$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft File: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft (raw, json) Hash identifier: +GJbVio+R7N1HCTmW+p1qkcelzISbrptJq4kHQwUbyc= Subject key identifier: AE:81:97:EF:11:08:87:D0:EE:1D:E3:08:DC:72:00:FD:6E:CB:09:F2 Authority key identifier: 8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E Certificate issuer: /CN=A91D4413/serialNumber=8AA8786526852346839372631DFB09984BC3005E Certificate serial: 0A7E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft Manifest number: 2B22 Signing time: Thu 24 Apr 2025 15:58:33 +0000 Manifest this update: Thu 24 Apr 2025 15:58:33 +0000 Manifest next update: Thu 01 May 2025 15:58:33 +0000 Files and hashes: 1: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl (hash: BgZGw209v65qgpnJRCS7SnR5vLpm11Lfs5gSIro8rWc=) 2: DD7FC172E17D11EFAC0A7E29C4F9AE02.roa (hash: iuR0hKy1te9ReiQAcpbPM6UF6bcHMIJQ871N78hvW5A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:58:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2686 (0xa7e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4413, serialNumber=8AA8786526852346839372631DFB09984BC3005E Validity Not Before: Apr 24 15:58:33 2025 GMT Not After : May 1 15:58:33 2025 GMT Subject: CN=680a5fa9-7456 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:63:84:b9:f6:07:67:3e:ff:de:b5:ab:0e:ca: 58:75:09:8f:0f:34:a8:f5:8f:af:ec:0b:15:f2:6c: 53:ac:01:9d:10:7a:a3:c3:92:5f:4c:85:04:3f:3e: ed:20:db:33:6b:6a:35:2f:c4:0f:21:e1:7b:4a:00: cf:23:65:ca:a3:6a:2b:87:92:1f:49:48:53:76:ac: ee:51:ce:47:58:33:31:ab:ab:8a:99:9a:c1:e9:95: 41:25:26:9d:68:6d:8b:76:bc:ba:34:a1:00:6c:ff: 2e:18:23:55:8b:e1:ac:51:d3:cb:a7:bd:f1:92:1e: 79:27:c0:a5:ca:4e:2c:d8:c4:6a:0a:70:01:85:17: bf:37:54:51:df:e9:a4:18:60:3a:c3:3d:1f:7a:a6: 84:24:bd:bb:4f:a4:bc:78:cb:5f:de:ad:64:aa:24: cc:05:36:ff:a1:f3:17:c8:c5:ea:05:ff:36:4b:1a: 7c:26:9f:3a:76:d0:04:2d:a5:1b:5e:06:d0:7a:86: dd:29:2b:c4:ae:6d:20:10:22:f0:70:04:d2:5d:1e: 68:50:af:0e:ed:86:f2:b1:dd:dc:0c:c5:86:29:72: 2e:39:54:34:c3:db:0b:30:c2:5d:54:ce:69:c7:56: b1:73:4e:06:54:1c:82:e1:74:ce:b6:34:5d:aa:c1: d5:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:81:97:EF:11:08:87:D0:EE:1D:E3:08:DC:72:00:FD:6E:CB:09:F2 X509v3 Authority Key Identifier: keyid:8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:58:ff:fa:3f:8f:2a:ba:50:0a:bb:13:9d:f9:91:5f:10:67: d1:9d:70:6c:ce:f4:78:a6:2b:54:ed:74:ef:f6:91:b4:37:fc: 26:ad:a6:91:f3:73:bc:ba:46:59:25:61:47:23:42:08:2f:63: d3:f7:fb:de:29:cf:dc:a3:8e:51:a1:02:a6:8a:df:dc:9e:25: 07:85:48:7c:eb:6b:a7:b5:9c:fc:56:80:bb:31:df:66:27:36: a9:55:c7:05:8d:43:32:70:bd:aa:5d:01:8f:f6:23:ea:00:1f: 31:8f:e0:0f:2f:cf:36:a8:8a:f8:5b:70:ac:e5:5a:40:05:4a: c5:d4:85:fd:62:cf:49:ce:d8:fc:91:9e:fc:59:8a:8e:96:8a: cd:5e:62:06:74:fb:21:35:dc:f3:76:4e:fa:61:4c:81:9c:14: f0:51:7c:09:e9:65:b0:af:dd:25:e5:48:17:cd:0f:84:c8:17: 32:69:4a:d9:33:92:49:37:b9:42:5f:9c:5b:32:15:68:7d:e0: 7c:c1:3f:93:cc:fc:99:47:de:4d:3d:82:7e:fb:eb:17:20:9f: ff:de:6d:3a:18:c8:0d:60:b6:09:0d:15:32:31:45:dc:5c:2b: 0b:cf:09:b8:7c:9e:25:72:12:7f:31:be:14:d1:f7:24:9f:82: 65:c7:7b:90 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCn4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ0MTMxMTAvBgNVBAUTKDhBQTg3ODY1MjY4NTIzNDY4MzkzNzI2MzFERkIwOTk4 NEJDMzAwNUUwHhcNMjUwNDI0MTU1ODMzWhcNMjUwNTAxMTU1ODMzWjAYMRYwFAYD VQQDEw02ODBhNWZhOS03NDU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt2OEufYHZz7/3rWrDspYdQmPDzSo9Y+v7AsV8mxTrAGdEHqjw5JfTIUEPz7t INsza2o1L8QPIeF7SgDPI2XKo2orh5IfSUhTdqzuUc5HWDMxq6uKmZrB6ZVBJSad aG2Ldry6NKEAbP8uGCNVi+GsUdPLp73xkh55J8Clyk4s2MRqCnABhRe/N1RR3+mk GGA6wz0feqaEJL27T6S8eMtf3q1kqiTMBTb/ofMXyMXqBf82Sxp8Jp86dtAELaUb XgbQeobdKSvErm0gECLwcATSXR5oUK8O7Ybysd3cDMWGKXIuOVQ0w9sLMMJdVM5p x1axc04GVByC4XTOtjRdqsHV9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK6Bl+8R CIfQ7h3jCNxyAP1uywnyMB8GA1UdIwQYMBaAFIqoeGUmhSNGg5NyYx37CZhLwwBe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDQxMy8wODE2RTc1NEZG QjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkwYURrM0pqSGZzSm1FdkRB RjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lxaDRaU2FGSTBhRGszSmpIZnNKbUV2REFGNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDQxMy8wODE2RTc1NEZGQjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkw YURrM0pqSGZzSm1FdkRBRjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCCWP/6P48qulAKuxOd+ZFfEGfRnXBszvR4pitU7XTv9pG0N/wmraaR 83O8ukZZJWFHI0IIL2PT9/veKc/co45RoQKmit/cniUHhUh862untZz8VoC7Md9m JzapVccFjUMycL2qXQGP9iPqAB8xj+APL882qIr4W3Cs5VpABUrF1IX9Ys9Jztj8 kZ78WYqOlorNXmIGdPshNdzzdk76YUyBnBTwUXwJ6WWwr90l5UgXzQ+EyBcyaUrZ M5JJN7lCX5xbMhVofeB8wT+TzPyZR95NPYJ+++sXIJ//3m06GMgNYLYJDRUyMUXc XCsLzwm4fJ4lchJ/Mb4U0fckn4Jlx3uQ -----END CERTIFICATE-----Generated at Sat Apr 26 12:33:38 2025 by rpki-client