$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/BsYn2cMSx7R9HDpTtEdVoQpoSHw.mft File: BsYn2cMSx7R9HDpTtEdVoQpoSHw.mft (raw, json) Hash identifier: p8GDB2qrW1IRbHkrqYlxWLvLn33j6yJFwVeJUWB1Mv4= Subject key identifier: 5F:B9:9E:B5:D3:E9:48:9A:F1:BC:54:8C:21:4A:95:A9:82:8A:36:66 Authority key identifier: 06:C6:27:D9:C3:12:C7:B4:7D:1C:3A:53:B4:47:55:A1:0A:68:48:7C Certificate issuer: /CN=A91E0CE8/serialNumber=06C627D9C312C7B47D1C3A53B44755A10A68487C Certificate serial: 1680 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BsYn2cMSx7R9HDpTtEdVoQpoSHw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/BsYn2cMSx7R9HDpTtEdVoQpoSHw.mft Manifest number: 1667 Signing time: Thu 24 Apr 2025 16:43:29 +0000 Manifest this update: Thu 24 Apr 2025 16:43:29 +0000 Manifest next update: Thu 01 May 2025 16:43:29 +0000 Files and hashes: 1: BsYn2cMSx7R9HDpTtEdVoQpoSHw.crl (hash: imIOD3pt1d4p92NjkAJdlkDw71JroPdu6mGypaPMB8I=) 2: 091435C84FA911EFB86F4D40C4F9AE02.roa (hash: e5jgIESXFxNT6NU+78fDrpwylXFQS920y6o/aeQL2pY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/BsYn2cMSx7R9HDpTtEdVoQpoSHw.crl rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/BsYn2cMSx7R9HDpTtEdVoQpoSHw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BsYn2cMSx7R9HDpTtEdVoQpoSHw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:43:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5760 (0x1680) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0CE8, serialNumber=06C627D9C312C7B47D1C3A53B44755A10A68487C Validity Not Before: Apr 24 16:43:29 2025 GMT Not After : May 1 16:43:29 2025 GMT Subject: CN=680a6a31-6a88 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:f2:3f:b9:d7:fb:91:97:fb:a0:e9:33:54:20: a4:99:87:24:1f:1d:59:68:0e:2c:86:28:37:34:a7: 22:ef:75:a8:54:7b:6b:56:65:dc:d7:7e:78:81:28: 7e:63:84:3c:ee:2f:3c:52:1d:2e:c2:89:55:c7:c4: a2:27:c3:47:c0:5e:2b:5e:0a:f1:cc:b8:6b:a2:4b: 45:65:e2:29:81:42:33:b1:a2:7e:bc:5d:e2:7c:6f: 54:31:0a:88:77:bf:85:38:4a:94:1d:66:3c:27:24: bc:b1:9f:cf:a8:51:0b:ff:1f:b1:d2:81:a2:b2:ef: 06:44:ee:73:96:6a:d5:ac:92:a4:7b:cd:0d:fc:78: e8:c9:22:b9:98:24:0e:84:84:2b:ea:d6:d4:1f:53: a2:18:a2:47:bc:89:70:53:38:e8:14:a7:b6:e4:23: 11:fd:62:4e:ec:ae:13:60:0e:ea:75:1d:99:2f:1d: d6:50:e4:be:e3:85:a2:6b:2f:f7:14:95:ad:c7:52: 6e:91:c1:44:26:9f:9c:e8:34:03:33:3e:1e:07:6c: 27:ac:3c:eb:ed:3d:8d:8b:43:3b:ab:1c:64:6e:98: a7:bf:19:52:ba:1a:78:fc:04:49:a4:41:7f:e1:10: 05:3f:2a:24:34:f3:3d:de:59:f6:74:94:45:5f:86: 52:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:B9:9E:B5:D3:E9:48:9A:F1:BC:54:8C:21:4A:95:A9:82:8A:36:66 X509v3 Authority Key Identifier: keyid:06:C6:27:D9:C3:12:C7:B4:7D:1C:3A:53:B4:47:55:A1:0A:68:48:7C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/BsYn2cMSx7R9HDpTtEdVoQpoSHw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BsYn2cMSx7R9HDpTtEdVoQpoSHw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0CE8/900D2646066A11E8B9BAF682C4F9AE02/BsYn2cMSx7R9HDpTtEdVoQpoSHw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:38:5f:43:9d:9c:4b:b7:d4:8c:5b:f0:b1:b2:47:95:8c:2d: e3:77:e7:65:5f:39:6a:45:c1:19:48:c8:8e:58:98:1c:77:2a: f8:19:5a:a6:68:5a:5e:9d:7a:a9:bd:5f:6b:b9:fc:e6:c8:b2: 54:46:6d:c6:aa:b8:9b:2c:e0:cd:15:cb:76:f7:13:bd:8c:de: e1:8d:e6:c0:0b:9f:a4:aa:70:22:5e:97:6d:39:74:21:98:1a: e4:2d:b8:a2:2f:c3:1d:cf:d1:f2:80:c8:57:80:a4:ff:14:de: c7:16:2c:b8:b3:ef:19:cf:3e:03:4c:0b:d4:99:4a:a5:40:d4: 21:d4:9f:c1:16:e9:f8:5e:2c:77:2d:1a:65:f0:cc:e1:b7:d4: 5d:74:52:ed:ee:5b:b8:22:b3:38:66:fb:91:64:11:78:4c:13: 5b:7a:a6:8f:63:c0:08:88:dc:51:5b:08:e7:25:6a:b1:3b:f5: 57:c7:5d:fa:d3:0b:92:f8:4b:a5:91:68:ae:83:95:c5:a1:46: 8a:0e:e6:88:b9:96:45:d7:c5:a7:f0:88:b3:0c:bf:41:73:00: 06:54:17:40:a5:6d:3a:17:0e:e4:bd:47:3f:73:d9:16:49:7c: 1a:3d:16:76:6f:87:57:21:f2:84:4b:21:58:eb:cb:71:ba:9e: ec:5c:14:36 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFoAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTBDRTgxMTAvBgNVBAUTKDA2QzYyN0Q5QzMxMkM3QjQ3RDFDM0E1M0I0NDc1NUEx MEE2ODQ4N0MwHhcNMjUwNDI0MTY0MzI5WhcNMjUwNTAxMTY0MzI5WjAYMRYwFAYD VQQDEw02ODBhNmEzMS02YTg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyvI/udf7kZf7oOkzVCCkmYckHx1ZaA4shig3NKci73WoVHtrVmXc1354gSh+ Y4Q87i88Uh0uwolVx8SiJ8NHwF4rXgrxzLhroktFZeIpgUIzsaJ+vF3ifG9UMQqI d7+FOEqUHWY8JyS8sZ/PqFEL/x+x0oGisu8GRO5zlmrVrJKke80N/HjoySK5mCQO hIQr6tbUH1OiGKJHvIlwUzjoFKe25CMR/WJO7K4TYA7qdR2ZLx3WUOS+44Wiay/3 FJWtx1JukcFEJp+c6DQDMz4eB2wnrDzr7T2Ni0M7qxxkbpinvxlSuhp4/ARJpEF/ 4RAFPyokNPM93ln2dJRFX4ZSEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF+5nrXT 6Uia8bxUjCFKlamCijZmMB8GA1UdIwQYMBaAFAbGJ9nDEse0fRw6U7RHVaEKaEh8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMENFOC85MDBEMjY0NjA2 NkExMUU4QjlCQUY2ODJDNEY5QUUwMi9Cc1luMmNNU3g3UjlIRHBUdEVkVm9RcG9T SHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JzWW4yY01TeDdSOUhEcFR0RWRWb1Fwb1NIdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MENFOC85MDBEMjY0NjA2NkExMUU4QjlCQUY2ODJDNEY5QUUwMi9Cc1luMmNNU3g3 UjlIRHBUdEVkVm9RcG9TSHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB3OF9DnZxLt9SMW/CxskeVjC3jd+dlXzlqRcEZSMiOWJgcdyr4GVqm aFpenXqpvV9rufzmyLJURm3GqribLODNFct29xO9jN7hjebAC5+kqnAiXpdtOXQh mBrkLbiiL8Mdz9HygMhXgKT/FN7HFiy4s+8Zzz4DTAvUmUqlQNQh1J/BFun4Xix3 LRpl8Mzht9RddFLt7lu4IrM4ZvuRZBF4TBNbeqaPY8AIiNxRWwjnJWqxO/VXx136 0wuS+EulkWiug5XFoUaKDuaIuZZF18Wn8IizDL9BcwAGVBdApW06Fw7kvUc/c9kW SXwaPRZ2b4dXIfKESyFY68txup7sXBQ2 -----END CERTIFICATE-----Generated at Sat Apr 26 04:02:35 2025 by rpki-client