$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2F2C/FFB761FA967811EA840F0029C4F9AE02/PDml0ZGM9lqyVjMi8PXxQwmme48.mft File: PDml0ZGM9lqyVjMi8PXxQwmme48.mft (raw, json) Hash identifier: XxYVaLGmPc4D1EjRNfyedRhNTYW6M5dmzvHOjXGKHaE= Subject key identifier: 39:25:71:FE:72:32:5A:D6:AF:E4:C7:B0:57:B5:60:9D:83:5E:27:BB Authority key identifier: 3C:39:A5:D1:91:8C:F6:5A:B2:56:33:22:F0:F5:F1:43:09:A6:7B:8F Certificate issuer: /CN=A91E2F2C/serialNumber=3C39A5D1918CF65AB2563322F0F5F14309A67B8F Certificate serial: 0971 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PDml0ZGM9lqyVjMi8PXxQwmme48.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2F2C/FFB761FA967811EA840F0029C4F9AE02/PDml0ZGM9lqyVjMi8PXxQwmme48.mft Manifest number: 0960 Signing time: Thu 24 Apr 2025 20:07:14 +0000 Manifest this update: Thu 24 Apr 2025 20:07:13 +0000 Manifest next update: Thu 01 May 2025 20:07:13 +0000 Files and hashes: 1: PDml0ZGM9lqyVjMi8PXxQwmme48.crl (hash: /4AXoEmYNPsPFjrV/t3JSLzLEnUSEZjnqjqZ03F2vDQ=) 2: DE07328A778911ECBD9C7748C4F9AE02.roa (hash: dv7m/vWVCsxj8ZbnKigzGyA9Di8bR9HnPMOcVlR8lHI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2F2C/FFB761FA967811EA840F0029C4F9AE02/PDml0ZGM9lqyVjMi8PXxQwmme48.crl rsync://rpki.apnic.net/member_repository/A91E2F2C/FFB761FA967811EA840F0029C4F9AE02/PDml0ZGM9lqyVjMi8PXxQwmme48.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PDml0ZGM9lqyVjMi8PXxQwmme48.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:07:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2417 (0x971) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2F2C, serialNumber=3C39A5D1918CF65AB2563322F0F5F14309A67B8F Validity Not Before: Apr 24 20:07:13 2025 GMT Not After : May 1 20:07:13 2025 GMT Subject: CN=680a99f1-c101 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:3f:6f:68:59:18:0b:75:27:ab:68:41:85:d7: b0:f4:2f:51:cd:73:0d:b4:da:ab:72:62:b6:85:53: 07:16:ff:1f:c6:b7:46:33:10:22:db:7e:de:6a:fe: 19:4f:a6:2d:d5:4d:c5:53:c4:fe:a8:ce:4c:cd:e0: 05:b4:d7:8c:d3:01:87:59:70:71:18:09:71:70:8a: e8:11:fb:ab:9d:18:21:f7:27:38:ae:cd:9a:d4:9c: 5c:5e:42:1c:fa:f9:30:87:f0:0f:fa:c1:f6:9b:15: c0:43:b1:db:96:b7:55:f6:c3:2b:48:74:b2:23:f3: 3c:4f:2f:36:9d:d9:11:8d:cd:e7:7f:42:c7:bd:e4: 59:f4:f2:9a:5a:97:ec:9e:d6:f9:56:9d:d4:23:06: 01:b0:0a:aa:e8:93:eb:7f:47:1b:20:f1:ad:c3:69: aa:0b:53:b6:79:5e:1f:bb:ce:40:c5:11:55:83:65: 30:a7:0f:d9:8d:80:ab:84:90:22:93:35:6f:5f:70: ba:2e:e4:ad:73:e5:40:5d:f9:7d:ac:c7:74:e6:d0: 6e:bb:6d:58:af:a7:ac:92:bd:18:a0:dc:c0:e4:1e: aa:b6:28:15:3b:c3:2d:6f:a1:a2:ac:ea:a5:a2:8a: b4:12:a1:9d:9f:ff:d0:d4:4c:49:53:04:fa:f9:a5: c4:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:25:71:FE:72:32:5A:D6:AF:E4:C7:B0:57:B5:60:9D:83:5E:27:BB X509v3 Authority Key Identifier: keyid:3C:39:A5:D1:91:8C:F6:5A:B2:56:33:22:F0:F5:F1:43:09:A6:7B:8F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2F2C/FFB761FA967811EA840F0029C4F9AE02/PDml0ZGM9lqyVjMi8PXxQwmme48.