$ rpki-client -vvf rpki.apnic.net/member_repository/A91F02EA/DB15CDE011DB11EA95F2B059C4F9AE02/PShwiOOGgqTkudgoRQszZr3q1d0.mft File: PShwiOOGgqTkudgoRQszZr3q1d0.mft (raw, json) Hash identifier: k1yG4ypxaus6yI7JfaIlVUL+GfufrQEebPOdVj4czKU= Subject key identifier: A5:6C:C1:38:98:F7:4B:04:33:69:EF:9B:20:3B:1E:D9:0B:00:F0:DE Authority key identifier: 3D:28:70:88:E3:86:82:A4:E4:B9:D8:28:45:0B:33:66:BD:EA:D5:DD Certificate issuer: /CN=A91F02EA/serialNumber=3D287088E38682A4E4B9D828450B3366BDEAD5DD Certificate serial: 0C0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PShwiOOGgqTkudgoRQszZr3q1d0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F02EA/DB15CDE011DB11EA95F2B059C4F9AE02/PShwiOOGgqTkudgoRQszZr3q1d0.mft Manifest number: 0BFA Signing time: Thu 24 Apr 2025 18:40:29 +0000 Manifest this update: Thu 24 Apr 2025 18:40:28 +0000 Manifest next update: Thu 01 May 2025 18:40:28 +0000 Files and hashes: 1: PShwiOOGgqTkudgoRQszZr3q1d0.crl (hash: jhsw0k0GusOFnRLGb+gmDu90LjlqO4dfp4YNgTbZq30=) 2: 7716938A416211EB9B0F3C54C4F9AE02.roa (hash: SaoXuslBHecNHa04UZ0EBB+W8ns+FIPHvzYnnMHMCbU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F02EA/DB15CDE011DB11EA95F2B059C4F9AE02/PShwiOOGgqTkudgoRQszZr3q1d0.crl rsync://rpki.apnic.net/member_repository/A91F02EA/DB15CDE011DB11EA95F2B059C4F9AE02/PShwiOOGgqTkudgoRQszZr3q1d0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PShwiOOGgqTkudgoRQszZr3q1d0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 18:40:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3082 (0xc0a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F02EA, serialNumber=3D287088E38682A4E4B9D828450B3366BDEAD5DD Validity Not Before: Apr 24 18:40:28 2025 GMT Not After : May 1 18:40:28 2025 GMT Subject: CN=680a859d-e1f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:6e:9f:49:38:ad:2b:38:df:89:b3:98:20:08: 94:c9:e6:de:11:bf:35:a2:ab:fb:0d:bb:e1:26:6e: 16:60:34:f0:a9:5a:be:e8:6d:ef:39:dc:6e:1a:40: 07:e6:58:fb:5d:b6:9b:53:43:eb:91:c4:dc:84:0e: fa:51:f2:b5:f0:e7:42:a9:39:87:d9:07:dc:c4:e9: c3:a5:ba:5b:fa:44:cb:82:60:d3:44:1e:7b:6b:dd: 97:19:e7:16:17:00:4e:94:9a:8a:d6:46:15:30:57: d7:0b:d1:32:b4:de:74:84:a8:84:e5:9d:bd:94:8d: ea:9e:f1:3b:84:e7:76:02:0e:ec:b2:75:cc:36:0c: 61:41:e1:b0:f5:aa:9f:51:d7:e6:28:0c:9a:c8:90: 91:6f:98:c3:6d:b7:51:08:7e:15:2d:1b:12:f0:88: 10:d2:79:43:be:70:0f:53:07:7a:8a:73:ee:66:28: ac:09:de:b3:c8:16:23:90:0b:64:b3:b4:3a:55:f1: 67:71:36:da:61:2d:a2:56:ac:86:08:0e:4c:78:ab: bf:36:6d:10:ab:a7:fd:89:74:30:7d:00:18:0b:2f: fc:bc:df:e4:77:0f:93:11:54:f4:43:e3:ed:48:81: f0:8f:b4:87:27:79:6a:53:a7:05:bb:d2:3c:c7:ed: ec:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:6C:C1:38:98:F7:4B:04:33:69:EF:9B:20:3B:1E:D9:0B:00:F0:DE X509v3 Authority Key Identifier: keyid:3D:28:70:88:E3:86:82:A4:E4:B9:D8:28:45:0B:33:66:BD:EA:D5:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F02EA/DB15CDE011DB11EA95F2B059C4F9AE02/PShwiOOGgqTkudgoRQszZr3q1d0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PShwiOOGgqTkudgoRQszZr3q1d0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F02EA/DB15CDE011DB11EA95F2B059C4F9AE02/PShwiOOGgqTkudgoRQszZr3q1d0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 56:dd:62:78:13:c8:af:78:8a:9f:42:0d:5c:bd:50:f7:1e:cb: ed:1f:56:ef:ea:2e:3c:fd:8a:89:e0:03:4a:87:02:19:fa:17: 16:e8:b6:54:87:94:93:de:00:c7:aa:0e:e7:e0:5f:63:ef:dc: 6d:07:b0:d3:15:ff:8f:a2:3b:86:3a:c5:3c:af:0a:43:db:d2: 6b:8f:d1:13:f6:f5:62:1c:d7:2d:5c:0b:ba:c0:76:63:35:e0: ce:48:ee:38:f4:fe:3d:d8:2c:cb:35:1c:79:86:a4:1c:bc:f0: f2:4a:9e:dc:34:bf:85:57:6b:f9:d5:d9:e1:37:d7:e8:41:ff: 23:27:b3:79:de:7e:17:64:43:58:f0:29:03:8f:27:84:fa:b2: 6a:b7:f0:c5:7e:31:3d:55:65:6a:5e:f5:50:f2:a8:53:ba:88: c7:55:39:65:9d:51:4e:07:bf:6a:77:94:c9:aa:6f:46:11:35: f2:7b:13:64:f0:95:da:40:16:55:d6:25:b7:17:f0:56:12:74: a2:84:67:b2:8d:7c:b4:31:84:a1:c5:07:60:ba:d2:f2:e0:d9: c8:71:e6:d3:9b:62:1d:f8:a3:13:31:9e:ae:9e:60:52:59:42: 43:83:4e:eb:b1:91:04:cc:85:2d:ed:7a:29:01:af:31:7d:c7: e0:05:c9:a7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDAowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjAyRUExMTAvBgNVBAUTKDNEMjg3MDg4RTM4NjgyQTRFNEI5RDgyODQ1MEIzMzY2 QkRFQUQ1REQwHhcNMjUwNDI0MTg0MDI4WhcNMjUwNTAxMTg0MDI4WjAYMRYwFAYD VQQDEw02ODBhODU5ZC1lMWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtm6fSTitKzjfibOYIAiUyebeEb81oqv7DbvhJm4WYDTwqVq+6G3vOdxuGkAH 5lj7XbabU0PrkcTchA76UfK18OdCqTmH2QfcxOnDpbpb+kTLgmDTRB57a92XGecW FwBOlJqK1kYVMFfXC9EytN50hKiE5Z29lI3qnvE7hOd2Ag7ssnXMNgxhQeGw9aqf UdfmKAyayJCRb5jDbbdRCH4VLRsS8IgQ0nlDvnAPUwd6inPuZiisCd6zyBYjkAtk s7Q6VfFncTbaYS2iVqyGCA5MeKu/Nm0Qq6f9iXQwfQAYCy/8vN/kdw+TEVT0Q+Pt SIHwj7SHJ3lqU6cFu9I8x+3s1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKVswTiY 90sEM2nvmyA7HtkLAPDeMB8GA1UdIwQYMBaAFD0ocIjjhoKk5LnYKEULM2a96tXd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMDJFQS9EQjE1Q0RFMDEx REIxMUVBOTVGMkIwNTlDNEY5QUUwMi9QU2h3aU9PR2dxVGt1ZGdvUlFzelpyM3Ex ZDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BTaHdpT09HZ3FUa3VkZ29SUXN6WnIzcTFkMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MDJFQS9EQjE1Q0RFMDExREIxMUVBOTVGMkIwNTlDNEY5QUUwMi9QU2h3aU9PR2dx VGt1ZGdvUlFzelpyM3ExZDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBW3WJ4E8iveIqfQg1cvVD3HsvtH1bv6i48/YqJ4ANKhwIZ+hcW6LZU h5ST3gDHqg7n4F9j79xtB7DTFf+PojuGOsU8rwpD29Jrj9ET9vViHNctXAu6wHZj NeDOSO449P492CzLNRx5hqQcvPDySp7cNL+FV2v51dnhN9foQf8jJ7N53n4XZENY 8CkDjyeE+rJqt/DFfjE9VWVqXvVQ8qhTuojHVTllnVFOB79qd5TJqm9GETXyexNk 8JXaQBZV1iW3F/BWEnSihGeyjXy0MYShxQdgutLy4NnIcebTm2Id+KMTMZ6unmBS WUJDg07rsZEEzIUt7XopAa8xfcfgBcmn -----END CERTIFICATE-----Generated at Sat Apr 26 14:52:09 2025 by rpki-client