$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft File: cn1G1OfHecpnYSxgtGVS68IZkPs.mft (raw, json) Hash identifier: GWU1dmT1GbJ0Z4LoEwXezHLZmzmJNbRJuwopLe0Wmpc= Subject key identifier: E5:65:40:5C:D1:AE:62:12:2C:05:19:20:D8:04:AC:11:1C:F3:B9:63 Authority key identifier: 72:7D:46:D4:E7:C7:79:CA:67:61:2C:60:B4:65:52:EB:C2:19:90:FB Certificate issuer: /CN=A91D4D97/serialNumber=727D46D4E7C779CA67612C60B46552EBC21990FB Certificate serial: 043D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cn1G1OfHecpnYSxgtGVS68IZkPs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft Manifest number: 0439 Signing time: Fri 25 Apr 2025 00:03:05 +0000 Manifest this update: Fri 25 Apr 2025 00:03:04 +0000 Manifest next update: Fri 02 May 2025 00:03:04 +0000 Files and hashes: 1: cn1G1OfHecpnYSxgtGVS68IZkPs.crl (hash: KOqy4bF3YFssDXALgc6uyTyXMlCiYIeCRb0NuHMoyCo=) 2: A9E2BE54567B11ECB346816BC4F9AE02.roa (hash: TPVU1s6exIqwh/rpq/ezgL4ll5z3zJFyVmt+0YWYn8g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.crl rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cn1G1OfHecpnYSxgtGVS68IZkPs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:03:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1085 (0x43d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4D97, serialNumber=727D46D4E7C779CA67612C60B46552EBC21990FB Validity Not Before: Apr 25 00:03:04 2025 GMT Not After : May 2 00:03:04 2025 GMT Subject: CN=680ad138-6d34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:9b:f2:a9:9c:24:04:a6:00:f8:ef:e2:79:a6: 4f:95:41:35:ae:ee:2d:6c:73:df:ff:e6:61:38:f9: 42:ed:b4:bf:a7:23:1d:1c:a6:59:b2:91:bb:eb:a1: 29:b1:bd:30:7a:77:4b:f5:ba:cd:4b:76:23:43:37: eb:89:9e:ca:93:94:bf:63:9c:35:68:2f:01:8e:13: c8:79:90:21:f2:b9:46:59:0b:f7:7b:7e:7a:56:90: 74:2d:ac:d0:6c:d6:ca:c2:de:5d:ad:7d:e8:12:63: 66:a8:69:8f:ee:0b:86:45:52:d9:58:21:fc:b3:1b: 90:e4:a5:fb:42:39:bc:c1:37:a0:0f:a4:83:f9:91: 78:2b:af:4e:ee:bd:d0:f3:7c:c5:b8:f3:be:3a:99: 02:fc:70:e4:7e:19:a0:78:5f:a1:e4:7b:18:ae:73: 45:8f:07:e5:4b:ec:9d:6c:da:76:3c:3d:7e:e6:d8: 2a:ef:8f:79:5f:e6:01:ee:3e:6d:5a:87:3e:4b:16: a5:92:0c:ec:6f:fb:ed:f9:86:b0:9b:83:74:4d:27: 35:fb:54:af:bf:5d:65:19:f8:eb:4c:64:56:01:ae: eb:39:94:e7:f5:f1:b2:61:a2:b6:7a:1d:a6:1c:01: b8:7e:ff:72:13:d7:01:54:66:8d:7d:e2:fa:bd:3f: 75:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:65:40:5C:D1:AE:62:12:2C:05:19:20:D8:04:AC:11:1C:F3:B9:63 X509v3 Authority Key Identifier: