$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft File: -Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft (raw, json) Hash identifier: j8Py3iTXqLHf24KIqeKrHEeqk/FlIVIiSiP4WZOt3tw= Subject key identifier: 84:B8:AF:92:CD:04:BA:21:02:28:F4:3A:F5:B3:95:76:19:49:15:0F Authority key identifier: F9:1A:3A:98:31:43:84:C4:03:A8:FF:22:A4:53:BC:A1:A3:BA:6C:D8 Certificate issuer: /CN=A91D3102/serialNumber=F91A3A98314384C403A8FF22A453BCA1A3BA6CD8 Certificate serial: 2DC5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft Manifest number: 2DAD Signing time: Thu 24 Apr 2025 15:30:26 +0000 Manifest this update: Thu 24 Apr 2025 15:30:26 +0000 Manifest next update: Thu 01 May 2025 15:30:26 +0000 Files and hashes: 1: -Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl (hash: EsStgiepryLhzJSTxBVFW7S6TFZPSdnTWLN1Nhq/Bm4=) 2: 611D8094B13D11E59299870AC4F9AE02.roa (hash: Ge8zFlpjpqEtuKQN0h56H1Urr1O0D0HMkBD9jJfCPmM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:30:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11717 (0x2dc5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3102, serialNumber=F91A3A98314384C403A8FF22A453BCA1A3BA6CD8 Validity Not Before: Apr 24 15:30:26 2025 GMT Not After : May 1 15:30:26 2025 GMT Subject: CN=680a5912-c39a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:fe:46:8d:21:fd:93:48:cb:27:fe:4a:fd:8f: 83:ad:9e:77:f4:70:a1:bf:8b:fc:a6:51:55:11:64: b6:58:36:e6:c9:64:f2:a2:5c:98:49:bb:7a:8a:ef: 84:b1:b9:fb:6d:58:ca:f7:72:05:7f:a1:76:ce:32: 16:a3:49:d7:af:60:8f:af:3a:18:51:8f:4d:ab:f6: 38:36:f4:b0:13:73:13:57:dc:ea:95:04:d3:fa:37: 27:50:92:38:15:56:2d:7b:cb:25:50:18:a7:00:6f: 05:fb:4a:9c:65:c6:1e:0a:64:96:c3:7b:11:89:75: 59:70:f8:31:40:09:6f:65:19:4b:4d:22:ed:47:db: 8f:d3:f9:d9:01:29:02:ae:b3:85:40:2c:58:ba:89: 98:2e:18:e3:44:1e:e9:bc:ad:11:36:39:b2:b9:ff: d2:46:ce:e6:52:5f:e3:6c:ff:69:58:42:37:0e:f1: 45:2b:fd:c1:a5:cb:e4:c4:18:70:49:41:5b:62:c1: 3b:c3:08:56:dd:6e:40:6f:a7:74:5d:6b:14:b6:ed: 4a:51:68:93:3b:3b:9f:5a:07:4a:e6:b4:0b:99:b2: 69:f4:fc:c9:80:bb:00:b5:2a:3e:46:42:ac:d4:32: 50:98:44:5d:9e:af:92:d9:79:e4:9e:5d:38:94:df: 42:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:B8:AF:92:CD:04:BA:21:02:28:F4:3A:F5:B3:95:76:19:49:15:0F X509v3 Authority Key Identifier: keyid:F9:1A:3A:98:31:43:84:C4:03:A8:FF:22:A4:53:BC:A1:A3:BA:6C:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:e3:6e:a1:41:1c:a7:b2:ce:c2:5f:27:e2:35:6b:5c:3f:f9: