$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1F4F/0FDB974C74D711E8BC82D42CC4F9AE02/MB6kG5ONf0s895PQEveN06U5cCQ.mft File: MB6kG5ONf0s895PQEveN06U5cCQ.mft (raw, json) Hash identifier: GEhYV3AtPw5vn72YdXjTj6sgpzPxTQQVjlKs3bauvKA= Subject key identifier: 07:D2:37:75:44:68:81:75:9D:BF:D2:D9:D9:0F:EA:88:26:29:AB:2B Authority key identifier: 30:1E:A4:1B:93:8D:7F:4B:3C:F7:93:D0:12:F7:8D:D3:A5:39:70:24 Certificate issuer: /CN=A91B1F4F/serialNumber=301EA41B938D7F4B3CF793D012F78DD3A5397024 Certificate serial: 1429 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MB6kG5ONf0s895PQEveN06U5cCQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1F4F/0FDB974C74D711E8BC82D42CC4F9AE02/MB6kG5ONf0s895PQEveN06U5cCQ.mft Manifest number: 141F Signing time: Fri 04 Apr 2025 17:01:03 +0000 Manifest this update: Fri 04 Apr 2025 17:01:02 +0000 Manifest next update: Fri 11 Apr 2025 17:01:02 +0000 Files and hashes: 1: MB6kG5ONf0s895PQEveN06U5cCQ.crl (hash: B4uYgIgJ0mnTd+uVUnlXtXLNcc0+ylaeyH43l3D2dbA=) 2: 61574192E37A11EB8AF29A5BC4F9AE02.roa (hash: W5cx07cNyMaDMA4R0/MWrV4hAi09Yk83hfS7ozdwiBc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1F4F/0FDB974C74D711E8BC82D42CC4F9AE02/MB6kG5ONf0s895PQEveN06U5cCQ.crl rsync://rpki.apnic.net/member_repository/A91B1F4F/0FDB974C74D711E8BC82D42CC4F9AE02/MB6kG5ONf0s895PQEveN06U5cCQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MB6kG5ONf0s895PQEveN06U5cCQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 17:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5161 (0x1429) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1F4F Validity Not Before: Apr 4 17:01:02 2025 GMT Not After : Apr 11 17:01:02 2025 GMT Subject: CN=67f0104e-35d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:d1:38:5d:36:70:9c:0e:34:de:be:02:a9:e7: 22:9b:3d:11:45:6e:f9:5c:d5:b8:e3:e0:35:39:8d: 2a:1b:bf:a9:c5:2b:70:1e:8f:ce:e2:ce:24:aa:ec: 0a:f7:0d:cc:51:6d:b3:a4:a1:e8:b7:12:d5:fc:7e: 1e:d3:57:9a:a0:fb:c2:34:0e:f6:dc:d8:af:40:b9: d1:4b:14:ee:8d:08:23:5b:73:f7:db:9a:42:77:d7: 53:c2:44:e7:4d:06:76:e3:3f:d2:45:94:50:9f:16: 02:9f:dc:c6:3f:b8:ac:5e:b7:45:48:dd:ee:44:4a: 74:aa:45:a9:08:02:d6:89:a3:f9:23:36:88:98:a7: 19:c8:cc:9f:5b:b1:7d:0e:47:20:77:34:da:6c:a6: 4c:57:2b:c6:43:be:d0:bf:95:39:59:9b:dd:aa:64: a3:1e:0d:b4:99:d9:01:a3:4c:72:a9:59:7e:b2:62: 22:f3:c3:74:dd:f5:fd:01:0c:34:ce:43:2f:94:10: 19:95:33:01:7e:02:24:2a:0e:46:23:e7:98:32:df: f6:66:4d:b8:82:eb:5c:f0:ca:e4:76:be:ba:20:09: 72:78:48:05:87:31:fd:da:29:3b:fb:e6:79:c8:8c: cc:fa:af:c1:93:72:21:bd:8b:9f:40:f2:be:26:dd: 12:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:D2:37:75:44:68:81:75:9D:BF:D2:D9:D9:0F:EA:88:26:29:AB:2B X509v3 Authority Key Identifier: keyid:30:1E:A4:1B:93:8D:7F:4B:3C:F7:93:D0:12:F7:8D:D3:A5:39:70:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1F4F/0FDB974C74D711E8BC82D42CC4F9AE02/MB6kG5ONf0s895PQEveN06U5cCQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MB6kG5ONf0s895PQEveN06U5cCQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1F4F/0FDB974C74D711E8BC82D42CC4F9AE02/MB6kG5ONf0s895PQEveN06U5cCQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bb:eb:6a:75:8d:e2:39:8f:11:8a:1e:f8:ea:b6:8e:fa:ba:ba: 43:58:fc:20:6d:5b:a2:aa:5a:25:26:c2:c5:5c:7f:d2:91:66: 3a:2d:2f:63:a9:b3:e1:0b:c9:6b:a7:b8:f6:ab:78:bd:f7:a3: cf:e6:42:99:6f:34:e1:d2:a8:b3:5c:41:57:1c:8f:e5:6c:4b: 1a:e0:81:ef:95:2e:32:e7:95:e0:89:cc:33:4a:fb:78:18:0c: c9:a5:ab:8e:ce:95:01:d0:9a:8f:c3:4f:1c:b4:2a:1f:a5:2f: 2b:78:58:fc:04:7b:76:5a:fe:e3:fc:71:d8:81:f4:f5:84:71: 1f:34:66:5f:a1:2b:ad:f7:ea:d3:23:a9:c1:d5:03:1b:ad:25: 9d:7f:c9:83:7a:28:4b:bb:2b:ad:95:61:09:c5:ee:46:90:65: a6:1e:9b:26:2c:ae:ae:62:d5:5e:3e:14:96:b1:6c:a6:40:46: a2:c3:5b:90:f9:66:94:de:9e:03:e4:a1:77:89:37:c3:30:b3: b9:fe:9c:44:3e:9c:bd:2a:f6:f3:5d:9d:01:a9:52:49:9c:a9: 29:37:ae:ab:09:07:56:ca:b8:59:a8:43:33:59:9b:57:46:00: 3e:36:0d:ce:3f:d3:70:07:b7:d2:81:08:a7:ec:99:a0:d8:a2: c7:d4:03:30 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFCkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFGNEYxMTAvBgNVBAUTKDMwMUVBNDFCOTM4RDdGNEIzQ0Y3OTNEMDEyRjc4REQz QTUzOTcwMjQwHhcNMjUwNDA0MTcwMTAyWhcNMjUwNDExMTcwMTAyWjAYMRYwFAYD VQQDEw02N2YwMTA0ZS0zNWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw9E4XTZwnA403r4Cqecimz0RRW75XNW44+A1OY0qG7+pxStwHo/O4s4kquwK 9w3MUW2zpKHotxLV/H4e01eaoPvCNA723NivQLnRSxTujQgjW3P325pCd9dTwkTn TQZ24z/SRZRQnxYCn9zGP7isXrdFSN3uREp0qkWpCALWiaP5IzaImKcZyMyfW7F9 DkcgdzTabKZMVyvGQ77Qv5U5WZvdqmSjHg20mdkBo0xyqVl+smIi88N03fX9AQw0 zkMvlBAZlTMBfgIkKg5GI+eYMt/2Zk24gutc8Mrkdr66IAlyeEgFhzH92ik7++Z5 yIzM+q/Bk3IhvYufQPK+Jt0SLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAfSN3VE aIF1nb/S2dkP6ogmKasrMB8GA1UdIwQYMBaAFDAepBuTjX9LPPeT0BL3jdOlOXAk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUY0Ri8wRkRCOTc0Qzc0 RDcxMUU4QkM4MkQ0MkNDNEY5QUUwMi9NQjZrRzVPTmYwczg5NVBRRXZlTjA2VTVj Q1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01CNmtHNU9OZjBzODk1UFFFdmVOMDZVNWNDUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MUY0Ri8wRkRCOTc0Qzc0RDcxMUU4QkM4MkQ0MkNDNEY5QUUwMi9NQjZrRzVPTmYw czg5NVBRRXZlTjA2VTVjQ1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC762p1jeI5jxGKHvjqto76urpDWPwgbVuiqlolJsLFXH/SkWY6LS9j qbPhC8lrp7j2q3i996PP5kKZbzTh0qizXEFXHI/lbEsa4IHvlS4y55XgicwzSvt4 GAzJpauOzpUB0JqPw08ctCofpS8reFj8BHt2Wv7j/HHYgfT1hHEfNGZfoSut9+rT I6nB1QMbrSWdf8mDeihLuyutlWEJxe5GkGWmHpsmLK6uYtVePhSWsWymQEaiw1uQ +WaU3p4D5KF3iTfDMLO5/pxEPpy9KvbzXZ0BqVJJnKkpN66rCQdWyrhZqEMzWZtX RgA+Ng3OP9NwB7fSgQin7Jmg2KLH1AMw -----END CERTIFICATE-----Generated at Sun Apr 6 00:34:44 2025 by rpki-client