$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6ADE/28739D3A41DF11ECA3DC2F85C4F9AE02/cOaM6FoDjZ4wcEODfKbmsaZglu4.mft File: cOaM6FoDjZ4wcEODfKbmsaZglu4.mft (raw, json) Hash identifier: AwQ5j3iFVfOeF/xj7KHojAHpwddtLht7jqvh0SXt5Zo= Subject key identifier: C3:2B:3C:DF:A4:94:95:DD:B0:03:A8:38:47:F6:DE:60:A4:37:17:AF Authority key identifier: 70:E6:8C:E8:5A:03:8D:9E:30:70:43:83:7C:A6:E6:B1:A6:60:96:EE Certificate issuer: /CN=A91F6ADE/serialNumber=70E68CE85A038D9E307043837CA6E6B1A66096EE Certificate serial: 0476 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cOaM6FoDjZ4wcEODfKbmsaZglu4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F6ADE/28739D3A41DF11ECA3DC2F85C4F9AE02/cOaM6FoDjZ4wcEODfKbmsaZglu4.mft Manifest number: 0470 Signing time: Thu 24 Apr 2025 23:53:35 +0000 Manifest this update: Thu 24 Apr 2025 23:53:35 +0000 Manifest next update: Thu 01 May 2025 23:53:35 +0000 Files and hashes: 1: cOaM6FoDjZ4wcEODfKbmsaZglu4.crl (hash: i4udG5LmJGa3WJQpTxCnFjV7A+k3FuziyFS9eXRGJMw=) 2: FD0DCDCA41E111EC98FA0C0AC4F9AE02.roa (hash: CzraaquDZ9Uo+Rh3T+BRvbMkjKbruCD1g9kPUW6icAU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F6ADE/28739D3A41DF11ECA3DC2F85C4F9AE02/cOaM6FoDjZ4wcEODfKbmsaZglu4.crl rsync://rpki.apnic.net/member_repository/A91F6ADE/28739D3A41DF11ECA3DC2F85C4F9AE02/cOaM6FoDjZ4wcEODfKbmsaZglu4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cOaM6FoDjZ4wcEODfKbmsaZglu4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:53:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1142 (0x476) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F6ADE, serialNumber=70E68CE85A038D9E307043837CA6E6B1A66096EE Validity Not Before: Apr 24 23:53:35 2025 GMT Not After : May 1 23:53:35 2025 GMT Subject: CN=680aceff-4041 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:5b:c6:d6:55:95:ed:65:95:0b:38:f8:e8:cb: 83:66:23:11:62:af:e8:fa:bb:f4:c7:12:23:1b:e4: 9b:0f:7a:5e:d0:9e:3f:63:66:1b:af:83:5c:cb:01: 69:8e:fa:14:24:89:9b:36:4f:1a:a2:92:89:20:66: 45:08:1b:31:e7:f0:28:e2:77:f8:bc:4e:dc:3d:65: 9b:a3:ab:c3:2d:72:49:5d:a8:35:0e:9e:06:5b:b3: 1e:21:99:a0:ec:6d:ac:62:08:a2:ac:1e:a3:d7:3c: df:5e:f3:2b:28:fc:59:e7:a3:cc:0b:43:41:32:6a: 0f:4e:49:66:38:68:e6:23:f8:af:70:0e:8a:6e:44: ee:ba:96:5c:26:7b:9e:4f:8a:9d:d1:34:6e:3e:88: fa:d3:60:b3:48:c9:a0:5e:63:4e:62:ec:01:87:8f: d4:51:73:75:d9:14:e8:21:c7:18:f1:49:54:5c:1f: 6b:75:1c:cd:56:f3:bf:79:2f:a5:36:7d:09:d0:df: 19:d3:d1:13:27:76:cc:d6:bb:3f:21:ac:11:c8:c9: d0:95:86:83:a4:9a:ba:d1:72:60:70:44:2a:28:72: 69:f8:5f:95:3c:82:3b:ec:7f:ee:5e:51:a2:24:59: 5b:0c:b6:41:dd:ce:81:97:27:73:27:6e:9d:fd:19: 96:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:2B:3C:DF:A4:94:95:DD:B0:03:A8:38:47:F6:DE:60:A4:37:17:AF X509v3 Authority Key Identifier: keyid:70:E6:8C:E8:5A:03:8D:9E:30:70:43:83:7C:A6:E6:B1:A6:60:96:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F6ADE/28739D3A41DF11ECA3DC2F85C4F9AE02/cOaM6FoDjZ4wcEODfKbmsaZglu4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cOaM6FoDjZ4wcEODfKbmsaZglu4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6ADE/28739D3A41DF11ECA3DC2F85C4F9AE02/cOaM6FoDjZ4wcEODfKbmsaZglu4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:45:91:ce:f2:3c:35:e4:ca:45:22:0d:c0:32:66:fb:16:ea: 16:c8:f4:f9:f0:3d:a9:b0:dc:2d:88:99:a4:01:b6:88:c6:be: d1:15:0b:36:28:df:92:06:03:10:d6:cc:8c:00:34:73:b6:45: 9a:a2:bc:0e:b9:1a:88:e5:2a:7b:c2:22:2b:02:87:4f:9f:96: 0c:09:35:e2:be:31:88:ab:b3:52:8a:b2:5c:9e:61:59:f3:74: d6:ad:0e:2e:54:28:43:ad:91:0c:3b:37:22:cd:6b:41:b0:8e: 89:81:a0:a9:f3:41:2d:34:0f:ba:03:28:eb:25:85:f3:06:62: d5:b4:9a:3e:25:4e:c7:33:2b:91:f7:18:2b:23:59:ba:4f:a3: 1f:b2:7a:b8:8e:2b:75:7c:48:d9:ff:fb:e0:bc:46:90:43:06: 02:7b:bf:cc:8c:62:27:e0:88:50:50:77:f2:a1:0e:7d:b6:98: 89:5c:67:66:2c:ed:28:51:19:ba:3f:29:ec:b0:77:8b:b4:96: 63:f0:57:72:1d:04:20:82:69:50:32:97:4a:b6:44:96:50:88: 9f:79:ea:ac:b9:d3:5c:3b:a5:a5:8a:ff:e6:c6:1d:a5:c9:61: fe:b3:7b:ac:c2:0b:2d:da:93:27:4c:6d:02:83:42:4e:be:c7: f1:0e:f7:7c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBHYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjZBREUxMTAvBgNVBAUTKDcwRTY4Q0U4NUEwMzhEOUUzMDcwNDM4MzdDQTZFNkIx QTY2MDk2RUUwHhcNMjUwNDI0MjM1MzM1WhcNMjUwNTAxMjM1MzM1WjAYMRYwFAYD VQQDEw02ODBhY2VmZi00MDQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArlvG1lWV7WWVCzj46MuDZiMRYq/o+rv0xxIjG+SbD3pe0J4/Y2Ybr4NcywFp jvoUJImbNk8aopKJIGZFCBsx5/Ao4nf4vE7cPWWbo6vDLXJJXag1Dp4GW7MeIZmg 7G2sYgiirB6j1zzfXvMrKPxZ56PMC0NBMmoPTklmOGjmI/ivcA6KbkTuupZcJnue T4qd0TRuPoj602CzSMmgXmNOYuwBh4/UUXN12RToIccY8UlUXB9rdRzNVvO/eS+l Nn0J0N8Z09ETJ3bM1rs/IawRyMnQlYaDpJq60XJgcEQqKHJp+F+VPII77H/uXlGi JFlbDLZB3c6BlydzJ26d/RmW9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMMrPN+k lJXdsAOoOEf23mCkNxevMB8GA1UdIwQYMBaAFHDmjOhaA42eMHBDg3ym5rGmYJbu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNkFERS8yODczOUQzQTQx REYxMUVDQTNEQzJGODVDNEY5QUUwMi9jT2FNNkZvRGpaNHdjRU9EZktibXNhWmds dTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NPYU02Rm9Ealo0d2NFT0RmS2Jtc2FaZ2x1NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NkFERS8yODczOUQzQTQxREYxMUVDQTNEQzJGODVDNEY5QUUwMi9jT2FNNkZvRGpa NHdjRU9EZktibXNhWmdsdTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBFRZHO8jw15MpFIg3AMmb7FuoWyPT58D2psNwtiJmkAbaIxr7RFQs2 KN+SBgMQ1syMADRztkWaorwOuRqI5Sp7wiIrAodPn5YMCTXivjGIq7NSirJcnmFZ 83TWrQ4uVChDrZEMOzcizWtBsI6JgaCp80EtNA+6AyjrJYXzBmLVtJo+JU7HMyuR 9xgrI1m6T6Mfsnq4jit1fEjZ//vgvEaQQwYCe7/MjGIn4IhQUHfyoQ59tpiJXGdm LO0oURm6PynssHeLtJZj8FdyHQQggmlQMpdKtkSWUIifeeqsudNcO6Wliv/mxh2l yWH+s3uswgst2pMnTG0Cg0JOvsfxDvd8 -----END CERTIFICATE-----Generated at Sat Apr 26 04:18:30 2025 by rpki-client