$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.mft File: 2b1w53f4Ya5UOFcUjmM1L9qEwHo.mft (raw, json) Hash identifier: uIafHjSOeeJfbgTZLAd70IWil3jc32F1iU0DDjoRa+g= Subject key identifier: 53:C0:57:B6:6A:C4:2C:24:3D:6F:C2:79:C5:A6:0C:2D:F7:F6:16:9D Authority key identifier: D9:BD:70:E7:77:F8:61:AE:54:38:57:14:8E:63:35:2F:DA:84:C0:7A Certificate issuer: /CN=A91F0AF0/serialNumber=D9BD70E777F861AE543857148E63352FDA84C07A Certificate serial: 0C58 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2b1w53f4Ya5UOFcUjmM1L9qEwHo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.mft Manifest number: 1D5C Signing time: Thu 24 Apr 2025 17:17:30 +0000 Manifest this update: Thu 24 Apr 2025 17:17:29 +0000 Manifest next update: Thu 01 May 2025 17:17:29 +0000 Files and hashes: 1: 2b1w53f4Ya5UOFcUjmM1L9qEwHo.crl (hash: wi6z9vvEPm6Pg2UPiOGGrFOaahnVdtY3ikhrWfV/xfk=) 2: CE3C7EF66FEB11EB91967864C4F9AE02.roa (hash: rns6y4xnalGROKJT2q8Fjb3eMxdlbdFZdL9Xn8yjrx4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.crl rsync://rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2b1w53f4Ya5UOFcUjmM1L9qEwHo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:17:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3160 (0xc58) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F0AF0, serialNumber=D9BD70E777F861AE543857148E63352FDA84C07A Validity Not Before: Apr 24 17:17:29 2025 GMT Not After : May 1 17:17:29 2025 GMT Subject: CN=680a7229-1cc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:11:89:1d:af:92:3a:ae:d6:15:d3:97:b3:0b: 31:1b:da:d0:dc:94:26:bf:64:d6:7a:c5:c5:18:9b: aa:6d:7d:fb:3e:f4:01:02:1c:3d:c8:ea:fe:b5:4e: e3:ec:94:8e:8b:2a:36:31:26:2c:b8:cb:9f:cb:cb: c5:57:2b:e1:89:ba:f9:6f:dd:be:c5:77:f8:e9:f8: b8:fe:47:20:94:17:1d:ba:12:01:07:3a:88:64:95: 17:24:0e:0b:9f:1a:87:b4:68:b3:51:a9:d1:fc:e7: eb:61:9a:51:9b:7d:32:8b:b8:00:c0:fd:9c:5b:99: c0:34:3f:89:09:98:7f:45:d6:d4:04:eb:e6:c2:b1: 42:a1:37:fc:e4:87:ad:55:f1:86:98:9d:2f:54:7d: 8e:72:ab:d1:9b:50:53:38:50:af:e8:14:1a:9e:a0: 6a:f3:1b:83:2f:94:dc:da:e1:e8:57:06:b2:ea:f5: 5f:fa:f7:fd:bf:c3:17:2b:5b:5d:e7:8a:90:f6:4b: de:ed:a8:f4:b3:29:f0:c4:f2:a5:a1:45:e8:4d:6a: 9f:5b:e7:d3:c2:6f:92:0c:cb:23:f1:ce:c3:81:78: 3e:79:6e:fe:65:e1:2e:4d:16:f0:6d:e9:54:79:6e: b0:0a:bd:4d:63:56:e3:40:0c:3d:05:88:10:db:00: 7e:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:C0:57:B6:6A:C4:2C:24:3D:6F:C2:79:C5:A6:0C:2D:F7:F6:16:9D X509v3 Authority Key Identifier: keyid:D9:BD:70:E7:77:F8:61:AE:54:38:57:14:8E:63:35:2F:DA:84:C0:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2b1w53f4Ya5UOFcUjmM1L9qEwHo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0AF0/E37629500FFF11E98815AE22C4F9AE02/2b1w53f4Ya5UOFcUjmM1L9qEwHo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:cf:ef:41:f0:dc:3d:0c:e6:da:1a:56:17:a0:3e:76:4e:76: a8:dd:62:80:ba:15:30:6b:35:b5:4f:82:c4:3f:10:bc:89:45: 2b:d6:bb:76:ed:ea:fa:76:05:fb:8a:40:60:4b:37:e4:c6:28: 3f:f5:2f:a5:e4:43:e3:d8:db:2d:f0:f5:6d:72:1e:39:b5:9b: b8:ce:b7:25:06:5e:d7:f9:98:6d:e6:0e:6f:38:44:ba:83:24: 09:78:54:b0:42:8e:b3:76:af:6d:10:f3:34:b3:93:1c:37:53: 20:df:fa:7c:3f:13:ce:b1:a5:1f:a4:1a:2d:81:2e:71:56:d5: f0:7a:93:57:cb:5b:5a:e2:6b:c2:ac:4c:94:b8:0a:e4:dc:98: 51:cd:6a:b1:f9:98:d9:ad:41:ed:31:6e:1e:ae:86:8a:4c:cf: 2e:0c:cc:c7:49:a8:14:ea:f6:27:d9:86:2e:12:23:71:cd:c2: 50:f1:09:7f:72:0e:0e:de:d7:17:e1:5c:3c:7d:cc:7b:d3:95: 31:be:b7:15:c8:6a:ef:8b:c8:19:f1:b5:32:e5:32:99:89:12: e2:46:1f:f4:f3:8a:3c:4a:ef:60:7f:e3:61:b2:e2:3c:a1:40: a5:76:39:d1:5f:aa:1b:80:45:66:c7:75:4b:61:06:6e:51:ba: b3:ea:67:41 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDFgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjBBRjAxMTAvBgNVBAUTKEQ5QkQ3MEU3NzdGODYxQUU1NDM4NTcxNDhFNjMzNTJG REE4NEMwN0EwHhcNMjUwNDI0MTcxNzI5WhcNMjUwNTAxMTcxNzI5WjAYMRYwFAYD VQQDEw02ODBhNzIyOS0xY2M0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAthGJHa+SOq7WFdOXswsxG9rQ3JQmv2TWesXFGJuqbX37PvQBAhw9yOr+tU7j 7JSOiyo2MSYsuMufy8vFVyvhibr5b92+xXf46fi4/kcglBcduhIBBzqIZJUXJA4L nxqHtGizUanR/OfrYZpRm30yi7gAwP2cW5nAND+JCZh/RdbUBOvmwrFCoTf85Iet VfGGmJ0vVH2OcqvRm1BTOFCv6BQanqBq8xuDL5Tc2uHoVway6vVf+vf9v8MXK1td 54qQ9kve7aj0synwxPKloUXoTWqfW+fTwm+SDMsj8c7DgXg+eW7+ZeEuTRbwbelU eW6wCr1NY1bjQAw9BYgQ2wB+pwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFPAV7Zq xCwkPW/CecWmDC339hadMB8GA1UdIwQYMBaAFNm9cOd3+GGuVDhXFI5jNS/ahMB6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMEFGMC9FMzc2Mjk1MDBG RkYxMUU5ODgxNUFFMjJDNEY5QUUwMi8yYjF3NTNmNFlhNVVPRmNVam1NMUw5cUV3 SG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJiMXc1M2Y0WWE1VU9GY1VqbU0xTDlxRXdIby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MEFGMC9FMzc2Mjk1MDBGRkYxMUU5ODgxNUFFMjJDNEY5QUUwMi8yYjF3NTNmNFlh NVVPRmNVam1NMUw5cUV3SG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWz+9B8Nw9DObaGlYXoD52Tnao3WKAuhUwazW1T4LEPxC8iUUr1rt2 7er6dgX7ikBgSzfkxig/9S+l5EPj2Nst8PVtch45tZu4zrclBl7X+Zht5g5vOES6 gyQJeFSwQo6zdq9tEPM0s5McN1Mg3/p8PxPOsaUfpBotgS5xVtXwepNXy1ta4mvC rEyUuArk3JhRzWqx+ZjZrUHtMW4eroaKTM8uDMzHSagU6vYn2YYuEiNxzcJQ8Ql/ cg4O3tcX4Vw8fcx705UxvrcVyGrvi8gZ8bUy5TKZiRLiRh/084o8Su9gf+NhsuI8 oUCldjnRX6obgEVmx3VLYQZuUbqz6mdB -----END CERTIFICATE-----Generated at Sat Apr 26 04:20:58 2025 by rpki-client