$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8C52/B46CD77E91B911EB9C5B4618C4F9AE02/iruZJsMSoUFJxSMLpV-oz1uJquE.mft File: iruZJsMSoUFJxSMLpV-oz1uJquE.mft (raw, json) Hash identifier: mP4nstB24iMO5erJVzvc1e9aXGjtp14lMlD63RDgx5o= Subject key identifier: 3A:14:43:C5:CE:44:A6:36:F2:E3:64:46:7D:C2:2E:11:F6:A1:77:A2 Authority key identifier: 8A:BB:99:26:C3:12:A1:41:49:C5:23:0B:A5:5F:A8:CF:5B:89:AA:E1 Certificate issuer: /CN=A91E8C52/serialNumber=8ABB9926C312A14149C5230BA55FA8CF5B89AAE1 Certificate serial: 0632 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iruZJsMSoUFJxSMLpV-oz1uJquE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8C52/B46CD77E91B911EB9C5B4618C4F9AE02/iruZJsMSoUFJxSMLpV-oz1uJquE.mft Manifest number: 062C Signing time: Thu 24 Apr 2025 22:29:59 +0000 Manifest this update: Thu 24 Apr 2025 22:29:58 +0000 Manifest next update: Thu 01 May 2025 22:29:58 +0000 Files and hashes: 1: iruZJsMSoUFJxSMLpV-oz1uJquE.crl (hash: 2CrNQHVS807Sh5rSzLd1bEowtBLtY4VtrAP4nUaiySk=) 2: 09C9D20691BC11EB8C38801CC4F9AE02.roa (hash: WLK6J5FK1cyYi8od3TiV/xRyzkXSS7BDCS8cGAhSdLw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8C52/B46CD77E91B911EB9C5B4618C4F9AE02/iruZJsMSoUFJxSMLpV-oz1uJquE.crl rsync://rpki.apnic.net/member_repository/A91E8C52/B46CD77E91B911EB9C5B4618C4F9AE02/iruZJsMSoUFJxSMLpV-oz1uJquE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iruZJsMSoUFJxSMLpV-oz1uJquE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:29:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1586 (0x632) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8C52, serialNumber=8ABB9926C312A14149C5230BA55FA8CF5B89AAE1 Validity Not Before: Apr 24 22:29:58 2025 GMT Not After : May 1 22:29:58 2025 GMT Subject: CN=680abb67-b9d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:0b:11:b9:9b:35:94:5e:7c:e7:bb:04:48:1d: 36:21:2b:ba:31:fe:ba:13:f0:d8:b2:c8:6e:54:f3: 2d:7f:95:a7:8a:0f:6f:60:2a:d6:62:a2:b1:e7:22: e7:18:7c:af:03:d6:fb:ad:67:71:2e:1d:5c:6f:71: e8:95:68:b3:be:e7:b2:35:8a:3d:34:f9:23:a0:a3: 60:53:30:49:d6:83:18:8c:33:01:9b:24:c0:d6:b7: 8d:6b:db:10:e5:93:8f:af:c2:d8:46:61:94:02:02: 09:34:7e:d0:1a:23:fc:c2:ee:1b:b3:9b:95:72:c1: fc:6d:83:f3:75:fa:2c:5c:06:52:9e:bb:31:ca:6a: 87:76:31:c2:d1:be:a1:94:40:fe:b8:30:83:73:a8: ae:bf:82:c5:9d:b7:f0:bc:cc:4a:2a:1c:17:73:17: f0:f6:1d:77:30:57:1a:c6:d9:b8:0c:cb:53:7a:ad: fb:b7:60:99:69:83:51:12:e4:82:0b:a1:da:16:98: 20:0e:de:03:d1:6b:42:e2:28:80:51:36:14:0d:3a: d8:b6:8a:b1:30:4d:50:f6:02:4a:03:72:6c:8d:0f: 04:fa:55:96:a0:b3:1f:0e:e2:c4:23:03:b1:e6:b5: 8a:d6:b7:33:b0:21:5e:c8:44:7c:18:e0:43:44:56: 9a:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:14:43:C5:CE:44:A6:36:F2:E3:64:46:7D:C2:2E:11:F6:A1:77:A2 X509v3 Authority Key Identifier: keyid:8A:BB:99:26:C3:12:A1:41:49:C5:23:0B:A5:5F:A8:CF:5B:89:AA:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8C52/B46CD77E91B911EB9C5B4618C4F9AE02/iruZJsMSoUFJxSMLpV-oz1uJquE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iruZJsMSoUFJxSMLpV-oz1uJquE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8C52/B46CD77E91B911EB9C5B4618C4F9AE02/iruZJsMSoUFJxSMLpV-oz1uJquE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:5f:a8:3f:58:92:db:85:1b:2b:5c:52:00:83:29:f9:5a:12: 76:7d:9f:73:62:20:04:b9:df:1d:80:10:88:0e:4e:f8:33:18: 07:92:92:2f:c9:6c:fb:d5:16:cb:3c:33:ae:1a:eb:6e:aa:c6: bb:30:e9:de:f0:97:8b:0d:79:f8:2a:5d:88:d3:2c:0c:fd:e0: ff:50:55:d6:ea:90:5a:86:40:9a:8f:13:73:30:c1:41:a7:2b: b9:a7:50:ad:1a:87:80:69:cb:d8:fb:b0:a3:d4:e1:db:8b:5b: 2c:7c:b5:59:96:1a:b5:6c:df:54:4f:6f:3c:07:38:c9:49:10: 3f:47:10:2e:b4:c0:0c:06:3e:45:91:e3:be:82:25:36:4a:18: 89:05:93:52:8f:7b:75:b2:95:6d:2b:d6:2a:46:5b:25:53:7f: c4:89:e9:a6:58:b0:bd:55:45:3b:c5:fc:b2:4d:11:5b:b6:fa: 15:86:4a:c3:d4:ea:c2:69:81:7a:d2:b0:53:b5:96:fa:48:b5: 8b:20:eb:45:c2:b7:82:7c:5a:59:6e:41:16:04:02:34:cf:76: 82:ed:ae:a5:1c:0b:23:a9:9d:7f:3f:33:c5:f1:ef:23:d0:f4: 61:2e:fe:d7:46:b3:23:82:6a:61:d4:1a:2d:93:97:2e:c2:4b: f8:00:bd:76 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBjIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThDNTIxMTAvBgNVBAUTKDhBQkI5OTI2QzMxMkExNDE0OUM1MjMwQkE1NUZBOENG NUI4OUFBRTEwHhcNMjUwNDI0MjIyOTU4WhcNMjUwNTAxMjIyOTU4WjAYMRYwFAYD VQQDEw02ODBhYmI2Ny1iOWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxQsRuZs1lF5857sESB02ISu6Mf66E/DYsshuVPMtf5Wnig9vYCrWYqKx5yLn GHyvA9b7rWdxLh1cb3HolWizvueyNYo9NPkjoKNgUzBJ1oMYjDMBmyTA1reNa9sQ 5ZOPr8LYRmGUAgIJNH7QGiP8wu4bs5uVcsH8bYPzdfosXAZSnrsxymqHdjHC0b6h lED+uDCDc6iuv4LFnbfwvMxKKhwXcxfw9h13MFcaxtm4DMtTeq37t2CZaYNREuSC C6HaFpggDt4D0WtC4iiAUTYUDTrYtoqxME1Q9gJKA3JsjQ8E+lWWoLMfDuLEIwOx 5rWK1rczsCFeyER8GOBDRFaadQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDoUQ8XO RKY28uNkRn3CLhH2oXeiMB8GA1UdIwQYMBaAFIq7mSbDEqFBScUjC6VfqM9biarh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEM1Mi9CNDZDRDc3RTkx QjkxMUVCOUM1QjQ2MThDNEY5QUUwMi9pcnVaSnNNU29VRkp4U01McFYtb3oxdUpx dUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lydVpKc01Tb1VGSnhTTUxwVi1vejF1SnF1RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEM1Mi9CNDZDRDc3RTkxQjkxMUVCOUM1QjQ2MThDNEY5QUUwMi9pcnVaSnNNU29V Rkp4U01McFYtb3oxdUpxdUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCiX6g/WJLbhRsrXFIAgyn5WhJ2fZ9zYiAEud8dgBCIDk74MxgHkpIv yWz71RbLPDOuGutuqsa7MOne8JeLDXn4Kl2I0ywM/eD/UFXW6pBahkCajxNzMMFB pyu5p1CtGoeAacvY+7Cj1OHbi1ssfLVZlhq1bN9UT288BzjJSRA/RxAutMAMBj5F keO+giU2ShiJBZNSj3t1spVtK9YqRlslU3/EiemmWLC9VUU7xfyyTRFbtvoVhkrD 1OrCaYF60rBTtZb6SLWLIOtFwreCfFpZbkEWBAI0z3aC7a6lHAsjqZ1/PzPF8e8j 0PRhLv7XRrMjgmph1Botk5cuwkv4AL12 -----END CERTIFICATE-----Generated at Sat Apr 26 13:43:57 2025 by rpki-client