$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8EAF/10B0E3D004EA11EABEDC8161C4F9AE02/8dIEca4xiTbXk7RttEgiB9lyRYs.mft File: 8dIEca4xiTbXk7RttEgiB9lyRYs.mft (raw, json) Hash identifier: ZGy4Tl344TJ4671r8yomU2tv9RK10R/rECoEeJCoZso= Subject key identifier: 6B:B3:00:82:C3:1E:85:FF:C1:2A:3F:A5:EE:B2:0A:D3:D2:12:44:85 Authority key identifier: F1:D2:04:71:AE:31:89:36:D7:93:B4:6D:B4:48:22:07:D9:72:45:8B Certificate issuer: /CN=A91D8EAF/serialNumber=F1D20471AE318936D793B46DB4482207D972458B Certificate serial: 0C51 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8dIEca4xiTbXk7RttEgiB9lyRYs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8EAF/10B0E3D004EA11EABEDC8161C4F9AE02/8dIEca4xiTbXk7RttEgiB9lyRYs.mft Manifest number: 0C3E Signing time: Thu 24 Apr 2025 18:22:03 +0000 Manifest this update: Thu 24 Apr 2025 18:22:02 +0000 Manifest next update: Thu 01 May 2025 18:22:02 +0000 Files and hashes: 1: 8dIEca4xiTbXk7RttEgiB9lyRYs.crl (hash: jrYTExDP+SEiBf2BaHOveZnNJ9aH41kLK6brQzZzWMo=) 2: F4C2F7F604FF11EABFF6E022C4F9AE02.roa (hash: hMRVZDPhI9uQhHlcLsQL6+B9hhuCOLqR+jjUlDn3sAQ=) 3: 168AD09A04EF11EA9060B76BC4F9AE02.roa (hash: s3U0q40HWyXJCTwtjWa8KKHr421/tnOx6JMPLRqROA8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8EAF/10B0E3D004EA11EABEDC8161C4F9AE02/8dIEca4xiTbXk7RttEgiB9lyRYs.crl rsync://rpki.apnic.net/member_repository/A91D8EAF/10B0E3D004EA11EABEDC8161C4F9AE02/8dIEca4xiTbXk7RttEgiB9lyRYs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8dIEca4xiTbXk7RttEgiB9lyRYs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:22:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3153 (0xc51) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8EAF, serialNumber=F1D20471AE318936D793B46DB4482207D972458B Validity Not Before: Apr 24 18:22:02 2025 GMT Not After : May 1 18:22:02 2025 GMT Subject: CN=680a814b-fa03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:f0:2b:ed:3e:d0:58:a7:bb:51:ac:49:67:89: a6:4c:5b:a9:5e:52:b3:cc:01:90:ce:9d:5a:5f:a9: 0b:95:75:e6:56:8b:b9:75:91:de:e2:38:88:a3:4a: 7d:e2:92:d5:4c:5b:c1:86:07:a8:36:6c:0c:29:2b: 20:8b:3b:6b:4b:b9:0d:ab:b1:b8:b9:da:b6:df:c2: d7:53:24:81:16:43:3f:3a:83:41:9a:3e:25:2a:7f: 21:bf:7c:1b:da:71:c0:8c:c4:9f:25:42:3d:07:46: 43:9c:ec:3e:1b:3a:27:ce:9b:da:61:f3:5e:ce:4e: f5:e3:cc:61:33:74:45:29:02:28:23:d7:90:ac:87: 90:04:91:3c:cd:05:6f:d9:29:4e:37:45:6e:8d:c9: d3:f1:cb:95:c9:ae:b9:7c:a5:92:a6:7e:92:8d:ef: a5:1b:d0:c1:bf:6b:3f:48:9a:a7:b4:f7:7e:7b:e7: c7:ae:4b:79:60:77:bc:85:a6:b2:e0:74:14:78:85: 41:f6:82:d6:ef:d0:cb:64:46:fa:49:fc:78:66:cd: 93:b7:0a:15:7d:3c:66:70:76:cc:8f:c6:ad:9f:c8: 16:98:94:b3:6a:cb:ca:bb:55:f7:6e:60:c5:3a:cd: ac:0b:cb:46:f4:b7:3a:43:88:7b:59:7a:45:23:da: 2d:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:B3:00:82:C3:1E:85:FF:C1:2A:3F:A5:EE:B2:0A:D3:D2:12:44:85 X509v3 Authority Key Identifier: