$ rpki-client -vvf rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.mft File: CkMWPL6xv3mMnOQcHF50ociDesY.mft (raw, json) Hash identifier: kQJthyEDEtvZqBAY/OC4B+Y4DdG0vowSMoyRJ/qm6lE= Subject key identifier: C9:A3:FF:B9:87:EF:D2:03:F7:DF:76:DC:0C:F0:6D:42:F6:83:73:E0 Authority key identifier: 0A:43:16:3C:BE:B1:BF:79:8C:9C:E4:1C:1C:5E:74:A1:C8:83:7A:C6 Certificate issuer: /CN=A91A95C1/serialNumber=0A43163CBEB1BF798C9CE41C1C5E74A1C8837AC6 Certificate serial: 025B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkMWPL6xv3mMnOQcHF50ociDesY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.mft Manifest number: 0256 Signing time: Sat 29 Mar 2025 02:03:32 +0000 Manifest this update: Sat 29 Mar 2025 02:03:32 +0000 Manifest next update: Sat 05 Apr 2025 02:03:32 +0000 Files and hashes: 1: CkMWPL6xv3mMnOQcHF50ociDesY.crl (hash: vcoz7N6OaDxnjDbLrOsgaIeiua6sXtVIBFy9cZgQIoM=) 2: DA61302A0F0211EDABBE3C6AC4F9AE02.roa (hash: vW2EZP2Cwb4m+zHwX4dxc62MHLuj24Kv3gEJBseD9aY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.crl rsync://rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkMWPL6xv3mMnOQcHF50ociDesY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 02:03:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 603 (0x25b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A95C1 Validity Not Before: Mar 29 02:03:32 2025 GMT Not After : Apr 5 02:03:32 2025 GMT Subject: CN=67e754f4-5e6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:fd:88:f1:07:ea:ae:36:1f:35:de:e3:4d:7d: f5:b2:97:84:96:09:b1:55:c6:6c:17:5c:50:76:82: 17:5c:67:6b:61:11:69:ca:0a:99:d2:f1:05:cb:6d: 1a:e6:b3:92:26:95:69:64:04:26:53:13:a8:7e:f9: 32:b5:98:e2:47:d5:50:b9:7c:cc:cf:b4:ab:23:ad: 17:17:1d:20:c2:10:07:61:ae:c9:b9:0a:83:57:0e: 2d:45:d4:c2:40:49:ba:9e:5a:b9:37:ff:1c:ee:07: d8:34:62:4e:84:f6:d5:8a:05:2f:40:43:a4:a3:cd: a3:60:9b:23:79:64:e9:cd:0c:f9:f5:84:72:35:fa: 2d:23:b5:69:91:46:62:fd:92:37:9b:06:6a:4e:27: b2:63:b5:29:23:f6:db:91:b0:98:81:88:a3:39:fa: ac:e0:63:a8:d7:a2:db:e8:8d:15:df:c0:79:9b:d3: cb:10:74:92:c7:e2:7c:27:85:83:86:e6:5f:0c:ff: d1:d8:d0:09:75:7d:55:5b:ad:2a:a8:9c:5f:08:83: ce:d6:08:88:a4:2c:40:d4:7a:48:69:74:4c:af:e5: 18:71:ab:1e:6a:c1:b5:05:bb:5b:94:5d:4b:fa:23: ad:d2:21:69:d6:7d:37:11:d6:9c:5b:96:97:4e:bc: 16:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:A3:FF:B9:87:EF:D2:03:F7:DF:76:DC:0C:F0:6D:42:F6:83:73:E0 X509v3 Authority Key Identifier: