$ rpki-client -vvf rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft File: 1AI0WEr2BZHzfdP7on68uFzHZWo.mft (raw, json) Hash identifier: llDb4z4NvkKYHq/TVW1iXoxRlWmEOzngace44teS9Lg= Subject key identifier: BD:61:9A:15:9F:CE:61:DA:6D:44:9D:92:BF:04:BF:08:0E:30:A1:12 Authority key identifier: D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A Certificate issuer: /CN=A91E27F3/serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Certificate serial: 3482 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft Manifest number: 347D Signing time: Thu 24 Apr 2025 15:05:47 +0000 Manifest this update: Thu 24 Apr 2025 15:05:47 +0000 Manifest next update: Thu 01 May 2025 15:05:47 +0000 Files and hashes: 1: 1AI0WEr2BZHzfdP7on68uFzHZWo.crl (hash: PSeF15O2Tp4RImL5ayHN3iXXdoryNhGhL9D9Hetw/TQ=) 2: 1B4B4FC2152F11ECB72E546FC4F9AE02.roa (hash: 08icoQFu/lUzJ7/49iluwBG/IFFfyhiQgRTkubc2rPw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:05:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13442 (0x3482) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E27F3, serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Validity Not Before: Apr 24 15:05:47 2025 GMT Not After : May 1 15:05:47 2025 GMT Subject: CN=680a534b-9c08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:af:88:59:c4:4e:90:81:9c:46:ce:65:f3:f8: 93:de:f6:13:c4:46:f2:53:11:6a:70:22:0b:eb:ed: 93:28:0c:b5:27:c6:63:90:e6:2e:a2:d5:df:35:5c: 8e:bd:ee:44:b3:f6:00:c5:42:37:60:2c:57:9f:69: 9a:95:47:c4:a4:dc:56:92:88:74:c6:2d:2d:40:95: c8:b4:b5:87:3d:7c:11:66:44:f5:61:f9:1b:34:a9: 18:8c:3f:dc:ec:dc:7a:54:d8:71:ad:68:c4:9d:6e: c4:53:13:f6:e3:21:6e:9e:86:07:9f:d2:74:c9:a2: 2d:70:00:7e:72:cf:9e:ec:28:dc:aa:d6:25:22:e6: a0:47:dd:45:03:6d:d0:c0:f4:ac:56:1b:b3:7c:0a: 5a:3b:78:76:66:51:3e:80:a8:e2:c4:1a:a7:70:14: b7:53:24:62:11:89:0a:26:12:98:79:7a:1a:73:c8: 38:92:5f:3f:a9:c2:a4:53:0e:da:b2:17:c6:18:fe: b8:d0:b4:fc:99:18:b8:18:22:b8:f4:db:d3:81:49: 6a:e4:58:c3:10:55:03:11:97:fc:f6:c4:8d:0b:51: 95:ca:34:54:1b:71:6c:05:f6:30:c7:32:af:a4:89: a4:db:b6:24:67:4a:7c:ec:61:e3:af:80:42:6f:bd: 54:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:61:9A:15:9F:CE:61:DA:6D:44:9D:92:BF:04:BF:08:0E:30:A1:12 X509v3 Authority Key Identifier: keyid:D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:6f:eb:e2:2f:69:20:92:4a:15:1e:1d:e0:27:af:5d:c8:77: f7:06:92:33:af:3b:d5:b6:99:eb:6f:c3:52:d9:6b:3b:aa:06: 10:53:8a:3f:0c:e9:0c:8a:e0:51:3e:8c:4b:4d:d6:cf:6a:76: 01:7a:f9:ae:91:c8:2e:f4:3a:bd:8b:f0:8f:a3:e1:53:b7:62: 6a:15:20:52:24:d1:b7:e6:80:74:71:3a:95:93:dd:9c:ed:67: 24:bb:0b:5e:7a:04:66:0c:38:dc:1a:d4:1c:34:f2:b7:5b:0a: 22:4c:db:2a:f8:99:29:3f:61:db:d9:fd:e0:d8:ad:83:e2:6e: d3:6e:2a:5d:d7:7b:52:75:eb:f4:d8:10:c6:62:cb:58:04:9e: 8a:79:0c:5a:f1:4b:bf:d2:c2:4f:8e:4e:28:f4:75:ab:d7:ae: b6:89:6b:9e:05:16:85:12:33:42:24:d8:b4:91:08:b9:76:1b: 2c:06:76:8b:9a:cf:ea:31:a0:f0:51:13:0b:e4:b3:cc:9e:8a: 50:97:27:08:c2:d0:14:67:8c:76:ee:3d:04:47:89:5e:f6:26: b1:5b:73:9f:19:2f:12:8b:5a:d0:2f:67:8e:05:c7:47:89:63: e6:54:67:6f:f5:f9:ef:13:68:a2:01:66:76:17:dc:2c:69:90: 2d:d6:6f:af -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNIIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTI3RjMxMTAvBgNVBAUTKEQ0MDIzNDU4NEFGNjA1OTFGMzdERDNGQkEyN0VCQ0I4 NUNDNzY1NkEwHhcNMjUwNDI0MTUwNTQ3WhcNMjUwNTAxMTUwNTQ3WjAYMRYwFAYD VQQDEw02ODBhNTM0Yi05YzA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxK+IWcROkIGcRs5l8/iT3vYTxEbyUxFqcCIL6+2TKAy1J8ZjkOYuotXfNVyO ve5Es/YAxUI3YCxXn2malUfEpNxWkoh0xi0tQJXItLWHPXwRZkT1YfkbNKkYjD/c 7Nx6VNhxrWjEnW7EUxP24yFunoYHn9J0yaItcAB+cs+e7CjcqtYlIuagR91FA23Q wPSsVhuzfApaO3h2ZlE+gKjixBqncBS3UyRiEYkKJhKYeXoac8g4kl8/qcKkUw7a shfGGP640LT8mRi4GCK49NvTgUlq5FjDEFUDEZf89sSNC1GVyjRUG3FsBfYwxzKv pImk27YkZ0p87GHjr4BCb71URQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL1hmhWf zmHabUSdkr8EvwgOMKESMB8GA1UdIwQYMBaAFNQCNFhK9gWR833T+6J+vLhcx2Vq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjdGMy9BNkRFMUNFODFE QTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJaSHpmZFA3b242OHVGekha V28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFBSTBXRXIyQlpIemZkUDdvbjY4dUZ6SFpXby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MjdGMy9BNkRFMUNFODFEQTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJa SHpmZFA3b242OHVGekhaV28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAYb+viL2kgkkoVHh3gJ69dyHf3BpIzrzvVtpnrb8NS2Ws7qgYQU4o/ DOkMiuBRPoxLTdbPanYBevmukcgu9Dq9i/CPo+FTt2JqFSBSJNG35oB0cTqVk92c 7WckuwteegRmDDjcGtQcNPK3WwoiTNsq+JkpP2Hb2f3g2K2D4m7Tbipd13tSdev0 2BDGYstYBJ6KeQxa8Uu/0sJPjk4o9HWr1662iWueBRaFEjNCJNi0kQi5dhssBnaL ms/qMaDwURML5LPMnopQlycIwtAUZ4x27j0ER4le9iaxW3OfGS8Si1rQL2eOBcdH iWPmVGdv9fnvE2iiAWZ2F9wsaZAt1m+v -----END CERTIFICATE-----Generated at Sat Apr 26 04:20:42 2025 by rpki-client