$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF145/278073CE36EA11EEAE10AA45C4F9AE02/cNpFkZHpBoa9sKxHq9owqcPhdPo.mft File: cNpFkZHpBoa9sKxHq9owqcPhdPo.mft (raw, json) Hash identifier: No9Pba1Rg+IiLQKOr4zreD5gxxzRxuGVJhaRETZDieg= Subject key identifier: 47:CA:AD:06:8E:22:51:B1:14:3A:37:F2:3A:0C:1C:AE:6C:8F:BE:42 Authority key identifier: 70:DA:45:91:91:E9:06:86:BD:B0:AC:47:AB:DA:30:A9:C3:E1:74:FA Certificate issuer: /CN=A91AF145/serialNumber=70DA459191E90686BDB0AC47ABDA30A9C3E174FA Certificate serial: 0148 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNpFkZHpBoa9sKxHq9owqcPhdPo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF145/278073CE36EA11EEAE10AA45C4F9AE02/cNpFkZHpBoa9sKxHq9owqcPhdPo.mft Manifest number: 0142 Signing time: Sat 05 Apr 2025 03:49:51 +0000 Manifest this update: Sat 05 Apr 2025 03:49:50 +0000 Manifest next update: Sat 12 Apr 2025 03:49:50 +0000 Files and hashes: 1: cNpFkZHpBoa9sKxHq9owqcPhdPo.crl (hash: cq0lDbgS8rMtZ2SM/Y//lv0niL89VYXlLkwGfQVZES4=) 2: 43E9CB90DFF511EF8E4E3982C4F9AE02.roa (hash: ed3VnRz1sRChg/cFQmGXFi6QslMtcDU5X1xXHCQiW6k=) 3: 971B23D236EA11EE802E9246C4F9AE02.roa (hash: 4S5HT3Umab8tv1JR8LX9cjuccjEduaZGTp680hfQmts=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF145/278073CE36EA11EEAE10AA45C4F9AE02/cNpFkZHpBoa9sKxHq9owqcPhdPo.crl rsync://rpki.apnic.net/member_repository/A91AF145/278073CE36EA11EEAE10AA45C4F9AE02/cNpFkZHpBoa9sKxHq9owqcPhdPo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNpFkZHpBoa9sKxHq9owqcPhdPo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 03:49:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 328 (0x148) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF145 Validity Not Before: Apr 5 03:49:50 2025 GMT Not After : Apr 12 03:49:50 2025 GMT Subject: CN=67f0a85e-9f69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:70:bb:7d:61:ef:fe:d8:07:71:f2:87:7e:67: b4:bf:aa:3a:f0:9b:4a:95:a4:1c:a8:5d:43:7b:f4: ae:75:44:3f:de:92:3e:c9:92:14:46:6c:93:a6:46: 77:12:fb:44:c4:1b:0b:41:6f:aa:b5:e4:36:d3:bc: b3:8b:13:7e:f9:d3:fa:03:fe:a8:4d:94:a5:47:e4: eb:cf:b8:d7:3e:7f:5e:f7:f8:bb:9a:ae:f0:d2:db: 38:3b:9d:e8:8e:a7:93:98:95:43:aa:8f:55:fe:6e: 6e:93:5d:5d:5b:84:c1:3a:bf:47:9b:76:14:e0:e0: c0:3f:9f:14:a7:5d:7d:12:d2:f1:74:a6:83:ae:37: 82:9f:d4:31:c9:98:4e:4d:09:76:a2:68:ba:ba:17: 77:d2:58:2a:29:29:d9:ae:c5:cb:02:9e:64:95:f9: 73:e9:14:43:05:1b:1a:21:96:36:76:ac:d1:3b:fe: 26:12:ba:7c:cb:cb:06:e9:22:a9:59:84:04:8e:00: 56:c6:d0:f8:29:15:48:3e:aa:79:eb:e6:31:36:9c: c6:32:e1:f9:96:bf:51:ce:27:22:fc:7e:d9:44:25: e9:8f:fb:b8:7c:f2:9a:de:3f:b5:d8:ca:cd:ae:84: 76:c5:2b:f0:05:96:35:ad:26:80:cf:aa:27:84:39: 89:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:CA:AD:06:8E:22:51:B1:14:3A:37:F2:3A:0C:1C:AE:6C:8F:BE:42 X509v3 Authority Key Identifier: