$ rpki-client -vvf rpki.apnic.net/member_repository/A91F1E8B/807DFDA0A3CE11EA8BAE6520C4F9AE02/K6PqbAvX8YRghmD5ogTlEYZaAN0.mft File: K6PqbAvX8YRghmD5ogTlEYZaAN0.mft (raw, json) Hash identifier: 4GlDDfiPOoo3EySRtvSvJRzLiggUSZR5MYAeTvsHIkY= Subject key identifier: 42:41:82:14:12:66:B4:7F:14:8D:AA:BA:35:5C:85:66:8E:8E:4B:A6 Authority key identifier: 2B:A3:EA:6C:0B:D7:F1:84:60:86:60:F9:A2:04:E5:11:86:5A:00:DD Certificate issuer: /CN=A91F1E8B/serialNumber=2BA3EA6C0BD7F184608660F9A204E511865A00DD Certificate serial: 090B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K6PqbAvX8YRghmD5ogTlEYZaAN0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F1E8B/807DFDA0A3CE11EA8BAE6520C4F9AE02/K6PqbAvX8YRghmD5ogTlEYZaAN0.mft Manifest number: 0904 Signing time: Thu 24 Apr 2025 20:12:41 +0000 Manifest this update: Thu 24 Apr 2025 20:12:41 +0000 Manifest next update: Thu 01 May 2025 20:12:41 +0000 Files and hashes: 1: K6PqbAvX8YRghmD5ogTlEYZaAN0.crl (hash: Y5oalMX7yD9YX95/sPJEN+sZWRhpnURh6iFVJ5XyagE=) 2: 33F713A8A3CF11EAA31D8C20C4F9AE02.roa (hash: U+2Kae/qqfcPAGDUNj2rc7ly1La28a/4nOUamtVuvAQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F1E8B/807DFDA0A3CE11EA8BAE6520C4F9AE02/K6PqbAvX8YRghmD5ogTlEYZaAN0.crl rsync://rpki.apnic.net/member_repository/A91F1E8B/807DFDA0A3CE11EA8BAE6520C4F9AE02/K6PqbAvX8YRghmD5ogTlEYZaAN0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K6PqbAvX8YRghmD5ogTlEYZaAN0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 20:12:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2315 (0x90b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F1E8B, serialNumber=2BA3EA6C0BD7F184608660F9A204E511865A00DD Validity Not Before: Apr 24 20:12:41 2025 GMT Not After : May 1 20:12:41 2025 GMT Subject: CN=680a9b39-cfd4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:bd:d1:21:27:06:12:8a:03:d0:54:ee:ec:3e: 78:1d:66:10:fd:49:3f:0f:64:73:f9:70:6a:ea:bf: 90:82:08:0f:51:00:f8:b6:27:07:c0:dd:25:67:ea: 94:cc:03:cd:74:b4:e8:47:e7:cd:10:8c:97:e9:fa: 84:34:a8:74:7c:1a:b5:7c:10:3b:5c:0b:47:df:82: be:67:c9:93:a7:5c:fd:09:9c:a7:3f:48:37:28:7e: 62:4b:b2:e8:ba:5d:9f:42:06:df:20:1f:82:54:30: 39:48:e1:7c:6c:5b:d0:d8:eb:f6:47:59:fb:8d:b3: a8:c0:9b:71:18:1b:33:e7:24:ef:08:ac:b4:19:38: 16:4b:e6:c1:9b:8f:34:89:b7:33:f7:a7:d2:04:4d: 86:61:df:98:ce:44:55:1f:5f:09:f1:9d:8e:a7:a6: 60:3b:87:d0:60:0b:fc:fd:78:59:ba:76:88:98:d3: 93:08:51:31:97:80:92:a6:09:af:0a:df:fb:53:a5: d0:ed:66:5b:3c:64:14:03:73:77:91:42:28:3b:f0: c0:97:db:5f:ee:c1:bd:71:fa:2e:6f:17:eb:f5:49: 09:5d:00:f1:dd:0b:91:db:d1:b4:b1:2d:91:8b:cc: c0:99:2e:50:51:c1:7c:c2:40:ac:61:29:68:b9:b0: c0:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:41:82:14:12:66:B4:7F:14:8D:AA:BA:35:5C:85:66:8E:8E:4B:A6 X509v3 Authority Key Identifier: