$ rpki-client -vvf rpki.apnic.net/member_repository/A91D112B/1CD0E0502F3411EB97FE1786C4F9AE02/8Esk0kgu8B-It9DWKlOSJzm3iA0.mft File: 8Esk0kgu8B-It9DWKlOSJzm3iA0.mft (raw, json) Hash identifier: CrCo6emVJjsp+ov4c1dox2i3YxwLIg3IAhHosIMwYUM= Subject key identifier: 56:70:41:5E:96:1B:8D:B4:30:EA:8F:A0:1D:27:A5:D6:14:3E:FF:85 Authority key identifier: F0:4B:24:D2:48:2E:F0:1F:88:B7:D0:D6:2A:53:92:27:39:B7:88:0D Certificate issuer: /CN=A91D112B/serialNumber=F04B24D2482EF01F88B7D0D62A53922739B7880D Certificate serial: 0732 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Esk0kgu8B-It9DWKlOSJzm3iA0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D112B/1CD0E0502F3411EB97FE1786C4F9AE02/8Esk0kgu8B-It9DWKlOSJzm3iA0.mft Manifest number: 0729 Signing time: Thu 24 Apr 2025 21:37:00 +0000 Manifest this update: Thu 24 Apr 2025 21:36:59 +0000 Manifest next update: Thu 01 May 2025 21:36:59 +0000 Files and hashes: 1: 8Esk0kgu8B-It9DWKlOSJzm3iA0.crl (hash: gKSHKrtST5NLDwGigCRLNpoiXuyx/A0JcPS5IaXsXDE=) 2: D00FC228F46111ECA631AC55C4F9AE02.roa (hash: SdQIXAZgLAYC0wC8aVzYt0Gf/I3END/T1//qc7xaDnw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D112B/1CD0E0502F3411EB97FE1786C4F9AE02/8Esk0kgu8B-It9DWKlOSJzm3iA0.crl rsync://rpki.apnic.net/member_repository/A91D112B/1CD0E0502F3411EB97FE1786C4F9AE02/8Esk0kgu8B-It9DWKlOSJzm3iA0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Esk0kgu8B-It9DWKlOSJzm3iA0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 21:36:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1842 (0x732) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D112B, serialNumber=F04B24D2482EF01F88B7D0D62A53922739B7880D Validity Not Before: Apr 24 21:36:59 2025 GMT Not After : May 1 21:36:59 2025 GMT Subject: CN=680aaefc-4b5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:22:0e:10:a7:91:95:f5:ce:d9:8d:0b:34:f5: 9c:aa:49:76:98:02:f5:5f:33:94:c4:3e:69:e9:35: a3:fc:7f:15:4f:e3:f7:11:81:7f:4c:8d:85:a0:95: 7c:a7:58:a9:57:7f:6e:97:c2:5d:16:98:75:dc:de: 76:27:c7:2f:90:83:3a:67:33:84:3e:1b:2d:b6:9d: b1:42:58:a7:51:34:94:fe:18:41:a4:ec:72:4b:09: 93:c2:66:3d:5e:fc:ca:2e:13:7a:81:2a:0e:f8:66: eb:80:5a:14:32:3d:8e:c3:bd:79:fb:ce:ba:6e:c5: f6:4d:3c:ce:0f:dc:ac:94:70:35:9d:8a:15:9c:45: 41:4f:9b:bf:44:00:b3:f7:40:31:b4:53:78:58:8f: 26:54:56:fe:0a:2f:94:0e:b2:49:af:ee:fe:68:34: 39:a6:15:f5:14:42:57:87:d5:51:95:ea:5b:53:c8: 3a:85:9e:f1:1f:e8:0c:2d:9e:8e:7a:8a:d4:b7:3c: 60:bb:ce:a2:a4:5b:4a:56:ad:57:64:d0:fe:6e:df: 55:d9:b2:94:83:d6:0d:6d:b5:21:68:ad:75:70:96: f5:bf:9d:9f:e7:8e:11:f8:3e:bb:6f:e0:1c:76:3a: 63:ae:7d:0b:1f:7f:4f:c5:14:23:60:f0:68:70:9f: a4:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:70:41:5E:96:1B:8D:B4:30:EA:8F:A0:1D:27:A5:D6:14:3E:FF:85 X509v3 Authority Key Identifier: keyid:F0:4B:24:D2:48:2E:F0:1F:88:B7:D0:D6:2A:53:92:27:39:B7:88:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D112B/1CD0E0502F3411EB97FE1786C4F9AE02/8Esk0kgu8B-It9DWKlOSJzm3iA0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8Esk0kgu8B-It9DWKlOSJzm3iA0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D112B/1CD0E0502F3411EB97FE1786C4F9AE02/8Esk0kgu8B-It9DWKlOSJzm3iA0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:90:bf:55:da:30:d9:95:04:32:1b:04:be:8d:fe:14:0e:08: ea:0f:5e:94:45:7f:f5:d5:d9:aa:8d:12:4f:e1:52:be:9c:0b: d0:ce:df:4a:88:67:a9:42:9f:6d:23:f4:09:1b:17:d0:b0:0e: 71:9e:c4:e5:ad:45:34:6e:97:62:ed:43:0d:33:41:1c:1e:d6: bd:db:1f:ca:68:93:7f:9e:c8:5d:69:32:bf:45:7f:33:92:f9: 6c:ed:fc:f4:86:27:56:dc:4b:69:bc:3b:1f:f2:f0:91:8f:74: aa:c1:8f:4f:22:65:e0:b6:a4:7a:49:9d:a2:30:73:75:7b:dd: 25:93:2d:de:17:fb:63:da:85:33:23:fa:43:99:f2:fe:e2:51: b4:9b:55:9f:76:5c:70:06:93:9e:96:28:a6:eb:ea:67:37:c2: f8:be:75:68:92:47:c9:a5:ef:95:9e:ca:27:c7:f7:81:a1:b5: c4:a1:b6:00:f9:70:cd:9c:99:d2:02:82:6e:54:b2:ec:a2:ba: 4b:0f:6b:3c:a6:bb:5c:de:17:57:97:5c:33:f7:5e:1e:cf:8b: 1c:26:4d:12:00:69:c9:d4:cf:cc:ef:0b:f0:32:74:cf:18:23: ce:d0:d4:c3:9c:a0:8f:f2:d6:45:71:aa:27:ef:90:68:a3:5e: e0:8d:17:ee -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBzIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDExMkIxMTAvBgNVBAUTKEYwNEIyNEQyNDgyRUYwMUY4OEI3RDBENjJBNTM5MjI3 MzlCNzg4MEQwHhcNMjUwNDI0MjEzNjU5WhcNMjUwNTAxMjEzNjU5WjAYMRYwFAYD VQQDEw02ODBhYWVmYy00YjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvyIOEKeRlfXO2Y0LNPWcqkl2mAL1XzOUxD5p6TWj/H8VT+P3EYF/TI2FoJV8 p1ipV39ul8JdFph13N52J8cvkIM6ZzOEPhsttp2xQlinUTSU/hhBpOxySwmTwmY9 XvzKLhN6gSoO+GbrgFoUMj2Ow715+866bsX2TTzOD9yslHA1nYoVnEVBT5u/RACz 90AxtFN4WI8mVFb+Ci+UDrJJr+7+aDQ5phX1FEJXh9VRlepbU8g6hZ7xH+gMLZ6O eorUtzxgu86ipFtKVq1XZND+bt9V2bKUg9YNbbUhaK11cJb1v52f544R+D67b+Ac djpjrn0LH39PxRQjYPBocJ+kLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFZwQV6W G420MOqPoB0npdYUPv+FMB8GA1UdIwQYMBaAFPBLJNJILvAfiLfQ1ipTkic5t4gN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTEyQi8xQ0QwRTA1MDJG MzQxMUVCOTdGRTE3ODZDNEY5QUUwMi84RXNrMGtndThCLUl0OURXS2xPU0p6bTNp QTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhFc2swa2d1OEItSXQ5RFdLbE9TSnptM2lBMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MTEyQi8xQ0QwRTA1MDJGMzQxMUVCOTdGRTE3ODZDNEY5QUUwMi84RXNrMGtndThC LUl0OURXS2xPU0p6bTNpQTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBzkL9V2jDZlQQyGwS+jf4UDgjqD16URX/11dmqjRJP4VK+nAvQzt9K iGepQp9tI/QJGxfQsA5xnsTlrUU0bpdi7UMNM0EcHta92x/KaJN/nshdaTK/RX8z kvls7fz0hidW3EtpvDsf8vCRj3SqwY9PImXgtqR6SZ2iMHN1e90lky3eF/tj2oUz I/pDmfL+4lG0m1WfdlxwBpOeliim6+pnN8L4vnVokkfJpe+Vnsonx/eBobXEobYA +XDNnJnSAoJuVLLsorpLD2s8prtc3hdXl1wz914ez4scJk0SAGnJ1M/M7wvwMnTP GCPO0NTDnKCP8tZFcaon75Boo17gjRfu -----END CERTIFICATE-----Generated at Sat Apr 26 04:23:59 2025 by rpki-client