$ rpki-client -vvf rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.mft File: rGoi8eThZQrPtSifXctdU5IPzzQ.mft (raw, json) Hash identifier: zzBT7mWmwQXU+H4gyfwfr1AqXMlQMG5sIbIRG2OrGcA= Subject key identifier: 30:FB:61:4F:EB:53:F6:9D:48:A1:38:90:41:19:41:05:AD:BA:F3:8D Authority key identifier: AC:6A:22:F1:E4:E1:65:0A:CF:B5:28:9F:5D:CB:5D:53:92:0F:CF:34 Certificate issuer: /CN=A91422D7/serialNumber=AC6A22F1E4E1650ACFB5289F5DCB5D53920FCF34 Certificate serial: DE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGoi8eThZQrPtSifXctdU5IPzzQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.mft Manifest number: 038A Signing time: Sat 29 Mar 2025 01:44:23 +0000 Manifest this update: Sat 29 Mar 2025 01:44:22 +0000 Manifest next update: Sat 05 Apr 2025 01:44:22 +0000 Files and hashes: 1: rGoi8eThZQrPtSifXctdU5IPzzQ.crl (hash: amPRZkAb25C6s61eZP4oshnmANtqnS9JD5pLoSkGSWA=) 2: CE5F74E2BE5811EEA8C02E2AC4F9AE02.roa (hash: tIDiP3hNqVNzA0IqRbP/SuZVvzepUKW2qtpK5KHsOYE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.crl rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGoi8eThZQrPtSifXctdU5IPzzQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 01:44:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 222 (0xde) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91422D7 Validity Not Before: Mar 29 01:44:22 2025 GMT Not After : Apr 5 01:44:22 2025 GMT Subject: CN=67e75076-e18d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:97:3d:a6:e6:1c:7e:b5:d8:8d:07:f3:e0:0e: 8b:54:22:0e:44:42:b7:9c:e2:73:e8:04:0f:78:53: be:bc:fd:88:98:f5:5e:56:c9:2c:d7:02:c7:0c:76: c1:e3:ad:10:9b:22:58:a4:12:10:a2:10:af:61:9d: ea:e1:2c:fa:ee:c4:35:17:be:31:be:58:e1:2f:95: 44:4d:34:79:ec:9a:eb:e2:91:92:e4:3a:85:23:67: e6:1e:6d:a2:df:cf:f7:71:1f:b1:75:1f:06:8b:2f: ce:76:e6:c7:1c:8f:fd:1d:d2:10:87:ff:2d:ec:c9: 40:64:79:e1:81:b7:c4:8a:ef:d3:45:c9:c5:c4:ca: 26:fb:c7:db:a3:bc:2a:96:6a:73:fd:e7:d6:45:f2: 43:62:df:83:e4:80:a2:88:40:2d:20:7b:aa:ca:f2: 7a:f0:88:e4:b0:9c:86:11:03:d8:b6:20:95:54:76: a1:8e:51:8d:77:09:a6:15:dc:c1:e7:57:d6:fd:b5: c7:82:91:00:8e:85:2b:36:ef:85:45:d7:96:aa:94: 50:94:d1:45:0e:57:22:08:fb:de:7e:c9:f2:e4:69: 9b:25:b3:60:f8:e3:8f:3d:c7:f9:0d:b0:6d:8e:32: a5:c3:ef:9c:41:f8:29:9e:0c:f5:2a:7e:fe:a4:0a: d4:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:FB:61:4F:EB:53:F6:9D:48:A1:38:90:41:19:41:05:AD:BA:F3:8D X509v3 Authority Key Identifier: