$ rpki-client -vvf rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft File: D-jKZIcKPWORHI0tZRuinKztDso.mft (raw, json) Hash identifier: qxQ2cIIg7l8+ps/ycjEkoSLubhsp9EXYYIpxssfEDn0= Subject key identifier: 84:F6:45:DB:B6:C4:90:46:63:C9:27:00:0A:5D:4B:47:01:1C:F6:52 Authority key identifier: 0F:E8:CA:64:87:0A:3D:63:91:1C:8D:2D:65:1B:A2:9C:AC:ED:0E:CA Certificate issuer: /CN=A91B428B/serialNumber=0FE8CA64870A3D63911C8D2D651BA29CACED0ECA Certificate serial: 09A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft Manifest number: 09A0 Signing time: Wed 16 Apr 2025 19:52:27 +0000 Manifest this update: Wed 16 Apr 2025 19:52:27 +0000 Manifest next update: Wed 23 Apr 2025 19:52:27 +0000 Files and hashes: 1: D-jKZIcKPWORHI0tZRuinKztDso.crl (hash: ytYBZrZmCvHWbHW1g29aPhe73mmAgs1rJ0IDM4aMrOk=) 2: 319DF660847811EA8EE07E81C4F9AE02.roa (hash: ZlFR2HTwg3fDW4lClQanT4TaI4rdoCBr8+QBrXHDB9w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.crl rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Apr 2025 19:52:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2471 (0x9a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B428B, serialNumber=0FE8CA64870A3D63911C8D2D651BA29CACED0ECA Validity Not Before: Apr 16 19:52:27 2025 GMT Not After : Apr 23 19:52:27 2025 GMT Subject: CN=68000a7b-3b90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:05:e9:e8:bf:3e:66:0b:bd:99:94:9d:f7:a4: e0:7c:6c:4f:8e:80:4f:9d:d1:db:9c:54:45:7b:c0: 8e:bf:68:c3:f2:3d:77:97:42:c5:63:01:2a:e4:65: 54:f5:a2:ea:61:5b:ba:61:be:65:9f:c3:5d:62:18: c3:7a:e1:1d:d9:ed:3c:36:b5:de:73:43:95:fc:5d: 46:a6:fe:5c:32:8b:6c:52:9c:0c:cb:29:9b:5c:f2: 2b:54:8d:d8:e0:4f:63:2b:9e:a2:b2:9e:02:75:2a: 0f:53:33:dd:85:da:04:6f:fa:c8:d1:6e:6a:78:10: 8d:33:a3:de:c1:72:0e:f5:87:cd:bb:fc:7f:87:40: f8:7b:0e:de:b9:47:93:e2:44:40:59:d2:5b:a1:e7: 2f:39:55:7d:d2:67:bc:6a:2f:37:97:17:e4:62:53: d0:6f:c1:2c:ab:c3:1d:c7:5b:2e:ce:81:1f:b6:b4: 0e:fc:9c:c6:5b:0d:07:8d:e5:c8:87:c5:04:11:04: 0d:e7:33:32:b1:ba:9f:33:45:6e:70:53:a3:f5:d5: b1:20:f8:f4:e1:f1:cc:d7:9e:2f:68:c8:ea:ec:f1: 4c:f9:f8:fe:17:af:2f:94:81:6d:76:de:d6:9f:c2: 82:20:30:52:08:88:ed:db:0f:79:b1:09:34:c6:92: 88:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:F6:45:DB:B6:C4:90:46:63:C9:27:00:0A:5D:4B:47:01:1C:F6:52 X509v3 Authority Key Identifier: keyid:0F:E8:CA:64:87:0A:3D:63:91:1C:8D:2D:65:1B:A2:9C:AC:ED:0E:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:ec:a2:d2:b3:14:7c:7f:d4:d6:06:0b:82:22:5e:e0:30:f1: 