$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.mft File: GkhD6J8kRLLN24EYqoovRBgOhJg.mft (raw, json) Hash identifier: 7IScSrUneR+LuIlE56fYVjkoLu2R/3d3nB8G1s//L/U= Subject key identifier: 6B:AA:80:D8:48:A1:38:1C:F2:45:D3:46:40:41:71:40:E8:F3:D3:11 Authority key identifier: 1A:48:43:E8:9F:24:44:B2:CD:DB:81:18:AA:8A:2F:44:18:0E:84:98 Certificate issuer: /CN=A91F5280/serialNumber=1A4843E89F2444B2CDDB8118AA8A2F44180E8498 Certificate serial: 0165 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GkhD6J8kRLLN24EYqoovRBgOhJg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.mft Manifest number: 0161 Signing time: Fri 25 Apr 2025 03:07:36 +0000 Manifest this update: Fri 25 Apr 2025 03:07:35 +0000 Manifest next update: Fri 02 May 2025 03:07:35 +0000 Files and hashes: 1: GkhD6J8kRLLN24EYqoovRBgOhJg.crl (hash: cWlRzX9pX1G44BL0w3S40RlSWzstm4etu3cbMIYljY0=) 2: B5569B88096311EE9ECB644DC4F9AE02.roa (hash: r69ry07FlZRyxMcGSskusquMKld1QByFguUcoWDQa3s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.crl rsync://rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GkhD6J8kRLLN24EYqoovRBgOhJg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:07:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 357 (0x165) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F5280, serialNumber=1A4843E89F2444B2CDDB8118AA8A2F44180E8498 Validity Not Before: Apr 25 03:07:35 2025 GMT Not After : May 2 03:07:35 2025 GMT Subject: CN=680afc77-5e00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:65:17:16:a8:a5:8f:cd:22:a1:13:0e:16:22: a9:f9:63:10:6c:91:60:96:8a:47:f3:bd:c3:d9:2a: a6:6a:14:2d:94:1d:10:d8:11:44:bc:9f:3d:16:66: f4:fc:fa:c6:20:ed:f6:5b:fd:2d:4e:73:bb:3c:f3: 85:82:c4:fa:93:98:01:07:f2:02:f9:28:ff:bc:b1: 62:d9:91:3c:bd:a2:58:af:9d:f7:60:d7:95:00:2e: aa:6c:0f:cb:58:1f:c4:85:8e:53:b8:dc:62:0a:35: 63:ff:ff:a3:1b:34:98:a7:26:15:26:89:da:75:e8: 29:7e:ca:45:2e:8e:b3:d0:f8:11:d1:dd:22:2c:7e: 9a:ee:1b:e7:8d:e2:dc:5d:e6:d8:d9:58:af:7f:98: da:d9:21:6f:27:f8:7c:26:09:68:5c:56:cb:99:21: a9:d2:51:67:7a:69:c5:5c:62:85:db:9d:3c:f1:64: 8d:0a:0f:45:f3:48:f8:58:90:eb:a3:0f:2c:5e:7c: c3:91:e6:2e:e9:d1:52:d3:0f:c4:11:70:0b:76:d9: 14:81:ce:1e:34:ca:f3:bf:d4:ea:1e:93:4b:32:50: 71:26:16:a8:c8:56:e5:c5:f4:27:ae:5d:51:7e:41: d1:fd:b3:b8:48:57:b4:02:e2:2b:a8:ba:35:58:cb: 1f:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:AA:80:D8:48:A1:38:1C:F2:45:D3:46:40:41:71:40:E8:F3:D3:11 X509v3 Authority Key Identifier: keyid:1A:48:43:E8:9F:24:44:B2:CD:DB:81:18:AA:8A:2F:44:18:0E:84:98 