$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft File: rehZrZQNGhc_pkzXBYZ9SH5nNog.mft (raw, json) Hash identifier: LHHTWn0yvO2ReA1831Dt/dv9Vsczli553glOLdB85GA= Subject key identifier: BF:14:4E:69:66:03:A8:A9:07:10:0B:59:8B:F4:55:AD:97:10:B6:AD Authority key identifier: AD:E8:59:AD:94:0D:1A:17:3F:A6:4C:D7:05:86:7D:48:7E:67:36:88 Certificate issuer: /CN=A91FDAD4/serialNumber=ADE859AD940D1A173FA64CD705867D487E673688 Certificate serial: 01E8 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft Manifest number: 01E3 Signing time: Fri 25 Apr 2025 00:17:51 +0000 Manifest this update: Fri 25 Apr 2025 00:17:50 +0000 Manifest next update: Fri 02 May 2025 00:17:50 +0000 Files and hashes: 1: rehZrZQNGhc_pkzXBYZ9SH5nNog.crl (hash: TsjjXr2ca8qzJHRq2IXZdzfTvaMn3Trvrm8AFBQzQYc=) 2: A99BC9D64CAC11EDA3BF485AC4F9AE02.roa (hash: M0LQ0bOgsXho1IONj8CXX3n4kpo/nKJprHxKVrxONpQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.crl rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:17:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 488 (0x1e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDAD4, serialNumber=ADE859AD940D1A173FA64CD705867D487E673688 Validity Not Before: Apr 25 00:17:50 2025 GMT Not After : May 2 00:17:50 2025 GMT Subject: CN=680ad4ae-3767 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:27:a0:87:f8:bd:4d:80:ca:b3:b3:22:63:0b: dd:ad:b3:06:09:f9:81:f1:be:6b:22:ed:4e:08:60: cc:7a:64:5d:2f:8a:97:bc:b6:84:cd:29:d3:45:16: ee:e2:6c:e8:5c:26:52:30:4a:10:19:cf:03:35:d8: ca:4c:7f:22:60:56:87:c4:62:e3:ad:fa:6b:03:0f: fe:80:6a:00:92:fb:76:57:dd:da:e1:dc:e2:c4:62: c9:93:d5:20:b3:35:f5:5f:69:d2:cc:94:6b:c4:4c: a8:c3:ee:9d:5e:9d:bf:37:22:0d:92:a2:f3:02:68: de:3a:ef:95:f7:67:d0:d1:45:d6:c1:0b:4a:3f:15: a3:aa:26:a5:0e:1b:1e:e1:d1:ce:22:08:63:c7:b6: 5d:94:4a:e0:94:0b:00:e8:14:2a:ec:da:0d:96:d0: 8e:6a:a5:db:0e:6c:93:17:f3:04:57:42:6b:a8:de: da:1b:41:7e:34:cd:15:0f:d4:5d:f2:29:d3:ca:f6: 9d:62:f0:75:c5:51:ad:10:8d:b9:91:23:a4:3e:c0: 44:91:66:fe:40:09:4b:2f:e5:c1:57:38:ce:27:88: bb:2e:83:c2:5b:02:b6:b8:8d:87:90:fa:eb:fc:46: 26:34:1b:0c:8a:c0:26:87:fc:f7:c6:93:72:eb:53: 8c:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:14:4E:69:66:03:A8:A9:07:10:0B:59:8B:F4:55:AD:97:10:B6:AD X509v3 Authority Key Identifier: keyid:AD:E8:59:AD:94:0D:1A:17:3F:A6:4C:D7:05:86:7D:48:7E:67:36:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:41:fb:5a:c3:7b:eb:ec:e4:3d:63:49:ed:f7:f3:e0:46:25: 