$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft File: MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft (raw, json) Hash identifier: 1JM5mBu4Efat6cjKN8mtOmVMmLx0ooWcrVf7nllcxmw= Subject key identifier: F8:25:6B:68:6F:7A:1D:D8:2E:39:3F:FC:3C:9B:B9:6D:33:8F:D8:29 Authority key identifier: 32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8 Certificate issuer: /CN=A91DA023/serialNumber=3270F3ACD971EEDF84617548F72E51E22A503CF8 Certificate serial: 346E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft Manifest number: 346E Signing time: Thu 24 Apr 2025 15:04:09 +0000 Manifest this update: Thu 24 Apr 2025 15:04:08 +0000 Manifest next update: Thu 01 May 2025 15:04:08 +0000 Files and hashes: 1: MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl (hash: 6+x72aVfgjE4YmZmSSdNRj/dTjYi2vNMKtI2qi6yLNU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:04:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13422 (0x346e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA023, serialNumber=3270F3ACD971EEDF84617548F72E51E22A503CF8 Validity Not Before: Apr 24 15:04:08 2025 GMT Not After : May 1 15:04:08 2025 GMT Subject: CN=680a52e8-8217 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:d5:fb:e6:60:3d:04:ed:46:08:dd:a8:b0:14: 8d:f6:00:f2:38:b9:97:77:31:f1:39:c3:d1:a5:f5: 07:54:1f:42:3d:62:4f:37:98:f2:60:97:ba:d1:24: fa:d5:66:99:d5:2e:c3:21:ba:17:ac:57:58:4e:8b: 05:8e:da:8d:e8:f6:7a:c7:fd:71:27:bf:18:ce:3c: ca:ef:3f:75:32:33:3a:99:c7:f4:aa:8a:34:a0:b9: 91:26:98:1f:39:67:34:60:bf:42:12:9d:a8:21:99: 3f:93:ee:ed:50:14:3b:50:6a:75:c0:f3:ae:e0:41: 90:e4:d1:6f:c9:48:ab:cc:38:ba:a2:78:4d:4d:e1: 16:cc:b2:24:68:d2:99:73:57:16:41:24:43:f2:69: 78:bd:fe:67:81:97:11:e4:88:a0:9f:32:99:bf:d7: c6:73:3b:b0:ee:14:09:63:a5:40:20:49:62:c9:0c: 47:00:ec:f8:0f:c1:00:84:7c:81:60:65:e2:09:7a: 39:1b:8a:83:21:21:a7:6c:89:24:56:3e:86:41:bb: f7:3b:e7:29:86:8a:86:85:91:ca:5a:eb:bb:4b:c0: de:ef:63:a7:3a:aa:27:33:e8:d7:6c:29:24:18:22: 86:91:fe:ac:b1:4d:4e:bf:33:57:82:c2:97:23:dc: ca:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:25:6B:68:6F:7A:1D:D8:2E:39:3F:FC:3C:9B:B9:6D:33:8F:D8:29 X509v3 Authority Key Identifier: keyid:32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:cd:cc:69:53:28:55:9b:0c:ab:79:ec:e3:56:ff:b7:5a:28: 49:98:20:c4:c8:a6:07:26:eb:cb:d3:0c:8d:43:a2:86:f9:aa: 28:c9:0d:f0:29:d7:7f:43:12:bb:4a:dc:37:fa:d7:a7:30:53: c0:ad:8a:22:59:ea:b9:f6:d8:84:30:4a:1a:da:20:68:29:b9: 8c:b3:e6:25:14:9c:81:43:83:68:f3:6f:66:f6:1b:c0:1e:73: a6:ad:1b:74:d0:da:6d:1d:16:d6:ea:bf:95:04:18:4a:7a:4a: 33:7b:21:e4:62:75:19:93:48:0c:ad:ee:53:e2:ea:a0:b6:60: 36:01:3c:0e:88:10:97:16:77:8b:ec:29:ab:74:03:94:fc:ab: 27:df:b7:8a:3d:cb:a5:c1:4b:9b:17:ff:1a:90:93:40:50:f0: e0:8a:40:a5:00:9e:21:1d:b2:b1:62:73:61:ce:9b:f2:31:29: d0:36:37:6a:25:b5:16:e6:c2:fa:d3:50:3b:1f:53:c5:1e:b7: e5:08:cd:e8:41:9d:a2:81:96:e2:f3:52:bd:d3:c8:8c:84:18: e9:30:25:1a:bd:d5:25:4f:0b:94:5d:72:6b:c6:0d:76:7e:6d: dc:00:22:4d:60:c4:a5:6b:0f:ef:d4:cd:8c:ef:ee:cc:74:b4: d4:d2:a4:fc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNG4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REEwMjMxMTAvBgNVBAUTKDMyNzBGM0FDRDk3MUVFREY4NDYxNzU0OEY3MkU1MUUy MkE1MDNDRjgwHhcNMjUwNDI0MTUwNDA4WhcNMjUwNTAxMTUwNDA4WjAYMRYwFAYD VQQDEw02ODBhNTJlOC04MjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAodX75mA9BO1GCN2osBSN9gDyOLmXdzHxOcPRpfUHVB9CPWJPN5jyYJe60ST6 1WaZ1S7DIboXrFdYTosFjtqN6PZ6x/1xJ78YzjzK7z91MjM6mcf0qoo0oLmRJpgf OWc0YL9CEp2oIZk/k+7tUBQ7UGp1wPOu4EGQ5NFvyUirzDi6onhNTeEWzLIkaNKZ c1cWQSRD8ml4vf5ngZcR5IignzKZv9fGczuw7hQJY6VAIEliyQxHAOz4D8EAhHyB YGXiCXo5G4qDISGnbIkkVj6GQbv3O+cphoqGhZHKWuu7S8De72OnOqonM+jXbCkk GCKGkf6ssU1OvzNXgsKXI9zKcwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPgla2hv eh3YLjk//DybuW0zj9gpMB8GA1UdIwQYMBaAFDJw86zZce7fhGF1SPcuUeIqUDz4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTAyMy82RjE3MkRGMDFE QTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0LUVZWFZJOXk1UjRpcFFQ UGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01uRHpyTmx4N3QtRVlYVkk5eTVSNGlwUVBQZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QTAyMy82RjE3MkRGMDFEQTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0 LUVZWFZJOXk1UjRpcFFQUGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAszcxpUyhVmwyreezjVv+3WihJmCDEyKYHJuvL0wyNQ6KG+aooyQ3w Kdd/QxK7Stw3+tenMFPArYoiWeq59tiEMEoa2iBoKbmMs+YlFJyBQ4No829m9hvA HnOmrRt00NptHRbW6r+VBBhKekozeyHkYnUZk0gMre5T4uqgtmA2ATwOiBCXFneL 7CmrdAOU/Ksn37eKPculwUubF/8akJNAUPDgikClAJ4hHbKxYnNhzpvyMSnQNjdq JbUW5sL601A7H1PFHrflCM3oQZ2igZbi81K908iMhBjpMCUavdUlTwuUXXJrxg12 fm3cACJNYMSlaw/v1M2M7+7MdLTU0qT8 -----END CERTIFICATE-----Generated at Sat Apr 26 12:24:40 2025 by rpki-client