$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBD27/DE5E774E7DCD11ECA6BD9D32C4F9AE02/8hTt1--NAG-Coif85lvF8-ZIo_o.mft File: 8hTt1--NAG-Coif85lvF8-ZIo_o.mft (raw, json) Hash identifier: 1/5m6xs4+OXGzLFUUZW2ltf8CJVJU2cpDRYlQMSygGU= Subject key identifier: F8:E5:41:33:0C:09:1A:29:B2:44:8F:B7:A7:6B:9D:D7:88:D6:7A:26 Authority key identifier: F2:14:ED:D7:EF:8D:00:6F:82:A2:27:FC:E6:5B:C5:F3:E6:48:A3:FA Certificate issuer: /CN=A91DBD27/serialNumber=F214EDD7EF8D006F82A227FCE65BC5F3E648A3FA Certificate serial: 03DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8hTt1--NAG-Coif85lvF8-ZIo_o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBD27/DE5E774E7DCD11ECA6BD9D32C4F9AE02/8hTt1--NAG-Coif85lvF8-ZIo_o.mft Manifest number: 03D8 Signing time: Fri 25 Apr 2025 00:20:22 +0000 Manifest this update: Fri 25 Apr 2025 00:20:22 +0000 Manifest next update: Fri 02 May 2025 00:20:22 +0000 Files and hashes: 1: 8hTt1--NAG-Coif85lvF8-ZIo_o.crl (hash: jXFWQxeLo/eFDC7oHqTkl3OJrP5T0B7CPDqfFaGziWk=) 2: 1A15CABE7DD111ECBB4A7D84C4F9AE02.roa (hash: aUKFEcgAYH8+/UqmZ13PB+UHXTWO1HzOhS9AQMfTurg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBD27/DE5E774E7DCD11ECA6BD9D32C4F9AE02/8hTt1--NAG-Coif85lvF8-ZIo_o.crl rsync://rpki.apnic.net/member_repository/A91DBD27/DE5E774E7DCD11ECA6BD9D32C4F9AE02/8hTt1--NAG-Coif85lvF8-ZIo_o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8hTt1--NAG-Coif85lvF8-ZIo_o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:20:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 989 (0x3dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBD27, serialNumber=F214EDD7EF8D006F82A227FCE65BC5F3E648A3FA Validity Not Before: Apr 25 00:20:22 2025 GMT Not After : May 2 00:20:22 2025 GMT Subject: CN=680ad546-1a7d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:22:ed:a7:64:40:bb:f0:bc:0f:a0:6a:fc:af: 5e:b7:05:02:92:22:e4:7e:66:d0:8b:db:c6:6c:37: c8:ca:d8:e6:ba:f2:2d:a4:bb:df:8f:75:ac:36:5c: b7:92:c1:e6:9e:28:02:22:24:50:fb:b2:02:c5:b7: 55:43:9b:7f:a9:08:1a:61:3c:19:88:b9:53:45:89: a7:6f:fb:34:57:62:1a:5e:77:46:a9:bc:c8:5a:ce: e7:bf:f7:c8:e1:3e:37:0f:74:91:d5:50:5a:02:84: 49:20:92:ba:e1:fb:ae:e8:26:4b:d4:01:68:20:e5: 5b:9b:e2:86:fd:66:33:e8:83:4b:f6:83:71:2f:9c: 48:36:c4:e0:fe:44:eb:5c:00:9c:54:a1:ff:c9:29: 52:57:97:96:ef:fc:7c:99:3d:94:af:50:75:81:4e: f3:7f:99:5e:95:bd:30:a9:77:cf:7c:0c:99:0c:63: a9:cf:f0:ce:79:60:03:4b:cb:b7:16:43:e0:88:4a: 62:13:2b:e3:75:61:00:55:e8:85:fa:66:3f:99:8f: 09:51:e5:6f:c2:47:dd:87:be:88:6f:de:ed:11:6f: d6:19:d4:4a:f4:61:d3:6b:3e:04:34:c9:3d:68:7b: e3:c6:21:22:ff:3c:aa:53:92:cc:ed:e5:bb:dc:3a: a6:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:E5:41:33:0C:09:1A:29:B2:44:8F:B7:A7:6B:9D:D7:88:D6:7A:26 X509v3 Authority Key Identifier: keyid:F2:14:ED:D7:EF:8D:00:6F:82:A2:27:FC:E6:5B:C5:F3:E6:48:A3:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBD27/DE5E774E7DCD11ECA6BD9D32C4F9AE02/8hTt1--NAG-Coif85lvF8-ZIo_o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8hTt1--NAG-Coif85lvF8-ZIo_o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBD27/DE5E774E7DCD11ECA6BD9D32C4F9AE02/8hTt1--NAG-Coif85lvF8-ZIo_o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b4:ba:76:7d:6d:be:1f:aa:33:97:f1:14:4c:ce:5e:40:6e:e2: 15:d2:38:ac:4d:58:05:a6:09:da:a5:86:24:f9:cd:03:07:ed: 59:a1:0b:32:fe:e6:a3:08:f4:4f:8f:30:59:46:af:fd:67:13: ca:64:7e:16:03:d4:12:15:32:bb:6c:4e:24:eb:ec:58:e6:bd: fe:66:df:00:49:6c:92:07:bd:ed:3d:a1:a9:bf:93:41:fc:11: 66:57:11:1a:50:97:2b:ba:4e:b3:46:32:d4:3b:21:fc:96:f8: 5e:82:84:18:44:90:a4:b1:43:95:9f:c8:5f:87:86:19:3f:7f: a2:d8:f1:ab:66:65:e5:eb:c2:c3:73:5f:38:77:22:f3:9d:37: 20:f2:6a:d1:2d:c8:52:ca:3e:c9:9a:1f:63:ce:8f:b4:46:09: a2:d0:b9:7f:62:db:bf:6a:44:50:e4:72:9c:6a:83:ed:c3:3a: 8d:9c:16:76:53:14:cc:24:91:c2:d2:a9:b2:48:80:3a:c3:57: 75:86:f2:7e:04:15:5e:f0:75:59:41:46:2f:34:c8:a1:49:67: e1:a2:94:2c:83:86:e9:54:d6:25:02:36:6b:c7:cf:60:2e:f3: d1:14:f3:2d:13:f0:fe:db:d8:1c:c5:66:46:f8:d5:28:96:98: 08:fb:54:8c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA90wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REJEMjcxMTAvBgNVBAUTKEYyMTRFREQ3RUY4RDAwNkY4MkEyMjdGQ0U2NUJDNUYz RTY0OEEzRkEwHhcNMjUwNDI1MDAyMDIyWhcNMjUwNTAyMDAyMDIyWjAYMRYwFAYD VQQDEw02ODBhZDU0Ni0xYTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlCLtp2RAu/C8D6Bq/K9etwUCkiLkfmbQi9vGbDfIytjmuvItpLvfj3WsNly3 ksHmnigCIiRQ+7ICxbdVQ5t/qQgaYTwZiLlTRYmnb/s0V2IaXndGqbzIWs7nv/fI 4T43D3SR1VBaAoRJIJK64fuu6CZL1AFoIOVbm+KG/WYz6INL9oNxL5xINsTg/kTr XACcVKH/ySlSV5eW7/x8mT2Ur1B1gU7zf5lelb0wqXfPfAyZDGOpz/DOeWADS8u3 FkPgiEpiEyvjdWEAVeiF+mY/mY8JUeVvwkfdh76Ib97tEW/WGdRK9GHTaz4ENMk9 aHvjxiEi/zyqU5LM7eW73DqmZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPjlQTMM CRopskSPt6drndeI1nomMB8GA1UdIwQYMBaAFPIU7dfvjQBvgqIn/OZbxfPmSKP6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQkQyNy9ERTVFNzc0RTdE Q0QxMUVDQTZCRDlEMzJDNEY5QUUwMi84aFR0MS0tTkFHLUNvaWY4NWx2RjgtWklv X28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhoVHQxLS1OQUctQ29pZjg1bHZGOC1aSW9fby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QkQyNy9ERTVFNzc0RTdEQ0QxMUVDQTZCRDlEMzJDNEY5QUUwMi84aFR0MS0tTkFH LUNvaWY4NWx2RjgtWklvX28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC0unZ9bb4fqjOX8RRMzl5AbuIV0jisTVgFpgnapYYk+c0DB+1ZoQsy /uajCPRPjzBZRq/9ZxPKZH4WA9QSFTK7bE4k6+xY5r3+Zt8ASWySB73tPaGpv5NB /BFmVxEaUJcruk6zRjLUOyH8lvhegoQYRJCksUOVn8hfh4YZP3+i2PGrZmXl68LD c184dyLznTcg8mrRLchSyj7Jmh9jzo+0Rgmi0Ll/Ytu/akRQ5HKcaoPtwzqNnBZ2 UxTMJJHC0qmySIA6w1d1hvJ+BBVe8HVZQUYvNMihSWfhopQsg4bpVNYlAjZrx89g LvPRFPMtE/D+29gcxWZG+NUolpgI+1SM -----END CERTIFICATE-----Generated at Sat Apr 26 12:57:45 2025 by rpki-client