$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft File: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft (raw, json) Hash identifier: M5CnbD1myj39JtfP+wvVH6Zcl/L7Js9ZYZIqyDp7UN0= Subject key identifier: DC:07:B3:48:43:52:9E:2B:71:7F:98:0D:FC:C7:3F:C0:4D:78:64:C3 Authority key identifier: AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 Certificate issuer: /CN=A91F3F02/serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661 Certificate serial: 0F9C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft Manifest number: 0F6D Signing time: Thu 24 Apr 2025 17:33:15 +0000 Manifest this update: Thu 24 Apr 2025 17:33:14 +0000 Manifest next update: Thu 01 May 2025 17:33:14 +0000 Files and hashes: 1: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl (hash: hn5XuOLjBuiZ/oPVmhnX1G3E2u4HQ0nRo1AZipYXh2c=) 2: 4BF23558026D11EBB136622CC4F9AE02.roa (hash: dSSI9SuJi0kxWDguXGuvNHYcVsK2PtNwvDQAV3GyLYI=) 3: B3876B1821C911EB991D562EC4F9AE02.roa (hash: uBn0Hxz91FaVyD43QnMkuJqRyt7MMlvjQXxOWdloNks=) 4: B2B2930C21C911EB991D562EC4F9AE02.roa (hash: Qy0DDR285MRVUCU2wSq2l1CDAExHpBwuWLjgKYsgDgk=) 5: 8663E8B6658A11E9930DC678C4F9AE02.roa (hash: nnsGbqSAK23dzd+NhzAKnl4RNtdUbFKnIUPab2S+fr0=) 6: F98DEF9A231F11EB99F53580C4F9AE02.roa (hash: 5v8ULnLB7hAe2Fg8TDMfEBDhvjvsx+AYmHjpRnzhKsw=) 7: E049FDF87A4511EBBB2D0A52C4F9AE02.roa (hash: 01USCsNqqndn4P4yTkoqoN05MdA4R11oCs3iWFycohA=) 8: B490CD0621C911EB991D562EC4F9AE02.roa (hash: Juh4AVBFoxym4U719T7P+CRblg1s/scR/hB7gB0qaXY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 17:33:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3996 (0xf9c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3F02, serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661 Validity Not Before: Apr 24 17:33:14 2025 GMT Not After : May 1 17:33:14 2025 GMT Subject: CN=680a75db-5059 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:2b:94:39:0b:e8:06:4c:51:0c:ae:2d:e9:db: 67:25:2b:fa:36:e8:46:4d:cf:62:56:59:12:98:51: 95:fa:b1:67:5d:e6:7d:ce:a2:46:9e:f8:9f:06:cd: fb:d7:31:3a:c5:06:3f:5b:e9:48:b2:e3:80:67:1f: d3:9f:5b:07:d7:c4:63:0c:d2:a2:e6:77:b8:e8:6f: 38:3a:58:8c:99:62:d0:33:d3:07:11:b5:d4:d3:87: a0:84:66:dd:a4:3a:85:d3:b1:05:5d:23:09:8a:64: bb:5e:88:9f:63:f4:46:07:43:63:a4:a9:a7:04:82: a2:18:8f:f5:e5:7a:b6:db:ce:ac:13:9e:7f:be:fd: d6:b1:12:e8:e9:87:de:68:ed:f2:22:4b:2c:eb:c1: 0a:1a:70:ba:27:f0:a0:8d:15:22:35:58:d2:53:d6: 3f:c4:e5:40:05:bf:37:8b:8d:b4:f9:8c:b9:4d:95: 04:03:07:1d:a7:d5:9a:22:56:1f:88:ff:87:b2:0a: 31:d9:a0:e3:96:a5:bd:24:35:90:62:89:d2:57:fd: c9:66:79:e4:c5:6d:3d:b2:54:0b:23:e5:33:9f:ab: 7c:21:08:56:a1:d3:9a:a8:2c:99:11:47:86:12:84: f4:ee:45:a2:74:41:a0:dc:f0:4f:2d:d3:22:7c:ca: 51:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:07:B3:48:43:52:9E:2B:71:7F:98:0D:FC:C7:3F:C0:4D:78:64:C3 X509v3 Authority Key Identifier: keyid:AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:ee:6d:ea:bb:f8:f9:b3:ac:d8:1e:fa:64:a6:71:20:e0:d7: 47:91:22:73:ae:db:73:fd:c7:17:2d:cb:84:4d:fa:96:fe:34: 2f:da:e6:d4:af:59:f1:48:1e:20:9e:e2:2b:ec:b1:fe:af:68: fe:ab:26:27:4f:de:ed:ed:d0:33:d9:b9:70:3b:2a:4a:58:48: 68:73:c1:e0:b4:16:97:c8:f9:2d:0c:c3:90:86:e6:e5:e2:2a: ea:a8:04:a7:31:47:f9:67:ee:cc:4d:c6:c9:74:71:df:8b:1b: 95:e6:da:1b:df:50:61:01:21:d3:0b:73:81:c0:45:28:f0:05: 4e:db:6a:b9:0f:86:8e:eb:d5:52:22:36:6f:b1:37:0b:ce:51: 0a:31:d0:be:b8:b2:0b:a3:93:26:ac:88:d3:15:60:0c:a5:48: cb:7f:cb:d5:c2:54:c7:36:47:fc:72:50:eb:c7:3a:fb:88:46: 89:35:98:fd:76:43:a3:9e:de:f3:96:67:42:cf:f0:50:36:07: 7b:20:56:e0:cd:95:43:c7:51:06:e3:92:61:b5:95:cc:85:f7: f1:b9:6c:26:48:ef:0e:d7:64:ad:09:3e:b3:2b:a6:33:d8:db: 19:c7:f9:24:df:ea:69:07:ec:7c:01:8f:ba:2e:14:61:c6:cb: 20:33:5e:5f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD5wwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjNGMDIxMTAvBgNVBAUTKEFGNDQ3ODA4MTNCQjZDMDVFOTk3NTQ1QjA4RDM3OTM2 RkZBQzQ2NjEwHhcNMjUwNDI0MTczMzE0WhcNMjUwNTAxMTczMzE0WjAYMRYwFAYD VQQDEw02ODBhNzVkYi01MDU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuCuUOQvoBkxRDK4t6dtnJSv6NuhGTc9iVlkSmFGV+rFnXeZ9zqJGnvifBs37 1zE6xQY/W+lIsuOAZx/Tn1sH18RjDNKi5ne46G84OliMmWLQM9MHEbXU04eghGbd pDqF07EFXSMJimS7XoifY/RGB0NjpKmnBIKiGI/15Xq2286sE55/vv3WsRLo6Yfe aO3yIkss68EKGnC6J/CgjRUiNVjSU9Y/xOVABb83i420+Yy5TZUEAwcdp9WaIlYf iP+Hsgox2aDjlqW9JDWQYonSV/3JZnnkxW09slQLI+Uzn6t8IQhWodOaqCyZEUeG EoT07kWidEGg3PBPLdMifMpRWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNwHs0hD Up4rcX+YDfzHP8BNeGTDMB8GA1UdIwQYMBaAFK9EeAgTu2wF6ZdUWwjTeTb/rEZh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0YwMi9DQ0FCNTc1MDYz RjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JBWHBsMVJiQ05ONU52LXNS bUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3IwUjRDQk83YkFYcGwxUmJDTk41TnYtc1JtRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG M0YwMi9DQ0FCNTc1MDYzRjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JB WHBsMVJiQ05ONU52LXNSbUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAr7m3qu/j5s6zYHvpkpnEg4NdHkSJzrttz/ccXLcuETfqW/jQv2ubU r1nxSB4gnuIr7LH+r2j+qyYnT97t7dAz2blwOypKWEhoc8HgtBaXyPktDMOQhubl 4irqqASnMUf5Z+7MTcbJdHHfixuV5tob31BhASHTC3OBwEUo8AVO22q5D4aO69VS IjZvsTcLzlEKMdC+uLILo5MmrIjTFWAMpUjLf8vVwlTHNkf8clDrxzr7iEaJNZj9 dkOjnt7zlmdCz/BQNgd7IFbgzZVDx1EG45JhtZXMhffxuWwmSO8O12StCT6zK6Yz 2NsZx/kk3+ppB+x8AY+6LhRhxssgM15f -----END CERTIFICATE-----Generated at Sat Apr 26 05:04:23 2025 by rpki-client