$ rpki-client -vvf rpki.apnic.net/member_repository/A91B10B9/D13BEAAAA0FB11ECA5D1DF5BC4F9AE02/PXe1hqP2gsVjtkJlJiiR1NpGp6g.mft File: PXe1hqP2gsVjtkJlJiiR1NpGp6g.mft (raw, json) Hash identifier: 7NIua7nlwkU+jkRI3exFn/b0L9UQTt5YmWyhsV6N5ls= Subject key identifier: 32:B5:80:CA:03:0A:48:8E:12:58:CD:0A:51:E7:51:3F:06:A8:0F:16 Authority key identifier: 3D:77:B5:86:A3:F6:82:C5:63:B6:42:65:26:28:91:D4:DA:46:A7:A8 Certificate issuer: /CN=A91B10B9/serialNumber=3D77B586A3F682C563B64265262891D4DA46A7A8 Certificate serial: 037A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PXe1hqP2gsVjtkJlJiiR1NpGp6g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B10B9/D13BEAAAA0FB11ECA5D1DF5BC4F9AE02/PXe1hqP2gsVjtkJlJiiR1NpGp6g.mft Manifest number: 0375 Signing time: Fri 11 Apr 2025 00:52:50 +0000 Manifest this update: Fri 11 Apr 2025 00:52:49 +0000 Manifest next update: Fri 18 Apr 2025 00:52:49 +0000 Files and hashes: 1: PXe1hqP2gsVjtkJlJiiR1NpGp6g.crl (hash: r+NRNc21GIvcg5JZ+ZyF50oVy3LgcGI6nfZtBggZCLg=) 2: BCD0F6B0A0FF11EC924D4461C4F9AE02.roa (hash: eYkm574zXfPZBssf+KqgdlPvB8riPVJCVgCP7O8B6S0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B10B9/D13BEAAAA0FB11ECA5D1DF5BC4F9AE02/PXe1hqP2gsVjtkJlJiiR1NpGp6g.crl rsync://rpki.apnic.net/member_repository/A91B10B9/D13BEAAAA0FB11ECA5D1DF5BC4F9AE02/PXe1hqP2gsVjtkJlJiiR1NpGp6g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PXe1hqP2gsVjtkJlJiiR1NpGp6g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 00:52:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 890 (0x37a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B10B9, serialNumber=3D77B586A3F682C563B64265262891D4DA46A7A8 Validity Not Before: Apr 11 00:52:49 2025 GMT Not After : Apr 18 00:52:49 2025 GMT Subject: CN=67f867e1-d345 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:80:fd:48:d5:d1:30:39:dd:74:cc:c7:4a:94: eb:ca:a9:72:d1:16:26:fa:34:d2:eb:a3:0c:50:c3: b7:5c:6e:2c:ea:c9:97:57:02:32:66:79:85:65:11: ba:00:3d:69:7c:64:80:3c:f3:e4:d8:22:76:ca:f8: a4:f2:6d:89:ef:62:f5:0c:04:7b:f9:ad:95:de:7a: f6:ba:43:b7:69:b5:13:44:42:24:ea:ca:97:da:d9: 06:8c:d5:ad:d2:6e:ea:73:e8:0f:c6:b2:9f:56:5c: 63:8d:30:cb:bd:4a:fb:25:5d:26:85:95:2f:13:38: a0:b2:0c:03:6d:ea:2c:a6:94:57:0b:28:41:0b:9d: 70:87:c8:89:a3:67:53:b3:be:4c:63:7c:b3:0d:e2: ee:44:39:c3:24:a4:79:37:42:13:24:ce:8a:72:e0: 2c:f6:9c:b7:82:95:69:90:83:50:00:fa:0d:db:39: 7a:96:98:c6:7c:ae:8b:be:2b:fa:28:cf:45:28:ea: 56:d5:10:30:db:e9:1a:0f:90:e0:fe:cd:08:0b:0d: 62:07:c6:a3:7d:5a:b5:a2:cb:ac:7b:95:42:6b:a8: bd:1a:0f:9f:e8:64:40:e1:29:61:fa:64:84:07:d0: 49:7d:86:0a:21:93:6d:16:c6:33:9f:23:e0:65:72: dc:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:B5:80:CA:03:0A:48:8E:12:58:CD:0A:51:E7:51:3F:06:A8:0F:16 X509v3 Authority Key Identifier: keyid:3D:77:B5:86:A3:F6:82:C5:63:B6:42:65:26:28:91:D4:DA:46:A7:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B10B9/D13BEAAAA0FB11ECA5D1DF5BC4F9AE02/PXe1hqP2gsVjtkJlJiiR1NpGp6g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PXe1hqP2gsVjtkJlJiiR1NpGp6g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B10B9/D13BEAAAA0FB11ECA5D1DF5BC4F9AE02/PXe1hqP2gsVjtkJlJiiR1NpGp6g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d5:ec:8d:95:0c:a1:9a:88:9c:57:22:93:e8:b5:90:b9:97:0d: 73:38:c1:7d:73:7a:2d:89:e3:2e:d0:de:bc:65:f1:45:c8:74: b7:85:15:c3:54:55:2d:79:82:0c:86:bd:d0:e6:34:75:69:73: 44:a1:81:e6:f4:b3:35:04:50:da:5d:c4:3a:2c:3a:dc:ef:8d: 73:7a:77:d5:3b:f1:1c:f4:e9:4d:1c:e9:a3:00:0b:b8:4c:19: 87:ea:d8:8b:18:3f:a7:33:87:9e:2e:b0:4b:40:ef:60:f6:dd: 40:3f:c0:6d:9b:1d:b8:f3:2a:92:8f:e1:7c:46:c6:44:b8:04: 70:51:7d:68:9e:e1:04:eb:e9:ce:09:2f:20:a8:e8:81:f3:ec: 97:c5:7d:d7:53:e6:b8:b8:7e:52:35:ab:2f:3f:3b:41:d2:63: 7d:3e:e8:d7:87:73:33:3a:f7:4e:c1:1d:a0:5b:15:43:1b:15: 8c:23:a6:23:cf:00:29:55:c5:f6:d4:e4:f7:e7:32:f5:95:68: a2:aa:0d:a9:fb:3c:21:1e:b6:0a:2c:bc:88:7d:f2:a1:d9:b3: 11:58:20:99:c1:84:eb:22:27:1f:8f:29:5b:a9:79:24:08:e2: 02:b1:f7:ac:dc:3a:6f:c0:99:7f:b6:7b:70:6d:d3:5c:bd:2c: 5e:5f:fc:f9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjEwQjkxMTAvBgNVBAUTKDNENzdCNTg2QTNGNjgyQzU2M0I2NDI2NTI2Mjg5MUQ0 REE0NkE3QTgwHhcNMjUwNDExMDA1MjQ5WhcNMjUwNDE4MDA1MjQ5WjAYMRYwFAYD VQQDEw02N2Y4NjdlMS1kMzQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp4D9SNXRMDnddMzHSpTryqly0RYm+jTS66MMUMO3XG4s6smXVwIyZnmFZRG6 AD1pfGSAPPPk2CJ2yvik8m2J72L1DAR7+a2V3nr2ukO3abUTREIk6sqX2tkGjNWt 0m7qc+gPxrKfVlxjjTDLvUr7JV0mhZUvEzigsgwDbeosppRXCyhBC51wh8iJo2dT s75MY3yzDeLuRDnDJKR5N0ITJM6KcuAs9py3gpVpkINQAPoN2zl6lpjGfK6Lviv6 KM9FKOpW1RAw2+kaD5Dg/s0ICw1iB8ajfVq1osuse5VCa6i9Gg+f6GRA4Slh+mSE B9BJfYYKIZNtFsYznyPgZXLcIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDK1gMoD CkiOEljNClHnUT8GqA8WMB8GA1UdIwQYMBaAFD13tYaj9oLFY7ZCZSYokdTaRqeo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMTBCOS9EMTNCRUFBQUEw RkIxMUVDQTVEMURGNUJDNEY5QUUwMi9QWGUxaHFQMmdzVmp0a0psSmlpUjFOcEdw NmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BYZTFocVAyZ3NWanRrSmxKaWlSMU5wR3A2Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MTBCOS9EMTNCRUFBQUEwRkIxMUVDQTVEMURGNUJDNEY5QUUwMi9QWGUxaHFQMmdz Vmp0a0psSmlpUjFOcEdwNmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDV7I2VDKGaiJxXIpPotZC5lw1zOMF9c3otieMu0N68ZfFFyHS3hRXD VFUteYIMhr3Q5jR1aXNEoYHm9LM1BFDaXcQ6LDrc741zenfVO/Ec9OlNHOmjAAu4 TBmH6tiLGD+nM4eeLrBLQO9g9t1AP8Btmx248yqSj+F8RsZEuARwUX1onuEE6+nO CS8gqOiB8+yXxX3XU+a4uH5SNasvPztB0mN9PujXh3MzOvdOwR2gWxVDGxWMI6Yj zwApVcX21OT35zL1lWiiqg2p+zwhHrYKLLyIffKh2bMRWCCZwYTrIicfjylbqXkk COICsfes3DpvwJl/tntwbdNcvSxeX/z5 -----END CERTIFICATE-----Generated at Sat Apr 12 20:34:29 2025 by rpki-client