$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft File: 4CEd1HfFtNoX56IChgOs2OcWZrU.mft (raw, json) Hash identifier: rxi+xctQOtfJ85Zsv6sJFmPvhdPoXGxq2YnEjEmArmk= Subject key identifier: 42:C3:55:E8:4C:D4:07:59:A7:7B:83:0B:03:B1:18:47:1C:90:AA:62 Authority key identifier: E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5 Certificate issuer: /CN=A91EB1BE/serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5 Certificate serial: 12C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft Manifest number: 12B3 Signing time: Thu 24 Apr 2025 17:05:34 +0000 Manifest this update: Thu 24 Apr 2025 17:05:33 +0000 Manifest next update: Thu 01 May 2025 17:05:33 +0000 Files and hashes: 1: 4CEd1HfFtNoX56IChgOs2OcWZrU.crl (hash: 1jly69f/C3hty+06vzWfxiJgujFMBGBg60I6Z5l9GKs=) 2: 31E1DE72B04B11EE9F3B384BC4F9AE02.roa (hash: SUqha04b2ntyDAUGFXYiqHZijUV69AXBCBCtIkXQ4as=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:05:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4804 (0x12c4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB1BE, serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5 Validity Not Before: Apr 24 17:05:33 2025 GMT Not After : May 1 17:05:33 2025 GMT Subject: CN=680a6f5d-70e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:ab:70:01:e2:e6:43:1d:f2:ce:8c:f4:48:57: 3c:0c:d0:81:3f:25:8a:29:4f:5c:96:38:3b:41:7d: b3:f7:53:c7:a3:41:14:0d:5b:9b:eb:7f:a8:ab:72: 0c:8c:53:b7:7f:92:2c:a8:51:3c:8f:3c:81:d7:d3: 3a:fa:a0:fe:5f:41:9f:43:df:91:e4:49:0a:d2:d6: ed:5d:79:4d:a5:38:e4:5b:55:70:3d:80:e9:7e:64: b6:ed:9a:b6:25:12:16:d0:54:e7:ec:ba:5b:e1:79: a2:2a:c6:49:e8:3f:cb:54:bd:52:73:30:9a:c7:75: 84:88:15:84:55:a7:f4:33:b0:af:96:20:0d:79:49: 5b:6d:c2:ac:79:b2:04:bc:2a:ad:4c:8c:bf:80:5a: fb:ef:55:5f:90:8a:03:09:a0:a1:5d:e1:54:7f:54: 1b:72:2b:1b:16:a9:0e:a7:8e:18:68:f3:26:bc:00: 8e:9e:af:8c:4c:80:37:7e:89:82:01:f5:d1:c4:d6: a2:6a:85:c2:44:bc:f8:d1:be:69:9c:2f:8e:72:54: e4:f2:b9:ce:c4:bd:42:51:f4:80:2b:d9:c2:92:30: e2:e9:d5:f3:e9:b1:d5:85:71:9b:3b:7f:01:9d:b2: c6:5b:69:f4:46:23:f5:06:97:6b:09:a4:7a:79:a1: 22:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:C3:55:E8:4C:D4:07:59:A7:7B:83:0B:03:B1:18:47:1C:90:AA:62 X509v3 Authority Key Identifier: keyid:E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9c:0d:ac:83:bc:22:f1:84:96:fc:76:db:ed:25:3c:1d:f8:b2: cc:e5:30:67:58:38:0d:c0:04:5f:20:cc:da:cb:43:a8:a0:1e: bb:67:b2:83:c0:31:06:43:a8:a5:40:c8:56:db:97:ee:cc:dc: 5f:f5:57:a2:73:1e:67:d8:5c:48:f9:6b:95:57:97:62:7c:f7: c4:24:f2:c8:0a:3d:af:20:3d:da:77:5c:13:60:ca:1d:59:7c: b9:33:2c:03:83:98:62:70:c9:b0:94:95:3a:c3:14:48:1d:b4: 96:73:6f:d6:51:86:92:d6:be:47:8c:aa:71:4b:87:f1:8b:8e: 66:9f:31:29:d4:c0:24:2f:95:57:c4:59:07:ab:56:eb:08:68: d6:92:d1:ef:d7:c0:2f:35:10:e3:10:78:81:a4:2b:a8:37:e0: f1:ed:0e:c6:25:ae:3c:43:40:ae:70:5a:12:c0:70:0a:62:a5: 07:26:00:84:91:c9:f0:a8:db:ae:f6:08:6a:ba:15:58:6e:ad: 9f:db:3d:36:b6:23:29:95:81:1a:83:1d:fc:33:ed:58:16:e8: 3a:cf:dd:6a:2a:1a:71:81:68:e6:4d:1b:93:b2:15:d4:1e:ae: 18:d2:e7:02:4a:c3:0d:4e:86:c9:8a:38:d8:97:03:af:79:39: 29:32:da:d8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEsQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUIxQkUxMTAvBgNVBAUTKEUwMjExREQ0NzdDNUI0REExN0U3QTIwMjg2MDNBQ0Q4 RTcxNjY2QjUwHhcNMjUwNDI0MTcwNTMzWhcNMjUwNTAxMTcwNTMzWjAYMRYwFAYD VQQDEw02ODBhNmY1ZC03MGU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnatwAeLmQx3yzoz0SFc8DNCBPyWKKU9cljg7QX2z91PHo0EUDVub63+oq3IM jFO3f5IsqFE8jzyB19M6+qD+X0GfQ9+R5EkK0tbtXXlNpTjkW1VwPYDpfmS27Zq2 JRIW0FTn7Lpb4XmiKsZJ6D/LVL1SczCax3WEiBWEVaf0M7CvliANeUlbbcKsebIE vCqtTIy/gFr771VfkIoDCaChXeFUf1QbcisbFqkOp44YaPMmvACOnq+MTIA3fomC AfXRxNaiaoXCRLz40b5pnC+OclTk8rnOxL1CUfSAK9nCkjDi6dXz6bHVhXGbO38B nbLGW2n0RiP1BpdrCaR6eaEiywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFELDVehM 1AdZp3uDCwOxGEcckKpiMB8GA1UdIwQYMBaAFOAhHdR3xbTaF+eiAoYDrNjnFma1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjFCRS81QTU3Nzg2Q0Mw QzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnROb1g1NklDaGdPczJPY1da clUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRDRWQxSGZGdE5vWDU2SUNoZ09zMk9jV1pyVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QjFCRS81QTU3Nzg2Q0MwQzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnRO b1g1NklDaGdPczJPY1daclUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCcDayDvCLxhJb8dtvtJTwd+LLM5TBnWDgNwARfIMzay0OooB67Z7KD wDEGQ6ilQMhW25fuzNxf9Veicx5n2FxI+WuVV5difPfEJPLICj2vID3ad1wTYMod WXy5MywDg5hicMmwlJU6wxRIHbSWc2/WUYaS1r5HjKpxS4fxi45mnzEp1MAkL5VX xFkHq1brCGjWktHv18AvNRDjEHiBpCuoN+Dx7Q7GJa48Q0CucFoSwHAKYqUHJgCE kcnwqNuu9ghquhVYbq2f2z02tiMplYEagx38M+1YFug6z91qKhpxgWjmTRuTshXU Hq4Y0ucCSsMNTobJijjYlwOveTkpMtrY -----END CERTIFICATE-----Generated at Sat Apr 26 14:21:31 2025 by rpki-client