76:83:95:dd:10:0f:ab:20:15:8a:a1:38:eb:d6:f8:9c:c5:b2: 0c:46:ee:0c:48:91:23:22:fd:23:c7:4e:a7:1f:c1:7d:27:03: 26:30:e6:ca:83:82:89:1b:6a:99:31:7b:c2:4d:a3:e5:39:55: 17:1f:6b:fc:01:df:a7:c9:4f:f0:5f:cb:d2:99:71:dc:bd:42: 26:03:dd:e4:06:35:8f:de:3c:e2:71:61:81:e1:27:ea:bc:fc: c0:6d:e2:3b:c3:dd:e3:3e:54:0f:6d:18:be:d6:f1:9a:a1:4c: 21:37:6c:d0:80:c8:6d:7e:5a:40:d7:1c:cd:78:77:51:61:8b: 6f:e6:a5:66:25:bb:31:24:8f:eb:f2:fc:69:d7:0b:72:32:7f: 95:1f:2f:ab:62:73:e9:5d:dd:2e:2b:a0:fc:9b:d8:97:9c:d4: a3:3c:24:9f:c7:f0:55:3f:83:99:ed:b5:61:85:19:8c:c9:e0: 8f:fa:e0:ee:96:a9:9a:fc:c4:89:0f:a7:6b:d2:60:96:18:14: c8:60:f6:39:5d:23:e3:29:79:2b:cc:ba:4c:5c:7a:6d:1c:f8: 09:3c:68:6d:87:d5:38:03:d4:3f:bd:5f:bf:46:ae:6f:d9:48: 8d:d7:b8:74 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAegwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRBRDQxMTAvBgNVBAUTKEFERTg1OUFEOTQwRDFBMTczRkE2NENENzA1ODY3RDQ4 N0U2NzM2ODgwHhcNMjUwNDI1MDAxNzUwWhcNMjUwNTAyMDAxNzUwWjAYMRYwFAYD VQQDEw02ODBhZDRhZS0zNzY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1Segh/i9TYDKs7MiYwvdrbMGCfmB8b5rIu1OCGDMemRdL4qXvLaEzSnTRRbu 4mzoXCZSMEoQGc8DNdjKTH8iYFaHxGLjrfprAw/+gGoAkvt2V93a4dzixGLJk9Ug szX1X2nSzJRrxEyow+6dXp2/NyINkqLzAmjeOu+V92fQ0UXWwQtKPxWjqialDhse 4dHOIghjx7ZdlErglAsA6BQq7NoNltCOaqXbDmyTF/MEV0JrqN7aG0F+NM0VD9Rd 8inTyvadYvB1xVGtEI25kSOkPsBEkWb+QAlLL+XBVzjOJ4i7LoPCWwK2uI2HkPrr /EYmNBsMisAmh/z3xpNy61OMvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL8UTmlm A6ipBxALWYv0Va2XELatMB8GA1UdIwQYMBaAFK3oWa2UDRoXP6ZM1wWGfUh+ZzaI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREFENC9DODVFODM3QTQz OTkxMUVEODM5RDcyMEVDNEY5QUUwMi9yZWhaclpRTkdoY19wa3pYQllaOVNINW5O b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL3JlaFpyWlFOR2hjX3BrelhCWVo5U0g1bk5vZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REFENC9DODVFODM3QTQzOTkxMUVEODM5RDcyMEVDNEY5QUUwMi9yZWhaclpRTkdo Y19wa3pYQllaOVNINW5Ob2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAGQftaw3vr7OQ9Y0nt9/PgRiV2g5XdEA+rIBWKoTjr1vicxbIMRu4M SJEjIv0jx06nH8F9JwMmMObKg4KJG2qZMXvCTaPlOVUXH2v8Ad+nyU/wX8vSmXHc vUImA93kBjWP3jzicWGB4SfqvPzAbeI7w93jPlQPbRi+1vGaoUwhN2zQgMhtflpA 1xzNeHdRYYtv5qVmJbsxJI/r8vxp1wtyMn+VHy+rYnPpXd0uK6D8m9iXnNSjPCSf x/BVP4OZ7bVhhRmMyeCP+uDulqma/MSJD6dr0mCWGBTIYPY5XSPjKXkrzLpMXHpt HPgJPGhth9U4A9Q/vV+/Rq5v2UiN17h0 -----END CERTIFICATE-----Generated at Sat Apr 26 13:54:33 2025 by rpki-client