$ rpki-client -vvf rpki.apnic.net/member_repository/A91557BA/6E74951004EB11EAA72FA363C4F9AE02/dwbQiOkh3osB67oGIB0EFQ6GTQQ.mft File: dwbQiOkh3osB67oGIB0EFQ6GTQQ.mft (raw, json) Hash identifier: YAaFn0fbRVFqV6nkWwwfJe6bOvgjgcDAnOUcxZP8xuc= Subject key identifier: BB:59:65:C0:D0:FC:7D:9C:D6:BC:16:9E:D5:FA:3E:A1:BC:79:FE:86 Authority key identifier: 77:06:D0:88:E9:21:DE:8B:01:EB:BA:06:20:1D:04:15:0E:86:4D:04 Certificate issuer: /CN=A91557BA/serialNumber=7706D088E921DE8B01EBBA06201D04150E864D04 Certificate serial: 0C38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwbQiOkh3osB67oGIB0EFQ6GTQQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91557BA/6E74951004EB11EAA72FA363C4F9AE02/dwbQiOkh3osB67oGIB0EFQ6GTQQ.mft Manifest number: 0C2E Signing time: Fri 04 Apr 2025 18:34:17 +0000 Manifest this update: Fri 04 Apr 2025 18:34:17 +0000 Manifest next update: Fri 11 Apr 2025 18:34:17 +0000 Files and hashes: 1: dwbQiOkh3osB67oGIB0EFQ6GTQQ.crl (hash: r9UlqV9YXNFTQuEplCQF7bHK6uB/K0F+riSBAxlo5ug=) 2: D68289BE984B11ECB04DAB38C4F9AE02.roa (hash: 2GXsJ3lmpDTCyJ0+6RHbUPHuhr06/ng834HAohqlZ5g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91557BA/6E74951004EB11EAA72FA363C4F9AE02/dwbQiOkh3osB67oGIB0EFQ6GTQQ.crl rsync://rpki.apnic.net/member_repository/A91557BA/6E74951004EB11EAA72FA363C4F9AE02/dwbQiOkh3osB67oGIB0EFQ6GTQQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwbQiOkh3osB67oGIB0EFQ6GTQQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 18:34:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3128 (0xc38) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91557BA Validity Not Before: Apr 4 18:34:17 2025 GMT Not After : Apr 11 18:34:17 2025 GMT Subject: CN=67f02629-c6cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b4:94:91:a7:6a:d4:db:36:0c:c0:c0:1c:69: 0f:82:33:98:2b:cc:e9:5d:80:0a:86:53:0a:0e:47: db:da:90:5f:86:42:11:b1:1d:b1:14:c1:5e:2d:4e: 90:ef:50:39:d7:96:3d:ce:bc:9d:e8:ca:7c:48:55: 7e:fb:0f:c3:f4:a1:dc:46:ce:90:0f:04:7f:b3:ee: 48:d7:fa:e5:1d:23:d3:bc:fc:e9:7f:62:c6:c7:97: 22:74:26:7f:6b:cc:4a:18:87:51:85:0e:c3:cd:ff: c5:16:ce:81:bb:97:29:1e:b1:87:44:55:c2:94:58: 75:d6:3f:f8:9a:58:98:82:28:04:e7:69:61:e2:fb: 1c:7a:97:0d:ab:c7:4c:52:5c:17:56:89:28:3a:a1: 0c:5a:c9:8f:c1:eb:7a:85:ef:af:d4:e9:f6:92:f9: 9a:a1:3e:e5:a3:04:5f:3e:47:45:b0:20:01:c5:d3: d9:95:cf:96:3b:f6:3f:c5:3e:3c:8a:70:b2:65:08: bb:65:5c:56:59:3f:02:a6:90:e1:d6:5f:cd:0a:9a: f5:be:d2:f7:14:50:a5:9e:68:4f:64:16:50:98:4c: 9d:6c:af:29:25:cb:05:d3:f5:22:d9:e4:6b:56:ba: 63:39:ab:32:d1:59:74:00:da:6d:bf:4e:c6:9d:0c: fc:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:59:65:C0:D0:FC:7D:9C:D6:BC:16:9E:D5:FA:3E:A1:BC:79:FE:86 X509v3 Authority Key Identifier: keyid:77:06:D0:88:E9:21:DE:8B:01:EB:BA:06:20:1D:04:15:0E:86:4D:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91557BA/6E74951004EB11EAA72FA363C4F9AE02/dwbQiOkh3osB67oGIB0EFQ6GTQQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dwbQiOkh3osB67oGIB0EFQ6GTQQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91557BA/6E74951004EB11EAA72FA363C4F9AE02/dwbQiOkh3osB67oGIB0EFQ6GTQQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:dc:69:49:7a:4e:5c:20:b0:a0:12:e1:66:a7:d8:ed:a7:7e: 2d:4e:bc:f0:0b:ed:97:2b:a3:96:50:08:53:8c:0d:c0:c8:d7: eb:e8:8d:e8:db:3f:7e:1d:74:82:4d:70:b5:40:ac:b1:da:ea: 91:a4:55:36:66:bf:f2:32:2f:6f:b1:cd:c0:6c:15:d0:3c:33: bb:e7:30:2f:56:d1:5d:94:43:0e:5f:34:f8:55:c4:0e:be:15: 60:f8:bd:a7:b8:96:8e:1d:55:f5:0e:66:c3:22:4b:2f:35:c9: 18:69:0f:4e:47:05:f3:df:7d:d5:2d:24:d5:31:a0:49:ca:20: 67:f6:c4:02:62:9e:9b:e0:1a:3a:01:9f:51:40:c7:72:e1:13: 58:71:d8:f5:e0:93:b0:33:b1:ce:0c:bd:07:f6:31:1e:11:c4: 35:ec:38:5b:cb:1e:ba:8a:1d:27:b9:28:0b:fc:d6:a1:89:f4: 4a:8e:c6:8b:b5:00:4b:c7:f1:82:7c:0a:7d:d7:2c:0b:93:13: 5a:b7:cc:94:ae:9f:06:a9:51:9b:3a:b9:49:64:ed:be:7d:e6: 68:f6:95:39:29:5d:e7:f9:a7:81:ed:f7:20:02:a3:f4:c4:69: 80:54:8e:b3:d4:aa:e3:c1:03:f9:77:01:e4:cd:67:d4:0f:2e: 88:e7:1b:3c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTU3QkExMTAvBgNVBAUTKDc3MDZEMDg4RTkyMURFOEIwMUVCQkEwNjIwMUQwNDE1 MEU4NjREMDQwHhcNMjUwNDA0MTgzNDE3WhcNMjUwNDExMTgzNDE3WjAYMRYwFAYD VQQDEw02N2YwMjYyOS1jNmNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtLSUkadq1Ns2DMDAHGkPgjOYK8zpXYAKhlMKDkfb2pBfhkIRsR2xFMFeLU6Q 71A515Y9zryd6Mp8SFV++w/D9KHcRs6QDwR/s+5I1/rlHSPTvPzpf2LGx5cidCZ/ a8xKGIdRhQ7Dzf/FFs6Bu5cpHrGHRFXClFh11j/4mliYgigE52lh4vscepcNq8dM UlwXVokoOqEMWsmPwet6he+v1On2kvmaoT7lowRfPkdFsCABxdPZlc+WO/Y/xT48 inCyZQi7ZVxWWT8CppDh1l/NCpr1vtL3FFClnmhPZBZQmEydbK8pJcsF0/Ui2eRr VrpjOasy0Vl0ANptv07GnQz8rQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLtZZcDQ /H2c1rwWntX6PqG8ef6GMB8GA1UdIwQYMBaAFHcG0IjpId6LAeu6BiAdBBUOhk0E MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTdCQS82RTc0OTUxMDA0 RUIxMUVBQTcyRkEzNjNDNEY5QUUwMi9kd2JRaU9raDNvc0I2N29HSUIwRUZRNkdU UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2R3YlFpT2toM29zQjY3b0dJQjBFRlE2R1RRUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NTdCQS82RTc0OTUxMDA0RUIxMUVBQTcyRkEzNjNDNEY5QUUwMi9kd2JRaU9raDNv c0I2N29HSUIwRUZRNkdUUVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB33GlJek5cILCgEuFmp9jtp34tTrzwC+2XK6OWUAhTjA3AyNfr6I3o 2z9+HXSCTXC1QKyx2uqRpFU2Zr/yMi9vsc3AbBXQPDO75zAvVtFdlEMOXzT4VcQO vhVg+L2nuJaOHVX1DmbDIksvNckYaQ9ORwXz333VLSTVMaBJyiBn9sQCYp6b4Bo6 AZ9RQMdy4RNYcdj14JOwM7HODL0H9jEeEcQ17Dhbyx66ih0nuSgL/NahifRKjsaL tQBLx/GCfAp91ywLkxNat8yUrp8GqVGbOrlJZO2+feZo9pU5KV3n+aeB7fcgAqP0 xGmAVI6z1KrjwQP5dwHkzWfUDy6I5xs8 -----END CERTIFICATE-----Generated at Fri Apr 4 22:24:42 2025 by rpki-client