$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft File: nEKLhAc-vngu7TP5LkDdc2GgnKo.mft (raw, json) Hash identifier: MS/Z8P4yCAi/9ojMgeWmMZbQPBb9iRpa9l996xdJmVk= Subject key identifier: BC:C4:6E:64:7F:D4:E5:E4:89:81:68:19:BF:15:23:6D:1C:DD:7B:5A Authority key identifier: 9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA Certificate issuer: /CN=A91D8B6F/serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA Certificate serial: 085B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft Manifest number: 0856 Signing time: Thu 24 Apr 2025 20:34:09 +0000 Manifest this update: Thu 24 Apr 2025 20:34:08 +0000 Manifest next update: Thu 01 May 2025 20:34:08 +0000 Files and hashes: 1: nEKLhAc-vngu7TP5LkDdc2GgnKo.crl (hash: 7sm6HJctrJLPU59W+jMsf6i4kYBoMVGzrdfLVBqb9tc=) 2: FE60ECB0879311EB84047577C4F9AE02.roa (hash: 7JqfyMrbJ4CL7Io5TdtHAHWsu8lXWZvGXH4eXClkDWI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:34:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2139 (0x85b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8B6F, serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA Validity Not Before: Apr 24 20:34:08 2025 GMT Not After : May 1 20:34:08 2025 GMT Subject: CN=680aa041-4729 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:f8:48:17:d3:50:70:14:77:d1:15:55:e7:5c: ab:5e:79:48:b1:48:df:33:07:ca:13:07:14:aa:68: 0c:97:72:ef:4d:00:56:1a:4a:2c:a5:42:90:02:44: 81:cc:20:8b:ee:69:3e:bc:5e:fe:88:76:5f:79:7e: d3:1f:49:b6:11:02:94:ba:70:04:80:29:13:67:e7: 17:b3:88:62:4b:19:85:c1:2a:c1:bc:1c:95:bc:fb: 83:15:c8:fa:dd:e7:bd:57:38:ea:f4:dd:7c:d0:d0: 98:68:43:84:3c:cf:6e:3a:50:e0:33:ab:54:56:fa: 46:2e:51:4b:bf:87:b8:51:3b:33:5a:ae:34:ef:d3: 0c:b8:5c:03:d8:7a:74:22:d5:13:f3:d6:2e:f2:fb: 05:9a:35:ea:ae:59:19:81:7f:5a:d0:f1:47:ee:5e: 57:f4:b5:a6:1d:bb:71:3c:20:a0:9b:60:13:87:b6: f0:39:45:af:f4:af:85:d7:17:a1:a2:51:85:2b:a4: 10:cb:49:45:c4:17:9c:65:77:2d:84:b0:5e:f5:01: 37:44:0a:5d:53:0a:ca:38:a8:45:44:f1:27:68:5d: 21:bd:e6:f2:2f:6b:90:1b:fc:02:6f:42:3f:55:da: 22:48:8f:13:28:a5:a0:77:33:92:75:11:f7:4c:e2: ab:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:C4:6E:64:7F:D4:E5:E4:89:81:68:19:BF:15:23:6D:1C:DD:7B:5A X509v3 Authority Key Identifier: keyid:9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:03:15:c4:f7:c1:65:85:bc:04:6b:ae:13:c2:6d:77:83:0f: f4:27:2f:57:35:cc:3c:bd:6b:92:73:58:64:9f:1d:4b:47:b4: 4d:92:1a:3c:83:f4:f2:b0:d4:4a:fc:61:5e:7e:e7:11:de:cc: 01:c5:fe:53:f2:f1:21:2f:70:8b:00:57:f1:64:a8:86:18:73: 20:9b:94:1f:84:d2:4c:8b:d5:9e:02:74:43:36:e3:92:a3:d5: 2c:eb:8e:86:62:23:da:22:cf:22:5d:b7:11:a3:e7:eb:63:a7: 68:1d:80:f6:ca:24:57:e3:d5:31:70:eb:b0:e2:b8:76:8e:ba: d1:dc:07:3f:f3:f5:12:2c:20:bf:2e:31:9a:c9:65:53:16:1a: e4:5d:cc:dd:31:cd:93:7a:13:8c:06:7d:b9:db:e2:bf:66:f8: 9b:8d:23:d5:20:3d:52:ad:0a:12:f7:7a:65:ce:cd:8b:86:4b: 87:20:77:74:a6:6c:a5:2c:3f:39:7d:2b:32:51:53:f5:13:09: ed:34:a3:2e:77:81:69:66:79:52:7d:50:3f:b2:f0:cc:e2:7b: e3:ac:59:a3:95:a8:7e:14:cd:ee:33:c9:90:64:1f:ce:1c:a5: 87:28:bc:d1:53:92:14:cb:67:79:93:d9:83:ee:46:da:92:3e: d3:98:80:ad -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCFswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDhCNkYxMTAvBgNVBAUTKDlDNDI4Qjg0MDczRUJFNzgyRUVEMzNGOTJFNDBERDcz NjFBMDlDQUEwHhcNMjUwNDI0MjAzNDA4WhcNMjUwNTAxMjAzNDA4WjAYMRYwFAYD VQQDEw02ODBhYTA0MS00NzI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq/hIF9NQcBR30RVV51yrXnlIsUjfMwfKEwcUqmgMl3LvTQBWGkospUKQAkSB zCCL7mk+vF7+iHZfeX7TH0m2EQKUunAEgCkTZ+cXs4hiSxmFwSrBvByVvPuDFcj6 3ee9Vzjq9N180NCYaEOEPM9uOlDgM6tUVvpGLlFLv4e4UTszWq4079MMuFwD2Hp0 ItUT89Yu8vsFmjXqrlkZgX9a0PFH7l5X9LWmHbtxPCCgm2ATh7bwOUWv9K+F1xeh olGFK6QQy0lFxBecZXcthLBe9QE3RApdUwrKOKhFRPEnaF0hvebyL2uQG/wCb0I/ VdoiSI8TKKWgdzOSdRH3TOKrPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLzEbmR/ 1OXkiYFoGb8VI20c3XtaMB8GA1UdIwQYMBaAFJxCi4QHPr54Lu0z+S5A3XNhoJyq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOEI2Ri9FNDQ4QkYxOEM0 RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZuZ3U3VFA1TGtEZGMyR2du S28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25FS0xoQWMtdm5ndTdUUDVMa0RkYzJHZ25Lby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OEI2Ri9FNDQ4QkYxOEM0RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZu Z3U3VFA1TGtEZGMyR2duS28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA+AxXE98FlhbwEa64Twm13gw/0Jy9XNcw8vWuSc1hknx1LR7RNkho8 g/TysNRK/GFefucR3swBxf5T8vEhL3CLAFfxZKiGGHMgm5QfhNJMi9WeAnRDNuOS o9Us646GYiPaIs8iXbcRo+frY6doHYD2yiRX49UxcOuw4rh2jrrR3Ac/8/USLCC/ LjGayWVTFhrkXczdMc2TehOMBn252+K/ZvibjSPVID1SrQoS93plzs2LhkuHIHd0 pmylLD85fSsyUVP1EwntNKMud4FpZnlSfVA/svDM4nvjrFmjlah+FM3uM8mQZB/O HKWHKLzRU5IUy2d5k9mD7kbakj7TmICt -----END CERTIFICATE-----Generated at Sat Apr 26 16:52:47 2025 by rpki-client