keyid:2B:A3:EA:6C:0B:D7:F1:84:60:86:60:F9:A2:04:E5:11:86:5A:00:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F1E8B/807DFDA0A3CE11EA8BAE6520C4F9AE02/K6PqbAvX8YRghmD5ogTlEYZaAN0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K6PqbAvX8YRghmD5ogTlEYZaAN0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F1E8B/807DFDA0A3CE11EA8BAE6520C4F9AE02/K6PqbAvX8YRghmD5ogTlEYZaAN0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:16:6e:b5:79:0d:59:af:41:1d:33:11:98:89:01:db:82:fa: 2b:be:d1:a1:89:c6:05:91:f7:03:05:c3:9d:2f:ba:31:a9:6b: ef:ef:f6:42:ca:4d:e4:c0:57:a5:1e:63:7d:92:33:3a:78:4f: fc:6d:0c:44:05:39:c5:aa:d7:d4:25:9e:6b:36:b6:fc:7b:a0: e1:8b:8e:e8:40:53:ee:76:ec:df:ed:ff:be:8b:dc:32:7f:06: 93:5c:82:52:8b:d8:1f:91:64:d4:d4:92:94:87:93:3a:85:97: 74:d9:78:d3:c9:13:ba:4b:49:d8:b6:33:38:70:aa:9e:85:13: 14:87:0c:d1:20:91:31:1c:7a:a1:50:05:86:32:e6:32:15:f1: 1c:44:a9:18:f4:27:6e:9b:a9:1a:ec:0e:ef:d6:91:1c:9f:5b: 3b:49:a8:b2:a0:ca:a7:f2:16:53:73:b6:43:6c:66:ca:28:81: 85:1c:6b:f5:56:a0:2c:50:29:fa:c5:87:9d:4f:a8:f0:52:97: 58:8d:4b:57:ee:e6:f7:12:86:4a:d5:d6:3d:90:10:84:56:ab: c6:15:ba:8d:83:f6:de:4a:69:12:2f:6a:11:a0:c3:f7:1f:56: ce:4e:44:80:fc:27:2d:cd:7e:24:c8:9e:c3:5e:e5:77:30:02: a2:52:8f:f6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCQswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjFFOEIxMTAvBgNVBAUTKDJCQTNFQTZDMEJEN0YxODQ2MDg2NjBGOUEyMDRFNTEx ODY1QTAwREQwHhcNMjUwNDI0MjAxMjQxWhcNMjUwNTAxMjAxMjQxWjAYMRYwFAYD VQQDEw02ODBhOWIzOS1jZmQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3b3RIScGEooD0FTu7D54HWYQ/Uk/D2Rz+XBq6r+QgggPUQD4ticHwN0lZ+qU zAPNdLToR+fNEIyX6fqENKh0fBq1fBA7XAtH34K+Z8mTp1z9CZynP0g3KH5iS7Lo ul2fQgbfIB+CVDA5SOF8bFvQ2Ov2R1n7jbOowJtxGBsz5yTvCKy0GTgWS+bBm480 ibcz96fSBE2GYd+YzkRVH18J8Z2Op6ZgO4fQYAv8/XhZunaImNOTCFExl4CSpgmv Ct/7U6XQ7WZbPGQUA3N3kUIoO/DAl9tf7sG9cfoubxfr9UkJXQDx3QuR29G0sS2R i8zAmS5QUcF8wkCsYSloubDAvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEJBghQS ZrR/FI2qujVchWaOjkumMB8GA1UdIwQYMBaAFCuj6mwL1/GEYIZg+aIE5RGGWgDd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMUU4Qi84MDdERkRBMEEz Q0UxMUVBOEJBRTY1MjBDNEY5QUUwMi9LNlBxYkF2WDhZUmdobUQ1b2dUbEVZWmFB TjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0s2UHFiQXZYOFlSZ2htRDVvZ1RsRVlaYUFOMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MUU4Qi84MDdERkRBMEEzQ0UxMUVBOEJBRTY1MjBDNEY5QUUwMi9LNlBxYkF2WDhZ UmdobUQ1b2dUbEVZWmFBTjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAYFm61eQ1Zr0EdMxGYiQHbgvorvtGhicYFkfcDBcOdL7oxqWvv7/ZC yk3kwFelHmN9kjM6eE/8bQxEBTnFqtfUJZ5rNrb8e6Dhi47oQFPuduzf7f++i9wy fwaTXIJSi9gfkWTU1JKUh5M6hZd02XjTyRO6S0nYtjM4cKqehRMUhwzRIJExHHqh UAWGMuYyFfEcRKkY9Cdum6ka7A7v1pEcn1s7SaiyoMqn8hZTc7ZDbGbKKIGFHGv1 VqAsUCn6xYedT6jwUpdYjUtX7ub3EoZK1dY9kBCEVqvGFbqNg/beSmkSL2oRoMP3 H1bOTkSA/CctzX4kyJ7DXuV3MAKiUo/2 -----END CERTIFICATE-----Generated at Sat Apr 26 16:57:19 2025 by rpki-client