$ rpki-client -vvf rpki.apnic.net/member_repository/A91196F9/F94940082A1D11EFA9E1F985C4F9AE02/gnNbP5yeqXXU4CqU4qEIG6SoqyQ.mft File: gnNbP5yeqXXU4CqU4qEIG6SoqyQ.mft (raw, json) Hash identifier: xUX7wNtgTBrSDAwiucRPY3Wj36s63JdPFldVyt/OqlY= Subject key identifier: F9:40:7F:C9:EB:F4:2B:C5:BE:42:06:AB:99:65:97:F2:B9:FE:F8:FA Authority key identifier: 82:73:5B:3F:9C:9E:A9:75:D4:E0:2A:94:E2:A1:08:1B:A4:A8:AB:24 Certificate issuer: /CN=A91196F9/serialNumber=82735B3F9C9EA975D4E02A94E2A1081BA4A8AB24 Certificate serial: A3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnNbP5yeqXXU4CqU4qEIG6SoqyQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91196F9/F94940082A1D11EFA9E1F985C4F9AE02/gnNbP5yeqXXU4CqU4qEIG6SoqyQ.mft Manifest number: A1 Signing time: Thu 17 Apr 2025 05:03:40 +0000 Manifest this update: Thu 17 Apr 2025 05:03:39 +0000 Manifest next update: Thu 24 Apr 2025 05:03:39 +0000 Files and hashes: 1: gnNbP5yeqXXU4CqU4qEIG6SoqyQ.crl (hash: l3BsO3eGZeUTUGq7WyxPWbyS40lXbHXhKoLF6I7lPPk=) 2: CFD2FAA62A2811EF8313971CC4F9AE02.roa (hash: jL8Qld1nGy1S0e00Jq1twluniIVDhFlf+t43ZdzL/60=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91196F9/F94940082A1D11EFA9E1F985C4F9AE02/gnNbP5yeqXXU4CqU4qEIG6SoqyQ.crl rsync://rpki.apnic.net/member_repository/A91196F9/F94940082A1D11EFA9E1F985C4F9AE02/gnNbP5yeqXXU4CqU4qEIG6SoqyQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnNbP5yeqXXU4CqU4qEIG6SoqyQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Apr 2025 05:03:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 163 (0xa3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91196F9, serialNumber=82735B3F9C9EA975D4E02A94E2A1081BA4A8AB24 Validity Not Before: Apr 17 05:03:39 2025 GMT Not After : Apr 24 05:03:39 2025 GMT Subject: CN=68008bac-3869 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:4f:f6:24:6b:19:28:64:a1:16:a2:6a:17:cb: 29:28:b7:41:8f:93:0f:6e:a7:20:ef:8e:45:09:b0: ba:94:95:bb:7e:eb:c3:89:40:b8:e1:70:fb:c4:b1: db:b4:1d:57:92:ac:57:62:3a:8d:a8:01:26:eb:b5: 1c:da:94:3a:d5:da:24:a4:2e:06:e4:7a:4f:b7:cf: ba:7e:90:b4:4f:98:e2:48:69:bd:50:83:d9:64:be: 2e:32:f8:b9:a0:98:04:14:79:07:e3:73:51:98:01: 15:1f:d4:f5:91:0f:b1:fc:66:81:9a:a2:da:b0:45: 41:f9:c8:35:ee:f8:f3:59:20:86:cb:a4:df:70:56: e1:4d:dc:5d:0b:b4:f8:c9:47:06:d0:18:6b:96:1b: 4b:91:49:ab:29:fc:65:79:a2:d2:e8:69:65:12:ce: 54:83:08:77:73:37:82:a4:a0:ef:a2:60:a2:26:30: 4b:45:9d:d6:ea:20:a2:08:4a:de:1e:8e:53:b9:b4: 83:82:a0:6a:c1:e1:e5:db:ad:54:51:b6:6b:4b:8e: 6d:74:f8:58:ca:37:69:c9:dc:20:6f:4c:ae:29:ed: b1:02:61:a8:41:89:c7:26:bc:35:eb:5e:4c:6f:ee: 07:af:4a:a4:52:93:6f:06:58:20:ee:74:b8:48:bd: d6:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:40:7F:C9:EB:F4:2B:C5:BE:42:06:AB:99:65:97:F2:B9:FE:F8:FA X509v3 Authority Key Identifier: keyid:82:73:5B:3F:9C:9E:A9:75:D4:E0:2A:94:E2:A1:08:1B:A4:A8:AB:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91196F9/F94940082A1D11EFA9E1F985C4F9AE02/gnNbP5yeqXXU4CqU4qEIG6SoqyQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gnNbP5yeqXXU4CqU4qEIG6SoqyQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91196F9/F94940082A1D11EFA9E1F985C4F9AE02/gnNbP5yeqXXU4CqU4qEIG6SoqyQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:62:7a:3c:66:ca:7c:14:e2:77:a9:90:21:9e:ab:4f:ff:2f: 46:8f:01:bd:ce:64:b3:b8:bc:0c:31:14:46:bf:47:fb:c2:3b: 19:f0:73:da:76:45:f8:d6:ae:9a:64:2a:0d:0b:f3:f1:07:05: fa:f5:ee:4e:8f:57:90:71:fa:d2:3f:20:54:0c:69:21:24:18: f2:94:8e:43:26:47:9c:69:92:bf:70:e9:63:32:2f:05:65:b2: 4a:62:9b:d5:94:32:d5:fd:3c:b9:df:b1:86:75:09:68:b6:e6: c5:ef:ed:a7:ee:a0:79:7f:49:b6:c5:b0:49:44:0c:28:f6:74: 57:3c:69:7a:30:84:75:77:23:0e:fe:05:1d:3f:fb:95:a6:4a: 25:61:19:9b:34:34:6b:80:99:00:49:45:0d:e8:6e:1e:92:23: d5:a8:75:c9:57:3a:45:71:1a:41:dd:0e:44:cc:b7:c6:b2:89: 4e:6d:b3:f7:b0:c8:96:af:9f:b7:84:d5:97:30:03:68:c9:5e: 76:b9:f2:3c:d3:95:0c:35:e7:51:34:e1:91:14:61:e3:fd:41: d0:3f:03:27:09:58:97:3a:ab:7d:eb:6e:17:6c:47:0c:20:1b: 22:8a:b7:6a:95:15:68:e1:41:e4:af:de:c0:73:6c:7c:49:cf: 00:c4:e6:95 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTk2RjkxMTAvBgNVBAUTKDgyNzM1QjNGOUM5RUE5NzVENEUwMkE5NEUyQTEwODFC QTRBOEFCMjQwHhcNMjUwNDE3MDUwMzM5WhcNMjUwNDI0MDUwMzM5WjAYMRYwFAYD VQQDEw02ODAwOGJhYy0zODY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwU/2JGsZKGShFqJqF8spKLdBj5MPbqcg745FCbC6lJW7fuvDiUC44XD7xLHb tB1XkqxXYjqNqAEm67Uc2pQ61dokpC4G5HpPt8+6fpC0T5jiSGm9UIPZZL4uMvi5 oJgEFHkH43NRmAEVH9T1kQ+x/GaBmqLasEVB+cg17vjzWSCGy6TfcFbhTdxdC7T4 yUcG0BhrlhtLkUmrKfxleaLS6GllEs5Ugwh3czeCpKDvomCiJjBLRZ3W6iCiCEre Ho5TubSDgqBqweHl261UUbZrS45tdPhYyjdpydwgb0yuKe2xAmGoQYnHJrw1615M b+4Hr0qkUpNvBlgg7nS4SL3WqQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPlAf8nr 9CvFvkIGq5lll/K5/vj6MB8GA1UdIwQYMBaAFIJzWz+cnql11OAqlOKhCBukqKsk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTZGOS9GOTQ5NDAwODJB MUQxMUVGQTlFMUY5ODVDNEY5QUUwMi9nbk5iUDV5ZXFYWFU0Q3FVNHFFSUc2U29x eVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2duTmJQNXllcVhYVTRDcVU0cUVJRzZTb3F5US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTZGOS9GOTQ5NDAwODJBMUQxMUVGQTlFMUY5ODVDNEY5QUUwMi9nbk5iUDV5ZXFY WFU0Q3FVNHFFSUc2U29xeVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqYno8Zsp8FOJ3qZAhnqtP/y9GjwG9zmSzuLwMMRRGv0f7wjsZ8HPa dkX41q6aZCoNC/PxBwX69e5Oj1eQcfrSPyBUDGkhJBjylI5DJkecaZK/cOljMi8F ZbJKYpvVlDLV/Ty537GGdQlotubF7+2n7qB5f0m2xbBJRAwo9nRXPGl6MIR1dyMO /gUdP/uVpkolYRmbNDRrgJkASUUN6G4ekiPVqHXJVzpFcRpB3Q5EzLfGsolObbP3 sMiWr5+3hNWXMANoyV52ufI805UMNedRNOGRFGHj/UHQPwMnCViXOqt9624XbEcM IBsiirdqlRVo4UHkr97Ac2x8Sc8AxOaV -----END CERTIFICATE-----Generated at Fri Apr 18 20:31:29 2025 by rpki-client