$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBFAE/168FFD6C1D8A11E290D0DEE308B02CD2/i6wN0-SRhYlP2uKChO3IBHILRhQ.mft File: i6wN0-SRhYlP2uKChO3IBHILRhQ.mft (raw, json) Hash identifier: b+C+KRTj0rjS4hjPW62DfBvwMbtrGFCWPlp+GP+4Wdo= Subject key identifier: 2D:5B:E0:EE:7A:2C:20:DA:49:45:B8:21:54:04:AD:29:B5:2F:AB:24 Authority key identifier: 8B:AC:0D:D3:E4:91:85:89:4F:DA:E2:82:84:ED:C8:04:72:0B:46:14 Certificate issuer: /CN=A91EBFAE/serialNumber=8BAC0DD3E49185894FDAE28284EDC804720B4614 Certificate serial: 3477 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i6wN0-SRhYlP2uKChO3IBHILRhQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBFAE/168FFD6C1D8A11E290D0DEE308B02CD2/i6wN0-SRhYlP2uKChO3IBHILRhQ.mft Manifest number: 3477 Signing time: Thu 24 Apr 2025 14:32:05 +0000 Manifest this update: Thu 24 Apr 2025 14:32:04 +0000 Manifest next update: Thu 01 May 2025 14:32:04 +0000 Files and hashes: 1: i6wN0-SRhYlP2uKChO3IBHILRhQ.crl (hash: 2ljq0GbKyp5rMbtAcwwMALS3Si07AylJglrDW/T1sjU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBFAE/168FFD6C1D8A11E290D0DEE308B02CD2/i6wN0-SRhYlP2uKChO3IBHILRhQ.crl rsync://rpki.apnic.net/member_repository/A91EBFAE/168FFD6C1D8A11E290D0DEE308B02CD2/i6wN0-SRhYlP2uKChO3IBHILRhQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i6wN0-SRhYlP2uKChO3IBHILRhQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:32:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13431 (0x3477) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBFAE, serialNumber=8BAC0DD3E49185894FDAE28284EDC804720B4614 Validity Not Before: Apr 24 14:32:04 2025 GMT Not After : May 1 14:32:04 2025 GMT Subject: CN=680a4b65-2c0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:4b:c6:30:bb:cd:09:d0:ec:ad:22:0c:46:72: ec:4e:a9:fd:10:32:86:3f:d1:31:42:e0:b8:c9:4b: e2:03:b1:7f:dc:32:fe:e8:98:d7:39:5f:14:e5:cc: c5:40:1a:bf:78:fe:44:0a:eb:1a:5e:5e:25:80:83: 32:3d:93:42:48:0c:09:50:63:8a:ba:b0:59:76:f1: 35:ce:bb:53:95:9e:2f:0e:ec:28:c0:68:a5:58:26: 07:f5:66:9e:a8:73:9a:06:0a:f3:8b:91:02:df:00: 06:f3:19:de:7b:d5:d0:46:7b:63:a1:36:86:4a:83: 83:5c:ca:2b:a8:5b:84:72:ec:49:79:41:7d:13:2e: fb:2e:48:0a:37:ef:05:52:84:48:09:da:fb:9e:24: 33:0f:d1:56:85:7a:d3:76:01:56:cf:4b:1b:3a:87: fa:a1:17:07:74:92:bd:31:76:57:f9:db:fc:50:0a: a0:b6:99:c7:60:35:78:2c:e5:ad:10:3c:15:1e:90: 37:41:6c:c3:86:81:13:5e:31:29:ef:a8:6e:26:39: 10:8d:63:68:6c:da:f5:9d:bc:d6:1b:4e:05:b7:06: 2b:5f:06:6e:a5:6e:1e:12:bf:03:d5:cb:8d:72:e3: e6:fc:20:58:50:4d:64:2d:2d:ff:0c:a7:70:f9:42: c2:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:5B:E0:EE:7A:2C:20:DA:49:45:B8:21:54:04:AD:29:B5:2F:AB:24 X509v3 Authority Key Identifier: keyid:8B:AC:0D:D3:E4:91:85:89:4F:DA:E2:82:84:ED:C8:04:72:0B:46:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBFAE/168FFD6C1D8A11E290D0DEE308B02CD2/i6wN0-SRhYlP2uKChO3IBHILRhQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i6wN0-SRhYlP2uKChO3IBHILRhQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBFAE/168FFD6C1D8A11E290D0DEE308B02CD2/i6wN0-SRhYlP2uKChO3IBHILRhQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:99:c6:ce:22:7e:ee:8e:05:01:a9:72:55:2c:e6:23:e3:b3: 6a:4f:85:6c:7f:ad:07:39:d7:d8:f4:6a:36:9f:b4:a3:f2:d9: 8b:05:6e:cc:a9:17:a2:29:45:f1:26:5a:4d:2f:38:a0:62:10: 85:ce:30:76:e3:ce:03:a2:16:a3:aa:99:c1:98:c3:8b:68:38: 66:33:23:b3:a9:98:e5:69:1d:62:12:20:ae:5b:2b:34:b7:cd: 78:bf:3d:d8:c0:41:db:5d:0c:f1:d8:35:c8:e4:23:10:80:e7: 1b:7f:4a:bd:e9:b5:1d:b7:12:90:17:2b:1e:f2:62:38:f1:ce: ac:77:e1:9a:5f:8e:65:4e:1c:9c:32:93:95:6a:f3:f3:16:33: 32:e3:3b:87:e2:ed:91:6f:dd:f8:bb:37:52:4a:df:99:b7:db: a5:3e:8a:70:ad:6c:54:69:b3:ac:9b:8b:70:31:f1:4c:9f:b0: 0c:45:11:72:48:cb:9f:04:1b:b7:9c:ec:09:11:69:2b:62:97: 6f:a3:da:ea:d8:5e:b1:05:a3:c1:d0:13:e5:0f:2c:9d:04:d7: 3a:43:ae:19:94:4a:f7:e8:70:71:bf:de:04:cc:70:6f:9b:e4: c7:68:fe:42:40:1f:5f:77:a5:a2:7d:ea:c9:f6:59:fd:44:ba: c0:ff:2c:45 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJGQUUxMTAvBgNVBAUTKDhCQUMwREQzRTQ5MTg1ODk0RkRBRTI4Mjg0RURDODA0 NzIwQjQ2MTQwHhcNMjUwNDI0MTQzMjA0WhcNMjUwNTAxMTQzMjA0WjAYMRYwFAYD VQQDEw02ODBhNGI2NS0yYzBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3EvGMLvNCdDsrSIMRnLsTqn9EDKGP9ExQuC4yUviA7F/3DL+6JjXOV8U5czF QBq/eP5ECusaXl4lgIMyPZNCSAwJUGOKurBZdvE1zrtTlZ4vDuwowGilWCYH9Wae qHOaBgrzi5EC3wAG8xnee9XQRntjoTaGSoODXMorqFuEcuxJeUF9Ey77LkgKN+8F UoRICdr7niQzD9FWhXrTdgFWz0sbOof6oRcHdJK9MXZX+dv8UAqgtpnHYDV4LOWt EDwVHpA3QWzDhoETXjEp76huJjkQjWNobNr1nbzWG04FtwYrXwZupW4eEr8D1cuN cuPm/CBYUE1kLS3/DKdw+ULChQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC1b4O56 LCDaSUW4IVQErSm1L6skMB8GA1UdIwQYMBaAFIusDdPkkYWJT9rigoTtyARyC0YU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkZBRS8xNjhGRkQ2QzFE OEExMUUyOTBEMERFRTMwOEIwMkNEMi9pNndOMC1TUmhZbFAydUtDaE8zSUJISUxS aFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2k2d04wLVNSaFlsUDJ1S0NoTzNJQkhJTFJoUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkZBRS8xNjhGRkQ2QzFEOEExMUUyOTBEMERFRTMwOEIwMkNEMi9pNndOMC1TUmhZ bFAydUtDaE8zSUJISUxSaFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/mcbOIn7ujgUBqXJVLOYj47NqT4Vsf60HOdfY9Go2n7Sj8tmLBW7M qReiKUXxJlpNLzigYhCFzjB2484DohajqpnBmMOLaDhmMyOzqZjlaR1iEiCuWys0 t814vz3YwEHbXQzx2DXI5CMQgOcbf0q96bUdtxKQFyse8mI48c6sd+GaX45lThyc MpOVavPzFjMy4zuH4u2Rb934uzdSSt+Zt9ulPopwrWxUabOsm4twMfFMn7AMRRFy SMufBBu3nOwJEWkrYpdvo9rq2F6xBaPB0BPlDyydBNc6Q64ZlEr36HBxv94EzHBv m+THaP5CQB9fd6WiferJ9ln9RLrA/yxF -----END CERTIFICATE-----Generated at Sat Apr 26 05:04:18 2025 by rpki-client