$ rpki-client -vvf rpki.apnic.net/member_repository/A91A6F2D/FD860F68BC6E11EBB8C64854C4F9AE02/r-73ovgxqXVbE7N-tum5HYHoqeg.mft File: r-73ovgxqXVbE7N-tum5HYHoqeg.mft (raw, json) Hash identifier: xPFjhhu9b/Q4tGJ2nELMeRMZtQI51dUKfh9XZRdOnls= Subject key identifier: 0C:A2:D4:86:D2:83:E0:DD:8A:68:A3:E8:38:DE:88:04:1F:7A:86:D6 Authority key identifier: AF:EE:F7:A2:F8:31:A9:75:5B:13:B3:7E:B6:E9:B9:1D:81:E8:A9:E8 Certificate issuer: /CN=A91A6F2D/serialNumber=AFEEF7A2F831A9755B13B37EB6E9B91D81E8A9E8 Certificate serial: 05BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-73ovgxqXVbE7N-tum5HYHoqeg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A6F2D/FD860F68BC6E11EBB8C64854C4F9AE02/r-73ovgxqXVbE7N-tum5HYHoqeg.mft Manifest number: 05B8 Signing time: Thu 10 Apr 2025 23:03:19 +0000 Manifest this update: Thu 10 Apr 2025 23:03:19 +0000 Manifest next update: Thu 17 Apr 2025 23:03:19 +0000 Files and hashes: 1: r-73ovgxqXVbE7N-tum5HYHoqeg.crl (hash: xkg1RAEJjEWKyG9dsKs96CA6SAQc9lfvTfqSUz9UceM=) 2: C17E1DDCBC7111EBB1423E5FC4F9AE02.roa (hash: ei3bKZ/cpLIRgTqV0pdjcmnxhOkz7g6PWIVeDuQtGq8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A6F2D/FD860F68BC6E11EBB8C64854C4F9AE02/r-73ovgxqXVbE7N-tum5HYHoqeg.crl rsync://rpki.apnic.net/member_repository/A91A6F2D/FD860F68BC6E11EBB8C64854C4F9AE02/r-73ovgxqXVbE7N-tum5HYHoqeg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-73ovgxqXVbE7N-tum5HYHoqeg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 17 Apr 2025 23:03:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1468 (0x5bc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A6F2D, serialNumber=AFEEF7A2F831A9755B13B37EB6E9B91D81E8A9E8 Validity Not Before: Apr 10 23:03:19 2025 GMT Not After : Apr 17 23:03:19 2025 GMT Subject: CN=67f84e37-123c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:66:3b:f5:bc:4b:fe:f3:45:a5:c8:9a:5c:ec: 8d:99:90:bb:9e:4c:22:ce:bb:16:04:33:da:3d:34: 4a:76:67:c7:4d:69:03:27:00:58:b5:0d:19:42:20: a4:11:7a:6a:e5:2b:3e:e9:21:99:2f:59:bf:ca:10: c3:3b:f9:90:21:13:09:d7:09:ac:d7:b1:6a:31:00: bc:df:28:0e:ce:b1:22:20:83:2d:bc:45:23:d5:bf: 72:23:7c:9a:77:15:0e:99:71:00:40:d5:de:3a:b0: b5:c4:92:dd:0d:44:c9:ce:7a:0e:0d:fa:dc:b5:2c: 23:b0:8c:4a:43:5d:15:46:bc:c1:02:b8:38:b7:db: 98:4a:eb:9b:45:d6:3d:56:67:37:f1:da:4d:44:02: 85:ac:5f:fd:5b:4c:f0:cf:35:11:c7:bf:bf:b4:4c: 05:5e:8e:1b:04:d4:5d:b9:46:88:6d:2f:da:e8:f7: d1:e6:a7:89:bc:72:bd:49:7c:b8:cb:81:8d:06:de: ad:62:5e:1a:30:35:ba:7e:9d:e2:7e:12:6a:74:18: 3c:f2:7e:0e:17:a2:64:1f:cc:da:08:cf:21:15:0d: 2b:7d:19:55:7f:8e:ea:2a:87:1e:68:ae:4d:3b:38: 08:0c:5c:7f:04:cd:b4:d9:ee:19:ab:a3:fb:bd:b7: c0:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:A2:D4:86:D2:83:E0:DD:8A:68:A3:E8:38:DE:88:04:1F:7A:86:D6 X509v3 Authority Key Identifier: keyid:AF:EE:F7:A2:F8:31:A9:75:5B:13:B3:7E:B6:E9:B9:1D:81:E8:A9:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A6F2D/FD860F68BC6E11EBB8C64854C4F9AE02/r-73ovgxqXVbE7N-tum5HYHoqeg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r-73ovgxqXVbE7N-tum5HYHoqeg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A6F2D/FD860F68BC6E11EBB8C64854C4F9AE02/r-73ovgxqXVbE7N-tum5HYHoqeg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:7c:8e:44:ef:ce:ba:ff:b8:f2:dd:fa:ac:26:29:e1:2c:ec: 93:82:fa:16:e3:39:ab:be:b0:53:fd:dc:4d:12:13:a3:9b:e8: 11:fb:83:09:3c:11:9a:fd:c7:36:b8:77:ba:de:e2:6c:01:4c: 8b:76:4e:c5:2a:f2:73:30:88:ea:53:ce:61:ec:42:75:8a:4b: 13:59:40:7d:3a:41:32:00:17:68:8b:f8:3d:73:64:05:6d:8f: 34:74:a0:cb:25:13:82:83:d1:79:ee:47:0a:25:dd:82:2a:d8: 90:99:41:f1:ef:1e:c9:95:fd:03:c0:3c:1f:dc:d9:7d:ef:5d: 94:cd:bb:27:87:dd:ac:17:58:fe:4d:de:bf:e5:b0:0d:d9:b8: cc:16:12:c4:25:c2:07:85:39:37:da:15:47:ce:ca:79:21:4f: de:32:62:e7:52:f8:cd:18:e7:10:c1:02:a9:4a:05:08:e1:9a: 6a:ea:c5:38:27:f4:93:28:de:40:e2:ad:c2:67:f5:94:d9:2d: 5e:2e:3f:1c:e9:d1:da:24:a4:c7:92:7d:97:8b:bb:9c:03:a2: ac:95:5f:85:b0:83:d5:d7:49:93:e1:ba:3b:fe:01:05:f0:f7: 17:33:fb:4c:cd:27:a1:d0:4d:3a:dd:07:e4:14:71:02:a9:a9: cc:e7:b0:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBbwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTZGMkQxMTAvBgNVBAUTKEFGRUVGN0EyRjgzMUE5NzU1QjEzQjM3RUI2RTlCOTFE ODFFOEE5RTgwHhcNMjUwNDEwMjMwMzE5WhcNMjUwNDE3MjMwMzE5WjAYMRYwFAYD VQQDEw02N2Y4NGUzNy0xMjNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy2Y79bxL/vNFpciaXOyNmZC7nkwizrsWBDPaPTRKdmfHTWkDJwBYtQ0ZQiCk EXpq5Ss+6SGZL1m/yhDDO/mQIRMJ1wms17FqMQC83ygOzrEiIIMtvEUj1b9yI3ya dxUOmXEAQNXeOrC1xJLdDUTJznoODfrctSwjsIxKQ10VRrzBArg4t9uYSuubRdY9 Vmc38dpNRAKFrF/9W0zwzzURx7+/tEwFXo4bBNRduUaIbS/a6PfR5qeJvHK9SXy4 y4GNBt6tYl4aMDW6fp3ifhJqdBg88n4OF6JkH8zaCM8hFQ0rfRlVf47qKoceaK5N OzgIDFx/BM202e4Zq6P7vbfA2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAyi1IbS g+Ddimij6DjeiAQfeobWMB8GA1UdIwQYMBaAFK/u96L4Mal1WxOzfrbpuR2B6Kno MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNkYyRC9GRDg2MEY2OEJD NkUxMUVCQjhDNjQ4NTRDNEY5QUUwMi9yLTczb3ZneHFYVmJFN04tdHVtNUhZSG9x ZWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ItNzNvdmd4cVhWYkU3Ti10dW01SFlIb3FlZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NkYyRC9GRDg2MEY2OEJDNkUxMUVCQjhDNjQ4NTRDNEY5QUUwMi9yLTczb3ZneHFY VmJFN04tdHVtNUhZSG9xZWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCXfI5E7866/7jy3fqsJinhLOyTgvoW4zmrvrBT/dxNEhOjm+gR+4MJ PBGa/cc2uHe63uJsAUyLdk7FKvJzMIjqU85h7EJ1iksTWUB9OkEyABdoi/g9c2QF bY80dKDLJROCg9F57kcKJd2CKtiQmUHx7x7Jlf0DwDwf3Nl9712Uzbsnh92sF1j+ Td6/5bAN2bjMFhLEJcIHhTk32hVHzsp5IU/eMmLnUvjNGOcQwQKpSgUI4Zpq6sU4 J/STKN5A4q3CZ/WU2S1eLj8c6dHaJKTHkn2Xi7ucA6KslV+FsIPV10mT4bo7/gEF 8PcXM/tMzSeh0E063QfkFHECqanM57C5 -----END CERTIFICATE-----Generated at Sat Apr 12 23:50:25 2025 by rpki-client