$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft File: aGr0G8M9rvgo-rSuSjoNWHutDT8.mft (raw, json) Hash identifier: /V7yKj5/tVISGp5He6Dfomd7nfx3zCdvyUd9VlpfMBw= Subject key identifier: 3D:D9:C5:8F:5C:87:BE:38:73:97:4F:3E:40:E3:D2:23:5A:BC:02:B1 Authority key identifier: 68:6A:F4:1B:C3:3D:AE:F8:28:FA:B4:AE:4A:3A:0D:58:7B:AD:0D:3F Certificate issuer: /CN=A91E4D3D/serialNumber=686AF41BC33DAEF828FAB4AE4A3A0D587BAD0D3F Certificate serial: 0594 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aGr0G8M9rvgo-rSuSjoNWHutDT8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft Manifest number: 0583 Signing time: Thu 24 Apr 2025 23:05:10 +0000 Manifest this update: Thu 24 Apr 2025 23:05:10 +0000 Manifest next update: Thu 01 May 2025 23:05:10 +0000 Files and hashes: 1: aGr0G8M9rvgo-rSuSjoNWHutDT8.crl (hash: f2dQwOnKwEXBFuaIE4Sd+mt1WW/OokPcxn149wjJeI4=) 2: 63FEB4F8D97411EBB8CC3F40C4F9AE02.roa (hash: yGTQCTRuD+wL7C1TW/wqimXEB6uk1jKvb4AJw6pgI0Q=) 3: 40310456D8D211EB97FF5586C4F9AE02.roa (hash: 4sD3HQWKjSm5VjpYk8vQ01ZycYjzVEzhHz6+9q9It7w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.crl rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aGr0G8M9rvgo-rSuSjoNWHutDT8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:05:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1428 (0x594) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4D3D, serialNumber=686AF41BC33DAEF828FAB4AE4A3A0D587BAD0D3F Validity Not Before: Apr 24 23:05:10 2025 GMT Not After : May 1 23:05:10 2025 GMT Subject: CN=680ac3a6-e6ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:c8:9b:f9:b8:33:e8:a5:69:7b:50:9b:b0:6b: 7d:c1:6f:aa:ea:29:90:c0:a3:19:ea:f9:48:23:5c: f1:14:23:a9:34:d1:77:94:e0:22:d1:ae:8a:15:dd: c9:37:ec:fe:08:b2:af:95:df:6f:ac:17:09:dc:09: ae:fc:9e:65:2b:d5:b9:34:58:bb:d5:b7:a1:4d:02: d9:95:a5:5a:f9:b6:51:c5:72:e7:2d:d4:67:b9:82: 6a:5d:5b:93:90:72:80:6b:60:c0:16:4f:ab:50:bd: b9:28:58:76:ca:97:ed:26:e9:9c:29:cb:16:65:33: 1e:75:22:45:b0:8c:af:cc:ee:3e:b9:d3:7a:0c:cd: b3:11:a5:13:b0:eb:ab:8a:8c:ce:b6:d0:ee:27:08: a6:21:f6:dd:ba:62:51:ed:a7:47:9c:70:99:fb:8c: 95:3a:e3:ff:ee:2c:11:5b:72:63:eb:14:b7:67:9b: 25:7f:9b:3f:3a:c4:0a:82:4c:2e:e8:57:2f:fd:04: 7f:7b:8c:7b:d6:20:0c:5f:60:f1:f4:90:59:56:58: c1:77:03:d9:b6:f1:3c:5b:31:1b:a3:6f:61:0c:64: 8c:68:4f:1b:57:16:08:75:34:4a:35:f1:17:70:aa: 20:e0:11:47:8c:5e:90:a5:a8:5a:e2:c4:0e:8e:72: 2a:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:D9:C5:8F:5C:87:BE:38:73:97:4F:3E:40:E3:D2:23:5A:BC:02:B1 X509v3 Authority Key Identifier: keyid:68:6A:F4:1B:C3:3D:AE:F8:28:FA:B4:AE:4A:3A:0D:58:7B:AD:0D:3F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aGr0G8M9rvgo-rSuSjoNWHutDT8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D3D/A70A8FEED8B911EBABC1F485C4F9AE02/aGr0G8M9rvgo-rSuSjoNWHutDT8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:35:b9:15:33:b0:f6:80:cd:b6:4b:12:49:43:d1:2b:c9:6e: a4:54:b4:86:ee:88:bb:31:24:6a:83:db:f4:48:22:c6:a0:49: 6b:5c:c9:a4:9b:94:34:14:72:1e:cd:05:3e:81:b9:ab:9c:11: c1:29:fa:a3:6e:10:48:3b:fa:df:de:78:e8:0c:66:4d:6c:08: 58:0e:fc:d9:3f:5e:bb:b3:6b:5d:c6:23:25:f4:48:2f:85:16: af:3f:6b:db:12:21:24:34:2b:00:15:44:62:52:4b:97:19:4c: ec:8b:82:28:4e:9f:a7:69:d1:da:b9:96:de:36:e1:ed:8e:a5: fc:0d:f5:91:2b:4b:1c:95:8a:40:93:0c:be:b5:a2:13:ee:df: 5a:d5:14:04:75:44:a9:ea:86:bd:75:a0:9d:56:f8:76:16:49: 6a:b7:32:31:4e:23:89:05:27:ef:7e:c4:f6:f1:b4:f2:fe:90: 60:b4:92:c3:a5:bf:37:88:6b:57:8f:45:f8:14:07:20:d1:58: e1:c0:34:ca:01:51:84:cf:76:3d:7f:3d:34:d1:2f:1d:45:3e: 61:6a:24:97:d5:b5:78:76:de:e7:2c:50:ac:4a:f6:78:fe:64: bd:74:c0:f0:95:07:ca:19:f3:71:fe:87:68:50:b0:e7:d8:f9: 64:8e:12:6a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTREM0QxMTAvBgNVBAUTKDY4NkFGNDFCQzMzREFFRjgyOEZBQjRBRTRBM0EwRDU4 N0JBRDBEM0YwHhcNMjUwNDI0MjMwNTEwWhcNMjUwNTAxMjMwNTEwWjAYMRYwFAYD VQQDEw02ODBhYzNhNi1lNmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3cib+bgz6KVpe1CbsGt9wW+q6imQwKMZ6vlII1zxFCOpNNF3lOAi0a6KFd3J N+z+CLKvld9vrBcJ3Amu/J5lK9W5NFi71behTQLZlaVa+bZRxXLnLdRnuYJqXVuT kHKAa2DAFk+rUL25KFh2ypftJumcKcsWZTMedSJFsIyvzO4+udN6DM2zEaUTsOur iozOttDuJwimIfbdumJR7adHnHCZ+4yVOuP/7iwRW3Jj6xS3Z5slf5s/OsQKgkwu 6Fcv/QR/e4x71iAMX2Dx9JBZVljBdwPZtvE8WzEbo29hDGSMaE8bVxYIdTRKNfEX cKog4BFHjF6Qpaha4sQOjnIqtwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD3ZxY9c h744c5dPPkDj0iNavAKxMB8GA1UdIwQYMBaAFGhq9BvDPa74KPq0rko6DVh7rQ0/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQzRC9BNzBBOEZFRUQ4 QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi9hR3IwRzhNOXJ2Z28tclN1U2pvTldIdXRE VDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2FHcjBHOE05cnZnby1yU3VTam9OV0h1dERUOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEQzRC9BNzBBOEZFRUQ4QjkxMUVCQUJDMUY0ODVDNEY5QUUwMi9hR3IwRzhNOXJ2 Z28tclN1U2pvTldIdXREVDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAmNbkVM7D2gM22SxJJQ9EryW6kVLSG7oi7MSRqg9v0SCLGoElrXMmk m5Q0FHIezQU+gbmrnBHBKfqjbhBIO/rf3njoDGZNbAhYDvzZP167s2tdxiMl9Egv hRavP2vbEiEkNCsAFURiUkuXGUzsi4IoTp+nadHauZbeNuHtjqX8DfWRK0sclYpA kwy+taIT7t9a1RQEdUSp6oa9daCdVvh2FklqtzIxTiOJBSfvfsT28bTy/pBgtJLD pb83iGtXj0X4FAcg0VjhwDTKAVGEz3Y9fz000S8dRT5haiSX1bV4dt7nLFCsSvZ4 /mS9dMDwlQfKGfNx/odoULDn2PlkjhJq -----END CERTIFICATE-----Generated at Sat Apr 26 12:19:12 2025 by rpki-client