$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD0A4/95D5E392AA7311EAA10ACC84C4F9AE02/ficJop5GIOVCf3NfN8A0c-NrWXo.mft File: ficJop5GIOVCf3NfN8A0c-NrWXo.mft (raw, json) Hash identifier: DMkQHnVGLtfSpGG0Q0PDu2eQD3ndix9TDtI5hDthng4= Subject key identifier: FE:02:5E:7E:CF:71:63:3A:22:FB:67:12:80:0D:AB:48:D2:DB:84:16 Authority key identifier: 7E:27:09:A2:9E:46:20:E5:42:7F:73:5F:37:C0:34:73:E3:6B:59:7A Certificate issuer: /CN=A91DD0A4/serialNumber=7E2709A29E4620E5427F735F37C03473E36B597A Certificate serial: 08F9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ficJop5GIOVCf3NfN8A0c-NrWXo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DD0A4/95D5E392AA7311EAA10ACC84C4F9AE02/ficJop5GIOVCf3NfN8A0c-NrWXo.mft Manifest number: 08F0 Signing time: Thu 24 Apr 2025 20:16:58 +0000 Manifest this update: Thu 24 Apr 2025 20:16:57 +0000 Manifest next update: Thu 01 May 2025 20:16:57 +0000 Files and hashes: 1: ficJop5GIOVCf3NfN8A0c-NrWXo.crl (hash: VUK9uKAkIP6hwLAAof9iJYwAxRAsbgXLvD6pwqyuuac=) 2: C8CCE2CCAA7411EA9DF2E685C4F9AE02.roa (hash: EY5IebdCRceAV1N2Sno2htu2PUjjGh0mWkvzE1zUnnE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DD0A4/95D5E392AA7311EAA10ACC84C4F9AE02/ficJop5GIOVCf3NfN8A0c-NrWXo.crl rsync://rpki.apnic.net/member_repository/A91DD0A4/95D5E392AA7311EAA10ACC84C4F9AE02/ficJop5GIOVCf3NfN8A0c-NrWXo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ficJop5GIOVCf3NfN8A0c-NrWXo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:16:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2297 (0x8f9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD0A4, serialNumber=7E2709A29E4620E5427F735F37C03473E36B597A Validity Not Before: Apr 24 20:16:57 2025 GMT Not After : May 1 20:16:57 2025 GMT Subject: CN=680a9c3a-ba41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:63:7a:00:af:2e:81:28:4d:77:4e:f4:ff:a0: 06:2d:3a:34:01:ed:3b:7e:28:d9:c5:4c:81:28:1d: 02:38:dc:35:1c:72:a9:c5:37:5f:dc:9f:55:9f:75: fa:bb:d2:41:24:ba:5f:a7:07:9e:e5:ef:47:44:ad: 0f:c3:22:30:b3:28:42:e9:e1:46:ee:76:88:66:7e: 22:61:e1:11:2d:2d:12:80:26:4e:26:2f:1c:da:c7: 68:2c:f4:8e:78:98:31:3e:83:31:c5:83:50:95:20: af:46:1d:c4:17:ae:78:62:82:e9:f2:1a:01:2b:bc: d6:d2:6b:39:66:55:aa:f7:bb:70:32:ec:3f:6b:a8: 32:70:a5:19:13:e6:e2:69:50:12:da:8b:8f:cb:32: 60:f4:b9:03:49:33:ed:1c:81:98:9a:d2:cc:e3:80: af:4d:1d:54:fa:b6:2f:f2:d8:7c:43:e1:3f:81:ca: 51:49:49:2e:aa:e5:2e:7a:3e:06:b3:cb:08:0e:ff: 47:07:45:2c:4a:0a:b8:bc:7e:c3:33:09:e9:96:34: 04:50:ef:db:71:2a:23:ed:06:7b:f7:12:84:40:f8: 21:93:05:68:8b:93:e1:33:ba:bb:29:74:2f:f3:4b: a5:0c:62:03:d4:b1:77:d5:6f:b7:e8:50:e2:26:55: b9:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:02:5E:7E:CF:71:63:3A:22:FB:67:12:80:0D:AB:48:D2:DB:84:16 X509v3 Authority Key Identifier: keyid:7E:27:09:A2:9E:46:20:E5:42:7F:73:5F:37:C0:34:73:E3:6B:59:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DD0A4/95D5E392AA7311EAA10ACC84C4F9AE02/ficJop5GIOVCf3NfN8A0c-NrWXo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ficJop5GIOVCf3NfN8A0c-NrWXo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD0A4/95D5E392AA7311EAA10ACC84C4F9AE02/ficJop5GIOVCf3NfN8A0c-NrWXo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:a9:2f:57:8d:82:46:44:cc:2d:a9:29:48:62:d6:97:1a:bf: a6:cb:ac:bb:07:7e:60:b6:fe:dd:e7:0a:6a:8b:0d:e4:b8:fb: 0b:0b:e6:ab:b8:f4:5f:a2:f4:b3:a1:07:dc:e2:3e:a5:ab:b4: f7:00:ad:43:29:69:b2:64:59:c2:86:db:aa:ff:e7:09:72:b2: a8:f7:9e:05:aa:d2:53:c7:20:e5:4e:bd:a5:d6:08:46:09:a3: 60:b0:bc:da:57:72:5a:91:cb:06:f1:b3:33:eb:42:c7:36:be: 6a:52:77:ac:0b:c2:1e:61:f2:b0:cf:b1:c3:b6:7a:82:2f:c6: 0d:54:08:cc:54:47:cc:6f:1a:e1:14:90:bc:28:56:de:24:0f: 18:c3:d0:c3:96:2b:c1:6e:22:2e:ed:75:9d:05:68:a9:1e:c7: 86:cd:f3:e0:34:ea:c4:41:53:89:9c:96:70:73:f6:36:1c:ea: d1:7e:53:71:19:0b:ab:c9:f5:c4:5f:d7:d6:9c:68:df:fb:4a: 0e:03:4a:ee:e7:ed:62:c1:4f:96:b5:44:6b:41:ef:d1:af:53: ba:ec:61:0f:1a:c3:21:fe:84:93:1b:fb:55:79:be:d6:11:94: 37:12:89:01:2c:43:15:44:14:1b:aa:7c:38:3f:ab:1e:8a:c7: 91:da:cc:16 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCPkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REQwQTQxMTAvBgNVBAUTKDdFMjcwOUEyOUU0NjIwRTU0MjdGNzM1RjM3QzAzNDcz RTM2QjU5N0EwHhcNMjUwNDI0MjAxNjU3WhcNMjUwNTAxMjAxNjU3WjAYMRYwFAYD VQQDEw02ODBhOWMzYS1iYTQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4GN6AK8ugShNd070/6AGLTo0Ae07fijZxUyBKB0CONw1HHKpxTdf3J9Vn3X6 u9JBJLpfpwee5e9HRK0PwyIwsyhC6eFG7naIZn4iYeERLS0SgCZOJi8c2sdoLPSO eJgxPoMxxYNQlSCvRh3EF654YoLp8hoBK7zW0ms5ZlWq97twMuw/a6gycKUZE+bi aVAS2ouPyzJg9LkDSTPtHIGYmtLM44CvTR1U+rYv8th8Q+E/gcpRSUkuquUuej4G s8sIDv9HB0UsSgq4vH7DMwnpljQEUO/bcSoj7QZ79xKEQPghkwVoi5PhM7q7KXQv 80ulDGID1LF31W+36FDiJlW5KQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP4CXn7P cWM6IvtnEoANq0jS24QWMB8GA1UdIwQYMBaAFH4nCaKeRiDlQn9zXzfANHPja1l6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDBBNC85NUQ1RTM5MkFB NzMxMUVBQTEwQUNDODRDNEY5QUUwMi9maWNKb3A1R0lPVkNmM05mTjhBMGMtTnJX WG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZpY0pvcDVHSU9WQ2YzTmZOOEEwYy1OcldYby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RDBBNC85NUQ1RTM5MkFBNzMxMUVBQTEwQUNDODRDNEY5QUUwMi9maWNKb3A1R0lP VkNmM05mTjhBMGMtTnJXWG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAuqS9XjYJGRMwtqSlIYtaXGr+my6y7B35gtv7d5wpqiw3kuPsLC+ar uPRfovSzoQfc4j6lq7T3AK1DKWmyZFnChtuq/+cJcrKo954FqtJTxyDlTr2l1ghG CaNgsLzaV3JakcsG8bMz60LHNr5qUnesC8IeYfKwz7HDtnqCL8YNVAjMVEfMbxrh FJC8KFbeJA8Yw9DDlivBbiIu7XWdBWipHseGzfPgNOrEQVOJnJZwc/Y2HOrRflNx GQuryfXEX9fWnGjf+0oOA0ru5+1iwU+WtURrQe/Rr1O67GEPGsMh/oSTG/tVeb7W EZQ3EokBLEMVRBQbqnw4P6seiseR2swW -----END CERTIFICATE-----Generated at Sat Apr 26 13:04:39 2025 by rpki-client