025 GMT Subject: CN=680dc0fe-385e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:52:e4:63:07:a3:fe:d8:df:cd:50:10:e0:ef: 19:bc:3c:9f:1e:f6:71:be:22:73:b3:77:70:e0:b2: 60:a0:ad:88:7d:be:6c:93:d3:10:86:02:ba:ac:be: 16:21:bf:88:26:02:b2:bb:ff:0d:f1:22:8e:da:87: 15:6a:b5:e2:b5:a2:95:87:31:17:4e:8e:7e:cf:a9: c4:b2:37:4b:58:ab:c3:f1:a4:b3:fc:ba:7e:42:63: 76:14:6a:91:d2:ee:0d:89:00:56:7a:d6:57:62:4c: c1:45:3e:95:87:c5:66:01:6b:73:11:83:b6:53:77: 3f:b9:a0:8d:92:b3:fd:06:cc:2a:dd:ce:d7:5c:e2: 3c:d8:3c:ef:7f:d6:40:c8:99:8b:0f:29:32:a4:40: fe:f3:3f:5d:a5:3f:e0:e0:d7:09:0b:a1:be:c9:a8: e5:1b:e5:55:e2:73:de:4a:76:0f:ab:0d:71:be:55: b6:d8:9c:88:ee:2c:41:3f:11:78:99:27:87:a2:f6: b7:cc:c7:70:a3:57:31:78:94:29:15:2d:32:50:b5: f9:9a:c1:5a:d2:fd:ea:22:8c:3f:30:2b:3a:bd:20: ef:98:0e:97:41:16:12:24:65:33:fe:43:a7:b8:24: 8e:a3:93:33:2f:20:dd:a3:b0:34:dd:28:7d:58:3b: 54:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:3F:D1:45:A6:C4:AE:2F:8C:75:C8:66:A0:3E:1C:94:E3:FD:C3:F8 X509v3 Authority Key Identifier: keyid:08:9C:B5:A2:B3:3B:78:6D:75:4A:07:D6:80:A9:C4:94:14:26:19:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/CJy1orM7eG11SgfWgKnElBQmGeE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D0C18/683BA096646611EF8E18F87AC4F9AE02/CJy1orM7eG11SgfWgKnElBQmGeE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:e9:b1:bb:f3:2d:38:d4:57:cd:1c:5c:51:b7:29:d3:c2:aa: 55:08:2b:0b:39:91:7d:27:8f:e1:08:44:a9:2a:6d:f2:68:4b: 32:50:94:55:89:d0:72:b4:87:b9:da:40:22:1e:57:1b:2d:a7: 55:9a:fc:4e:c9:f8:1f:f9:d1:c4:0b:68:ec:37:69:89:d2:f5: 47:8a:83:94:27:82:6f:36:f9:7c:5d:e3:5c:dd:f5:3d:c4:9a: 00:c0:0b:48:e9:32:12:3c:46:5e:a2:b1:2d:a7:b3:05:65:19: 21:4a:89:f6:90:c8:28:01:4d:21:18:d6:e6:39:10:33:27:b1: ab:66:b1:dd:b7:06:12:0a:b9:34:8b:7e:b0:59:23:06:7a:e1: b5:b1:e4:8a:33:ab:0c:07:9e:0d:59:84:86:dc:9f:c2:37:e1: 73:ad:27:44:81:d5:fc:8c:d2:6c:87:49:24:91:91:04:76:fa: df:96:9b:9b:49:38:f0:dc:79:f5:53:e5:e4:64:f4:e7:23:55: ba:61:01:fe:b4:76:19:90:6d:9c:2a:10:b4:28:e6:bf:95:47: ed:65:68:97:3c:2b:70:38:59:70:e1:9a:96:32:08:c2:14:d2: 41:d2:17:4f:7d:95:8e:f6:e4:e1:df:c1:17:ac:39:7e:01:46: be:37:9c:1b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBfzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE MEMxODExMC8GA1UEBRMoMDg5Q0I1QTJCMzNCNzg2RDc1NEEwN0Q2ODBBOUM0OTQx NDI2MTlFMTAeFw0yNTA0MjcwNTMwMzhaFw0yNTA1MDQwNTMwMzhaMBgxFjAUBgNV BAMTDTY4MGRjMGZlLTM4NWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCZUuRjB6P+2N/NUBDg7xm8PJ8e9nG+InOzd3DgsmCgrYh9vmyT0xCGArqsvhYh v4gmArK7/w3xIo7ahxVqteK1opWHMRdOjn7PqcSyN0tYq8PxpLP8un5CY3YUapHS 7g2JAFZ61ldiTMFFPpWHxWYBa3MRg7ZTdz+5oI2Ss/0GzCrdztdc4jzYPO9/1kDI mYsPKTKkQP7zP12lP+Dg1wkLob7JqOUb5VXic95Kdg+rDXG+VbbYnIjuLEE/EXiZ J4ei9rfMx3CjVzF4lCkVLTJQtfmawVrS/eoijD8wKzq9IO+YDpdBFhIkZTP+Q6e4 JI6jkzMvIN2jsDTdKH1YO1Q/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUQz/RRabE ri+MdchmoD4clOP9w/gwHwYDVR0jBBgwFoAUCJy1orM7eG11SgfWgKnElBQmGeEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQwQzE4LzY4M0JBMDk2NjQ2 NjExRUY4RTE4Rjg3QUM0RjlBRTAyL0NKeTFvck03ZUcxMVNnZldnS25FbEJRbUdl RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvQ0p5MW9yTTdlRzExU2dmV2dLbkVsQlFtR2VFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQw QzE4LzY4M0JBMDk2NjQ2NjExRUY4RTE4Rjg3QUM0RjlBRTAyL0NKeTFvck03ZUcx MVNnZldnS25FbEJRbUdlRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGHpsbvzLTjUV80cXFG3KdPCqlUIKws5kX0nj+EIRKkqbfJoSzJQlFWJ 0HK0h7naQCIeVxstp1Wa/E7J+B/50cQLaOw3aYnS9UeKg5Qngm82+Xxd41zd9T3E mgDAC0jpMhI8Rl6isS2nswVlGSFKifaQyCgBTSEY1uY5EDMnsatmsd23BhIKuTSL frBZIwZ64bWx5IozqwwHng1ZhIbcn8I34XOtJ0SB1fyM0myHSSSRkQR2+t+Wm5tJ OPDcefVT5eRk9OcjVbphAf60dhmQbZwqELQo5r+VR+1laJc8K3A4WXDhmpYyCMIU 0kHSF099lY725OHfwResOX4BRr43nBs= -----END CERTIFICATE-----Generated at Tue Apr 29 02:49:58 2025 by rpki-client