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GkhD6J8kRLLN24EYqoovRBgOhJg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5280/C04B1B76095F11EEAD0ED04CC4F9AE02/GkhD6J8kRLLN24EYqoovRBgOhJg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:a6:e8:83:12:04:23:8f:0f:05:b3:6b:5a:73:5d:c4:42:1b: 5c:79:27:84:5c:ea:c0:2b:b4:5c:5f:9b:02:c5:f9:76:a1:7a: f0:93:f0:5f:94:01:1c:04:16:0e:e0:b4:bc:ef:8c:12:3e:6b: 9d:ef:fa:78:b9:38:4f:24:11:c6:b4:0b:3e:b0:e6:8e:b9:41: 27:1c:2d:83:b7:7b:7c:2a:30:8b:40:c7:54:38:62:3f:61:2f: 62:cd:a0:17:75:a6:b5:65:27:a0:ca:1d:c8:42:ca:b0:6b:a4: 0c:45:88:b5:26:a6:d9:00:1a:95:06:fa:7d:ab:ec:30:8e:2a: 02:da:c6:c5:eb:56:0e:58:ca:be:01:9c:49:fe:5c:b7:b9:ca: a7:11:b1:bd:e9:ee:01:ee:d0:48:6d:8f:9e:f2:c9:02:b1:63: ad:29:89:f3:38:ce:26:9e:98:48:a8:c9:ad:c7:1e:6f:37:18: 13:b1:91:b1:28:28:3c:a1:fe:6e:3b:50:8b:1d:1d:e2:36:24: 49:f6:98:28:0c:4c:6f:6e:eb:07:d2:76:58:7b:6b:3d:ad:a2: 68:0d:c9:97:a3:98:04:37:d3:4e:21:ff:40:61:b9:16:90:f1: 12:c2:8f:02:83:50:30:b4:47:0f:a0:cd:4d:64:57:bf:cb:56: b5:79:9b:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjUyODAxMTAvBgNVBAUTKDFBNDg0M0U4OUYyNDQ0QjJDRERCODExOEFBOEEyRjQ0 MTgwRTg0OTgwHhcNMjUwNDI1MDMwNzM1WhcNMjUwNTAyMDMwNzM1WjAYMRYwFAYD VQQDEw02ODBhZmM3Ny01ZTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzGUXFqilj80ioRMOFiKp+WMQbJFglopH873D2SqmahQtlB0Q2BFEvJ89Fmb0 /PrGIO32W/0tTnO7PPOFgsT6k5gBB/IC+Sj/vLFi2ZE8vaJYr533YNeVAC6qbA/L WB/EhY5TuNxiCjVj//+jGzSYpyYVJonadegpfspFLo6z0PgR0d0iLH6a7hvnjeLc XebY2Vivf5ja2SFvJ/h8JgloXFbLmSGp0lFnemnFXGKF25088WSNCg9F80j4WJDr ow8sXnzDkeYu6dFS0w/EEXALdtkUgc4eNMrzv9TqHpNLMlBxJhaoyFblxfQnrl1R fkHR/bO4SFe0AuIrqLo1WMsfMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGuqgNhI oTgc8kXTRkBBcUDo89MRMB8GA1UdIwQYMBaAFBpIQ+ifJESyzduBGKqKL0QYDoSY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTI4MC9DMDRCMUI3NjA5 NUYxMUVFQUQwRUQwNENDNEY5QUUwMi9Ha2hENko4a1JMTE4yNEVZcW9vdlJCZ09o SmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0draEQ2SjhrUkxMTjI0RVlxb292UkJnT2hKZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NTI4MC9DMDRCMUI3NjA5NUYxMUVFQUQwRUQwNENDNEY5QUUwMi9Ha2hENko4a1JM TE4yNEVZcW9vdlJCZ09oSmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAvpuiDEgQjjw8Fs2tac13EQhtceSeEXOrAK7RcX5sCxfl2oXrwk/Bf lAEcBBYO4LS874wSPmud7/p4uThPJBHGtAs+sOaOuUEnHC2Dt3t8KjCLQMdUOGI/ YS9izaAXdaa1ZSegyh3IQsqwa6QMRYi1JqbZABqVBvp9q+wwjioC2sbF61YOWMq+ AZxJ/ly3ucqnEbG96e4B7tBIbY+e8skCsWOtKYnzOM4mnphIqMmtxx5vNxgTsZGx KCg8of5uO1CLHR3iNiRJ9pgoDExvbusH0nZYe2s9raJoDcmXo5gEN9NOIf9AYbkW kPESwo8Cg1AwtEcPoM1NZFe/y1a1eZtS -----END CERTIFICATE-----Generated at Sat Apr 26 16:33:28 2025 by rpki-client