$ rpki-client -vvf rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft File: -iKAHFKuKl_EkbfL6-aO_KLI0dk.mft (raw, json) Hash identifier: tWteLIq0tvz8GWiGm9VbRr7hDByW5oc8BpF3o4XJSIk= Subject key identifier: A0:06:6C:F1:69:10:FA:56:7E:48:E6:BE:CE:78:9B:BC:39:2E:11:F6 Authority key identifier: FA:22:80:1C:52:AE:2A:5F:C4:91:B7:CB:EB:E6:8E:FC:A2:C8:D1:D9 Certificate issuer: /CN=A91D837B/serialNumber=FA22801C52AE2A5FC491B7CBEBE68EFCA2C8D1D9 Certificate serial: 48 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft Manifest number: 47 Signing time: Fri 25 Apr 2025 06:25:12 +0000 Manifest this update: Fri 25 Apr 2025 06:25:12 +0000 Manifest next update: Fri 02 May 2025 06:25:12 +0000 Files and hashes: 1: -iKAHFKuKl_EkbfL6-aO_KLI0dk.crl (hash: T5ioll2Eg9g3UnRN1pAEd9eq/blB7REBQKB1K6eNqCc=) 2: 8F7DFE66C96E11EF98B64E15C4F9AE02.roa (hash: NJttL+qjjIMKQduatRuB9wCf9GQJviKk9JlU07XKUgE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.crl rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:25:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72 (0x48) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D837B, serialNumber=FA22801C52AE2A5FC491B7CBEBE68EFCA2C8D1D9 Validity Not Before: Apr 25 06:25:12 2025 GMT Not After : May 2 06:25:12 2025 GMT Subject: CN=680b2ac8-47a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:55:61:56:b0:75:00:ab:4f:18:05:be:66:07: 24:ad:ee:d0:38:6e:c3:7a:8a:36:0f:a9:05:30:45: 32:80:24:05:a6:6f:57:d6:4d:53:5a:62:c9:a3:66: 6a:0f:83:fd:d7:b0:2f:50:04:32:87:fc:2d:aa:ff: ac:47:13:16:1f:63:7f:3c:d5:e6:3c:c8:a4:c6:80: 97:77:2a:dd:7f:05:a3:4d:c5:e3:f0:81:78:87:08: e7:7d:60:21:a2:98:7c:2c:e2:fa:76:de:0e:d5:f7: aa:f3:66:41:1d:4e:8f:02:a3:f5:3e:f6:98:d2:eb: 0a:0e:48:15:7d:6b:7d:9c:21:24:83:42:e1:29:bf: cd:45:7d:20:0b:5a:6d:f9:4e:48:db:4a:2f:23:1a: 1e:dc:11:19:a7:f4:6c:52:af:96:d6:0e:5c:d3:35: c6:c5:61:cc:bd:0f:92:70:97:dd:0d:96:3d:93:5a: e0:20:eb:1c:4e:ee:68:1c:4d:c1:81:19:84:a9:26: 48:32:86:26:62:c1:72:50:b2:0e:f8:86:e9:51:e9: 7c:77:81:cf:88:96:79:24:9a:7a:d0:0d:dc:0d:e3: 3a:9d:5b:6c:3e:24:60:fd:6f:e3:03:2a:60:52:74: de:2f:49:3d:14:3a:35:1c:c7:b5:26:d0:dc:2e:2f: 74:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:06:6C:F1:69:10:FA:56:7E:48:E6:BE:CE:78:9B:BC:39:2E:11:F6 X509v3 Authority Key Identifier: keyid:FA:22:80:1C:52:AE:2A:5F:C4:91:B7:CB:EB:E6:8E:FC:A2:C8:D1:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 