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PDml0ZGM9lqyVjMi8PXxQwmme48.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2F2C/FFB761FA967811EA840F0029C4F9AE02/PDml0ZGM9lqyVjMi8PXxQwmme48.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bf:4d:ae:ca:6a:74:f5:40:64:69:18:3a:1e:38:d5:87:25:21: b3:50:9c:12:cc:a9:c3:3b:33:fa:16:71:5e:03:ea:1f:01:a4: 9e:62:de:00:f6:cf:d6:ed:be:c5:67:65:a5:95:41:30:21:f4: b8:25:db:76:ec:c2:e9:b1:18:58:91:b3:23:09:fc:a4:5d:d8: 70:cc:1f:a4:45:cd:5a:f6:88:8a:3f:b6:89:a5:34:d4:3a:08: 07:4c:ea:ef:82:8d:ce:99:8d:7c:5a:b8:b6:6e:f1:cf:f5:ea: db:bb:f3:1c:ce:75:ae:c6:f1:2d:0b:58:28:85:4c:3f:10:9b: 5c:49:21:d8:94:6e:a4:03:0a:30:74:8c:00:c0:18:2f:c6:39: 61:c1:0e:b7:40:d2:f5:74:d6:ad:56:3e:3c:2a:e5:82:f1:9f: b7:d2:6b:e9:c8:c3:db:85:74:d4:1b:0b:b9:c7:d8:1f:35:9a: 1d:2d:a6:82:ff:30:29:80:a6:e1:68:3c:0d:2c:63:41:05:9e: ca:49:92:53:8e:a0:da:a8:e0:98:21:4b:d9:d5:bd:d4:e4:7d: b8:15:c8:1d:b9:51:11:5f:b5:a1:ab:5b:d8:25:3c:07:85:82: 74:e4:96:7f:28:0b:2f:2f:35:88:80:9c:d6:71:5f:2e:25:fb: 26:6a:1d:84 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCXEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTJGMkMxMTAvBgNVBAUTKDNDMzlBNUQxOTE4Q0Y2NUFCMjU2MzMyMkYwRjVGMTQz MDlBNjdCOEYwHhcNMjUwNDI0MjAwNzEzWhcNMjUwNTAxMjAwNzEzWjAYMRYwFAYD VQQDEw02ODBhOTlmMS1jMTAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6D9vaFkYC3Unq2hBhdew9C9RzXMNtNqrcmK2hVMHFv8fxrdGMxAi237eav4Z T6Yt1U3FU8T+qM5MzeAFtNeM0wGHWXBxGAlxcIroEfurnRgh9yc4rs2a1JxcXkIc +vkwh/AP+sH2mxXAQ7HblrdV9sMrSHSyI/M8Ty82ndkRjc3nf0LHveRZ9PKaWpfs ntb5Vp3UIwYBsAqq6JPrf0cbIPGtw2mqC1O2eV4fu85AxRFVg2Uwpw/ZjYCrhJAi kzVvX3C6LuStc+VAXfl9rMd05tBuu21Yr6eskr0YoNzA5B6qtigVO8Mtb6GirOql ooq0EqGdn//Q1ExJUwT6+aXEkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDklcf5y MlrWr+THsFe1YJ2DXie7MB8GA1UdIwQYMBaAFDw5pdGRjPZaslYzIvD18UMJpnuP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMkYyQy9GRkI3NjFGQTk2 NzgxMUVBODQwRjAwMjlDNEY5QUUwMi9QRG1sMFpHTTlscXlWak1pOFBYeFF3bW1l NDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BEbWwwWkdNOWxxeVZqTWk4UFh4UXdtbWU0OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MkYyQy9GRkI3NjFGQTk2NzgxMUVBODQwRjAwMjlDNEY5QUUwMi9QRG1sMFpHTTls cXlWak1pOFBYeFF3bW1lNDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC/Ta7KanT1QGRpGDoeONWHJSGzUJwSzKnDOzP6FnFeA+ofAaSeYt4A 9s/W7b7FZ2WllUEwIfS4Jdt27MLpsRhYkbMjCfykXdhwzB+kRc1a9oiKP7aJpTTU OggHTOrvgo3OmY18Wri2bvHP9erbu/McznWuxvEtC1gohUw/EJtcSSHYlG6kAwow dIwAwBgvxjlhwQ63QNL1dNatVj48KuWC8Z+30mvpyMPbhXTUGwu5x9gfNZodLaaC /zApgKbhaDwNLGNBBZ7KSZJTjqDaqOCYIUvZ1b3U5H24FcgduVERX7Whq1vYJTwH hYJ05JZ/KAsvLzWIgJzWcV8uJfsmah2E -----END CERTIFICATE-----Generated at Sat Apr 26 17:08:58 2025 by rpki-client