$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft File: a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft (raw, json) Hash identifier: wPX93xQFgTJO+l7cqFWhLtcD6myWRydc+3QZ8UOtRpg= Subject key identifier: 1D:97:CA:C3:16:E6:74:94:C0:5E:4B:91:AF:36:0E:D7:BF:C1:98:64 Authority key identifier: 6B:56:7C:84:3E:42:52:3E:0E:5B:64:F6:4A:0F:2A:E0:55:17:BB:70 Certificate issuer: /CN=A91EAE3D/serialNumber=6B567C843E42523E0E5B64F64A0F2AE05517BB70 Certificate serial: 1466 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft Manifest number: 1452 Signing time: Thu 24 Apr 2025 16:56:31 +0000 Manifest this update: Thu 24 Apr 2025 16:56:30 +0000 Manifest next update: Thu 01 May 2025 16:56:30 +0000 Files and hashes: 1: a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl (hash: I4X8SxBNgrpnfVyaxudETuck4AkNVnG4KIKUnDQRQ7I=) 2: F693F2689CB811EB97F77E14C4F9AE02.roa (hash: U3tQJQlcyfHM4FE2g1sFZHo1n5O210FCbrxqZ5WoAEg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 16:56:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5222 (0x1466) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE3D, serialNumber=6B567C843E42523E0E5B64F64A0F2AE05517BB70 Validity Not Before: Apr 24 16:56:30 2025 GMT Not After : May 1 16:56:30 2025 GMT Subject: CN=680a6d3e-4038 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:cd:9a:8a:11:ac:84:c2:b8:e3:fe:31:19:70: 81:ac:5d:90:08:13:07:ae:42:d1:78:e7:6b:cf:69: b9:f2:3d:b5:91:33:fd:05:1a:6f:38:bb:01:4c:38: 55:7e:48:75:c3:72:30:90:b8:03:54:ba:14:61:5a: c0:48:bc:9a:31:84:7e:1c:d7:d8:c6:35:09:37:22: 75:84:ba:90:26:48:55:82:af:3f:7f:bb:36:ab:e6: 50:e1:26:02:1e:e1:fd:fe:ca:2b:ff:5a:ab:e5:3d: fe:4b:f9:25:92:40:97:62:65:c8:5e:95:b1:65:3a: 53:3d:23:e6:6b:e7:5c:ff:4a:11:2a:8b:e0:af:1a: 5e:1a:a3:1e:78:b4:5d:5e:f7:d4:51:d7:01:a4:1c: cc:97:72:82:8b:2e:8c:75:00:7f:20:d4:a4:30:3f: 58:dd:11:ce:a0:08:46:90:17:21:2c:3b:a4:31:be: da:e1:68:dd:04:a8:be:6e:1d:76:cf:8d:90:4f:d2: 2d:b9:f0:f2:7e:2e:a7:d8:95:00:34:19:bf:39:29: 07:cf:bb:80:db:94:f1:b0:b9:12:93:b0:e4:ac:30: 0e:63:81:1c:1d:4c:8f:38:9b:b7:bf:ab:28:54:e7: d4:84:8d:87:f4:fd:8a:dd:a2:5e:c6:55:4a:cc:62: 1b:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:97:CA:C3:16:E6:74:94:C0:5E:4B:91:AF:36:0E:D7:BF:C1:98:64 X509v3 Authority Key Identifier: keyid:6B:56:7C:84:3E:42:52:3E:0E:5B:64:F6:4A:0F:2A:E0:55:17:BB:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:2a:f7:93:1f:07:a1:68:c5:35:25:d5:5c:d1:4e:da:69:06: 