93:62:24:e4:65:24:88:c5:a9:f8:75:6c:2f:32:21:78:1d:22: 3d:d2:99:6b:b1:3d:73:09:87:a5:d4:0d:5d:a6:22:9e:88:1e: dd:f6:38:67:95:93:73:76:e4:48:00:e6:f7:a8:77:79:b8:88: 90:9f:a8:d0:d8:57:94:fe:b3:7e:26:56:bd:70:52:c9:6d:6e: 99:15:80:61:c7:8e:0a:ff:1e:45:9b:18:6e:c7:10:89:9a:8a: 4c:b6:bd:d0:6b:f6:93:75:df:09:56:55:1a:3a:b6:37:10:9f: 3e:35:b4:e6:2c:02:0a:b6:4d:dc:35:d0:5d:50:f5:27:e7:74: 25:0d:87:84:4d:2b:fa:d8:af:cd:e6:08:01:70:67:96:78:a1: 28:2f:91:f1:de:fe:84:c8:2f:87:92:9f:f0:41:72:f5:84:b2: 0d:04:9b:56:e9:d3:46:95:4e:4e:32:50:fd:3e:81:31:b8:bf: e4:8d:b6:7f:da:20:9f:ee:50:50:54:42:61:38:80:2d:ef:46: 00:ea:46:6b:eb:8c:a2:87:f4:ff:2a:d9:fc:0c:41:b4:28:6d: 6c:dd:4f:f2:ad:49:be:5b:ef:2d:47:a5:bf:de:a0:f5:ca:21: c8:29:1d:17:45:13:38:22:8c:f4:6e:5c:95:69:6d:20:d2:03: 95:3f:82:36 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBSDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE ODM3QjExMC8GA1UEBRMoRkEyMjgwMUM1MkFFMkE1RkM0OTFCN0NCRUJFNjhFRkNB MkM4RDFEOTAeFw0yNTA0MjUwNjI1MTJaFw0yNTA1MDIwNjI1MTJaMBgxFjAUBgNV BAMTDTY4MGIyYWM4LTQ3YTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC5VWFWsHUAq08YBb5mBySt7tA4bsN6ijYPqQUwRTKAJAWmb1fWTVNaYsmjZmoP g/3XsC9QBDKH/C2q/6xHExYfY3881eY8yKTGgJd3Kt1/BaNNxePwgXiHCOd9YCGi mHws4vp23g7V96rzZkEdTo8Co/U+9pjS6woOSBV9a32cISSDQuEpv81FfSALWm35 TkjbSi8jGh7cERmn9GxSr5bWDlzTNcbFYcy9D5Jwl90Nlj2TWuAg6xxO7mgcTcGB GYSpJkgyhiZiwXJQsg74hulR6Xx3gc+IlnkkmnrQDdwN4zqdW2w+JGD9b+MDKmBS dN4vST0UOjUcx7Um0NwuL3TzAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUoAZs8WkQ +lZ+SOa+znibvDkuEfYwHwYDVR0jBBgwFoAU+iKAHFKuKl/EkbfL6+aO/KLI0dkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4MzdCLzE1OEQ3RjNDQjk5 QzExRUY5NjM4Rjc2OUM0RjlBRTAyLy1pS0FIRkt1S2xfRWtiZkw2LWFPX0tMSTBk ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvLWlLQUhGS3VLbF9Fa2JmTDYtYU9fS0xJMGRrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4 MzdCLzE1OEQ3RjNDQjk5QzExRUY5NjM4Rjc2OUM0RjlBRTAyLy1pS0FIRkt1S2xf RWtiZkw2LWFPX0tMSTBkay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJNiJORlJIjFqfh1bC8yIXgdIj3SmWuxPXMJh6XUDV2mIp6IHt32OGeV k3N25EgA5veod3m4iJCfqNDYV5T+s34mVr1wUsltbpkVgGHHjgr/HkWbGG7HEIma iky2vdBr9pN13wlWVRo6tjcQnz41tOYsAgq2Tdw10F1Q9SfndCUNh4RNK/rYr83m CAFwZ5Z4oSgvkfHe/oTIL4eSn/BBcvWEsg0Em1bp00aVTk4yUP0+gTG4v+SNtn/a IJ/uUFBUQmE4gC3vRgDqRmvrjKKH9P8q2fwMQbQobWzdT/KtSb5b7y1Hpb/eoPXK IcgpHRdFEzgijPRuXJVpbSDSA5U/gjY= -----END CERTIFICATE-----Generated at Sat Apr 26 12:29:26 2025 by rpki-client