keyid:0A:43:16:3C:BE:B1:BF:79:8C:9C:E4:1C:1C:5E:74:A1:C8:83:7A:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkMWPL6xv3mMnOQcHF50ociDesY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ad:0b:fe:b6:45:4c:da:aa:3c:22:20:44:8c:b3:61:68:ac:c1: 22:d6:30:f1:96:4a:d0:15:01:c5:93:37:30:69:62:e8:f8:41: 23:51:99:f0:df:b7:68:17:8a:c3:a7:57:c6:ac:73:a7:b1:25: 70:93:c2:2c:15:22:59:a1:cf:74:62:e4:c8:a4:b0:99:f6:f0: 4d:08:d5:5c:f5:5f:05:8a:25:8f:cb:18:b2:64:33:75:f9:f2: e6:c4:ac:c3:a2:45:ad:db:36:47:f9:85:c0:2d:c6:8d:69:06: b6:aa:e3:ad:15:71:1e:cf:33:25:91:c6:2b:4a:d1:d1:b4:c8: d5:6a:48:75:3c:02:44:b5:67:58:13:55:64:eb:42:29:2b:2e: 18:3c:5e:42:2a:12:ce:24:a0:b8:72:f7:f6:71:4d:56:b6:33: 0b:2e:69:37:5b:bb:53:c4:e3:29:04:7a:11:d3:fa:53:3d:7b: 5a:e2:f7:fc:cb:14:6d:f7:7a:30:72:55:89:4a:6f:67:84:3e: 53:79:80:19:7c:14:c5:b1:c4:a0:c0:6d:5f:35:47:a6:a9:b3: 84:61:53:99:91:55:04:76:e2:f5:f7:12:8e:b1:d7:5d:6e:61: ca:03:5a:92:c9:b2:9d:e0:91:ba:76:39:1a:28:3c:49:77:fc: ed:6c:28:69 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAlswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTk1QzExMTAvBgNVBAUTKDBBNDMxNjNDQkVCMUJGNzk4QzlDRTQxQzFDNUU3NEEx Qzg4MzdBQzYwHhcNMjUwMzI5MDIwMzMyWhcNMjUwNDA1MDIwMzMyWjAYMRYwFAYD VQQDEw02N2U3NTRmNC01ZTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx/2I8QfqrjYfNd7jTX31speElgmxVcZsF1xQdoIXXGdrYRFpygqZ0vEFy20a 5rOSJpVpZAQmUxOofvkytZjiR9VQuXzMz7SrI60XFx0gwhAHYa7JuQqDVw4tRdTC QEm6nlq5N/8c7gfYNGJOhPbVigUvQEOko82jYJsjeWTpzQz59YRyNfotI7VpkUZi /ZI3mwZqTieyY7UpI/bbkbCYgYijOfqs4GOo16Lb6I0V38B5m9PLEHSSx+J8J4WD huZfDP/R2NAJdX1VW60qqJxfCIPO1giIpCxA1HpIaXRMr+UYcaseasG1BbtblF1L +iOt0iFp1n03EdacW5aXTrwW4wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMmj/7mH 79ID99923AzwbUL2g3PgMB8GA1UdIwQYMBaAFApDFjy+sb95jJzkHBxedKHIg3rG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOTVDMS9DQkU2QkM3NDBG MDAxMUVEQTc0NDA2NkFDNEY5QUUwMi9Da01XUEw2eHYzbU1uT1FjSEY1MG9jaURl c1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NrTVdQTDZ4djNtTW5PUWNIRjUwb2NpRGVzWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB OTVDMS9DQkU2QkM3NDBGMDAxMUVEQTc0NDA2NkFDNEY5QUUwMi9Da01XUEw2eHYz bU1uT1FjSEY1MG9jaURlc1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCtC/62RUzaqjwiIESMs2ForMEi1jDxlkrQFQHFkzcwaWLo+EEjUZnw 37doF4rDp1fGrHOnsSVwk8IsFSJZoc90YuTIpLCZ9vBNCNVc9V8FiiWPyxiyZDN1 +fLmxKzDokWt2zZH+YXALcaNaQa2quOtFXEezzMlkcYrStHRtMjVakh1PAJEtWdY E1Vk60IpKy4YPF5CKhLOJKC4cvf2cU1WtjMLLmk3W7tTxOMpBHoR0/pTPXta4vf8 yxRt93owclWJSm9nhD5TeYAZfBTFscSgwG1fNUemqbOEYVOZkVUEduL19xKOsddd bmHKA1qSybKd4JG6djkaKDxJd/ztbChp -----END CERTIFICATE-----Generated at Fri Apr 4 22:14:58 2025 by rpki-client