$ rpki-client -vvf rpki.apnic.net/member_repository/A91218BB/71D5062EC8C511EF8EC55565C4F9AE02/CO_XGTj3-dyHpp9cs_hMektyoAo.mft File: CO_XGTj3-dyHpp9cs_hMektyoAo.mft (raw, json) Hash identifier: dPJL+wRc3PvaiinNJ3e5DhD5EuR3l/IVaMavUpIrJuA= Subject key identifier: 04:FA:52:B8:E4:0C:3C:B8:6D:0D:18:0F:C2:D3:3B:26:12:D6:D8:6D Authority key identifier: 08:EF:D7:19:38:F7:F9:DC:87:A6:9F:5C:B3:F8:4C:7A:4B:72:A0:0A Certificate issuer: /CN=A91218BB/serialNumber=08EFD71938F7F9DC87A69F5CB3F84C7A4B72A00A Certificate serial: 3A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CO_XGTj3-dyHpp9cs_hMektyoAo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91218BB/71D5062EC8C511EF8EC55565C4F9AE02/CO_XGTj3-dyHpp9cs_hMektyoAo.mft Manifest number: 3A Signing time: Mon 21 Apr 2025 06:20:26 +0000 Manifest this update: Mon 21 Apr 2025 06:20:26 +0000 Manifest next update: Mon 28 Apr 2025 06:20:26 +0000 Files and hashes: 1: CO_XGTj3-dyHpp9cs_hMektyoAo.crl (hash: JK9vibgqoSs508q5FKDmOtJIGtj4IZI6CxLpuPCamgQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91218BB/71D5062EC8C511EF8EC55565C4F9AE02/CO_XGTj3-dyHpp9cs_hMektyoAo.crl rsync://rpki.apnic.net/member_repository/A91218BB/71D5062EC8C511EF8EC55565C4F9AE02/CO_XGTj3-dyHpp9cs_hMektyoAo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CO_XGTj3-dyHpp9cs_hMektyoAo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 06:20:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58 (0x3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91218BB, serialNumber=08EFD71938F7F9DC87A69F5CB3F84C7A4B72A00A Validity Not Before: Apr 21 06:20:26 2025 GMT Not After : Apr 28 06:20:26 2025 GMT Subject: CN=6805e3aa-b56e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:df:47:b9:ee:68:6e:cb:29:ed:2d:cd:4a:60: 81:7c:dd:fb:47:da:98:ae:fa:ac:44:75:6a:71:dc: 60:a1:d1:8c:4a:b6:a4:dc:d0:31:b8:eb:5d:83:10: c4:0e:70:00:fe:ae:92:cb:e0:92:27:fc:9c:f7:d7: ea:de:b9:e6:e7:2d:f0:b0:90:74:0a:c0:ae:bb:4d: a1:82:00:9e:f6:e5:d1:b5:e7:e5:64:71:1a:21:15: a0:6f:fc:e7:91:cb:5e:9f:81:10:0a:86:e6:f7:fd: e7:2a:80:ae:96:3a:d8:91:19:eb:a5:a8:f6:c7:45: 2e:10:25:2d:a9:5f:e1:4f:d3:58:1c:2d:52:af:d7: 53:70:ce:09:05:b7:fa:08:77:f0:85:c5:d5:ee:60: 36:3d:f6:b0:eb:39:39:7f:ae:c7:7b:80:d7:c9:2e: a5:e6:94:c9:e3:a0:f1:9a:38:7d:d2:ea:cb:67:82: 88:fb:82:67:77:1a:52:c7:91:65:e4:84:d1:a3:5f: 05:a6:12:e4:ff:a7:d1:e8:2b:01:fa:5f:8c:c3:4e: 49:6a:96:05:1e:02:2c:74:2b:e8:22:06:83:41:6c: b1:2b:be:b7:cc:4e:95:57:00:6e:c2:d9:0b:86:4b: f2:ae:04:93:6f:ae:a4:4b:c1:60:90:64:63:52:8a: 73:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:FA:52:B8:E4:0C:3C:B8:6D:0D:18:0F:C2:D3:3B:26:12:D6:D8:6D X509v3 Authority Key Identifier: