$ rpki-client -vvf rpki.apnic.net/member_repository/A9136F59/5772AFBEF84F11ECA2923952C4F9AE02/91XB4Q_ErmiS0krLh4LX5cAEGLA.mft File: 91XB4Q_ErmiS0krLh4LX5cAEGLA.mft (raw, json) Hash identifier: zTAdwvAOshdav2qAabyZbRVM444nzjiSE2oQx3kRtLE= Subject key identifier: 0C:56:67:C3:46:5D:FF:3C:94:56:33:05:80:48:11:4F:06:11:12:BB Authority key identifier: F7:55:C1:E1:0F:C4:AE:68:92:D2:4A:CB:87:82:D7:E5:C0:04:18:B0 Certificate issuer: /CN=A9136F59/serialNumber=F755C1E10FC4AE6892D24ACB8782D7E5C00418B0 Certificate serial: 02A0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/91XB4Q_ErmiS0krLh4LX5cAEGLA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9136F59/5772AFBEF84F11ECA2923952C4F9AE02/91XB4Q_ErmiS0krLh4LX5cAEGLA.mft Manifest number: 029C Signing time: Mon 21 Apr 2025 01:08:27 +0000 Manifest this update: Mon 21 Apr 2025 01:08:26 +0000 Manifest next update: Mon 28 Apr 2025 01:08:26 +0000 Files and hashes: 1: 91XB4Q_ErmiS0krLh4LX5cAEGLA.crl (hash: l/A2h/AMrghSLDKbFT8fdgymMcqQ4W4Xb95hkWELOzs=) 2: ED0C111CF8F611ECB6DF8835C4F9AE02.roa (hash: 4DnB0bL3NG78Ric1Q/fKLIMkj23xQICVd02+1wJapuQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9136F59/5772AFBEF84F11ECA2923952C4F9AE02/91XB4Q_ErmiS0krLh4LX5cAEGLA.crl rsync://rpki.apnic.net/member_repository/A9136F59/5772AFBEF84F11ECA2923952C4F9AE02/91XB4Q_ErmiS0krLh4LX5cAEGLA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/91XB4Q_ErmiS0krLh4LX5cAEGLA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 01:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 672 (0x2a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9136F59, serialNumber=F755C1E10FC4AE6892D24ACB8782D7E5C00418B0 Validity Not Before: Apr 21 01:08:26 2025 GMT Not After : Apr 28 01:08:26 2025 GMT Subject: CN=68059a8a-49af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:cd:cb:e8:f3:ee:c1:13:a1:76:2f:74:64:5f: 96:42:ee:56:66:8d:ed:74:f3:a9:a9:99:b3:5e:ce: 45:cc:60:e1:14:6b:0b:00:2b:7a:43:3b:71:97:ad: c7:7b:5b:21:33:48:02:f9:74:8f:6b:2a:30:ec:0f: 3d:35:3f:48:b5:5f:28:49:3b:4b:45:77:fc:4d:ea: 01:22:6c:75:1c:0c:88:47:75:1d:ac:cc:d5:a9:8e: 8d:0f:94:65:f1:d7:16:aa:5d:1e:a9:4d:55:6b:f2: f3:48:3c:ca:6a:eb:03:7c:79:e9:ca:cf:6a:83:7b: 70:29:7b:13:8c:2a:81:a6:c1:8a:22:f7:2a:ae:a7: a2:0c:7c:6d:d8:c2:06:3e:92:e2:8a:7b:1d:32:71: c7:7e:6c:ff:13:46:f6:79:19:30:9b:3d:e7:e9:a4: 11:9c:ee:9a:98:2b:68:d0:b1:27:41:bb:22:f1:6f: 74:3f:85:f3:67:22:bb:cd:92:86:2d:5e:be:cf:bf: 6c:cc:3d:65:7d:3e:5b:18:6e:90:81:e5:e0:7f:e2: 35:85:09:35:ce:75:47:70:08:06:60:97:20:fb:31: 2a:4a:ec:88:21:20:38:7a:cd:97:4f:8b:30:97:9f: a9:6b:9c:f3:05:f4:86:38:05:6d:e8:ef:71:47:46: 3e:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:56:67:C3:46:5D:FF:3C:94:56:33:05:80:48:11:4F:06:11:12:BB X509v3 Authority Key Identifier: keyid:F7:55:C1:E1:0F:C4:AE:68:92:D2:4A:CB:87:82:D7:E5:C0:04:18:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9136F59/5772AFBEF84F11ECA2923952C4F9AE02/91XB4Q_ErmiS0krLh4LX5cAEGLA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/91XB4Q_ErmiS0krLh4LX5cAEGLA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136F59/5772AFBEF84F11ECA2923952C4F9AE02/91XB4Q_ErmiS0krLh4LX5cAEGLA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:ce:71:e7:b8:a1:ad:ea:41:51:c6:bb:32:3a:85:56:86:03: f3:f8:60:8f:9a:00:b6:d9:dc:08:85:07:3c:5e:c8:ed:d2:41: c3:bd:07:73:63:d0:76:f2:65:9b:7c:b3:d4:92:82:6c:8a:65: 67:6e:f4:40:fa:85:97:44:e8:e8:eb:bd:82:c8:9d:c3:b7:fa: 5a:e9:6d:87:c2:48:2c:30:7b:a4:58:ad:18:3a:f5:c6:b6:11: 0d:0a:8f:8e:f0:22:0a:bd:56:34:7f:e4:92:5e:8c:8e:16:a4: 89:ab:39:e9:0e:c9:3c:56:a1:8a:c2:9d:66:b8:d1:27:2f:7c: 69:03:67:b1:6c:51:e6:e6:3b:14:a5:79:59:3a:e5:f2:30:66: 5e:4f:6c:3c:bc:48:1d:18:fe:e7:9a:b3:ff:1b:90:c7:0b:59: 77:79:22:34:a5:5e:8c:d6:20:15:59:84:bd:88:ca:9c:de:e0: 58:70:92:0a:09:c1:be:a8:25:78:8a:df:bb:6c:9a:f9:5a:22: e4:db:05:05:88:a2:12:c9:62:95:ee:2e:8b:fe:99:cb:66:d5: f9:65:2f:65:8d:a9:fd:ad:13:8a:de:e1:3f:e0:23:db:28:72: db:a6:8d:b8:ed:26:63:c2:a3:5e:08:25:89:fa:58:1f:c6:3b: 41:ef:d8:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAqAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzZGNTkxMTAvBgNVBAUTKEY3NTVDMUUxMEZDNEFFNjg5MkQyNEFDQjg3ODJEN0U1 QzAwNDE4QjAwHhcNMjUwNDIxMDEwODI2WhcNMjUwNDI4MDEwODI2WjAYMRYwFAYD VQQDEw02ODA1OWE4YS00OWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqc3L6PPuwROhdi90ZF+WQu5WZo3tdPOpqZmzXs5FzGDhFGsLACt6Qztxl63H e1shM0gC+XSPayow7A89NT9ItV8oSTtLRXf8TeoBImx1HAyIR3UdrMzVqY6ND5Rl 8dcWql0eqU1Va/LzSDzKausDfHnpys9qg3twKXsTjCqBpsGKIvcqrqeiDHxt2MIG PpLiinsdMnHHfmz/E0b2eRkwmz3n6aQRnO6amCto0LEnQbsi8W90P4XzZyK7zZKG LV6+z79szD1lfT5bGG6QgeXgf+I1hQk1znVHcAgGYJcg+zEqSuyIISA4es2XT4sw l5+pa5zzBfSGOAVt6O9xR0Y+qwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAxWZ8NG Xf88lFYzBYBIEU8GERK7MB8GA1UdIwQYMBaAFPdVweEPxK5oktJKy4eC1+XABBiw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkY1OS81NzcyQUZCRUY4 NEYxMUVDQTI5MjM5NTJDNEY5QUUwMi85MVhCNFFfRXJtaVMwa3JMaDRMWDVjQUVH TEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzkxWEI0UV9Fcm1pUzBrckxoNExYNWNBRUdMQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NkY1OS81NzcyQUZCRUY4NEYxMUVDQTI5MjM5NTJDNEY5QUUwMi85MVhCNFFfRXJt aVMwa3JMaDRMWDVjQUVHTEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA4znHnuKGt6kFRxrsyOoVWhgPz+GCPmgC22dwIhQc8Xsjt0kHDvQdz Y9B28mWbfLPUkoJsimVnbvRA+oWXROjo672CyJ3Dt/pa6W2HwkgsMHukWK0YOvXG thENCo+O8CIKvVY0f+SSXoyOFqSJqznpDsk8VqGKwp1muNEnL3xpA2exbFHm5jsU pXlZOuXyMGZeT2w8vEgdGP7nmrP/G5DHC1l3eSI0pV6M1iAVWYS9iMqc3uBYcJIK CcG+qCV4it+7bJr5WiLk2wUFiKISyWKV7i6L/pnLZtX5ZS9ljan9rROK3uE/4CPb KHLbpo247SZjwqNeCCWJ+lgfxjtB79gH -----END CERTIFICATE-----Generated at Tue Apr 22 16:18:24 2025 by rpki-client