$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.mft File: PN9D1xf8WEnyOpTimncrKKXXAeM.mft (raw, json) Hash identifier: pTsq43DU/6hMc4p0gmJ6SqOPJqQadcnZVlQ3HtsF3+I= Subject key identifier: B2:B5:C0:D8:4A:D7:60:71:38:41:65:31:30:7C:D6:14:17:F2:03:13 Authority key identifier: 3C:DF:43:D7:17:FC:58:49:F2:3A:94:E2:9A:77:2B:28:A5:D7:01:E3 Certificate issuer: /CN=A91E3BB3/serialNumber=3CDF43D717FC5849F23A94E29A772B28A5D701E3 Certificate serial: 083D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.mft Manifest number: 0835 Signing time: Thu 24 Apr 2025 20:38:39 +0000 Manifest this update: Thu 24 Apr 2025 20:38:39 +0000 Manifest next update: Thu 01 May 2025 20:38:39 +0000 Files and hashes: 1: PN9D1xf8WEnyOpTimncrKKXXAeM.crl (hash: EPWtmC71iCC/4k8s86tkv6hseLy6ojk4rJEOfg78G6U=) 2: D0CF108ED85111EF9DC0826CC4F9AE02.roa (hash: zvHITej7x6G5n4QCQAElY7CsJ+bvYQTRcFwTwkacxFI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.crl rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:38:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2109 (0x83d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3BB3, serialNumber=3CDF43D717FC5849F23A94E29A772B28A5D701E3 Validity Not Before: Apr 24 20:38:39 2025 GMT Not After : May 1 20:38:39 2025 GMT Subject: CN=680aa14f-2cf7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:0f:c5:ad:c3:17:55:fe:ab:38:77:be:7d:f8: 21:40:bb:6f:85:64:ea:92:0c:2c:bd:9d:8b:34:d4: ea:82:ee:4c:89:67:d8:3b:19:1a:fc:45:b9:b1:8e: 84:2f:c5:ac:a1:96:f2:54:7c:02:a8:09:3f:a5:8d: 93:b8:64:c0:17:f1:df:57:6e:06:07:45:be:88:7e: f0:23:c0:e8:71:65:71:13:59:f0:3f:26:e2:c4:93: f4:6f:93:bd:34:aa:08:c1:72:7e:42:90:60:44:d6: fa:38:55:ef:bc:7c:be:d6:30:1a:48:fc:a0:47:81: 4c:56:34:f3:3c:42:ab:45:fa:79:04:37:e0:4d:ee: b1:49:ea:2a:99:5c:6e:2e:23:75:ff:fa:95:bb:0b: b0:da:0a:9b:85:a5:3b:b5:0c:2f:6a:78:18:a5:13: f5:b6:90:86:56:bb:53:38:46:7e:ab:72:ca:ae:7a: 50:86:ba:fd:e3:08:55:a0:7b:48:10:b0:9b:ff:38: 9c:04:46:9b:af:d4:30:86:75:a7:fe:ad:da:50:a8: 9f:26:99:01:a0:59:5d:5d:88:1c:7c:24:42:3a:53: d3:c5:7e:e5:1b:2f:29:98:84:eb:21:c2:30:10:f4: fb:87:0a:70:8e:e6:6c:c2:8a:24:11:b3:0d:9a:93: 5c:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:B5:C0:D8:4A:D7:60:71:38:41:65:31:30:7C:D6:14:17:F2:03:13 X509v3 Authority Key Identifier: keyid:3C:DF:43:D7:17:FC:58:49:F2:3A:94:E2:9A:77:2B:28:A5:D7:01:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:1e:32:fc:70:9f:cc:cd:fb:21:3c:d4:7f:78:ed:c7:03:0b: 