01:a9:f0:7e:32:47:06:9f:f4:a6:b3:dd:1b:9f:96:ee:d2:94: 8a:45:19:8b:54:dc:c6:02:fa:10:bc:5f:01:6c:59:b5:c3:ef: 17:25:5b:5c:3b:47:5c:dc:fc:59:bc:94:b5:61:98:c0:82:ee: 4b:ff:4e:19:a2:37:dc:49:bd:60:d9:f9:dc:18:2d:72:59:9b: 3b:a8:fa:12:61:0e:df:5c:d4:40:49:81:cf:23:f0:5a:2a:69: a3:6f:fc:fd:53:67:f7:4d:fe:ae:63:e9:c0:b2:b9:1b:c8:05: 8f:95:4b:74:e0:e5:e5:7a:f0:12:18:34:0e:44:d0:5f:27:6d: 4f:19:77:56:ec:da:0c:59:34:23:0d:b2:76:15:cf:29:06:66: 56:b4:25:2a:a4:c5:b0:ad:2c:75:52:56:aa:5b:77:91:08:d4: d8:c9:d2:d9:46:e3:67:37:40:b3:eb:e6:40:8f:b8:1c:a4:cf: b6:f9:66:43:70:fc:53:46:97:6e:98:0d:e8:35:43:71:63:8a: 05:c5:b3:d6:7c:67:1a:bb:d8:1b:06:87:34:62:2b:3a:24:b2: 07:15:40:6e:c8:05:a7:be:ba:c8:d5:0e:4b:3e:87:ae:58:1d: 4d:59:31:b8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQyOEIxMTAvBgNVBAUTKDBGRThDQTY0ODcwQTNENjM5MTFDOEQyRDY1MUJBMjlD QUNFRDBFQ0EwHhcNMjUwNDE2MTk1MjI3WhcNMjUwNDIzMTk1MjI3WjAYMRYwFAYD VQQDEw02ODAwMGE3Yi0zYjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAogXp6L8+Zgu9mZSd96TgfGxPjoBPndHbnFRFe8COv2jD8j13l0LFYwEq5GVU 9aLqYVu6Yb5ln8NdYhjDeuEd2e08NrXec0OV/F1Gpv5cMotsUpwMyymbXPIrVI3Y 4E9jK56isp4CdSoPUzPdhdoEb/rI0W5qeBCNM6PewXIO9YfNu/x/h0D4ew7euUeT 4kRAWdJboecvOVV90me8ai83lxfkYlPQb8Esq8Mdx1suzoEftrQO/JzGWw0HjeXI h8UEEQQN5zMysbqfM0VucFOj9dWxIPj04fHM154vaMjq7PFM+fj+F68vlIFtdt7W n8KCIDBSCIjt2w95sQk0xpKIsQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIT2Rdu2 xJBGY8knAApdS0cBHPZSMB8GA1UdIwQYMBaAFA/oymSHCj1jkRyNLWUbopys7Q7K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDI4Qi8zQTBCNkMwQzg0 NzcxMUVBQjNCNDM2ODBDNEY5QUUwMi9ELWpLWkljS1BXT1JISTB0WlJ1aW5LenRE c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QtaktaSWNLUFdPUkhJMHRaUnVpbkt6dERzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDI4Qi8zQTBCNkMwQzg0NzcxMUVBQjNCNDM2ODBDNEY5QUUwMi9ELWpLWkljS1BX T1JISTB0WlJ1aW5LenREc28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAF7KLSsxR8f9TWBguCIl7gMPEBqfB+MkcGn/Sms90bn5bu0pSKRRmL VNzGAvoQvF8BbFm1w+8XJVtcO0dc3PxZvJS1YZjAgu5L/04ZojfcSb1g2fncGC1y WZs7qPoSYQ7fXNRASYHPI/BaKmmjb/z9U2f3Tf6uY+nAsrkbyAWPlUt04OXlevAS GDQORNBfJ21PGXdW7NoMWTQjDbJ2Fc8pBmZWtCUqpMWwrSx1UlaqW3eRCNTYydLZ RuNnN0Cz6+ZAj7gcpM+2+WZDcPxTRpdumA3oNUNxY4oFxbPWfGcau9gbBoc0Yis6 JLIHFUBuyAWnvrrI1Q5LPoeuWB1NWTG4 -----END CERTIFICATE-----Generated at Fri Apr 18 18:37:21 2025 by rpki-client