cd:43:fe:20:df:f3:eb:8c:8e:c5:68:eb:ca:53:b4:94:7a:48: 0c:62:e5:2b:3b:55:ce:1d:b9:bf:c5:7b:a5:6e:a9:7e:e7:75: a5:ec:ed:4b:45:a3:b3:4e:d1:fd:7f:02:0f:3f:37:bd:ea:ba: 1c:84:b7:ac:be:d7:57:0c:47:3b:e9:58:2e:c3:fd:cb:75:41: 14:81:85:c8:19:43:d2:b2:59:84:c9:86:82:0a:ae:d2:a2:9f: 25:df:e6:aa:f6:ea:3d:8a:e3:39:63:f6:16:f6:ed:a3:fa:80: 3e:ab:06:99:26:7b:6d:07:86:5a:91:2d:23:15:3c:54:5c:2d: 92:03:8e:21:21:63:4e:a4:30:01:d6:e9:dc:35:99:62:76:39: 58:cd:b1:a7:cb:e8:10:c6:99:1d:e3:77:12:00:7c:7c:c2:28: af:82:b3:b8:3f:c8:4d:11:8c:98:94:d1:c4:ab:46:54:9c:5a: ba:ac:c9:14:73:00:8b:07:91:52:37:ef:40:5f:78:a0:b1:b3: f5:a0:38:7d:5e:91:bf:ad:4e:79:e4:e6:47:45:02:29:04:d1: e4:eb:e0:55:81:8e:f0:72:0b:8c:98:78:0c:4f:c1:fc:d7:cf: 38:8d:78:0d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICLcUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDMxMDIxMTAvBgNVBAUTKEY5MUEzQTk4MzE0Mzg0QzQwM0E4RkYyMkE0NTNCQ0Ex QTNCQTZDRDgwHhcNMjUwNDI0MTUzMDI2WhcNMjUwNTAxMTUzMDI2WjAYMRYwFAYD VQQDEw02ODBhNTkxMi1jMzlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1f5GjSH9k0jLJ/5K/Y+DrZ539HChv4v8plFVEWS2WDbmyWTyolyYSbt6iu+E sbn7bVjK93IFf6F2zjIWo0nXr2CPrzoYUY9Nq/Y4NvSwE3MTV9zqlQTT+jcnUJI4 FVYte8slUBinAG8F+0qcZcYeCmSWw3sRiXVZcPgxQAlvZRlLTSLtR9uP0/nZASkC rrOFQCxYuomYLhjjRB7pvK0RNjmyuf/SRs7mUl/jbP9pWEI3DvFFK/3BpcvkxBhw SUFbYsE7wwhW3W5Ab6d0XWsUtu1KUWiTOzufWgdK5rQLmbJp9PzJgLsAtSo+RkKs 1DJQmERdnq+S2Xnknl04lN9C/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIS4r5LN BLohAij0OvWzlXYZSRUPMB8GA1UdIwQYMBaAFPkaOpgxQ4TEA6j/IqRTvKGjumzY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzEwMi9ENEFFRTJDODc2 OEUxMUUzOTlBOTU3NDU1OTExRUEzMi8tUm82bURGRGhNUURxUDhpcEZPOG9hTzZi TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1SbzZtREZEaE1RRHFQOGlwRk84b2FPNmJOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MzEwMi9ENEFFRTJDODc2OEUxMUUzOTlBOTU3NDU1OTExRUEzMi8tUm82bURGRGhN UURxUDhpcEZPOG9hTzZiTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA9426hQRynss7CXyfiNWtcP/nNQ/4g3/PrjI7FaOvKU7SUekgMYuUr O1XOHbm/xXulbql+53Wl7O1LRaOzTtH9fwIPPze96rochLesvtdXDEc76Vguw/3L dUEUgYXIGUPSslmEyYaCCq7Sop8l3+aq9uo9iuM5Y/YW9u2j+oA+qwaZJnttB4Za kS0jFTxUXC2SA44hIWNOpDAB1uncNZlidjlYzbGny+gQxpkd43cSAHx8wiivgrO4 P8hNEYyYlNHEq0ZUnFq6rMkUcwCLB5FSN+9AX3igsbP1oDh9XpG/rU555OZHRQIp BNHk6+BVgY7wcguMmHgMT8H81884jXgN -----END CERTIFICATE-----Generated at Sat Apr 26 05:29:27 2025 by rpki-client