$ rpki-client -vvf rpki.apnic.net/member_repository/A91D599B/D7224FF254B211E88E69E909C4F9AE02/_LI8e_Xxk1YnW6z1fNtVv9YOBKw.mft File: _LI8e_Xxk1YnW6z1fNtVv9YOBKw.mft (raw, json) Hash identifier: 1nJ1vgd9V/6MVzEjLxqXOlizSKiuROs1xX9mcQ2xhOs= Subject key identifier: A8:46:E0:46:C4:9E:35:EF:B7:40:7C:6C:2C:F3:3D:03:AC:ED:3A:1F Authority key identifier: FC:B2:3C:7B:F5:F1:93:56:27:5B:AC:F5:7C:DB:55:BF:D6:0E:04:AC Certificate issuer: /CN=A91D599B/serialNumber=FCB23C7BF5F19356275BACF57CDB55BFD60E04AC Certificate serial: 14D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_LI8e_Xxk1YnW6z1fNtVv9YOBKw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D599B/D7224FF254B211E88E69E909C4F9AE02/_LI8e_Xxk1YnW6z1fNtVv9YOBKw.mft Manifest number: 14CA Signing time: Thu 24 Apr 2025 16:51:23 +0000 Manifest this update: Thu 24 Apr 2025 16:51:22 +0000 Manifest next update: Thu 01 May 2025 16:51:22 +0000 Files and hashes: 1: _LI8e_Xxk1YnW6z1fNtVv9YOBKw.crl (hash: soSPx7oPQaOrrH9IM12eDTZ1A9VXjPYG0jkVUPMsoDE=) 2: 1BFCE1E0554F11E8A5C82D57C4F9AE02.roa (hash: XC7zxbxHdlAL0s8scJjof6sYByPifHkXs75rsYmLs/g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D599B/D7224FF254B211E88E69E909C4F9AE02/_LI8e_Xxk1YnW6z1fNtVv9YOBKw.crl rsync://rpki.apnic.net/member_repository/A91D599B/D7224FF254B211E88E69E909C4F9AE02/_LI8e_Xxk1YnW6z1fNtVv9YOBKw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_LI8e_Xxk1YnW6z1fNtVv9YOBKw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:51:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5330 (0x14d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D599B, serialNumber=FCB23C7BF5F19356275BACF57CDB55BFD60E04AC Validity Not Before: Apr 24 16:51:22 2025 GMT Not After : May 1 16:51:22 2025 GMT Subject: CN=680a6c0b-027a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:b6:ed:9c:74:08:a5:35:63:18:49:cc:86:4c: b7:5d:f7:c3:c9:4c:98:b7:c5:08:23:d2:55:79:0f: f0:ac:14:a1:c4:f8:f3:51:46:d8:c4:5a:97:ec:aa: a9:f9:2d:04:c4:4d:99:ba:87:70:4b:7b:8a:10:f9: dc:96:d8:ae:29:73:42:8d:30:55:0d:ed:e0:3d:68: 51:c2:77:b6:e5:4c:e3:91:cc:f5:3e:f7:ce:c9:f1: 51:31:24:13:39:dd:0b:ed:a5:99:f7:73:81:fa:71: 62:12:06:2c:71:6d:4e:5e:16:a2:27:cb:a7:6c:54: 5e:e2:bb:3b:91:d2:9f:d2:4d:c8:d8:ca:8d:20:b2: a3:4b:b6:45:c9:c9:35:18:0b:47:b6:22:0f:27:84: f4:3a:74:40:96:b9:a0:5f:0f:24:3f:2c:50:99:81: 7c:23:99:2f:29:75:46:71:1c:1c:d8:67:a2:c6:ef: 14:b5:d8:b2:24:37:79:0b:86:c6:b4:84:82:2b:be: a1:14:a0:5c:10:53:a8:71:9a:74:df:e3:06:07:ea: 45:13:2e:02:e7:c6:c6:b4:8a:96:e1:0a:2d:23:d2: 97:cc:60:03:30:7f:f4:a2:45:a7:53:64:4b:0e:e9: 7a:35:e7:65:b9:a9:aa:ed:b9:7f:4e:da:47:f0:c1: e5:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:46:E0:46:C4:9E:35:EF:B7:40:7C:6C:2C:F3:3D:03:AC:ED:3A:1F X509v3 Authority Key Identifier: keyid:FC:B2:3C:7B:F5:F1:93:56:27:5B:AC:F5:7C:DB:55:BF:D6:0E:04:AC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D599B/D7224FF254B211E88E69E909C4F9AE02/_LI8e_Xxk1YnW6z1fNtVv9YOBKw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_LI8e_Xxk1YnW6z1fNtVv9YOBKw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D599B/D7224FF254B211E88E69E909C4F9AE02/_LI8e_Xxk1YnW6z1fNtVv9YOBKw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b8:99:56:68:4a:2d:29:b4:23:32:bc:77:10:3a:86:cd:75:cb: 5c:a3:a3:90:1e:d7:88:8f:77:b2:0c:12:ce:20:55:f7:4f:2b: e4:b9:a5:e6:09:83:94:28:4c:a4:ed:94:5d:c0:8c:72:a6:0f: c9:62:5b:eb:a7:67:3e:0b:c4:f0:a8:b4:31:0c:aa:1e:01:86: dd:f7:20:87:0b:a8:0c:ac:d3:b6:50:75:e7:02:fd:3f:b5:32: 96:cc:1a:47:26:17:93:ce:a6:20:93:cd:09:8a:a4:71:c7:12: 67:1a:ab:10:a4:76:51:82:7a:40:85:17:fc:0f:2f:db:ae:65: 52:56:bb:38:5c:88:98:3c:52:05:a4:17:d3:8c:f2:57:2a:cf: 3b:09:bf:6e:1a:e5:00:14:ff:f4:ae:09:8b:3f:fc:6b:6d:5a: 4a:31:50:14:72:13:e2:3a:b7:68:42:82:76:d7:e8:b5:42:22: 39:ec:3f:01:1d:ed:63:12:17:3b:2d:1d:bd:87:22:e3:7e:5f: a1:ac:7c:e8:7b:df:c4:d4:bc:53:2d:ba:35:7c:ec:98:f6:b0: dc:93:bc:b4:e6:e5:dd:8f:16:6b:d1:3e:b9:a8:72:f0:64:f5: 1c:69:79:0a:6f:42:8c:09:5f:4d:1b:c1:84:5f:f2:04:7c:b9: 87:76:71:c0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFNIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDU5OUIxMTAvBgNVBAUTKEZDQjIzQzdCRjVGMTkzNTYyNzVCQUNGNTdDREI1NUJG RDYwRTA0QUMwHhcNMjUwNDI0MTY1MTIyWhcNMjUwNTAxMTY1MTIyWjAYMRYwFAYD VQQDEw02ODBhNmMwYi0wMjdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4bbtnHQIpTVjGEnMhky3XffDyUyYt8UII9JVeQ/wrBShxPjzUUbYxFqX7Kqp +S0ExE2ZuodwS3uKEPncltiuKXNCjTBVDe3gPWhRwne25Uzjkcz1PvfOyfFRMSQT Od0L7aWZ93OB+nFiEgYscW1OXhaiJ8unbFRe4rs7kdKf0k3I2MqNILKjS7ZFyck1 GAtHtiIPJ4T0OnRAlrmgXw8kPyxQmYF8I5kvKXVGcRwc2Geixu8UtdiyJDd5C4bG tISCK76hFKBcEFOocZp03+MGB+pFEy4C58bGtIqW4QotI9KXzGADMH/0okWnU2RL Dul6Nedluamq7bl/TtpH8MHljQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKhG4EbE njXvt0B8bCzzPQOs7TofMB8GA1UdIwQYMBaAFPyyPHv18ZNWJ1us9XzbVb/WDgSs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTk5Qi9ENzIyNEZGMjU0 QjIxMUU4OEU2OUU5MDlDNEY5QUUwMi9fTEk4ZV9YeGsxWW5XNnoxZk50VnY5WU9C S3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19MSThlX1h4azFZblc2ejFmTnRWdjlZT0JLdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NTk5Qi9ENzIyNEZGMjU0QjIxMUU4OEU2OUU5MDlDNEY5QUUwMi9fTEk4ZV9YeGsx WW5XNnoxZk50VnY5WU9CS3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC4mVZoSi0ptCMyvHcQOobNdctco6OQHteIj3eyDBLOIFX3TyvkuaXm CYOUKEyk7ZRdwIxypg/JYlvrp2c+C8TwqLQxDKoeAYbd9yCHC6gMrNO2UHXnAv0/ tTKWzBpHJheTzqYgk80JiqRxxxJnGqsQpHZRgnpAhRf8Dy/brmVSVrs4XIiYPFIF pBfTjPJXKs87Cb9uGuUAFP/0rgmLP/xrbVpKMVAUchPiOrdoQoJ21+i1QiI57D8B He1jEhc7LR29hyLjfl+hrHzoe9/E1LxTLbo1fOyY9rDck7y05uXdjxZr0T65qHLw ZPUcaXkKb0KMCV9NG8GEX/IEfLmHdnHA -----END CERTIFICATE-----Generated at Sat Apr 26 04:35:54 2025 by rpki-client