$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5BA2/14FEC2EC579311ECBA2FB048C4F9AE02/bKwrcgiF6COCTBln7fw2Psh0do0.mft File: bKwrcgiF6COCTBln7fw2Psh0do0.mft (raw, json) Hash identifier: gKOqlllMCRoEuY0UfJ4oHozpnKBVRcv2yq9onScWITI= Subject key identifier: 96:21:D4:EA:34:2C:03:4C:72:6C:2E:D0:09:EE:B9:E4:E0:C0:B2:A8 Authority key identifier: 6C:AC:2B:72:08:85:E8:23:82:4C:19:67:ED:FC:36:3E:C8:74:76:8D Certificate issuer: /CN=A91D5BA2/serialNumber=6CAC2B720885E823824C1967EDFC363EC874768D Certificate serial: 043D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bKwrcgiF6COCTBln7fw2Psh0do0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5BA2/14FEC2EC579311ECBA2FB048C4F9AE02/bKwrcgiF6COCTBln7fw2Psh0do0.mft Manifest number: 0438 Signing time: Fri 25 Apr 2025 00:04:49 +0000 Manifest this update: Fri 25 Apr 2025 00:04:48 +0000 Manifest next update: Fri 02 May 2025 00:04:48 +0000 Files and hashes: 1: bKwrcgiF6COCTBln7fw2Psh0do0.crl (hash: qu6PZ7H/tR1fjcCl9y/sdUrhKczaxrriW7W5qnBjVPg=) 2: AA5ADA7C579511ECA9BDE14AC4F9AE02.roa (hash: /NgK3u5jqw1d//qoTXrGcCnkIoepRe7WzeoPLGdtL+k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5BA2/14FEC2EC579311ECBA2FB048C4F9AE02/bKwrcgiF6COCTBln7fw2Psh0do0.crl rsync://rpki.apnic.net/member_repository/A91D5BA2/14FEC2EC579311ECBA2FB048C4F9AE02/bKwrcgiF6COCTBln7fw2Psh0do0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bKwrcgiF6COCTBln7fw2Psh0do0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:04:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1085 (0x43d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5BA2, serialNumber=6CAC2B720885E823824C1967EDFC363EC874768D Validity Not Before: Apr 25 00:04:48 2025 GMT Not After : May 2 00:04:48 2025 GMT Subject: CN=680ad1a1-8866 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:95:6a:f5:35:6e:28:7e:d2:09:b1:7d:c0:c8: 64:95:9b:f3:1b:80:d4:8c:1f:1b:b9:5e:9d:d7:9f: 7f:1b:19:bc:dc:94:18:26:58:ce:a4:cd:11:38:6d: 41:11:0c:fd:1c:ea:7e:df:df:ae:56:af:56:0e:19: 69:44:38:07:ef:d3:ab:41:74:11:79:20:e9:6c:37: d8:9b:bf:5e:60:df:a5:44:b0:f6:44:1b:87:e2:71: ce:7a:79:86:85:6e:56:b6:74:e7:02:bf:61:42:c6: 61:3b:c7:c1:a6:06:28:d3:9e:e2:2c:61:6d:29:8d: 62:e3:cf:a5:95:5e:08:84:a1:cd:ba:c9:7f:59:6a: 2e:5c:4c:b1:c5:64:f8:d2:64:e2:0b:c6:a2:61:d8: 68:59:7b:55:80:b4:88:bb:96:6b:65:f3:da:70:0d: 9d:84:1c:a0:bb:9e:9b:bc:43:89:8b:88:36:5c:f9: 6f:9f:32:68:c4:e6:68:c0:cf:30:a5:c5:21:96:57: cd:ac:02:70:ea:c7:b9:dd:70:3c:6e:a1:1d:60:a4: 0c:89:5f:05:de:84:32:ee:bd:e9:cf:04:bb:ca:eb: 94:da:6f:ba:52:ba:5e:12:31:21:5b:8e:c3:89:84: ea:d1:81:1d:65:21:24:da:08:8a:44:15:09:16:32: b6:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:21:D4:EA:34:2C:03:4C:72:6C:2E:D0:09:EE:B9:E4:E0:C0:B2:A8 X509v3 Authority Key Identifier: keyid:6C:AC:2B:72:08:85:E8:23:82:4C:19:67:ED:FC:36:3E:C8:74:76:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5BA2/14FEC2EC579311ECBA2FB048C4F9AE02/bKwrcgiF6COCTBln7fw2Psh0do0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bKwrcgiF6COCTBln7fw2Psh0do0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5BA2/14FEC2EC579311ECBA2FB048C4F9AE02/bKwrcgiF6COCTBln7fw2Psh0do0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:0d:7b:47:1a:56:87:9e:ce:a0:6e:a6:2b:ff:ba:b8:2b:82: c0:e8:01:15:7d:7e:cd:14:99:db:75:7e:a4:e0:b9:df:b7:26: ac:5d:95:16:58:3f:39:eb:d6:69:32:bb:3e:6b:73:f2:6f:10: 44:47:cb:3a:79:ee:d4:dd:cb:ef:00:0a:08:56:60:d5:44:dd: c6:2a:c0:3b:17:bc:af:1c:ad:fa:5f:48:ca:d9:8e:ce:cc:ee: 82:5a:04:b2:c6:28:93:25:42:4f:13:79:fe:34:35:6f:ef:74: 81:d0:8d:4d:59:a0:e8:ce:39:72:ae:f8:c3:06:66:b0:3c:d5: 32:cd:7b:d1:c5:45:e6:f4:20:6e:2c:a8:97:49:99:d2:47:9a: b7:e9:e9:4c:f0:ab:16:28:25:03:d5:6b:b6:f9:9e:c5:b1:82: b0:82:dd:6b:9a:a1:fd:2a:ca:d4:de:cc:61:63:fa:26:fd:05: f2:e7:d9:b6:cc:8a:6f:15:e0:56:88:aa:97:6f:f2:65:6c:8a: aa:62:06:13:81:8e:8e:eb:17:33:67:45:bb:a3:f6:5a:bd:44: 0c:9b:e7:a1:7f:b8:8f:59:ec:4e:75:60:2c:05:41:e2:ef:b0: f6:d7:a1:73:dd:11:d3:b4:79:d5:82:d0:cb:5a:cf:4f:fc:24: dd:b7:51:c8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBD0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDVCQTIxMTAvBgNVBAUTKDZDQUMyQjcyMDg4NUU4MjM4MjRDMTk2N0VERkMzNjNF Qzg3NDc2OEQwHhcNMjUwNDI1MDAwNDQ4WhcNMjUwNTAyMDAwNDQ4WjAYMRYwFAYD VQQDEw02ODBhZDFhMS04ODY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwJVq9TVuKH7SCbF9wMhklZvzG4DUjB8buV6d159/Gxm83JQYJljOpM0ROG1B EQz9HOp+39+uVq9WDhlpRDgH79OrQXQReSDpbDfYm79eYN+lRLD2RBuH4nHOenmG hW5WtnTnAr9hQsZhO8fBpgYo057iLGFtKY1i48+llV4IhKHNusl/WWouXEyxxWT4 0mTiC8aiYdhoWXtVgLSIu5ZrZfPacA2dhBygu56bvEOJi4g2XPlvnzJoxOZowM8w pcUhllfNrAJw6se53XA8bqEdYKQMiV8F3oQy7r3pzwS7yuuU2m+6UrpeEjEhW47D iYTq0YEdZSEk2giKRBUJFjK2YQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJYh1Oo0 LANMcmwu0AnuueTgwLKoMB8GA1UdIwQYMBaAFGysK3IIhegjgkwZZ+38Nj7IdHaN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENUJBMi8xNEZFQzJFQzU3 OTMxMUVDQkEyRkIwNDhDNEY5QUUwMi9iS3dyY2dpRjZDT0NUQmxuN2Z3MlBzaDBk bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JLd3JjZ2lGNkNPQ1RCbG43ZncyUHNoMGRvMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NUJBMi8xNEZFQzJFQzU3OTMxMUVDQkEyRkIwNDhDNEY5QUUwMi9iS3dyY2dpRjZD T0NUQmxuN2Z3MlBzaDBkbzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAgDXtHGlaHns6gbqYr/7q4K4LA6AEVfX7NFJnbdX6k4LnftyasXZUW WD8569ZpMrs+a3PybxBER8s6ee7U3cvvAAoIVmDVRN3GKsA7F7yvHK36X0jK2Y7O zO6CWgSyxiiTJUJPE3n+NDVv73SB0I1NWaDozjlyrvjDBmawPNUyzXvRxUXm9CBu LKiXSZnSR5q36elM8KsWKCUD1Wu2+Z7FsYKwgt1rmqH9KsrU3sxhY/om/QXy59m2 zIpvFeBWiKqXb/JlbIqqYgYTgY6O6xczZ0W7o/ZavUQMm+ehf7iPWexOdWAsBUHi 77D216Fz3RHTtHnVgtDLWs9P/CTdt1HI -----END CERTIFICATE-----Generated at Sat Apr 26 04:19:54 2025 by rpki-client