$ rpki-client -vvf rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.mft File: -D3DokbRIVGsh6dyzsoO3SFfhio.mft (raw, json) Hash identifier: 9Vh8uXpjV69iQwD1hdT5xOFDZZ20pbnu+QBIwMhTTrI= Subject key identifier: 10:54:F7:F3:C2:DF:8C:9C:A7:9E:AC:13:62:86:FE:96:F1:F1:66:32 Authority key identifier: F8:3D:C3:A2:46:D1:21:51:AC:87:A7:72:CE:CA:0E:DD:21:5F:86:2A Certificate issuer: /CN=A91DDFF2/serialNumber=F83DC3A246D12151AC87A772CECA0EDD215F862A Certificate serial: D0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-D3DokbRIVGsh6dyzsoO3SFfhio.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.mft Manifest number: CE Signing time: Fri 25 Apr 2025 04:43:21 +0000 Manifest this update: Fri 25 Apr 2025 04:43:21 +0000 Manifest next update: Fri 02 May 2025 04:43:21 +0000 Files and hashes: 1: -D3DokbRIVGsh6dyzsoO3SFfhio.crl (hash: +zVDEQ94SVAsss+3VgJwXLAYnQDye/n/548GfTMolak=) 2: EC7311FEE5C311EEBF217685C4F9AE02.roa (hash: qmFjn7wAfMqWkF24WNm8IekVR4ecxQdIio3RLzGcoHo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.crl rsync://rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-D3DokbRIVGsh6dyzsoO3SFfhio.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:43:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 208 (0xd0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DDFF2, serialNumber=F83DC3A246D12151AC87A772CECA0EDD215F862A Validity Not Before: Apr 25 04:43:21 2025 GMT Not After : May 2 04:43:21 2025 GMT Subject: CN=680b12e9-2026 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:48:03:5a:3d:ae:e2:2a:eb:98:b4:d1:e4:d3: 5a:e2:24:66:61:7b:af:68:17:2e:b2:b6:8f:37:a4: e1:a4:9c:ba:1a:07:1f:f7:11:98:93:a6:87:97:db: 76:1a:60:48:3a:1a:10:59:fc:4e:05:cd:6e:ac:25: 50:5d:41:d5:4a:b5:40:f8:a8:1f:81:a5:05:9a:3f: 99:03:94:99:6c:6d:6f:10:3d:a5:ef:2c:2c:ff:33: 33:e9:df:7a:08:da:fa:da:f2:e8:c8:02:1f:ba:b3: 99:cf:05:06:e4:23:18:64:be:6a:f0:6f:93:22:e9: 3b:01:b5:92:e8:92:c2:3b:5f:95:fe:7d:db:4a:1b: 50:06:7b:07:27:3d:b7:b0:32:83:f5:90:85:f1:eb: 7d:ea:2e:71:86:54:d9:93:32:09:b2:d9:2a:4d:4a: c2:29:54:76:e1:15:a3:c5:10:a2:47:fb:9f:89:26: 6b:7b:f8:9f:c9:28:fd:87:ad:04:57:37:ab:c9:41: 93:4c:5b:fb:9e:63:c6:f8:f9:26:8f:8e:b6:2e:a3: 82:c0:f1:f5:02:e3:69:7c:6b:09:ab:16:90:81:41: ac:59:05:37:db:51:98:25:38:5a:c6:26:1d:44:4b: d1:aa:31:ca:bd:49:41:81:f0:d8:d6:51:74:1a:5b: 45:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:54:F7:F3:C2:DF:8C:9C:A7:9E:AC:13:62:86:FE:96:F1:F1:66:32 X509v3 Authority Key Identifier: keyid:F8:3D:C3:A2:46:D1:21:51:AC:87:A7:72:CE:CA:0E:DD:21:5F:86:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-D3DokbRIVGsh6dyzsoO3SFfhio.