40:ab:53:00:f5:95:26:57:f0:92:1c:12:55:bc:fb:ef:21:59: 39:34:c8:61:39:6a:36:f1:44:a4:34:23:d4:2d:82:e8:9a:44: 39:ab:a0:76:d9:c9:91:31:11:d8:bb:d4:df:91:30:96:40:52: ea:77:52:4e:00:07:e3:c2:8a:d5:09:d8:87:8e:d1:aa:36:1b: e0:25:bb:8d:8a:c8:5a:08:a0:53:8c:81:68:9d:32:60:7a:b9: a5:04:21:36:ca:de:09:f5:10:58:d0:b7:05:ab:33:da:11:40: 7a:37:2c:dd:cd:2a:59:eb:68:05:aa:a6:4b:ba:e2:ff:2d:e3: 07:2c:8d:e6:b2:c6:c1:21:f0:b1:a8:8b:05:b9:d5:78:5d:5c: b3:81:61:92:01:3c:8f:00:67:aa:39:5f:8a:f6:a3:01:89:b2: 2c:b2:45:b1:68:57:a2:c3:90:91:85:77:f8:91:49:63:4e:68: 8b:c2:2a:90:bf:7c:f6:c3:de:4e:b7:59:ae:26:55:33:38:44: b9:60:8f:a1:6c:24:76:39:3b:d7:f2:14:8e:7f:39:2d:c4:ac: da:b1:e2:a1:9e:86:fe:86:12:23:4a:f6:3a:09:8b:07:21:de: 3a:8f:0b:ea -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFGYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFM0QxMTAvBgNVBAUTKDZCNTY3Qzg0M0U0MjUyM0UwRTVCNjRGNjRBMEYyQUUw NTUxN0JCNzAwHhcNMjUwNDI0MTY1NjMwWhcNMjUwNTAxMTY1NjMwWjAYMRYwFAYD VQQDEw02ODBhNmQzZS00MDM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz82aihGshMK44/4xGXCBrF2QCBMHrkLReOdrz2m58j21kTP9BRpvOLsBTDhV fkh1w3IwkLgDVLoUYVrASLyaMYR+HNfYxjUJNyJ1hLqQJkhVgq8/f7s2q+ZQ4SYC HuH9/sor/1qr5T3+S/klkkCXYmXIXpWxZTpTPSPma+dc/0oRKovgrxpeGqMeeLRd XvfUUdcBpBzMl3KCiy6MdQB/INSkMD9Y3RHOoAhGkBchLDukMb7a4WjdBKi+bh12 z42QT9ItufDyfi6n2JUANBm/OSkHz7uA25TxsLkSk7DkrDAOY4EcHUyPOJu3v6so VOfUhI2H9P2K3aJexlVKzGIbUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB2XysMW 5nSUwF5Lka82Dte/wZhkMB8GA1UdIwQYMBaAFGtWfIQ+QlI+Dltk9koPKuBVF7tw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC84RUY0MkE0Njc1 REUxMUU4QjcwNEEyNDZDNEY5QUUwMi9hMVo4aEQ1Q1VqNE9XMlQyU2c4cTRGVVh1 M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ExWjhoRDVDVWo0T1cyVDJTZzhxNEZVWHUzQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUUzRC84RUY0MkE0Njc1REUxMUU4QjcwNEEyNDZDNEY5QUUwMi9hMVo4aEQ1Q1Vq NE9XMlQyU2c4cTRGVVh1M0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCgKveTHwehaMU1JdVc0U7aaQZAq1MA9ZUmV/CSHBJVvPvvIVk5NMhh OWo28USkNCPULYLomkQ5q6B22cmRMRHYu9TfkTCWQFLqd1JOAAfjworVCdiHjtGq NhvgJbuNishaCKBTjIFonTJgermlBCE2yt4J9RBY0LcFqzPaEUB6NyzdzSpZ62gF qqZLuuL/LeMHLI3mssbBIfCxqIsFudV4XVyzgWGSATyPAGeqOV+K9qMBibIsskWx aFeiw5CRhXf4kUljTmiLwiqQv3z2w95Ot1muJlUzOES5YI+hbCR2OTvX8hSOfzkt xKzaseKhnob+hhIjSvY6CYsHId46jwvq -----END CERTIFICATE-----Generated at Sat Apr 26 12:55:33 2025 by rpki-client