keyid:F1:D2:04:71:AE:31:89:36:D7:93:B4:6D:B4:48:22:07:D9:72:45:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8EAF/10B0E3D004EA11EABEDC8161C4F9AE02/8dIEca4xiTbXk7RttEgiB9lyRYs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8dIEca4xiTbXk7RttEgiB9lyRYs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8EAF/10B0E3D004EA11EABEDC8161C4F9AE02/8dIEca4xiTbXk7RttEgiB9lyRYs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:c1:dd:1e:62:56:6f:1e:44:a8:33:78:73:4f:7a:02:cb:a9: e5:d4:de:a7:6b:1b:50:f4:92:38:65:73:6c:05:21:1e:df:37: ad:a7:fc:9a:a4:88:66:5f:57:02:3c:16:15:fd:f9:78:a2:23: 49:92:53:fe:cc:3d:19:16:6a:b8:e2:97:b3:99:9d:06:69:74: 11:ba:86:d3:c9:00:06:ec:66:d8:35:e0:32:ad:b3:0f:72:56: 5b:9c:ea:67:c7:43:89:d5:f7:ff:bb:64:f0:2d:76:e0:9e:1d: 57:1f:cf:f1:0c:91:e7:85:3a:c4:c3:90:ce:81:5f:5d:c4:39: b5:11:bb:a8:8b:2a:b1:bd:e1:3d:2f:ef:94:22:58:34:10:dc: f2:55:91:ab:e6:89:67:e9:f2:63:69:cb:c1:35:48:7c:ea:00: f5:19:73:6b:04:5d:36:66:d5:e4:b4:1e:90:e7:2c:a7:f8:32: aa:1b:c2:4d:b8:ad:d7:83:ed:0f:89:ae:fe:cc:00:1d:e4:ee: 18:6a:12:67:0f:54:e7:b7:81:24:c9:92:f8:66:9b:3d:7f:78: b4:5f:5a:03:db:73:76:0d:f8:24:88:0c:d1:45:57:cc:36:53: 6f:07:18:cb:e0:3c:22:7c:7b:40:79:66:38:41:e3:91:11:1b: 82:b8:45:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDFEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDhFQUYxMTAvBgNVBAUTKEYxRDIwNDcxQUUzMTg5MzZENzkzQjQ2REI0NDgyMjA3 RDk3MjQ1OEIwHhcNMjUwNDI0MTgyMjAyWhcNMjUwNTAxMTgyMjAyWjAYMRYwFAYD VQQDEw02ODBhODE0Yi1mYTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0vAr7T7QWKe7UaxJZ4mmTFupXlKzzAGQzp1aX6kLlXXmVou5dZHe4jiIo0p9 4pLVTFvBhgeoNmwMKSsgiztrS7kNq7G4udq238LXUySBFkM/OoNBmj4lKn8hv3wb 2nHAjMSfJUI9B0ZDnOw+GzonzpvaYfNezk7148xhM3RFKQIoI9eQrIeQBJE8zQVv 2SlON0VujcnT8cuVya65fKWSpn6Sje+lG9DBv2s/SJqntPd+e+fHrkt5YHe8haay 4HQUeIVB9oLW79DLZEb6Sfx4Zs2TtwoVfTxmcHbMj8atn8gWmJSzasvKu1X3bmDF Os2sC8tG9Lc6Q4h7WXpFI9otmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGuzAILD HoX/wSo/pe6yCtPSEkSFMB8GA1UdIwQYMBaAFPHSBHGuMYk215O0bbRIIgfZckWL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOEVBRi8xMEIwRTNEMDA0 RUExMUVBQkVEQzgxNjFDNEY5QUUwMi84ZElFY2E0eGlUYlhrN1J0dEVnaUI5bHlS WXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhkSUVjYTR4aVRiWGs3UnR0RWdpQjlseVJZcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OEVBRi8xMEIwRTNEMDA0RUExMUVBQkVEQzgxNjFDNEY5QUUwMi84ZElFY2E0eGlU YlhrN1J0dEVnaUI5bHlSWXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB6wd0eYlZvHkSoM3hzT3oCy6nl1N6naxtQ9JI4ZXNsBSEe3zetp/ya pIhmX1cCPBYV/fl4oiNJklP+zD0ZFmq44pezmZ0GaXQRuobTyQAG7GbYNeAyrbMP clZbnOpnx0OJ1ff/u2TwLXbgnh1XH8/xDJHnhTrEw5DOgV9dxDm1EbuoiyqxveE9 L++UIlg0ENzyVZGr5oln6fJjacvBNUh86gD1GXNrBF02ZtXktB6Q5yyn+DKqG8JN uK3Xg+0Pia7+zAAd5O4YahJnD1Tnt4EkyZL4Zps9f3i0X1oD23N2DfgkiAzRRVfM NlNvBxjL4DwifHtAeWY4QeORERuCuEVE -----END CERTIFICATE-----Generated at Sat Apr 26 04:28:46 2025 by rpki-client