$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft File: ciYIDnxlJSNDlihmsxOfAjhyxAI.mft (raw, json) Hash identifier: 8nWAtU9tFtE8U9efRAnvrIUU7R5iZ8nvqLWtztAXSgE= Subject key identifier: 28:BC:59:23:A2:DF:59:2E:79:62:0B:03:E8:64:B4:C4:F9:BA:77:6E Authority key identifier: 72:26:08:0E:7C:65:25:23:43:96:28:66:B3:13:9F:02:38:72:C4:02 Certificate issuer: /CN=A91ED596/serialNumber=7226080E7C65252343962866B3139F023872C402 Certificate serial: 84 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ciYIDnxlJSNDlihmsxOfAjhyxAI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft Manifest number: 83 Signing time: Fri 25 Apr 2025 05:33:49 +0000 Manifest this update: Fri 25 Apr 2025 05:33:48 +0000 Manifest next update: Fri 02 May 2025 05:33:48 +0000 Files and hashes: 1: ciYIDnxlJSNDlihmsxOfAjhyxAI.crl (hash: O/zhhPS3ytHE5ADP3W/9cG9Mxq+awSs8jMgJqIvckqs=) 2: C0C401905AE311EF90924C30C4F9AE02.roa (hash: 7P9QGIuS2YxmoaQtTvokUjWFQu4qLuQF/pm4P1jB/wE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.crl rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ciYIDnxlJSNDlihmsxOfAjhyxAI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:33:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 132 (0x84) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ED596, serialNumber=7226080E7C65252343962866B3139F023872C402 Validity Not Before: Apr 25 05:33:48 2025 GMT Not After : May 2 05:33:48 2025 GMT Subject: CN=680b1ebc-bcc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:bc:3b:a6:18:0d:60:aa:bf:da:cb:27:11:6f: 72:4f:6d:60:b8:a4:cc:33:fa:c6:c4:cb:9f:92:0d: 50:18:58:79:2e:9c:c0:6c:e9:d3:e8:59:5f:b7:48: 66:b9:af:36:1d:91:98:0a:e7:a5:dd:13:e8:e0:4b: 9a:af:f1:0f:a5:06:f7:97:1c:3b:fb:b4:91:8e:6e: 6b:1e:a0:98:c2:20:e6:49:ba:98:5c:9e:ba:f0:60: be:00:7f:86:b0:98:5c:13:4e:73:67:34:51:91:39: 4f:56:c7:be:6d:c1:4d:1b:f4:06:a3:af:4a:17:de: 0a:95:8f:75:95:e8:14:8c:a4:ab:fd:89:10:3e:5b: a3:24:2f:86:d2:75:ea:a6:10:e1:2c:7d:6b:0c:12: a0:2a:20:56:57:ef:2e:99:53:6b:f0:09:c6:95:52: 93:21:c5:38:f6:b7:61:21:6d:3e:2b:86:82:d7:48: d9:4c:34:fb:73:4c:08:b7:89:26:01:50:82:26:d2: f0:a0:5d:52:17:4a:fc:fd:5a:aa:59:d2:a7:62:29: fa:fd:99:3c:e8:98:7e:51:99:43:84:54:2e:c1:21: 7f:79:ec:74:f9:c3:40:3d:35:07:1a:3e:bb:8f:71: e3:9d:c6:fd:8d:5f:3c:a8:6d:54:18:c5:d4:fa:49: 23:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:BC:59:23:A2:DF:59:2E:79:62:0B:03:E8:64:B4:C4:F9:BA:77:6E X509v3 Authority Key Identifier: keyid:72:26:08:0E:7C:65:25:23:43:96:28:66:B3:13:9F:02:38:72:C4:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ciYIDnxlJSNDlihmsxOfAjhyxAI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:dd:b1:a8:ba:6c:34:75:39:a0:76:b8:3a:58:7c:4b:69:fa: d3:2d:0a:22:30:c1:c3:26:f4:e5:9e:fb:ff:db:ec:fe:3a:72: 91:c5:83:d9:61:40:5b:53:0d:08:0a:f7:f3:7a:c5:5f:7c:23: 41:c2:81:4d:25:b8:01:4d:81:69:fd:6f:44:d8:5d:62:03:1c: 05:a6:20:35:18:a3:eb:99:26:c8:48:0f:8e:48:4d:73:82:f0: 6c:48:63:d4:e7:2c:f3:27:9d:91:ab:de:1d:4e:7d:7f:6a:5c: e5:7e:ac:00:a5:e0:8a:a1:d2:c2:ea:75:b3:25:ab:53:3e:cc: 18:f0:1f:35:81:d1:a4:ba:a2:90:a8:97:21:05:9f:48:2d:34: 34:5e:f3:0a:30:8d:d4:8b:0d:de:17:e3:0c:21:5b:03:b2:66: 7c:05:cf:dd:3e:e3:48:eb:19:31:dc:a2:b2:9e:74:38:0d:38: 8d:1a:45:bd:99:f2:44:89:00:09:b0:f9:18:d9:c0:b0:22:c4: 52:ab:5e:45:fd:83:69:86:1b:30:b7:93:a6:cc:ba:6b:d2:b1: 01:65:8d:59:64:97:15:e8:03:fd:44:01:24:c2:d5:2d:54:f3: ab:86:06:ce:0b:12:f0:f8:8e:b9:06:4c:77:9e:38:56:26:55: 0b:e9:01:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUQ1OTYxMTAvBgNVBAUTKDcyMjYwODBFN0M2NTI1MjM0Mzk2Mjg2NkIzMTM5RjAy Mzg3MkM0MDIwHhcNMjUwNDI1MDUzMzQ4WhcNMjUwNTAyMDUzMzQ4WjAYMRYwFAYD VQQDEw02ODBiMWViYy1iY2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvbw7phgNYKq/2ssnEW9yT21guKTMM/rGxMufkg1QGFh5LpzAbOnT6Flft0hm ua82HZGYCuel3RPo4Euar/EPpQb3lxw7+7SRjm5rHqCYwiDmSbqYXJ668GC+AH+G sJhcE05zZzRRkTlPVse+bcFNG/QGo69KF94KlY91legUjKSr/YkQPlujJC+G0nXq phDhLH1rDBKgKiBWV+8umVNr8AnGlVKTIcU49rdhIW0+K4aC10jZTDT7c0wIt4km AVCCJtLwoF1SF0r8/VqqWdKnYin6/Zk86Jh+UZlDhFQuwSF/eex0+cNAPTUHGj67 j3Hjncb9jV88qG1UGMXU+kkj5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCi8WSOi 31kueWILA+hktMT5unduMB8GA1UdIwQYMBaAFHImCA58ZSUjQ5YoZrMTnwI4csQC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDU5Ni8wREUyM0UxNjVB RTMxMUVGOTMyQzIzMkZDNEY5QUUwMi9jaVlJRG54bEpTTkRsaWhtc3hPZkFqaHl4 QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NpWUlEbnhsSlNORGxpaG1zeE9mQWpoeXhBSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RDU5Ni8wREUyM0UxNjVBRTMxMUVGOTMyQzIzMkZDNEY5QUUwMi9jaVlJRG54bEpT TkRsaWhtc3hPZkFqaHl4QUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBf3bGoumw0dTmgdrg6WHxLafrTLQoiMMHDJvTlnvv/2+z+OnKRxYPZ YUBbUw0ICvfzesVffCNBwoFNJbgBTYFp/W9E2F1iAxwFpiA1GKPrmSbISA+OSE1z gvBsSGPU5yzzJ52Rq94dTn1/alzlfqwApeCKodLC6nWzJatTPswY8B81gdGkuqKQ qJchBZ9ILTQ0XvMKMI3Uiw3eF+MMIVsDsmZ8Bc/dPuNI6xkx3KKynnQ4DTiNGkW9 mfJEiQAJsPkY2cCwIsRSq15F/YNphhswt5OmzLpr0rEBZY1ZZJcV6AP9RAEkwtUt VPOrhgbOCxLw+I65Bkx3njhWJlUL6QFG -----END CERTIFICATE-----Generated at Sat Apr 26 23:00:39 2025 by rpki-client