keyid:08:EF:D7:19:38:F7:F9:DC:87:A6:9F:5C:B3:F8:4C:7A:4B:72:A0:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91218BB/71D5062EC8C511EF8EC55565C4F9AE02/CO_XGTj3-dyHpp9cs_hMektyoAo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CO_XGTj3-dyHpp9cs_hMektyoAo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91218BB/71D5062EC8C511EF8EC55565C4F9AE02/CO_XGTj3-dyHpp9cs_hMektyoAo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:e3:15:ba:e0:a5:c3:ed:52:12:6d:c0:42:6e:0c:01:73:b0: 5c:3d:4f:51:2f:c1:88:d3:f8:fb:b7:f8:ef:1e:fa:37:c7:30: 94:9b:94:de:09:38:38:08:9a:f8:3c:c9:df:73:7a:52:7a:af: 57:3b:93:fd:c8:43:47:cc:0f:d5:48:65:c9:ec:5e:9f:d8:93: 6f:44:7d:21:0b:c1:41:6a:85:29:89:b2:95:fc:61:f9:e4:13: 47:bf:f2:fb:59:5c:60:21:cf:8b:61:53:54:2f:a3:b6:fe:97: 66:10:cb:46:06:a9:fb:ad:5a:33:55:58:f4:c3:17:0b:82:36: 45:ef:7e:48:8e:4d:89:f9:4c:87:21:30:ef:38:14:26:9c:55: 7e:72:6a:99:39:8d:bf:66:70:32:a6:6a:8e:fb:09:23:d9:5f: 6c:41:d2:9f:9d:17:a7:00:b8:de:ac:84:6e:52:b9:72:0d:73: 35:d7:56:05:5d:5e:aa:fd:48:8d:91:d7:94:69:a2:04:19:22: 0a:9e:35:f3:13:5e:54:26:fe:16:93:a2:8b:3c:12:1f:25:2e: 25:a4:4d:94:d2:d4:40:8a:d2:42:b3:6f:0a:71:83:51:6c:5b: 46:d7:85:28:ea:88:05:26:3b:9c:27:96:41:65:2f:f8:66:31: da:17:95:21 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy MThCQjExMC8GA1UEBRMoMDhFRkQ3MTkzOEY3RjlEQzg3QTY5RjVDQjNGODRDN0E0 QjcyQTAwQTAeFw0yNTA0MjEwNjIwMjZaFw0yNTA0MjgwNjIwMjZaMBgxFjAUBgNV BAMTDTY4MDVlM2FhLWI1NmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDF30e57mhuyyntLc1KYIF83ftH2piu+qxEdWpx3GCh0YxKtqTc0DG4612DEMQO cAD+rpLL4JIn/Jz31+reuebnLfCwkHQKwK67TaGCAJ725dG15+VkcRohFaBv/OeR y16fgRAKhub3/ecqgK6WOtiRGeulqPbHRS4QJS2pX+FP01gcLVKv11NwzgkFt/oI d/CFxdXuYDY99rDrOTl/rsd7gNfJLqXmlMnjoPGaOH3S6stngoj7gmd3GlLHkWXk hNGjXwWmEuT/p9HoKwH6X4zDTklqlgUeAix0K+giBoNBbLErvrfMTpVXAG7C2QuG S/KuBJNvrqRLwWCQZGNSinMxAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUBPpSuOQM PLhtDRgPwtM7JhLW2G0wHwYDVR0jBBgwFoAUCO/XGTj3+dyHpp9cs/hMektyoAow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIxOEJCLzcxRDUwNjJFQzhD NTExRUY4RUM1NTU2NUM0RjlBRTAyL0NPX1hHVGozLWR5SHBwOWNzX2hNZWt0eW9B by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQ09fWEdUajMtZHlIcHA5Y3NfaE1la3R5b0FvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTIx OEJCLzcxRDUwNjJFQzhDNTExRUY4RUM1NTU2NUM0RjlBRTAyL0NPX1hHVGozLWR5 SHBwOWNzX2hNZWt0eW9Bby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAF7jFbrgpcPtUhJtwEJuDAFzsFw9T1EvwYjT+Pu3+O8e+jfHMJSblN4J ODgImvg8yd9zelJ6r1c7k/3IQ0fMD9VIZcnsXp/Yk29EfSELwUFqhSmJspX8Yfnk E0e/8vtZXGAhz4thU1Qvo7b+l2YQy0YGqfutWjNVWPTDFwuCNkXvfkiOTYn5TIch MO84FCacVX5yapk5jb9mcDKmao77CSPZX2xB0p+dF6cAuN6shG5SuXINczXXVgVd Xqr9SI2R15RpogQZIgqeNfMTXlQm/haToos8Eh8lLiWkTZTS1ECK0kKzbwpxg1Fs W0bXhSjqiAUmO5wnlkFlL/hmMdoXlSE= -----END CERTIFICATE-----Generated at Tue Apr 22 19:23:44 2025 by rpki-client