$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.mft File: tDpaYNRoBqaf_vfGdiGexLqLo20.mft (raw, json) Hash identifier: BSsmnpONZjE4mlLxjTlEQcpmmQC76GJICP3Or7JhMjI= Subject key identifier: CB:82:54:72:19:22:7A:C6:D0:C2:D4:81:A0:19:63:5A:4C:14:16:EF Authority key identifier: B4:3A:5A:60:D4:68:06:A6:9F:FE:F7:C6:76:21:9E:C4:BA:8B:A3:6D Certificate issuer: /CN=A91E2AE5/serialNumber=B43A5A60D46806A69FFEF7C676219EC4BA8BA36D Certificate serial: 2B7E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.mft Manifest number: 2B5A Signing time: Thu 24 Apr 2025 15:33:29 +0000 Manifest this update: Thu 24 Apr 2025 15:33:28 +0000 Manifest next update: Thu 01 May 2025 15:33:28 +0000 Files and hashes: 1: tDpaYNRoBqaf_vfGdiGexLqLo20.crl (hash: Shjdi3BGN+EKJC3tAiaSaXWZinRT8C2IL9wejxsh2bY=) 2: 2815E7D4BF4211E9A93A3957C4F9AE02.roa (hash: q2QK7nleDfVKJdydH1BhBELt50ggXZGsQHTMsb+GgzQ=) 3: 43487B18BF1811E9A2C00E63C4F9AE02.roa (hash: R7GiqDFWTFG5/KzmRDTnU8CgA9M5hlMTeWah7zEstzM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.crl rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:33:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11134 (0x2b7e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2AE5, serialNumber=B43A5A60D46806A69FFEF7C676219EC4BA8BA36D Validity Not Before: Apr 24 15:33:28 2025 GMT Not After : May 1 15:33:28 2025 GMT Subject: CN=680a59c9-3d4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:c6:0a:4e:6c:71:fd:ba:c3:6a:b6:82:b1:83: 79:fa:ea:f1:e2:1a:29:83:6f:c6:fe:35:ef:6c:7d: 5c:8a:b6:54:c4:e7:64:63:3c:4a:ba:be:67:e0:44: 01:13:81:06:43:a2:d5:0f:d1:e5:20:53:c2:0d:b4: 86:49:98:34:68:e7:0f:e3:e2:ca:e3:4a:3f:df:90: e2:90:5b:d1:72:66:47:24:c7:58:1a:f0:aa:9c:c9: 84:9e:db:ae:5f:0d:2f:d4:dd:23:b7:22:dd:41:9f: 65:c3:df:ec:6d:8e:28:9a:26:e6:15:f6:75:9d:2b: 59:6f:8d:85:47:24:6b:8d:01:b8:06:18:bf:eb:b6: 72:cd:0f:07:48:4a:6d:03:e6:e9:8a:2e:5e:79:c5: b0:b2:4c:ae:e2:92:7f:42:13:18:d6:8e:23:0d:81: 21:86:27:44:35:27:62:3f:5b:67:9c:af:dc:5f:ef: 7c:c9:25:27:b8:61:51:98:eb:11:b2:b7:99:f9:9b: b6:a2:d4:ff:84:c6:e9:5f:58:28:b0:aa:b3:3e:aa: ca:84:99:61:6b:be:10:96:a5:99:7d:68:29:26:69: 97:61:6e:c0:85:2c:ec:13:2a:85:5e:bd:df:ef:5c: c6:2d:b5:13:fe:43:21:07:36:da:d3:aa:05:13:19: 48:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:82:54:72:19:22:7A:C6:D0:C2:D4:81:A0:19:63:5A:4C:14:16:EF X509v3 Authority Key Identifier: keyid:B4:3A:5A:60:D4:68:06:A6:9F:FE:F7:C6:76:21:9E:C4:BA:8B:A3:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:02:d2:52:82:ac:ab:8f:11:49:11:01:76:4b:96:1b:70:ba: