$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/g86FOnpm6rnh8jNGcR09yX1XWXg.mft File: g86FOnpm6rnh8jNGcR09yX1XWXg.mft (raw, json) Hash identifier: 5Wourza7JRn/QvUvybYuiS4yuzWGshx+Sv3OYj1Z+CY= Subject key identifier: D0:FB:0B:EC:64:13:FB:26:33:23:25:10:8A:60:74:7D:58:9F:A5:C7 Authority key identifier: 83:CE:85:3A:7A:66:EA:B9:E1:F2:33:46:71:1D:3D:C9:7D:57:59:78 Certificate issuer: /CN=A91E9BC4/serialNumber=83CE853A7A66EAB9E1F23346711D3DC97D575978 Certificate serial: 0E25 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g86FOnpm6rnh8jNGcR09yX1XWXg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/g86FOnpm6rnh8jNGcR09yX1XWXg.mft Manifest number: 0E1B Signing time: Thu 24 Apr 2025 17:47:04 +0000 Manifest this update: Thu 24 Apr 2025 17:47:02 +0000 Manifest next update: Thu 01 May 2025 17:47:02 +0000 Files and hashes: 1: g86FOnpm6rnh8jNGcR09yX1XWXg.crl (hash: JYcLGM9pdvvcGeyc0o72hNKm3JXkKittnf0kuFSZU68=) 2: 3B495FFCA46211E9B730310FC4F9AE02.roa (hash: pWiGa9e3CsBZCkEfjYxSv/AY6FwzKhNWqEBfC5Rt5as=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/g86FOnpm6rnh8jNGcR09yX1XWXg.crl rsync://rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/g86FOnpm6rnh8jNGcR09yX1XWXg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g86FOnpm6rnh8jNGcR09yX1XWXg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:47:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3621 (0xe25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9BC4, serialNumber=83CE853A7A66EAB9E1F23346711D3DC97D575978 Validity Not Before: Apr 24 17:47:02 2025 GMT Not After : May 1 17:47:02 2025 GMT Subject: CN=680a7917-1bc5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:35:73:7e:3f:c2:dd:4b:2c:18:9b:76:b4:a9: 13:b4:26:c6:30:83:c8:89:e5:13:ed:95:4c:0b:4c: 92:4e:b9:99:c6:40:6d:82:da:3e:f4:63:df:84:f0: 53:4c:0f:c3:91:15:1e:d1:35:92:32:e0:78:16:79: 4e:1a:70:eb:03:d4:42:60:41:97:17:c3:2c:47:ba: 98:2b:bd:20:cd:42:c3:fd:93:fe:65:fc:9a:25:8e: 41:2c:ab:48:4b:d9:69:cb:00:0d:8f:78:df:48:48: aa:3c:6b:ba:3d:e3:25:23:90:6d:8c:f8:ee:5c:88: 28:37:92:d2:a1:dc:6a:e9:ad:71:50:85:65:0e:d2: 10:7e:2d:83:81:cb:5d:62:09:ee:be:ba:b0:6d:08: e3:83:26:78:11:9b:8c:74:39:db:b7:14:37:50:76: cb:fd:f4:b6:ec:e4:e4:e3:cd:18:f0:12:46:7e:52: d1:7b:11:dc:ff:cf:eb:d6:8b:78:20:33:5d:0b:16: fd:fc:54:b4:e0:88:e2:d3:9f:8d:9c:e3:ef:7c:58: 2c:bd:1c:bd:77:fa:0d:ef:a4:aa:23:47:72:86:89: 38:ee:3c:e6:48:14:7a:5b:38:21:8e:a4:a8:3f:84: 31:a9:17:39:b0:c0:12:15:3b:36:db:11:30:55:23: 5a:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:FB:0B:EC:64:13:FB:26:33:23:25:10:8A:60:74:7D:58:9F:A5:C7 X509v3 Authority Key Identifier: keyid:83:CE:85:3A:7A:66:EA:B9:E1:F2:33:46:71:1D:3D:C9:7D:57:59:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/g86FOnpm6rnh8jNGcR09yX1XWXg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g86FOnpm6rnh8jNGcR09yX1XWXg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9BC4/92E821F0A46011E9810A5C0BC4F9AE02/g86FOnpm6rnh8jNGcR09yX1XWXg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:33:d5:5b:f5:2a:40:a9:09:72:ba:73:71:13:b6:67:ff:1d: 65:a8:31:95:0a:c2:c4:27:64:ba:7f:fd:40:89:aa:3e:7f:5f: 2f:24:10:23:63:bc:be:78:5f:33:73:ba:0e:a2:ef:23:08:78: ba:af:c5:68:b4:e2:d3:5f:8d:f8:09:ff:b1:ae:ac:57:7d:fa: 3e:ad:46:45:aa:e9:18:ee:9b:98:da:6e:8c:02:ad:53:a5:7b: eb:66:4e:2f:17:85:d6:1e:96:88:38:fe:49:70:71:17:61:b7: 1c:77:84:fb:8f:f5:a1:dd:49:37:df:d8:b5:e9:c3:91:c5:54: 1a:e7:3d:44:33:6b:1d:af:17:70:32:1a:45:b6:dd:2d:f5:f4: 6a:e9:cd:8e:31:b9:e9:cd:e3:4f:e6:3a:63:fe:c8:8b:2d:97: 48:57:e9:ec:9e:b3:d2:f8:6c:00:04:74:53:c3:f3:7a:73:da: ee:fb:c7:ea:69:59:f1:13:b6:3d:08:3d:9b:05:f0:f3:73:20: 04:93:d1:81:17:ad:ff:13:f6:48:76:35:4d:8a:a8:a3:a7:05: 58:a1:40:d8:56:25:2f:cf:4b:5f:1f:04:3b:f1:b2:c9:fd:d9: c4:82:03:a6:f1:09:a8:01:0d:fb:67:4b:fc:ae:3e:68:50:b5: be:e6:c3:45 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDiUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTlCQzQxMTAvBgNVBAUTKDgzQ0U4NTNBN0E2NkVBQjlFMUYyMzM0NjcxMUQzREM5 N0Q1NzU5NzgwHhcNMjUwNDI0MTc0NzAyWhcNMjUwNTAxMTc0NzAyWjAYMRYwFAYD VQQDEw02ODBhNzkxNy0xYmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoTVzfj/C3UssGJt2tKkTtCbGMIPIieUT7ZVMC0ySTrmZxkBtgto+9GPfhPBT TA/DkRUe0TWSMuB4FnlOGnDrA9RCYEGXF8MsR7qYK70gzULD/ZP+ZfyaJY5BLKtI S9lpywANj3jfSEiqPGu6PeMlI5BtjPjuXIgoN5LSodxq6a1xUIVlDtIQfi2Dgctd YgnuvrqwbQjjgyZ4EZuMdDnbtxQ3UHbL/fS27OTk480Y8BJGflLRexHc/8/r1ot4 IDNdCxb9/FS04Iji05+NnOPvfFgsvRy9d/oN76SqI0dyhok47jzmSBR6WzghjqSo P4QxqRc5sMASFTs22xEwVSNavQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFND7C+xk E/smMyMlEIpgdH1Yn6XHMB8GA1UdIwQYMBaAFIPOhTp6Zuq54fIzRnEdPcl9V1l4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUJDNC85MkU4MjFGMEE0 NjAxMUU5ODEwQTVDMEJDNEY5QUUwMi9nODZGT25wbTZybmg4ak5HY1IwOXlYMVhX WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2c4NkZPbnBtNnJuaDhqTkdjUjA5eVgxWFdYZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OUJDNC85MkU4MjFGMEE0NjAxMUU5ODEwQTVDMEJDNEY5QUUwMi9nODZGT25wbTZy bmg4ak5HY1IwOXlYMVhXWGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCfM9Vb9SpAqQlyunNxE7Zn/x1lqDGVCsLEJ2S6f/1Aiao+f18vJBAj Y7y+eF8zc7oOou8jCHi6r8VotOLTX434Cf+xrqxXffo+rUZFqukY7puY2m6MAq1T pXvrZk4vF4XWHpaIOP5JcHEXYbccd4T7j/Wh3Uk339i16cORxVQa5z1EM2sdrxdw MhpFtt0t9fRq6c2OMbnpzeNP5jpj/siLLZdIV+nsnrPS+GwABHRTw/N6c9ru+8fq aVnxE7Y9CD2bBfDzcyAEk9GBF63/E/ZIdjVNiqijpwVYoUDYViUvz0tfHwQ78bLJ /dnEggOm8QmoAQ37Z0v8rj5oULW+5sNF -----END CERTIFICATE-----Generated at Sat Apr 26 17:15:22 2025 by rpki-client