keyid:AC:6A:22:F1:E4:E1:65:0A:CF:B5:28:9F:5D:CB:5D:53:92:0F:CF:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rGoi8eThZQrPtSifXctdU5IPzzQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91422D7/5B9F71D2ED3011ECBF07F012C4F9AE02/rGoi8eThZQrPtSifXctdU5IPzzQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b7:21:8a:19:fd:12:46:11:2e:54:6f:1e:51:9a:92:36:9c:44: e9:00:49:86:80:4d:86:4c:c4:25:d8:fe:11:20:44:42:e9:a3: a2:d1:56:f6:2a:d9:eb:03:8a:d2:ad:95:db:7e:74:68:28:94: 44:65:ba:3d:bc:ce:6e:bb:e9:a4:9f:69:18:83:72:af:65:29: 3e:27:85:80:b1:2a:09:99:68:58:c1:d6:ad:84:6d:9b:cc:5c: 0a:e4:7d:06:34:6e:d4:7e:8c:ea:01:4c:88:55:a6:65:d4:ec: ac:e2:f9:05:4c:73:24:43:47:73:bd:9c:00:80:29:1c:ea:ca: 1b:f3:16:a3:55:71:6c:cc:57:cf:f3:6b:f7:25:72:8a:c3:a4: bf:e1:27:d4:27:53:3e:08:85:f0:d4:62:98:8f:04:65:7f:8b: c9:da:c0:2f:0d:f8:c6:27:30:4c:75:72:65:4a:2f:7f:de:58: df:ea:ca:4e:96:10:22:85:82:bc:d4:df:06:47:9a:7c:2d:fb: b0:92:92:0c:f5:fe:2c:e8:08:6e:e7:3c:62:23:f0:e1:cf:70: a7:e3:0b:7c:58:92:1a:96:4e:89:90:e1:37:a4:55:26:96:d4: 6c:f5:e9:23:68:d8:fe:57:d9:fb:0f:17:85:66:b6:70:25:d3: 53:c6:09:d3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAN4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDIyRDcxMTAvBgNVBAUTKEFDNkEyMkYxRTRFMTY1MEFDRkI1Mjg5RjVEQ0I1RDUz OTIwRkNGMzQwHhcNMjUwMzI5MDE0NDIyWhcNMjUwNDA1MDE0NDIyWjAYMRYwFAYD VQQDEw02N2U3NTA3Ni1lMThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtpc9puYcfrXYjQfz4A6LVCIOREK3nOJz6AQPeFO+vP2ImPVeVsks1wLHDHbB 460QmyJYpBIQohCvYZ3q4Sz67sQ1F74xvljhL5VETTR57Jrr4pGS5DqFI2fmHm2i 38/3cR+xdR8Giy/OdubHHI/9HdIQh/8t7MlAZHnhgbfEiu/TRcnFxMom+8fbo7wq lmpz/efWRfJDYt+D5ICiiEAtIHuqyvJ68IjksJyGEQPYtiCVVHahjlGNdwmmFdzB 51fW/bXHgpEAjoUrNu+FRdeWqpRQlNFFDlciCPvefsny5GmbJbNg+OOPPcf5DbBt jjKlw++cQfgpngz1Kn7+pArUdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDD7YU/r U/adSKE4kEEZQQWtuvONMB8GA1UdIwQYMBaAFKxqIvHk4WUKz7Uon13LXVOSD880 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjJENy81QjlGNzFEMkVE MzAxMUVDQkYwN0YwMTJDNEY5QUUwMi9yR29pOGVUaFpRclB0U2lmWGN0ZFU1SVB6 elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JHb2k4ZVRoWlFyUHRTaWZYY3RkVTVJUHp6US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MjJENy81QjlGNzFEMkVEMzAxMUVDQkYwN0YwMTJDNEY5QUUwMi9yR29pOGVUaFpR clB0U2lmWGN0ZFU1SVB6elEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC3IYoZ/RJGES5Ubx5RmpI2nETpAEmGgE2GTMQl2P4RIERC6aOi0Vb2 KtnrA4rSrZXbfnRoKJREZbo9vM5uu+mkn2kYg3KvZSk+J4WAsSoJmWhYwdathG2b zFwK5H0GNG7UfozqAUyIVaZl1Oys4vkFTHMkQ0dzvZwAgCkc6sob8xajVXFszFfP 82v3JXKKw6S/4SfUJ1M+CIXw1GKYjwRlf4vJ2sAvDfjGJzBMdXJlSi9/3ljf6spO lhAihYK81N8GR5p8LfuwkpIM9f4s6Ahu5zxiI/Dhz3Cn4wt8WJIalk6JkOE3pFUm ltRs9ekjaNj+V9n7DxeFZrZwJdNTxgnT -----END CERTIFICATE-----Generated at Fri Apr 4 22:15:04 2025 by rpki-client