$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.mft File: GkhD6J8kRLLN24EYqoovRBgOhJg.mft (raw, json) Hash identifier: Y3r55gj0tWZN4PaAz9quR8Gw4XuvMRL9VTrPiLPY1rc= Subject key identifier: D8:87:C2:58:FF:B8:23:03:EF:A0:22:21:10:FB:BE:98:FD:3A:3C:F8 Authority key identifier: 1A:48:43:E8:9F:24:44:B2:CD:DB:81:18:AA:8A:2F:44:18:0E:84:98 Certificate issuer: /CN=A91F5280/serialNumber=1A4843E89F2444B2CDDB8118AA8A2F44180E8498 Certificate serial: 0167 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GkhD6J8kRLLN24EYqoovRBgOhJg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.mft Manifest number: 0163 Signing time: Tue 29 Apr 2025 04:02:39 +0000 Manifest this update: Tue 29 Apr 2025 04:02:38 +0000 Manifest next update: Tue 06 May 2025 04:02:38 +0000 Files and hashes: 1: GkhD6J8kRLLN24EYqoovRBgOhJg.crl (hash: rhqJ3fr/hhY644+9mmFMFI88b0rCGjOinIjsqFybJtQ=) 2: B5569B88096311EE9ECB644DC4F9AE02.roa (hash: r69ry07FlZRyxMcGSskusquMKld1QByFguUcoWDQa3s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.crl rsync://rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GkhD6J8kRLLN24EYqoovRBgOhJg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 06 May 2025 04:02:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 359 (0x167) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F5280, serialNumber=1A4843E89F2444B2CDDB8118AA8A2F44180E8498 Validity Not Before: Apr 29 04:02:38 2025 GMT Not After : May 6 04:02:38 2025 GMT Subject: CN=68104f5e-b5dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:71:70:91:9a:0e:78:44:a2:91:93:01:7e:96: 32:a2:96:e5:bf:f9:53:47:2a:f2:2c:3b:0f:f0:70: 4d:ca:4d:96:3e:ae:92:03:c9:73:e6:5a:2a:6a:ea: b4:4c:04:75:e4:0a:54:ca:f2:8c:4b:82:1f:d0:2d: bd:d8:f2:36:d6:a7:d2:f8:1c:f2:09:15:64:69:5f: 2f:18:31:b8:4c:ad:16:5e:b3:f4:99:34:ae:61:2a: 9a:a2:f1:6a:8d:19:79:8b:57:1c:91:ce:ba:93:2a: 59:f7:77:0f:a2:f8:29:c9:44:b1:7c:70:ef:05:59: 6d:08:6b:c0:02:9e:af:c5:f3:8a:ce:88:70:05:3f: ae:7c:7d:3e:82:4f:7c:a4:8e:99:f9:9b:fa:09:c9: 4f:a4:c0:f9:62:de:3b:80:b3:7a:15:75:e9:fa:36: dd:a8:a6:49:15:18:e8:b4:78:b0:cc:cd:27:b6:6a: bc:6f:98:bc:6b:a0:96:53:a9:e5:c1:f9:89:f1:c3: 7c:fc:61:63:b2:e3:a7:21:89:8c:c5:6c:23:a2:94: 4c:ab:24:f9:57:6e:9c:4d:60:e0:c3:ff:f3:e9:89: 82:9d:41:6e:18:8f:d2:0d:ca:d0:ef:4d:9c:23:75: eb:ce:87:10:cb:93:43:90:31:24:c7:68:a8:d5:af: f5:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:87:C2:58:FF:B8:23:03:EF:A0:22:21:10:FB:BE:98:FD:3A:3C:F8 X509v3 Authority Key Identifier: keyid:1A:48:43:E8:9F:24:44:B2:CD:DB:81:18:AA:8A:2F:44:18:0E:84:98 