keyid:70:DA:45:91:91:E9:06:86:BD:B0:AC:47:AB:DA:30:A9:C3:E1:74:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF145/278073CE36EA11EEAE10AA45C4F9AE02/cNpFkZHpBoa9sKxHq9owqcPhdPo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNpFkZHpBoa9sKxHq9owqcPhdPo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF145/278073CE36EA11EEAE10AA45C4F9AE02/cNpFkZHpBoa9sKxHq9owqcPhdPo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:0d:77:8c:a9:82:bd:46:bb:e5:9c:6d:a0:20:df:97:cf:49: 12:07:8a:0f:78:f5:be:7f:d4:16:e0:e3:8c:36:2c:83:e4:1b: bc:77:4e:98:6e:b9:e7:f4:a1:e2:38:b0:58:ad:07:ee:dd:3c: bf:0c:d7:5a:db:14:11:77:94:dc:66:55:73:8c:74:53:6d:df: 10:ec:f1:ec:fd:5c:df:36:2f:12:f2:82:d1:1d:7a:5f:5c:9d: 64:22:ba:75:e0:49:32:76:46:4f:b4:6c:03:2e:b4:c0:a8:62: 1d:e6:ce:1e:bb:93:b5:ee:2a:53:4e:26:2d:58:3b:af:74:f4: fe:35:9e:5c:c1:bb:2d:5c:9b:e5:d1:be:92:b1:51:4e:47:9a: e0:f2:bb:32:f1:58:a9:be:d0:93:bc:a3:62:33:00:31:91:0e: 2a:38:f3:62:bf:01:87:de:59:f2:91:aa:8c:8c:14:a3:03:38: 26:5b:4b:05:78:35:be:f3:1d:3b:24:fd:f1:96:d9:1c:62:fe: b4:ae:a4:11:f8:1d:ae:c3:13:de:7b:9a:57:9b:e1:f8:ac:54: b3:31:2c:f1:28:50:d6:63:33:92:4c:e5:99:8d:b8:b9:85:bf: e2:d6:02:81:0b:04:86:ba:44:64:23:99:e8:43:c7:29:7f:9c: 4e:aa:8c:25 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYxNDUxMTAvBgNVBAUTKDcwREE0NTkxOTFFOTA2ODZCREIwQUM0N0FCREEzMEE5 QzNFMTc0RkEwHhcNMjUwNDA1MDM0OTUwWhcNMjUwNDEyMDM0OTUwWjAYMRYwFAYD VQQDEw02N2YwYTg1ZS05ZjY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApHC7fWHv/tgHcfKHfme0v6o68JtKlaQcqF1De/SudUQ/3pI+yZIURmyTpkZ3 EvtExBsLQW+qteQ207yzixN++dP6A/6oTZSlR+Trz7jXPn9e9/i7mq7w0ts4O53o jqeTmJVDqo9V/m5uk11dW4TBOr9Hm3YU4ODAP58Up119EtLxdKaDrjeCn9QxyZhO TQl2omi6uhd30lgqKSnZrsXLAp5klflz6RRDBRsaIZY2dqzRO/4mErp8y8sG6SKp WYQEjgBWxtD4KRVIPqp56+YxNpzGMuH5lr9Rzici/H7ZRCXpj/u4fPKa3j+12MrN roR2xSvwBZY1rSaAz6onhDmJrwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEfKrQaO IlGxFDo38joMHK5sj75CMB8GA1UdIwQYMBaAFHDaRZGR6QaGvbCsR6vaMKnD4XT6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjE0NS8yNzgwNzNDRTM2 RUExMUVFQUUxMEFBNDVDNEY5QUUwMi9jTnBGa1pIcEJvYTlzS3hIcTlvd3FjUGhk UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NOcEZrWkhwQm9hOXNLeEhxOW93cWNQaGRQby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjE0NS8yNzgwNzNDRTM2RUExMUVFQUUxMEFBNDVDNEY5QUUwMi9jTnBGa1pIcEJv YTlzS3hIcTlvd3FjUGhkUG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBZDXeMqYK9RrvlnG2gIN+Xz0kSB4oPePW+f9QW4OOMNiyD5Bu8d06Y brnn9KHiOLBYrQfu3Ty/DNda2xQRd5TcZlVzjHRTbd8Q7PHs/VzfNi8S8oLRHXpf XJ1kIrp14EkydkZPtGwDLrTAqGId5s4eu5O17ipTTiYtWDuvdPT+NZ5cwbstXJvl 0b6SsVFOR5rg8rsy8VipvtCTvKNiMwAxkQ4qOPNivwGH3lnykaqMjBSjAzgmW0sF eDW+8x07JP3xltkcYv60rqQR+B2uwxPee5pXm+H4rFSzMSzxKFDWYzOSTOWZjbi5 hb/i1gKBCwSGukRkI5noQ8cpf5xOqowl -----END CERTIFICATE-----Generated at Sun Apr 6 18:30:24 2025 by rpki-client