$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft File: pSAa7m9KXB64p-HHhTv7srp1y9I.mft (raw, json) Hash identifier: OgF8ov8zzYo+hs9gVzpQotWk4j/gKES39EAWTUbSb/0= Subject key identifier: 65:14:FB:88:CA:85:FF:68:89:9B:3E:58:14:55:9D:ED:31:B0:2C:A5 Authority key identifier: A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2 Certificate issuer: /CN=A91D1003/serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2 Certificate serial: 0B5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft Manifest number: 0B4F Signing time: Thu 24 Apr 2025 19:02:21 +0000 Manifest this update: Thu 24 Apr 2025 19:02:21 +0000 Manifest next update: Thu 01 May 2025 19:02:21 +0000 Files and hashes: 1: pSAa7m9KXB64p-HHhTv7srp1y9I.crl (hash: 4+iOVIGTGwdt9WxCVt7gdROqpk1zRtVolEHBocjpXXw=) 2: 0DC2568E320511EA8CF6B72DC4F9AE02.roa (hash: dZqvR0xqd13+DRj0vsCnaFuawrKyEqpLXk81wck6o3Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:02:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2906 (0xb5a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1003, serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2 Validity Not Before: Apr 24 19:02:21 2025 GMT Not After : May 1 19:02:21 2025 GMT Subject: CN=680a8abd-4094 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:02:b7:05:89:c9:e8:b9:9d:0c:ec:62:6c:8e: 02:1a:64:da:9b:b9:a2:c7:ca:07:00:4f:7e:e5:1e: 30:d8:3b:49:14:10:83:21:38:4a:c1:71:d8:4d:61: 10:5b:78:5b:26:82:e4:c5:09:bf:64:7d:c7:42:6a: d9:1d:2b:80:73:63:00:c9:71:c5:40:aa:f9:95:6c: 3a:26:08:df:6e:31:a9:57:cc:3c:29:f8:3a:5f:e6: ce:34:3d:36:c0:01:2f:d9:db:5e:e1:44:18:e1:43: f2:73:38:9b:91:74:fc:9d:50:2e:11:94:d7:75:a5: 4c:7f:bd:5a:92:bc:8a:b0:06:6f:15:7b:bb:4c:e1: f8:8e:e9:34:6c:15:31:2e:11:4b:91:2e:6d:b8:4c: 0d:ad:f2:69:ef:c6:fa:f2:0e:79:9e:c1:75:b5:12: 18:6a:ec:a4:0b:1a:a2:9c:51:e5:6e:4e:09:a4:83: 83:22:98:66:fa:15:5b:62:52:2e:1a:04:18:ab:5b: e9:76:01:d0:c6:7e:e7:b0:cb:c9:ba:5d:e8:70:d3: 70:af:8b:d8:0f:77:ff:4b:99:08:50:99:4f:50:70: 4f:c0:59:d1:a3:5a:d6:f1:53:52:2f:39:00:ab:00: c1:df:93:67:b3:89:fe:48:2b:33:5d:31:14:d6:9e: a9:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:14:FB:88:CA:85:FF:68:89:9B:3E:58:14:55:9D:ED:31:B0:2C:A5 X509v3 Authority Key Identifier: keyid:A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:e0:2e:01:79:19:26:f9:cc:bc:23:7d:e1:de:83:a4:70:b1: 26:07:ce:9d:f7:16:31:38:81:33:27:76:a3:5c:89:ed:0f:7e: 65:73:3a:ef:75:38:1b:10:5e:58:31:0a:dd:8a:c1:4e:92:00: 40:4e:a4:ae:ab:35:b7:10:39:1d:de:f1:e7:a7:f0:de:a0:77: 27:2e:35:6f:9d:6a:ce:d7:f7:ef:19:65:43:0d:9f:b1:48:e9: d6:bd:c6:1f:42:e0:61:22:db:f8:a5:50:75:31:d0:cb:fc:cf: 61:ef:fc:94:29:e8:52:84:a5:10:fa:36:8b:65:42:a3:ce:fc: 74:dc:71:13:32:5a:e7:11:cc:cb:6c:53:fb:ad:19:e4:46:c3: 07:fd:4e:85:0d:fe:aa:d1:5d:bb:a0:da:1d:71:fa:db:29:fe: 4b:bb:c3:0e:84:f4:35:5b:bc:6f:bc:d6:79:69:92:b3:50:85: 55:40:59:48:71:9f:1a:15:ec:c0:46:31:98:e6:1f:a6:d8:c8: 33:0a:a8:7d:1b:bb:be:c5:0c:10:19:be:7e:b0:67:8a:e5:7e: 43:ce:74:d9:35:f3:81:8e:88:f0:1d:48:62:85:2b:ef:53:19: 47:2b:7a:e8:79:e6:18:40:63:70:27:02:c7:8a:09:10:f2:a9: 50:f4:2f:02 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC1owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDEwMDMxMTAvBgNVBAUTKEE1MjAxQUVFNkY0QTVDMUVCOEE3RTFDNzg1M0JGQkIy QkE3NUNCRDIwHhcNMjUwNDI0MTkwMjIxWhcNMjUwNTAxMTkwMjIxWjAYMRYwFAYD VQQDEw02ODBhOGFiZC00MDk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzwK3BYnJ6LmdDOxibI4CGmTam7mix8oHAE9+5R4w2DtJFBCDIThKwXHYTWEQ W3hbJoLkxQm/ZH3HQmrZHSuAc2MAyXHFQKr5lWw6JgjfbjGpV8w8Kfg6X+bOND02 wAEv2dte4UQY4UPyczibkXT8nVAuEZTXdaVMf71akryKsAZvFXu7TOH4juk0bBUx LhFLkS5tuEwNrfJp78b68g55nsF1tRIYauykCxqinFHlbk4JpIODIphm+hVbYlIu GgQYq1vpdgHQxn7nsMvJul3ocNNwr4vYD3f/S5kIUJlPUHBPwFnRo1rW8VNSLzkA qwDB35Nns4n+SCszXTEU1p6pHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGUU+4jK hf9oiZs+WBRVne0xsCylMB8GA1UdIwQYMBaAFKUgGu5vSlweuKfhx4U7+7K6dcvS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTAwMy9BQTRFOTVDODMy MDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hCNjRwLUhIaFR2N3NycDF5 OUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BTQWE3bTlLWEI2NHAtSEhoVHY3c3JwMXk5SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MTAwMy9BQTRFOTVDODMyMDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hC NjRwLUhIaFR2N3NycDF5OUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCa4C4BeRkm+cy8I33h3oOkcLEmB86d9xYxOIEzJ3ajXIntD35lczrv dTgbEF5YMQrdisFOkgBATqSuqzW3EDkd3vHnp/DeoHcnLjVvnWrO1/fvGWVDDZ+x SOnWvcYfQuBhItv4pVB1MdDL/M9h7/yUKehShKUQ+jaLZUKjzvx03HETMlrnEczL bFP7rRnkRsMH/U6FDf6q0V27oNodcfrbKf5Lu8MOhPQ1W7xvvNZ5aZKzUIVVQFlI cZ8aFezARjGY5h+m2MgzCqh9G7u+xQwQGb5+sGeK5X5DznTZNfOBjojwHUhihSvv UxlHK3roeeYYQGNwJwLHigkQ8qlQ9C8C -----END CERTIFICATE-----Generated at Sat Apr 26 12:27:38 2025 by rpki-client