$ rpki-client -vvf rpki.apnic.net/member_repository/A91E39B4/1EE1829E3DA111EA8B67E94FC4F9AE02/l7PdKrPIm8iiu8HbgDvOaOqlqhI.mft File: l7PdKrPIm8iiu8HbgDvOaOqlqhI.mft (raw, json) Hash identifier: UhPJNMA1dxiDxQypxgmQlWKjQpTv5gV+1peA/JmsIhc= Subject key identifier: 25:91:88:7F:86:EF:FB:5D:10:EF:05:FB:96:E4:6C:68:1B:06:2D:D1 Authority key identifier: 97:B3:DD:2A:B3:C8:9B:C8:A2:BB:C1:DB:80:3B:CE:68:EA:A5:AA:12 Certificate issuer: /CN=A91E39B4/serialNumber=97B3DD2AB3C89BC8A2BBC1DB803BCE68EAA5AA12 Certificate serial: 0B2E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l7PdKrPIm8iiu8HbgDvOaOqlqhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E39B4/1EE1829E3DA111EA8B67E94FC4F9AE02/l7PdKrPIm8iiu8HbgDvOaOqlqhI.mft Manifest number: 0B1A Signing time: Thu 24 Apr 2025 19:08:46 +0000 Manifest this update: Thu 24 Apr 2025 19:08:46 +0000 Manifest next update: Thu 01 May 2025 19:08:46 +0000 Files and hashes: 1: l7PdKrPIm8iiu8HbgDvOaOqlqhI.crl (hash: lR7MkCqfflY+O++fnqzpNOXS5p7ihK6xnHxhqkYacfk=) 2: 46F57CF8137B11EBA3B47E37C4F9AE02.roa (hash: 2qnnF6MVOAPWKTwVx6xcANvt7+ipRsuxDi1zcVsoM90=) 3: D968823E3DA111EA9A3FD550C4F9AE02.roa (hash: LHN9DyWzlGRcwkpXqFqZ90XaKLujDGwCFAysXhBXguc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E39B4/1EE1829E3DA111EA8B67E94FC4F9AE02/l7PdKrPIm8iiu8HbgDvOaOqlqhI.crl rsync://rpki.apnic.net/member_repository/A91E39B4/1EE1829E3DA111EA8B67E94FC4F9AE02/l7PdKrPIm8iiu8HbgDvOaOqlqhI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l7PdKrPIm8iiu8HbgDvOaOqlqhI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:08:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2862 (0xb2e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E39B4, serialNumber=97B3DD2AB3C89BC8A2BBC1DB803BCE68EAA5AA12 Validity Not Before: Apr 24 19:08:46 2025 GMT Not After : May 1 19:08:46 2025 GMT Subject: CN=680a8c3e-0eea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:c3:d1:4f:ff:e4:1b:41:3a:5e:9e:52:46:07: 53:8c:3e:bc:bb:6e:8b:b2:a4:bb:c2:bf:26:80:e4: f9:4d:75:26:50:02:3e:d2:46:16:43:4a:78:3e:c5: 56:ec:22:c7:48:c0:1c:ca:bc:a8:19:04:4e:85:43: d1:56:44:74:00:87:bd:86:94:ef:04:f0:ea:59:e3: 2a:54:74:6a:54:58:17:0e:f6:4e:51:67:4d:3a:52: cc:33:ce:d3:01:42:52:c3:50:ad:b4:af:90:6c:35: 0d:e0:db:e8:33:ee:36:8f:bf:f1:99:c9:a4:ee:72: 69:41:1b:0a:11:71:73:2b:d8:d5:87:ed:2a:92:0b: b5:ef:32:08:17:b1:f4:4e:65:51:22:bf:a7:1b:9d: dd:d4:f8:15:b7:20:9f:ab:f9:bb:00:da:0e:16:8c: 61:56:81:79:8c:f6:0d:e4:34:10:ea:ca:db:53:30: d3:7b:ab:bb:fc:99:c8:53:38:ea:cd:ad:54:6d:46: 2d:30:c9:b7:c8:10:46:21:95:44:e4:b6:c2:a5:5b: 05:15:30:ce:c4:ca:60:a2:38:21:bf:35:0d:48:65: 2c:50:61:d2:92:07:43:7c:3e:2e:43:9e:d0:ff:dc: 81:e9:85:7b:3e:9d:ee:47:4f:b7:b2:35:13:c6:8f: 29:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:91:88:7F:86:EF:FB:5D:10:EF:05:FB:96:E4:6C:68:1B:06:2D:D1 X509v3 Authority Key Identifier: keyid:97:B3:DD:2A:B3:C8:9B:C8:A2:BB:C1:DB:80:3B:CE:68:EA:A5:AA:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E39B4/1EE1829E3DA111EA8B67E94FC4F9AE02/l7PdKrPIm8iiu8HbgDvOaOqlqhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l7PdKrPIm8iiu8HbgDvOaOqlqhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E39B4/1EE1829E3DA111EA8B67E94FC4F9AE02/l7PdKrPIm8iiu8HbgDvOaOqlqhI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:63:5b:46:ba:68:3d:68:1d:fc:0d:0d:5e:a8:6a:90:63:93: cb:41:fa:b2:cb:91:35:f9:62:b8:4f:c7:e9:3e:14:a8:42:84: 1d:70:7e:11:11:7f:e5:5a:bd:38:1f:5d:c2:36:cf:88:6c:bd: 15:63:f6:ab:51:9a:fd:34:2a:5d:52:b3:2b:e5:dc:d6:ad:d4: 4a:7e:a7:36:86:0e:2f:df:c4:9e:4f:f8:e5:49:d9:85:cb:66: f1:f9:7b:c6:cf:e4:8e:40:de:28:75:b5:0d:a2:12:94:3e:fc: 99:e2:a2:23:d5:fe:54:15:4b:81:e9:58:e3:72:18:76:df:39: 36:ea:15:0c:2d:43:c4:1b:d9:f0:e7:5d:c7:68:06:a2:15:e3: 44:c7:fa:b5:3a:c1:54:da:1f:16:bc:f2:8d:c3:00:24:a3:35: 0c:62:16:21:0e:44:39:f6:81:7e:34:cb:dd:5e:50:b3:50:33: dc:43:ca:18:fc:a4:b1:ad:89:68:93:6f:f7:c3:99:d4:54:b2: e0:53:95:dd:0a:b2:07:27:59:7b:6c:26:ed:9f:ca:46:aa:60: 34:a8:df:70:2a:43:49:7e:4c:e8:a3:92:0e:ce:ef:62:f7:11: 17:10:22:e3:21:02:d3:35:a7:06:88:11:7d:88:66:12:1e:80: dd:ec:9f:35 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCy4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTM5QjQxMTAvBgNVBAUTKDk3QjNERDJBQjNDODlCQzhBMkJCQzFEQjgwM0JDRTY4 RUFBNUFBMTIwHhcNMjUwNDI0MTkwODQ2WhcNMjUwNTAxMTkwODQ2WjAYMRYwFAYD VQQDEw02ODBhOGMzZS0wZWVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzcPRT//kG0E6Xp5SRgdTjD68u26LsqS7wr8mgOT5TXUmUAI+0kYWQ0p4PsVW 7CLHSMAcyryoGQROhUPRVkR0AIe9hpTvBPDqWeMqVHRqVFgXDvZOUWdNOlLMM87T AUJSw1CttK+QbDUN4NvoM+42j7/xmcmk7nJpQRsKEXFzK9jVh+0qkgu17zIIF7H0 TmVRIr+nG53d1PgVtyCfq/m7ANoOFoxhVoF5jPYN5DQQ6srbUzDTe6u7/JnIUzjq za1UbUYtMMm3yBBGIZVE5LbCpVsFFTDOxMpgojghvzUNSGUsUGHSkgdDfD4uQ57Q /9yB6YV7Pp3uR0+3sjUTxo8p2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCWRiH+G 7/tdEO8F+5bkbGgbBi3RMB8GA1UdIwQYMBaAFJez3SqzyJvIorvB24A7zmjqpaoS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMzlCNC8xRUUxODI5RTNE QTExMUVBOEI2N0U5NEZDNEY5QUUwMi9sN1BkS3JQSW04aWl1OEhiZ0R2T2FPcWxx aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2w3UGRLclBJbThpaXU4SGJnRHZPYU9xbHFoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MzlCNC8xRUUxODI5RTNEQTExMUVBOEI2N0U5NEZDNEY5QUUwMi9sN1BkS3JQSW04 aWl1OEhiZ0R2T2FPcWxxaEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMY1tGumg9aB38DQ1eqGqQY5PLQfqyy5E1+WK4T8fpPhSoQoQdcH4R EX/lWr04H13CNs+IbL0VY/arUZr9NCpdUrMr5dzWrdRKfqc2hg4v38SeT/jlSdmF y2bx+XvGz+SOQN4odbUNohKUPvyZ4qIj1f5UFUuB6Vjjchh23zk26hUMLUPEG9nw 513HaAaiFeNEx/q1OsFU2h8WvPKNwwAkozUMYhYhDkQ59oF+NMvdXlCzUDPcQ8oY /KSxrYlok2/3w5nUVLLgU5XdCrIHJ1l7bCbtn8pGqmA0qN9wKkNJfkzoo5IOzu9i 9xEXECLjIQLTNacGiBF9iGYSHoDd7J81 -----END CERTIFICATE-----Generated at Sat Apr 26 15:04:00 2025 by rpki-client