$ rpki-client -vvf rpki.apnic.net/member_repository/A91365B9/745D77029EB411ECBF0E1477C4F9AE02/wqLrTPkQJ3ikLhXM0gpYTtztwnI.mft File: wqLrTPkQJ3ikLhXM0gpYTtztwnI.mft (raw, json) Hash identifier: O1KeWQ8Y156tEhpIIHXj5Ikgc7NDRT6pQWWU3Vu/uNY= Subject key identifier: 2E:3B:90:B3:6D:23:BC:87:00:DF:E1:A9:80:7A:83:2F:C8:79:CE:98 Authority key identifier: C2:A2:EB:4C:F9:10:27:78:A4:2E:15:CC:D2:0A:58:4E:DC:ED:C2:72 Certificate issuer: /CN=A91365B9/serialNumber=C2A2EB4CF9102778A42E15CCD20A584EDCEDC272 Certificate serial: 0376 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wqLrTPkQJ3ikLhXM0gpYTtztwnI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91365B9/745D77029EB411ECBF0E1477C4F9AE02/wqLrTPkQJ3ikLhXM0gpYTtztwnI.mft Manifest number: 0372 Signing time: Sat 29 Mar 2025 01:08:57 +0000 Manifest this update: Sat 29 Mar 2025 01:08:56 +0000 Manifest next update: Sat 05 Apr 2025 01:08:56 +0000 Files and hashes: 1: wqLrTPkQJ3ikLhXM0gpYTtztwnI.crl (hash: cFNbgEftUul3wCU1JZiqFEiHOY/WWlgnkq+sOCjZvoY=) 2: AFF4E1F89EB711EC8210607DC4F9AE02.roa (hash: l4NiEiTB+02p0Uj+cCqIOLwgHYhCmg6R+xhxmoCEOiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91365B9/745D77029EB411ECBF0E1477C4F9AE02/wqLrTPkQJ3ikLhXM0gpYTtztwnI.crl rsync://rpki.apnic.net/member_repository/A91365B9/745D77029EB411ECBF0E1477C4F9AE02/wqLrTPkQJ3ikLhXM0gpYTtztwnI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wqLrTPkQJ3ikLhXM0gpYTtztwnI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 01:08:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 886 (0x376) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91365B9 Validity Not Before: Mar 29 01:08:56 2025 GMT Not After : Apr 5 01:08:56 2025 GMT Subject: CN=67e74829-9c86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:d6:c7:a7:0f:81:37:c2:0a:25:fe:27:6d:04: e1:32:b7:3b:ca:1e:5a:3f:d8:f5:d4:be:fe:ba:d5: 02:9f:b2:76:47:06:d3:27:b8:78:93:30:cb:f9:f2: 17:3e:e1:7e:08:23:92:aa:47:ba:51:a4:de:e8:84: 0b:2b:f3:68:fe:ac:f1:4c:fd:75:c6:1a:9c:a0:d8: 51:35:87:6c:93:3d:2f:88:c1:f1:7e:c8:44:94:6c: 46:d8:05:8a:be:e4:35:3e:90:ce:d8:da:c1:32:0b: 97:2a:a0:e5:d6:51:7d:7c:f3:24:70:86:88:46:39: cd:ac:7f:b9:01:ee:c7:74:7f:77:e7:62:bf:48:b4: a5:a5:54:a2:68:07:1b:be:06:0c:1f:d1:69:e9:d1: 8e:b8:3a:d0:09:8b:4b:cf:50:56:84:23:5c:42:0a: a2:d2:d7:0a:41:29:68:d0:9a:b2:e9:12:0d:98:dc: a6:92:26:2f:1a:e8:20:29:3e:91:7b:dd:d0:37:72: b1:28:7d:f8:1a:6a:83:36:ae:b1:c0:c2:94:4e:e7: d1:d2:cd:26:05:e8:27:6e:2f:63:b7:17:9a:76:12: 80:3c:e4:6a:2d:0e:39:dc:55:8a:8e:dd:35:6b:bd: a5:f7:47:b3:61:38:d4:ba:04:0c:b1:94:07:f6:29: 75:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:3B:90:B3:6D:23:BC:87:00:DF:E1:A9:80:7A:83:2F:C8:79:CE:98 X509v3 Authority Key Identifier: keyid:C2:A2:EB:4C:F9:10:27:78:A4:2E:15:CC:D2:0A:58:4E:DC:ED:C2:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91365B9/745D77029EB411ECBF0E1477C4F9AE02/wqLrTPkQJ3ikLhXM0gpYTtztwnI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/wqLrTPkQJ3ikLhXM0gpYTtztwnI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91365B9/745D77029EB411ECBF0E1477C4F9AE02/wqLrTPkQJ3ikLhXM0gpYTtztwnI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d4:d7:98:df:74:44:9a:1e:f3:dc:80:b6:3c:18:05:db:b1:35: 3a:f2:6b:3c:9f:bd:33:15:ce:71:0f:b8:e5:23:b9:bc:cc:17: 76:66:f1:00:43:b9:2b:17:70:cd:dc:8a:ed:a8:a8:fe:d9:8b: 74:1e:78:e8:7c:91:21:93:a3:c4:1b:89:a3:07:60:ee:c3:aa: 68:4e:2d:a7:93:1d:0b:83:94:35:0c:c3:c5:5e:37:57:72:21: 4b:cd:71:42:50:fa:8a:fd:55:5f:a1:4b:12:1a:9b:1a:00:59: be:51:ce:7a:a2:0c:4f:32:be:73:23:5a:7e:4c:e3:6c:0e:20: 1c:cc:13:67:3a:82:bb:45:0a:c1:98:52:8d:8e:d9:be:a2:2f: a5:05:7c:ec:15:b5:f9:ca:78:4e:52:57:f0:23:38:7e:9d:be: 10:47:9f:33:ba:fe:4b:b0:1a:5f:23:24:84:30:7b:0f:ae:bf: b5:b8:08:bb:fb:c6:74:45:8c:9e:a8:cc:99:36:01:79:bc:32: 58:21:eb:9f:68:63:6b:a3:92:29:9f:27:59:24:9b:f8:e7:ac: e9:ea:95:1a:cc:87:12:ce:7c:03:f8:f7:13:92:a6:35:8a:2f: 83:e5:e5:98:1c:92:bd:ae:fa:e5:fb:58:7b:89:3b:00:2f:e7: ce:8d:75:9d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA3YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzY1QjkxMTAvBgNVBAUTKEMyQTJFQjRDRjkxMDI3NzhBNDJFMTVDQ0QyMEE1ODRF RENFREMyNzIwHhcNMjUwMzI5MDEwODU2WhcNMjUwNDA1MDEwODU2WjAYMRYwFAYD VQQDEw02N2U3NDgyOS05Yzg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3dbHpw+BN8IKJf4nbQThMrc7yh5aP9j11L7+utUCn7J2RwbTJ7h4kzDL+fIX PuF+CCOSqke6UaTe6IQLK/No/qzxTP11xhqcoNhRNYdskz0viMHxfshElGxG2AWK vuQ1PpDO2NrBMguXKqDl1lF9fPMkcIaIRjnNrH+5Ae7HdH9352K/SLSlpVSiaAcb vgYMH9Fp6dGOuDrQCYtLz1BWhCNcQgqi0tcKQSlo0Jqy6RINmNymkiYvGuggKT6R e93QN3KxKH34GmqDNq6xwMKUTufR0s0mBegnbi9jtxeadhKAPORqLQ453FWKjt01 a72l90ezYTjUugQMsZQH9il1TQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC47kLNt I7yHAN/hqYB6gy/Iec6YMB8GA1UdIwQYMBaAFMKi60z5ECd4pC4VzNIKWE7c7cJy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjVCOS83NDVENzcwMjlF QjQxMUVDQkYwRTE0NzdDNEY5QUUwMi93cUxyVFBrUUozaWtMaFhNMGdwWVR0enR3 bkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3dxTHJUUGtRSjNpa0xoWE0wZ3BZVHR6dHduSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NjVCOS83NDVENzcwMjlFQjQxMUVDQkYwRTE0NzdDNEY5QUUwMi93cUxyVFBrUUoz aWtMaFhNMGdwWVR0enR3bkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDU15jfdESaHvPcgLY8GAXbsTU68ms8n70zFc5xD7jlI7m8zBd2ZvEA Q7krF3DN3IrtqKj+2Yt0HnjofJEhk6PEG4mjB2Duw6poTi2nkx0Lg5Q1DMPFXjdX ciFLzXFCUPqK/VVfoUsSGpsaAFm+Uc56ogxPMr5zI1p+TONsDiAczBNnOoK7RQrB mFKNjtm+oi+lBXzsFbX5ynhOUlfwIzh+nb4QR58zuv5LsBpfIySEMHsPrr+1uAi7 +8Z0RYyeqMyZNgF5vDJYIeufaGNro5IpnydZJJv456zp6pUazIcSznwD+PcTkqY1 ii+D5eWYHJK9rvrl+1h7iTsAL+fOjXWd -----END CERTIFICATE-----Generated at Fri Apr 4 22:24:56 2025 by rpki-client