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GkhD6J8kRLLN24EYqoovRBgOhJg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:8d:6c:dc:9d:42:35:6e:5f:12:1d:49:44:be:fd:9d:da:62: c7:60:1d:d0:6c:41:3c:5e:a9:d4:65:d8:68:3e:af:6e:16:fa: f2:d2:2c:9f:bb:c8:1d:c4:b2:1f:e7:b0:9e:86:74:7e:7b:9c: d8:a4:54:6f:4e:86:c8:bc:17:b2:71:d3:b8:70:f2:07:81:b6: 34:48:12:04:84:c3:f0:a0:66:42:f9:b3:d7:77:94:2d:d5:51: 6b:2c:bd:ea:26:5e:94:46:09:83:8b:5f:75:1d:04:ad:39:b9: 29:52:bb:12:c9:98:f0:43:89:ce:81:df:9b:01:51:f8:d7:38: 3a:70:bb:5c:99:b7:8b:67:5c:9b:4e:9b:b9:e6:f4:e2:0d:a8: a9:2d:8a:b8:ff:04:06:36:31:1e:3b:f4:1c:dc:6b:4b:d7:e8: 1d:4c:93:7d:51:c6:78:5f:f3:a1:ee:cc:2f:1a:fd:ce:82:26: bb:fa:ae:17:d0:f9:aa:da:f8:33:26:c1:f5:59:82:05:e6:35: c1:af:f4:c7:d2:87:d5:a0:7f:82:e2:3d:11:b4:cc:b0:8f:0f: 69:8b:7b:5e:e3:27:cd:a9:74:74:24:0d:b3:6d:79:e5:91:f7: bf:72:34:e4:0c:80:00:64:a2:22:82:57:c7:f0:04:e1:ea:ca: 8f:5d:19:5d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjUyODAxMTAvBgNVBAUTKDFBNDg0M0U4OUYyNDQ0QjJDRERCODExOEFBOEEyRjQ0 MTgwRTg0OTgwHhcNMjUwNDI5MDQwMjM4WhcNMjUwNTA2MDQwMjM4WjAYMRYwFAYD VQQDEw02ODEwNGY1ZS1iNWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA53FwkZoOeESikZMBfpYyopblv/lTRyryLDsP8HBNyk2WPq6SA8lz5loqauq0 TAR15ApUyvKMS4If0C292PI21qfS+BzyCRVkaV8vGDG4TK0WXrP0mTSuYSqaovFq jRl5i1cckc66kypZ93cPovgpyUSxfHDvBVltCGvAAp6vxfOKzohwBT+ufH0+gk98 pI6Z+Zv6CclPpMD5Yt47gLN6FXXp+jbdqKZJFRjotHiwzM0ntmq8b5i8a6CWU6nl wfmJ8cN8/GFjsuOnIYmMxWwjopRMqyT5V26cTWDgw//z6YmCnUFuGI/SDcrQ702c I3XrzocQy5NDkDEkx2io1a/1sQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNiHwlj/ uCMD76AiIRD7vpj9Ojz4MB8GA1UdIwQYMBaAFBpIQ+ifJESyzduBGKqKL0QYDoSY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTI4MC9DMDRCMUI3NjA5 NUYxMUVFQUQwRUQwNENDNEY5QUUwMi9Ha2hENko4a1JMTE4yNEVZcW9vdlJCZ09o SmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0draEQ2SjhrUkxMTjI0RVlxb292UkJnT2hKZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NTI4MC9DMDRCMUI3NjA5NUYxMUVFQUQwRUQwNENDNEY5QUUwMi9Ha2hENko4a1JM TE4yNEVZcW9vdlJCZ09oSmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBMjWzcnUI1bl8SHUlEvv2d2mLHYB3QbEE8XqnUZdhoPq9uFvry0iyf u8gdxLIf57CehnR+e5zYpFRvTobIvBeycdO4cPIHgbY0SBIEhMPwoGZC+bPXd5Qt 1VFrLL3qJl6URgmDi191HQStObkpUrsSyZjwQ4nOgd+bAVH41zg6cLtcmbeLZ1yb Tpu55vTiDaipLYq4/wQGNjEeO/Qc3GtL1+gdTJN9UcZ4X/Oh7swvGv3Ogia7+q4X 0Pmq2vgzJsH1WYIF5jXBr/TH0ofVoH+C4j0RtMywjw9pi3te4yfNqXR0JA2zbXnl kfe/cjTkDIAAZKIiglfH8ATh6sqPXRld -----END CERTIFICATE-----Generated at Tue Apr 29 07:48:03 2025 by rpki-client