$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4713/FE1BD97C892A11EEB614826AC4F9AE02/aaSG-_IUhPFBL7ioCieKJIzvvrI.mft File: aaSG-_IUhPFBL7ioCieKJIzvvrI.mft (raw, json) Hash identifier: ysx0QfdtXqxJuut1iDgSwDddc6yN/pvIGJjManhh/1g= Subject key identifier: 4C:3A:0D:BF:CD:33:37:6E:BB:E0:DD:48:09:F4:47:05:17:44:5D:25 Authority key identifier: 69:A4:86:FB:F2:14:84:F1:41:2F:B8:A8:0A:27:8A:24:8C:EF:BE:B2 Certificate issuer: /CN=A91B4713/serialNumber=69A486FBF21484F1412FB8A80A278A248CEFBEB2 Certificate serial: 0113 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aaSG-_IUhPFBL7ioCieKJIzvvrI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4713/FE1BD97C892A11EEB614826AC4F9AE02/aaSG-_IUhPFBL7ioCieKJIzvvrI.mft Manifest number: 010E Signing time: Mon 21 Apr 2025 03:52:28 +0000 Manifest this update: Mon 21 Apr 2025 03:52:28 +0000 Manifest next update: Mon 28 Apr 2025 03:52:28 +0000 Files and hashes: 1: aaSG-_IUhPFBL7ioCieKJIzvvrI.crl (hash: LEeRBU7ehS0Lc+cSVrPOkv9qonAXY5fCIHWzGhPdSyM=) 2: A5656D2E892B11EE94747D6BC4F9AE02.roa (hash: 01zpHNpEXp5bla5wzGX7psaD7zJbZ+wyzWYL5eybWGY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4713/FE1BD97C892A11EEB614826AC4F9AE02/aaSG-_IUhPFBL7ioCieKJIzvvrI.crl rsync://rpki.apnic.net/member_repository/A91B4713/FE1BD97C892A11EEB614826AC4F9AE02/aaSG-_IUhPFBL7ioCieKJIzvvrI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aaSG-_IUhPFBL7ioCieKJIzvvrI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 03:52:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 275 (0x113) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4713, serialNumber=69A486FBF21484F1412FB8A80A278A248CEFBEB2 Validity Not Before: Apr 21 03:52:28 2025 GMT Not After : Apr 28 03:52:28 2025 GMT Subject: CN=6805c0fc-8579 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:60:bf:ba:ea:13:ed:a9:5a:51:ab:c6:10:91: de:dc:81:64:55:bb:51:5a:67:dc:69:59:0e:71:d1: b3:eb:36:c6:6b:bc:79:41:d6:98:c5:e5:d4:a5:71: 68:b4:c2:22:62:d6:16:cf:e5:97:88:28:ea:61:ad: 51:c8:27:97:92:f5:ad:be:45:cb:47:71:31:9d:52: 7a:24:07:86:f0:5a:1a:37:be:e5:a9:8a:af:0e:2e: 3d:ee:93:72:d9:db:7e:59:0f:f3:9f:2c:4f:67:29: 89:3d:9a:46:42:5c:b3:02:db:4a:24:8f:f8:55:ba: 04:59:3d:24:4e:f7:9e:6f:bd:08:47:9a:23:21:87: 1a:b7:b5:c8:f0:0a:fc:6a:e9:35:dc:5f:ed:27:a4: b2:b9:1f:2e:49:61:14:55:77:aa:80:40:e4:94:32: 1a:ad:f7:74:ba:9d:d3:da:fe:45:ad:d0:7b:44:fc: 31:c2:f5:cb:c5:aa:fe:99:6f:41:44:04:d7:88:08: 9f:90:eb:b6:28:61:de:a7:ba:77:9b:2c:b9:48:97: fa:31:82:96:3d:4f:c9:bf:67:85:5d:97:87:15:28: 76:da:5a:5d:aa:e5:c3:e8:95:7b:d1:56:0d:9e:80: de:cd:4f:30:86:4a:9f:c7:07:1d:d2:3c:0a:6e:e2: 9e:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:3A:0D:BF:CD:33:37:6E:BB:E0:DD:48:09:F4:47:05:17:44:5D:25 X509v3 Authority Key Identifier: keyid:69:A4:86:FB:F2:14:84:F1:41:2F:B8:A8:0A:27:8A:24:8C:EF:BE:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4713/FE1BD97C892A11EEB614826AC4F9AE02/aaSG-_IUhPFBL7ioCieKJIzvvrI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aaSG-_IUhPFBL7ioCieKJIzvvrI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4713/FE1BD97C892A11EEB614826AC4F9AE02/aaSG-_IUhPFBL7ioCieKJIzvvrI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:f7:52:c1:68:da:a6:dd:9a:64:ec:b2:8a:7c:58:4b:58:02: b7:29:4b:15:0e:27:fe:ee:0a:77:56:72:16:01:89:2b:d3:51: 66:52:6e:f2:3b:7b:ae:7b:8f:1a:92:ab:e8:d5:31:03:83:5a: e2:58:ec:8c:bc:97:de:8b:4f:4e:51:ec:9b:e7:5c:46:b6:f2: bf:72:32:9b:93:93:71:d8:4a:96:0c:ae:b1:df:d1:57:58:98: 65:79:47:21:eb:13:34:43:ed:51:2b:e3:b1:78:f7:66:b2:0f: 27:65:a9:09:e8:64:4e:c5:03:3b:7a:f8:46:74:12:69:56:13: 6e:0c:f0:ab:a5:67:e1:cf:af:7c:01:76:f1:b1:e8:ff:db:5f: 96:d9:7d:56:77:91:8c:64:bf:2c:c6:59:86:7a:01:53:37:7e: fc:d9:ff:f5:d1:1b:dc:e3:15:91:54:3c:a7:9b:9a:f1:fd:a2: 77:8b:99:c3:7f:a0:22:05:87:e9:5f:e6:63:8e:d9:18:bf:b1: 08:7a:6f:13:ac:00:f9:17:42:88:6d:d8:9a:2f:be:4b:83:19: 9b:a9:a9:9e:7d:4c:7a:56:1a:0b:56:6c:63:f0:7b:ee:02:8b: 07:84:fe:d4:23:ae:c6:82:89:f3:09:7a:ea:37:1b:d1:53:c5: aa:33:b9:f4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICARMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQ3MTMxMTAvBgNVBAUTKDY5QTQ4NkZCRjIxNDg0RjE0MTJGQjhBODBBMjc4QTI0 OENFRkJFQjIwHhcNMjUwNDIxMDM1MjI4WhcNMjUwNDI4MDM1MjI4WjAYMRYwFAYD VQQDEw02ODA1YzBmYy04NTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwGC/uuoT7alaUavGEJHe3IFkVbtRWmfcaVkOcdGz6zbGa7x5QdaYxeXUpXFo tMIiYtYWz+WXiCjqYa1RyCeXkvWtvkXLR3ExnVJ6JAeG8FoaN77lqYqvDi497pNy 2dt+WQ/znyxPZymJPZpGQlyzAttKJI/4VboEWT0kTveeb70IR5ojIYcat7XI8Ar8 auk13F/tJ6SyuR8uSWEUVXeqgEDklDIarfd0up3T2v5FrdB7RPwxwvXLxar+mW9B RATXiAifkOu2KGHep7p3myy5SJf6MYKWPU/Jv2eFXZeHFSh22lpdquXD6JV70VYN noDezU8whkqfxwcd0jwKbuKeqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEw6Db/N Mzduu+DdSAn0RwUXRF0lMB8GA1UdIwQYMBaAFGmkhvvyFITxQS+4qAoniiSM776y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDcxMy9GRTFCRDk3Qzg5 MkExMUVFQjYxNDgyNkFDNEY5QUUwMi9hYVNHLV9JVWhQRkJMN2lvQ2llS0pJenZ2 ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FhU0ctX0lVaFBGQkw3aW9DaWVLSkl6dnZySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDcxMy9GRTFCRDk3Qzg5MkExMUVFQjYxNDgyNkFDNEY5QUUwMi9hYVNHLV9JVWhQ RkJMN2lvQ2llS0pJenZ2ckkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBH91LBaNqm3Zpk7LKKfFhLWAK3KUsVDif+7gp3VnIWAYkr01FmUm7y O3uue48akqvo1TEDg1riWOyMvJfei09OUeyb51xGtvK/cjKbk5Nx2EqWDK6x39FX WJhleUch6xM0Q+1RK+OxePdmsg8nZakJ6GROxQM7evhGdBJpVhNuDPCrpWfhz698 AXbxsej/21+W2X1Wd5GMZL8sxlmGegFTN3782f/10Rvc4xWRVDynm5rx/aJ3i5nD f6AiBYfpX+ZjjtkYv7EIem8TrAD5F0KIbdiaL75LgxmbqamefUx6VhoLVmxj8Hvu AosHhP7UI67GgonzCXrqNxvRU8WqM7n0 -----END CERTIFICATE-----Generated at Tue Apr 22 12:26:13 2025 by rpki-client