$ rpki-client -vvf rpki.apnic.net/member_repository/A91FFDF3/757DB7887D7111EB82D3D661C4F9AE02/cnQCOx-0p0kyj11N-DsN0_B_6UI.mft File: cnQCOx-0p0kyj11N-DsN0_B_6UI.mft (raw, json) Hash identifier: QHX2tjUhFZXTRrm9UXr7R+EZj3NJtpheFT5Mtur7ZUk= Subject key identifier: 96:9F:53:28:7F:2F:EE:D9:08:A9:B4:57:CB:33:47:18:7F:FD:FC:DC Authority key identifier: 72:74:02:3B:1F:B4:A7:49:32:8F:5D:4D:F8:3B:0D:D3:F0:7F:E9:42 Certificate issuer: /CN=A91FFDF3/serialNumber=7274023B1FB4A749328F5D4DF83B0DD3F07FE942 Certificate serial: 0654 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnQCOx-0p0kyj11N-DsN0_B_6UI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FFDF3/757DB7887D7111EB82D3D661C4F9AE02/cnQCOx-0p0kyj11N-DsN0_B_6UI.mft Manifest number: 0654 Signing time: Thu 24 Apr 2025 22:13:23 +0000 Manifest this update: Thu 24 Apr 2025 22:13:22 +0000 Manifest next update: Thu 01 May 2025 22:13:22 +0000 Files and hashes: 1: cnQCOx-0p0kyj11N-DsN0_B_6UI.crl (hash: BrZnleegw9eSYBRF3f4QELV5/thjTi+Wln20wuDsmuk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FFDF3/757DB7887D7111EB82D3D661C4F9AE02/cnQCOx-0p0kyj11N-DsN0_B_6UI.crl rsync://rpki.apnic.net/member_repository/A91FFDF3/757DB7887D7111EB82D3D661C4F9AE02/cnQCOx-0p0kyj11N-DsN0_B_6UI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnQCOx-0p0kyj11N-DsN0_B_6UI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 22:13:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1620 (0x654) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FFDF3, serialNumber=7274023B1FB4A749328F5D4DF83B0DD3F07FE942 Validity Not Before: Apr 24 22:13:22 2025 GMT Not After : May 1 22:13:22 2025 GMT Subject: CN=680ab783-db7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:7b:84:ea:6e:9b:66:d4:81:42:90:e8:0c:de: e3:73:e8:37:e2:70:d5:30:c0:39:7f:2e:6a:c5:e0: 57:48:bb:77:f0:0d:f3:1b:fe:e9:5a:9c:3e:a4:27: 9f:71:96:59:16:69:ec:af:77:91:50:5a:a1:00:51: a4:82:86:d3:6b:cc:db:77:21:ac:e0:b2:ea:69:91: 8d:92:fe:10:67:8c:96:d9:3b:6f:79:ef:ce:f8:97: 9e:68:e1:8a:39:06:67:55:bf:b7:05:e6:60:3c:b7: cc:c2:e1:28:7e:75:71:e0:fe:d1:f2:19:e7:10:9e: 45:d5:97:f0:81:fb:82:05:8e:47:8c:78:f4:5d:4c: e8:89:02:9e:b9:6e:5f:b5:e2:78:fe:16:3c:16:33: c2:6d:b8:37:57:fe:8e:94:56:2c:2c:5c:f3:08:55: 2f:bc:1f:57:d4:4d:f3:ca:55:cf:45:e0:a0:0e:e5: cc:e1:6b:f8:9f:83:a6:5a:d3:92:b8:0d:46:90:62: 36:ed:b3:2b:37:75:85:cd:12:3a:90:a3:35:68:f8: af:b0:4e:39:0e:59:5d:c3:37:e6:d0:ef:35:4e:19: 52:9d:e5:c5:ce:a6:fa:9a:af:30:4d:7d:1a:69:3c: 85:8c:6d:22:55:64:ee:15:b1:10:0d:e9:21:83:74: a1:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:9F:53:28:7F:2F:EE:D9:08:A9:B4:57:CB:33:47:18:7F:FD:FC:DC X509v3 Authority Key Identifier: keyid:72:74:02:3B:1F:B4:A7:49:32:8F:5D:4D:F8:3B:0D:D3:F0:7F:E9:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FFDF3/757DB7887D7111EB82D3D661C4F9AE02/cnQCOx-0p0kyj11N-DsN0_B_6UI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnQCOx-0p0kyj11N-DsN0_B_6UI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FFDF3/757DB7887D7111EB82D3D661C4F9AE02/cnQCOx-0p0kyj11N-DsN0_B_6UI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c4:f3:eb:23:f6:72:3c:b5:7a:39:d6:9b:f1:18:b0:54:7f:ea: f4:bd:ca:69:d1:66:fb:82:b6:66:64:7f:a2:4c:ab:10:e7:52: d2:e2:3e:ec:8a:b4:e5:98:d1:2f:ef:95:0e:a5:0f:64:7d:69: ee:4b:97:78:01:22:3d:48:84:0d:92:58:02:e8:dd:65:51:3b: 26:15:a1:54:02:80:43:90:82:85:c8:51:eb:2f:ac:f4:3d:1b: 82:15:7c:b1:07:93:0d:a3:9d:b6:70:b3:14:e8:4a:47:4b:c3: 1b:2d:18:f1:6c:74:af:95:84:88:0d:91:1a:19:1a:d1:29:cd: fb:8d:51:cf:a1:18:9b:45:44:f3:c5:63:36:a1:4f:51:1d:1c: 5e:c5:bb:cd:1b:6a:bb:fe:cd:c6:c0:88:92:f3:4a:d7:f1:66: 8e:86:4f:c1:a9:ee:73:f5:79:37:24:49:d1:2c:d1:a1:c2:4b: bb:fc:80:43:6a:a8:1e:01:0b:8d:d4:27:2f:4f:e5:44:0e:88: 37:94:81:ab:80:4c:ed:4c:7a:0d:73:92:c4:ac:ac:95:44:7a: d6:6f:08:9d:b6:ca:7b:52:d0:82:b0:db:4f:f1:b2:c9:25:fe: 39:d0:75:ef:24:0d:03:4d:13:b5:b1:97:bc:a7:21:f1:2d:d9: 3c:f6:35:7f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBlQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkZERjMxMTAvBgNVBAUTKDcyNzQwMjNCMUZCNEE3NDkzMjhGNUQ0REY4M0IwREQz RjA3RkU5NDIwHhcNMjUwNDI0MjIxMzIyWhcNMjUwNTAxMjIxMzIyWjAYMRYwFAYD VQQDEw02ODBhYjc4My1kYjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzHuE6m6bZtSBQpDoDN7jc+g34nDVMMA5fy5qxeBXSLt38A3zG/7pWpw+pCef cZZZFmnsr3eRUFqhAFGkgobTa8zbdyGs4LLqaZGNkv4QZ4yW2Ttvee/O+JeeaOGK OQZnVb+3BeZgPLfMwuEofnVx4P7R8hnnEJ5F1ZfwgfuCBY5HjHj0XUzoiQKeuW5f teJ4/hY8FjPCbbg3V/6OlFYsLFzzCFUvvB9X1E3zylXPReCgDuXM4Wv4n4OmWtOS uA1GkGI27bMrN3WFzRI6kKM1aPivsE45Dlldwzfm0O81ThlSneXFzqb6mq8wTX0a aTyFjG0iVWTuFbEQDekhg3ShXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJafUyh/ L+7ZCKm0V8szRxh//fzcMB8GA1UdIwQYMBaAFHJ0AjsftKdJMo9dTfg7DdPwf+lC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRkRGMy83NTdEQjc4ODdE NzExMUVCODJEM0Q2NjFDNEY5QUUwMi9jblFDT3gtMHAwa3lqMTFOLURzTjBfQl82 VUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NuUUNPeC0wcDBreWoxMU4tRHNOMF9CXzZVSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RkRGMy83NTdEQjc4ODdENzExMUVCODJEM0Q2NjFDNEY5QUUwMi9jblFDT3gtMHAw a3lqMTFOLURzTjBfQl82VUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDE8+sj9nI8tXo51pvxGLBUf+r0vcpp0Wb7grZmZH+iTKsQ51LS4j7s irTlmNEv75UOpQ9kfWnuS5d4ASI9SIQNklgC6N1lUTsmFaFUAoBDkIKFyFHrL6z0 PRuCFXyxB5MNo522cLMU6EpHS8MbLRjxbHSvlYSIDZEaGRrRKc37jVHPoRibRUTz xWM2oU9RHRxexbvNG2q7/s3GwIiS80rX8WaOhk/Bqe5z9Xk3JEnRLNGhwku7/IBD aqgeAQuN1CcvT+VEDog3lIGrgEztTHoNc5LErKyVRHrWbwidtsp7UtCCsNtP8bLJ Jf450HXvJA0DTRO1sZe8pyHxLdk89jV/ -----END CERTIFICATE-----Generated at Sat Apr 26 17:13:03 2025 by rpki-client