cb:9d:ae:d2:84:1a:cb:34:a8:50:67:86:a9:e1:77:65:90:81: d9:ec:d6:24:3f:f2:05:13:f1:49:20:92:9c:db:85:25:6c:37: 6b:a1:a8:34:4d:2f:da:62:bf:45:34:6e:cc:e8:46:10:d4:76: 6b:61:93:40:85:ca:b5:00:01:e9:b6:11:5c:a5:68:97:c8:67: 15:75:4b:18:0b:b9:86:38:1a:36:bb:27:40:6a:c0:c2:d1:c8: 1e:78:d2:d4:cb:32:41:c8:d9:70:2f:f4:70:5c:cb:10:aa:07: 7c:f5:7e:3f:44:8e:76:6a:23:88:d0:d3:f9:02:da:dc:eb:6d: 51:d1:17:e7:d5:f4:77:21:57:8e:75:1e:d8:f1:3b:be:e0:84: d8:a6:d6:15:09:5e:63:4f:59:ad:51:02:99:05:83:78:ec:f2: ad:76:89:2c:61:a2:78:3e:2b:6b:6f:f6:8e:6a:97:bd:b4:fc: 8a:56:3c:83:9d:c0:aa:f5:fe:13:bf:ed:58:51:27:26:4b:23: fd:83:8e:b7:07:4f:2c:38:25:1a:bc:4e:82:68:93:ed:21:58: 31:24:e7:3b:4d:66:b8:6b:6f:af:b4:6f:dd:87:1f:88:f5:f8: 15:15:3e:12 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICK34wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTJBRTUxMTAvBgNVBAUTKEI0M0E1QTYwRDQ2ODA2QTY5RkZFRjdDNjc2MjE5RUM0 QkE4QkEzNkQwHhcNMjUwNDI0MTUzMzI4WhcNMjUwNTAxMTUzMzI4WjAYMRYwFAYD VQQDEw02ODBhNTljOS0zZDRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0MYKTmxx/brDaraCsYN5+urx4hopg2/G/jXvbH1cirZUxOdkYzxKur5n4EQB E4EGQ6LVD9HlIFPCDbSGSZg0aOcP4+LK40o/35DikFvRcmZHJMdYGvCqnMmEntuu Xw0v1N0jtyLdQZ9lw9/sbY4omibmFfZ1nStZb42FRyRrjQG4Bhi/67ZyzQ8HSEpt A+bpii5eecWwskyu4pJ/QhMY1o4jDYEhhidENSdiP1tnnK/cX+98ySUnuGFRmOsR sreZ+Zu2otT/hMbpX1gosKqzPqrKhJlha74QlqWZfWgpJmmXYW7AhSzsEyqFXr3f 71zGLbUT/kMhBzba06oFExlImwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMuCVHIZ InrG0MLUgaAZY1pMFBbvMB8GA1UdIwQYMBaAFLQ6WmDUaAamn/73xnYhnsS6i6Nt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMkFFNS84RDNFNTRFQUVE NTkxMUUzQjA5MDExOTI1OTExRUEzMi90RHBhWU5Sb0JxYWZfdmZHZGlHZXhMcUxv MjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3REcGFZTlJvQnFhZl92ZkdkaUdleExxTG8yMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MkFFNS84RDNFNTRFQUVENTkxMUUzQjA5MDExOTI1OTExRUEzMi90RHBhWU5Sb0Jx YWZfdmZHZGlHZXhMcUxvMjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJAtJSgqyrjxFJEQF2S5YbcLrLna7ShBrLNKhQZ4ap4XdlkIHZ7NYk P/IFE/FJIJKc24UlbDdroag0TS/aYr9FNG7M6EYQ1HZrYZNAhcq1AAHpthFcpWiX yGcVdUsYC7mGOBo2uydAasDC0cgeeNLUyzJByNlwL/RwXMsQqgd89X4/RI52aiOI 0NP5Atrc621R0Rfn1fR3IVeOdR7Y8Tu+4ITYptYVCV5jT1mtUQKZBYN47PKtdoks YaJ4Pitrb/aOape9tPyKVjyDncCq9f4Tv+1YUScmSyP9g463B08sOCUavE6CaJPt IVgxJOc7TWa4a2+vtG/dhx+I9fgVFT4S -----END CERTIFICATE-----Generated at Sat Apr 26 17:08:58 2025 by rpki-client