keyid:72:7D:46:D4:E7:C7:79:CA:67:61:2C:60:B4:65:52:EB:C2:19:90:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cn1G1OfHecpnYSxgtGVS68IZkPs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:d3:ea:6f:57:78:27:3b:ff:e9:ac:64:8d:fc:8a:26:ba:0e: b4:41:24:9d:98:c6:48:96:f5:0e:bc:20:0b:df:11:14:6f:df: bf:bc:af:01:d6:7f:a1:e2:2a:9c:7c:17:f2:36:d3:71:03:e3: f9:a5:ea:cb:46:a0:6b:d7:c4:c6:a3:be:bb:65:96:e7:33:db: 7b:f1:7b:fd:13:5a:e1:a3:2e:2a:80:c6:b3:d9:29:ad:42:5c: 70:b3:d1:60:4b:96:ce:d9:80:bd:60:fe:4f:60:c2:6c:62:52: 1a:ea:12:27:0d:20:58:66:52:5c:3b:87:76:b9:a0:ae:3c:d4: 2d:bb:49:36:bc:7f:79:27:03:92:09:3a:3f:55:b0:64:15:ff: 70:6f:bf:6c:35:26:fd:96:c2:6d:68:5d:71:ff:6f:82:07:ee: 70:56:05:68:e5:25:b9:d5:0a:49:2c:54:4b:19:8d:16:15:96: f4:99:20:4e:cb:77:f4:fb:e8:3b:5f:72:31:84:4e:68:46:ff: 89:c3:c5:17:57:ee:17:43:e7:8a:0b:d5:72:62:0f:f3:a7:3d: b6:b6:a2:80:ee:84:ec:c8:16:cb:6f:ea:e2:df:d2:13:2c:86: 27:05:06:47:90:ea:12:c3:ee:d5:bc:a6:02:60:d7:06:f9:57: 7d:64:31:83 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBD0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDREOTcxMTAvBgNVBAUTKDcyN0Q0NkQ0RTdDNzc5Q0E2NzYxMkM2MEI0NjU1MkVC QzIxOTkwRkIwHhcNMjUwNDI1MDAwMzA0WhcNMjUwNTAyMDAwMzA0WjAYMRYwFAYD VQQDEw02ODBhZDEzOC02ZDM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvJvyqZwkBKYA+O/ieaZPlUE1ru4tbHPf/+ZhOPlC7bS/pyMdHKZZspG766Ep sb0wendL9brNS3YjQzfriZ7Kk5S/Y5w1aC8BjhPIeZAh8rlGWQv3e356VpB0LazQ bNbKwt5drX3oEmNmqGmP7guGRVLZWCH8sxuQ5KX7Qjm8wTegD6SD+ZF4K69O7r3Q 83zFuPO+OpkC/HDkfhmgeF+h5HsYrnNFjwflS+ydbNp2PD1+5tgq7495X+YB7j5t Woc+Sxalkgzsb/vt+Yawm4N0TSc1+1Svv11lGfjrTGRWAa7rOZTn9fGyYaK2eh2m HAG4fv9yE9cBVGaNfeL6vT91SQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOVlQFzR rmISLAUZINgErBEc87ljMB8GA1UdIwQYMBaAFHJ9RtTnx3nKZ2EsYLRlUuvCGZD7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENEQ5Ny8xRjYxNDZFMDU2 NzgxMUVDOTIyQTM1NjdDNEY5QUUwMi9jbjFHMU9mSGVjcG5ZU3hndEdWUzY4SVpr UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NuMUcxT2ZIZWNwbllTeGd0R1ZTNjhJWmtQcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NEQ5Ny8xRjYxNDZFMDU2NzgxMUVDOTIyQTM1NjdDNEY5QUUwMi9jbjFHMU9mSGVj cG5ZU3hndEdWUzY4SVprUHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCC0+pvV3gnO//prGSN/Iomug60QSSdmMZIlvUOvCAL3xEUb9+/vK8B 1n+h4iqcfBfyNtNxA+P5perLRqBr18TGo767ZZbnM9t78Xv9E1rhoy4qgMaz2Smt Qlxws9FgS5bO2YC9YP5PYMJsYlIa6hInDSBYZlJcO4d2uaCuPNQtu0k2vH95JwOS CTo/VbBkFf9wb79sNSb9lsJtaF1x/2+CB+5wVgVo5SW51QpJLFRLGY0WFZb0mSBO y3f0++g7X3IxhE5oRv+Jw8UXV+4XQ+eKC9VyYg/zpz22tqKA7oTsyBbLb+ri39IT LIYnBQZHkOoSw+7VvKYCYNcG+Vd9ZDGD -----END CERTIFICATE-----Generated at Sat Apr 26 12:35:53 2025 by rpki-client