0d:17:e5:61:35:22:ae:9d:72:67:8a:56:02:58:61:20:93:cd: c4:0c:59:9b:a0:8a:cc:cd:aa:10:10:0d:7b:69:2b:ad:e7:72: 6e:ee:76:d4:aa:bc:1c:74:2d:06:0d:40:b4:da:17:a2:8f:06: 0e:10:94:45:c0:b4:23:76:24:45:bc:30:71:e6:31:1e:8b:7a: ce:18:54:8f:ee:d1:13:51:20:2c:dc:6f:c1:d0:f9:0a:c2:9a: d3:4d:d4:e3:a1:f6:c5:30:ba:8c:27:a1:03:e9:3a:c6:0d:25: 01:59:63:80:85:53:79:7d:ab:79:47:e0:fa:d9:7f:4e:70:46: 88:78:aa:02:90:96:62:0e:b9:ff:61:29:bc:a9:67:5a:07:15: 8c:23:59:31:09:98:fa:f2:85:29:2f:b4:42:aa:21:29:3b:05: b3:66:da:d2:bb:e5:49:45:55:e7:50:6a:07:46:4e:01:47:6f: 2e:9f:7d:45:bf:e4:18:c9:2e:54:6f:35:af:ca:b9:6d:22:54: ef:51:74:50:00:04:68:9a:d5:05:3a:bc:fb:8a:c6:89:e0:3d: 7e:47:a0:7f:22:a0:c6:c4:b2:1b:45:c3:d2:15:c2:07:64:73: 26:46:f7:86 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCD0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCQjMxMTAvBgNVBAUTKDNDREY0M0Q3MTdGQzU4NDlGMjNBOTRFMjlBNzcyQjI4 QTVENzAxRTMwHhcNMjUwNDI0MjAzODM5WhcNMjUwNTAxMjAzODM5WjAYMRYwFAYD VQQDEw02ODBhYTE0Zi0yY2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzg/FrcMXVf6rOHe+ffghQLtvhWTqkgwsvZ2LNNTqgu5MiWfYOxka/EW5sY6E L8WsoZbyVHwCqAk/pY2TuGTAF/HfV24GB0W+iH7wI8DocWVxE1nwPybixJP0b5O9 NKoIwXJ+QpBgRNb6OFXvvHy+1jAaSPygR4FMVjTzPEKrRfp5BDfgTe6xSeoqmVxu LiN1//qVuwuw2gqbhaU7tQwvangYpRP1tpCGVrtTOEZ+q3LKrnpQhrr94whVoHtI ELCb/zicBEabr9QwhnWn/q3aUKifJpkBoFldXYgcfCRCOlPTxX7lGy8pmITrIcIw EPT7hwpwjuZswookEbMNmpNc2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLK1wNhK 12BxOEFlMTB81hQX8gMTMB8GA1UdIwQYMBaAFDzfQ9cX/FhJ8jqU4pp3Kyil1wHj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0JCMy85NUFFQTlFOENC RTQxMUVBODA2QTRBNzVDNEY5QUUwMi9QTjlEMXhmOFdFbnlPcFRpbW5jcktLWFhB ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BOOUQxeGY4V0VueU9wVGltbmNyS0tYWEFlTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0JCMy85NUFFQTlFOENCRTQxMUVBODA2QTRBNzVDNEY5QUUwMi9QTjlEMXhmOFdF bnlPcFRpbW5jcktLWFhBZU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAsHjL8cJ/MzfshPNR/eO3HAwsNF+VhNSKunXJnilYCWGEgk83EDFmb oIrMzaoQEA17aSut53Ju7nbUqrwcdC0GDUC02heijwYOEJRFwLQjdiRFvDBx5jEe i3rOGFSP7tETUSAs3G/B0PkKwprTTdTjofbFMLqMJ6ED6TrGDSUBWWOAhVN5fat5 R+D62X9OcEaIeKoCkJZiDrn/YSm8qWdaBxWMI1kxCZj68oUpL7RCqiEpOwWzZtrS u+VJRVXnUGoHRk4BR28un31Fv+QYyS5UbzWvyrltIlTvUXRQAARomtUFOrz7isaJ 4D1+R6B/IqDGxLIbRcPSFcIHZHMmRveG -----END CERTIFICATE-----Generated at Sat Apr 26 15:11:10 2025 by rpki-client