$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/788FLZiSks6xBQkSnI3iA9SfaAQ.mft File: 788FLZiSks6xBQkSnI3iA9SfaAQ.mft (raw, json) Hash identifier: cLawIXKl0CqmZU4sXldVbZPMnEvjbw/ambNsnho8DR4= Subject key identifier: D6:B7:33:D8:4D:2F:D9:1F:9A:9C:D7:ED:2B:BB:09:4F:76:FF:9D:05 Authority key identifier: EF:CF:05:2D:98:92:92:CE:B1:05:09:12:9C:8D:E2:03:D4:9F:68:04 Certificate issuer: /CN=A91EB9C0/serialNumber=EFCF052D989292CEB10509129C8DE203D49F6804 Certificate serial: 0D3F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/788FLZiSks6xBQkSnI3iA9SfaAQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/788FLZiSks6xBQkSnI3iA9SfaAQ.mft Manifest number: 0D38 Signing time: Thu 24 Apr 2025 17:58:00 +0000 Manifest this update: Thu 24 Apr 2025 17:58:00 +0000 Manifest next update: Thu 01 May 2025 17:58:00 +0000 Files and hashes: 1: 788FLZiSks6xBQkSnI3iA9SfaAQ.crl (hash: oiOnNCVYnptrTrtzelx6gaEWFp34N6mf8Nu/sF8s+yk=) 2: 1004D41ED21D11E992825429C4F9AE02.roa (hash: VSbvOJwGGe/ohiP+L17bAesxp9bgmYgwB4Rs+JtW0oQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/788FLZiSks6xBQkSnI3iA9SfaAQ.crl rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/788FLZiSks6xBQkSnI3iA9SfaAQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/788FLZiSks6xBQkSnI3iA9SfaAQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:57:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3391 (0xd3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB9C0, serialNumber=EFCF052D989292CEB10509129C8DE203D49F6804 Validity Not Before: Apr 24 17:58:00 2025 GMT Not After : May 1 17:58:00 2025 GMT Subject: CN=680a7ba8-90c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:d7:8f:c8:84:42:87:8b:75:4f:9b:de:a0:72: 32:df:49:6c:84:22:ad:e1:d8:5b:e4:03:ce:fc:b6: f6:f2:10:39:39:1c:ea:01:47:ab:c5:cc:e8:7a:16: 35:79:e5:d5:35:b5:de:b9:00:8b:6c:9d:8f:eb:e3: 14:8f:7c:2e:e5:e2:9d:a7:c9:44:57:8d:1e:88:03: ce:67:49:85:ea:4c:28:7e:03:01:c8:81:6f:0d:0b: be:07:bb:cc:81:5e:0a:d9:a1:df:cc:4a:eb:90:34: 9d:a9:99:f8:5c:8e:f0:b4:59:36:ae:e4:42:b2:0c: a3:13:23:eb:8d:b8:37:0d:a1:f5:5c:c7:86:9b:97: 81:5b:78:94:a4:92:53:05:6b:3c:5d:01:05:41:07: bd:de:d5:24:4b:75:2a:2b:cb:56:b2:18:68:52:33: 1d:b9:0d:09:ec:e0:b9:3e:57:76:2d:5e:36:29:53: 18:d3:12:65:bc:cf:3b:ff:9b:1a:75:ac:74:92:83: 71:0f:80:46:15:66:fa:a4:45:e1:05:30:bb:93:77: 5d:15:63:b4:05:2f:0c:75:32:ee:ef:7a:b2:6f:25: 11:44:d4:05:4f:41:35:03:2b:6a:e1:59:13:23:8c: d1:49:5c:23:2b:6e:c0:fb:7e:8d:fd:1a:e6:91:6c: f1:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:B7:33:D8:4D:2F:D9:1F:9A:9C:D7:ED:2B:BB:09:4F:76:FF:9D:05 X509v3 Authority Key Identifier: keyid:EF:CF:05:2D:98:92:92:CE:B1:05:09:12:9C:8D:E2:03:D4:9F:68:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/788FLZiSks6xBQkSnI3iA9SfaAQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/788FLZiSks6xBQkSnI3iA9SfaAQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB9C0/D364F0CCD21A11E983F9E524C4F9AE02/788FLZiSks6xBQkSnI3iA9SfaAQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:88:56:84:00:20:02:70:d9:1c:b5:a3:bc:56:bd:b2:d8:05: 77:cc:1c:cd:79:be:75:67:df:92:2e:5d:b9:e4:fa:d0:18:48: ad:15:e6:8b:43:c4:0b:b0:78:bb:c1:f6:82:5e:0e:3f:f8:f7: 98:0a:07:75:92:e2:46:fb:b6:47:bb:ae:a8:8e:09:32:4c:2c: d7:0e:f9:68:d5:8a:8d:ce:38:c1:e6:65:8a:e9:11:ac:94:d4: 93:7d:3f:68:a1:bd:23:3a:d5:4c:20:e4:38:b0:45:a6:33:67: 9a:80:1f:30:cd:24:6e:b1:d0:60:5e:a7:2b:8f:fd:68:eb:21: 46:dc:93:65:8f:a9:7d:d2:68:4d:2b:b0:f4:46:08:98:bf:e1: a4:ed:48:81:a8:00:8f:61:14:b8:21:e9:cf:ed:8e:fb:f7:8a: e9:54:7a:f2:d4:1b:c2:31:62:2a:c6:1a:20:24:e7:a6:14:ea: ca:a7:6b:c5:d7:fe:0a:e6:f4:b3:34:a6:30:08:9d:82:4d:f0: ba:a3:d4:a5:f3:a5:15:c4:9d:b5:d6:25:68:e0:53:d6:59:61: 26:8f:f8:e2:15:49:f5:f6:e1:b0:bc:a4:f7:d0:ae:bb:8e:d8: 64:2e:dc:90:e1:ba:76:4b:c2:be:39:f0:20:25:41:fb:48:aa: 9f:ec:9f:b2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDT8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUI5QzAxMTAvBgNVBAUTKEVGQ0YwNTJEOTg5MjkyQ0VCMTA1MDkxMjlDOERFMjAz RDQ5RjY4MDQwHhcNMjUwNDI0MTc1ODAwWhcNMjUwNTAxMTc1ODAwWjAYMRYwFAYD VQQDEw02ODBhN2JhOC05MGM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5tePyIRCh4t1T5veoHIy30lshCKt4dhb5APO/Lb28hA5ORzqAUerxczoehY1 eeXVNbXeuQCLbJ2P6+MUj3wu5eKdp8lEV40eiAPOZ0mF6kwofgMByIFvDQu+B7vM gV4K2aHfzErrkDSdqZn4XI7wtFk2ruRCsgyjEyPrjbg3DaH1XMeGm5eBW3iUpJJT BWs8XQEFQQe93tUkS3UqK8tWshhoUjMduQ0J7OC5Pld2LV42KVMY0xJlvM87/5sa dax0koNxD4BGFWb6pEXhBTC7k3ddFWO0BS8MdTLu73qybyURRNQFT0E1Aytq4VkT I4zRSVwjK27A+36N/RrmkWzxTwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNa3M9hN L9kfmpzX7Su7CU92/50FMB8GA1UdIwQYMBaAFO/PBS2YkpLOsQUJEpyN4gPUn2gE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjlDMC9EMzY0RjBDQ0Qy MUExMUU5ODNGOUU1MjRDNEY5QUUwMi83ODhGTFppU2tzNnhCUWtTbkkzaUE5U2Zh QVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzc4OEZMWmlTa3M2eEJRa1NuSTNpQTlTZmFBUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QjlDMC9EMzY0RjBDQ0QyMUExMUU5ODNGOUU1MjRDNEY5QUUwMi83ODhGTFppU2tz NnhCUWtTbkkzaUE5U2ZhQVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA7iFaEACACcNkctaO8Vr2y2AV3zBzNeb51Z9+SLl255PrQGEitFeaL Q8QLsHi7wfaCXg4/+PeYCgd1kuJG+7ZHu66ojgkyTCzXDvlo1YqNzjjB5mWK6RGs lNSTfT9oob0jOtVMIOQ4sEWmM2eagB8wzSRusdBgXqcrj/1o6yFG3JNlj6l90mhN K7D0RgiYv+Gk7UiBqACPYRS4IenP7Y7794rpVHry1BvCMWIqxhogJOemFOrKp2vF 1/4K5vSzNKYwCJ2CTfC6o9Sl86UVxJ211iVo4FPWWWEmj/jiFUn19uGwvKT30K67 jthkLtyQ4bp2S8K+OfAgJUH7SKqf7J+y -----END CERTIFICATE-----Generated at Sat Apr 26 04:29:51 2025 by rpki-client