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b1:68:01:db:87:59:c9:f3:57:53:19:50:56:a1:b2:69:85:47: ba:df:d1:bc:6c:53:82:b1:9b:12:b6:82:e0:38:e5:8f:69:c6: 29:5e:67:da:c5:0c:02:66:45:bc:db:5c:0a:4f:ef:93:c0:83: f0:c0:80:5e:d8:23:09:66:0f:eb:a7:46:61:b1:e6:45:55:a5: 73:cb:f4:c3:a5:ee:ba:fd:ef:dc:2f:30:0a:9a:d5:63:42:52: 43:40:41:24:da:46:d2:63:7f:66:4b:30:bd:d4:4d:fb:31:aa: b7:ca:db:67:9c:9a:db:54:38:f1:13:90:01:2b:ed:3b:2e:48: 2e:f3:ae:e9:51:1b:f1:0b:0b:9f:64:82:13:1e:8b:f6:2a:ca: 30:e7:f1:d0:60:b8:4f:17:f5:96:6e:5a:d2:72:d5:92:06:a9: ab:c0:e1:52:76:2a:a6:e2:82:e9:c1:8a:ff:23:54:cb:4c:c1: b0:0e:71:0c:bd:9c:ec:6e:15:74:f8:bc:95:af:53:ed:f2:28: 13:fc:f6:26:76:b2:e0:47:a0:c2:de:a1:5f:14:65:2f:ef:1e: 90:26:d2:22:ce:73:8f:1d:6d:cf:9a:83:e6:bd:a4:60:92:53: d8:aa:fa:8f:be:f0:5e:d1:25:0d:ff:8b:7f:d5:61:eb:b3:c7: 41:92:47:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RERGRjIxMTAvBgNVBAUTKEY4M0RDM0EyNDZEMTIxNTFBQzg3QTc3MkNFQ0EwRURE MjE1Rjg2MkEwHhcNMjUwNDI1MDQ0MzIxWhcNMjUwNTAyMDQ0MzIxWjAYMRYwFAYD VQQDEw02ODBiMTJlOS0yMDI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7kgDWj2u4irrmLTR5NNa4iRmYXuvaBcusraPN6ThpJy6Ggcf9xGYk6aHl9t2 GmBIOhoQWfxOBc1urCVQXUHVSrVA+KgfgaUFmj+ZA5SZbG1vED2l7yws/zMz6d96 CNr62vLoyAIfurOZzwUG5CMYZL5q8G+TIuk7AbWS6JLCO1+V/n3bShtQBnsHJz23 sDKD9ZCF8et96i5xhlTZkzIJstkqTUrCKVR24RWjxRCiR/ufiSZre/ifySj9h60E VzeryUGTTFv7nmPG+Pkmj462LqOCwPH1AuNpfGsJqxaQgUGsWQU321GYJThaxiYd REvRqjHKvUlBgfDY1lF0GltF8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBBU9/PC 34ycp56sE2KG/pbx8WYyMB8GA1UdIwQYMBaAFPg9w6JG0SFRrIencs7KDt0hX4Yq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEREZGMi9DOUFGMjkzNEU1 QzExMUVFOThEQkU5NjJDNEY5QUUwMi8tRDNEb2tiUklWR3NoNmR5enNvTzNTRmZo aW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1EM0Rva2JSSVZHc2g2ZHl6c29PM1NGZmhpby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE REZGMi9DOUFGMjkzNEU1QzExMUVFOThEQkU5NjJDNEY5QUUwMi8tRDNEb2tiUklW R3NoNmR5enNvTzNTRmZoaW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCxaAHbh1nJ81dTGVBWobJphUe639G8bFOCsZsStoLgOOWPacYpXmfa xQwCZkW821wKT++TwIPwwIBe2CMJZg/rp0ZhseZFVaVzy/TDpe66/e/cLzAKmtVj QlJDQEEk2kbSY39mSzC91E37Maq3yttnnJrbVDjxE5ABK+07Lkgu867pURvxCwuf ZIITHov2Ksow5/HQYLhPF/WWblrSctWSBqmrwOFSdiqm4oLpwYr/I1TLTMGwDnEM vZzsbhV0+LyVr1Pt8igT/PYmdrLgR6DC3qFfFGUv7x6QJtIiznOPHW3PmoPmvaRg klPYqvqPvvBe0SUN/4t/1WHrs8dBkkdG -----END CERTIFICATE-----Generated at Sat Apr 26 13:49:34 2025 by rpki-client