$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAFCE/2D34C392B29C11ED98A8314AC4F9AE02/-9GoSKH4mo0k2wtoF6CH-y313wg.mft File: -9GoSKH4mo0k2wtoF6CH-y313wg.mft (raw, json) Hash identifier: KQ6+kFRJAD9MEZls6TglzSPXiVisL7dI2UfETAOuqvA= Subject key identifier: F0:D0:0A:58:A6:33:F1:12:15:CE:18:30:32:6A:FE:15:F6:62:B4:29 Authority key identifier: FB:D1:A8:48:A1:F8:9A:8D:24:DB:0B:68:17:A0:87:FB:2D:F5:DF:08 Certificate issuer: /CN=A91BAFCE/serialNumber=FBD1A848A1F89A8D24DB0B6817A087FB2DF5DF08 Certificate serial: 018D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-9GoSKH4mo0k2wtoF6CH-y313wg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BAFCE/2D34C392B29C11ED98A8314AC4F9AE02/-9GoSKH4mo0k2wtoF6CH-y313wg.mft Manifest number: 018A Signing time: Sat 29 Mar 2025 03:04:35 +0000 Manifest this update: Sat 29 Mar 2025 03:04:35 +0000 Manifest next update: Sat 05 Apr 2025 03:04:34 +0000 Files and hashes: 1: -9GoSKH4mo0k2wtoF6CH-y313wg.crl (hash: skTXB7r0kZRb237GORLhRF7rX4j1qXvPA9dG5wMVChs=) 2: 37C8FE80B2A211ED9A5C4B53C4F9AE02.roa (hash: RFveBx12nYjQL7C6dI7Z0G+EUk4Kgzyh1OTU3yziD98=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BAFCE/2D34C392B29C11ED98A8314AC4F9AE02/-9GoSKH4mo0k2wtoF6CH-y313wg.crl rsync://rpki.apnic.net/member_repository/A91BAFCE/2D34C392B29C11ED98A8314AC4F9AE02/-9GoSKH4mo0k2wtoF6CH-y313wg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-9GoSKH4mo0k2wtoF6CH-y313wg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 03:04:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 397 (0x18d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BAFCE Validity Not Before: Mar 29 03:04:35 2025 GMT Not After : Apr 5 03:04:34 2025 GMT Subject: CN=67e76343-aa1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:04:63:ab:47:c4:f5:4e:ef:3f:4e:2d:9c:31: d3:f3:87:07:78:cd:dd:4b:94:7c:71:f9:3a:10:e5: 5d:ff:b7:78:c4:4f:5c:7e:82:b8:94:8b:df:e8:88: 9f:72:5b:94:b5:83:83:d5:f4:bd:0f:e6:39:b6:76: 38:85:21:69:91:ee:61:97:34:41:bd:c2:3e:8a:08: 9c:82:3a:c2:f6:e5:e7:b3:18:22:c6:2e:2a:24:ea: d2:8a:3c:86:2e:b2:96:38:62:e5:92:67:f5:12:f4: a8:9f:e7:59:a7:99:3b:5b:70:bf:fc:72:e5:40:4f: f9:5a:84:45:39:6f:ab:05:af:0b:6e:63:74:21:98: 8d:fc:8a:a1:16:ad:2a:a4:8a:b4:a9:04:0c:6a:cf: 12:64:db:16:b1:f4:3d:0b:be:6f:06:38:34:c2:cb: b8:2e:1f:bf:cd:be:6e:1c:ee:cf:74:0d:65:54:39: b2:b4:ee:6a:1a:0e:bb:1f:96:09:32:c8:c0:49:19: 06:b7:e4:b4:ff:f8:fa:9b:a0:ed:4a:7b:8c:cf:36: 0e:55:e4:2e:c6:a5:d8:53:09:ad:77:cc:df:96:46: 78:fe:b6:1e:f9:2b:43:23:99:08:86:ab:b2:2c:3f: 02:97:94:62:dd:48:0d:f7:35:39:96:3c:a7:69:c0: 93:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:D0:0A:58:A6:33:F1:12:15:CE:18:30:32:6A:FE:15:F6:62:B4:29 X509v3 Authority Key Identifier: keyid:FB:D1:A8:48:A1:F8:9A:8D:24:DB:0B:68:17:A0:87:FB:2D:F5:DF:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BAFCE/2D34C392B29C11ED98A8314AC4F9AE02/-9GoSKH4mo0k2wtoF6CH-y313wg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-9GoSKH4mo0k2wtoF6CH-y313wg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAFCE/2D34C392B29C11ED98A8314AC4F9AE02/-9GoSKH4mo0k2wtoF6CH-y313wg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:e5:2f:73:62:0c:d6:f6:cb:62:49:61:df:0b:f4:2c:4e:ff: 03:be:e8:bc:59:fb:5e:f1:cc:31:53:4f:d7:4b:25:f9:93:0b: ba:44:d3:65:6e:91:c2:08:4a:42:a8:60:81:d7:a3:c9:5c:30: e6:21:36:d4:f3:8e:ed:78:90:1b:ea:f3:08:f9:2f:53:ba:11: 28:3b:15:58:bb:c2:77:19:d6:16:8f:9d:c7:50:37:38:5c:e6: 2b:0c:d8:89:d9:b2:75:be:bb:66:6c:e8:6c:0e:bd:c0:f7:9d: e7:32:76:35:dc:60:49:15:e3:0c:d6:61:74:7e:d3:dd:bc:ca: c5:6a:7a:2f:7d:51:14:3c:fe:44:d4:9c:3c:89:eb:bd:f1:3d: 28:ff:8f:b2:9a:78:37:49:48:2f:3b:c1:78:a7:90:91:e1:d9: 4a:b1:5c:0b:50:66:e7:7a:3b:5a:91:4b:5a:ed:51:4c:f0:d8: 89:16:fb:47:15:e8:11:8f:3a:d2:fb:56:45:f2:cb:65:db:b6: ba:cd:f1:41:b6:57:cd:98:f2:c9:76:3b:bf:07:4e:09:df:46: 8a:a4:fb:dd:33:d3:6b:26:a5:c3:53:79:43:09:21:1c:5a:03: dc:ac:2b:b8:64:9b:a0:5a:b7:5d:59:28:6e:68:c4:02:b9:2b: d0:b3:d5:65 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAY0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkFGQ0UxMTAvBgNVBAUTKEZCRDFBODQ4QTFGODlBOEQyNERCMEI2ODE3QTA4N0ZC MkRGNURGMDgwHhcNMjUwMzI5MDMwNDM1WhcNMjUwNDA1MDMwNDM0WjAYMRYwFAYD VQQDEw02N2U3NjM0My1hYTFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApgRjq0fE9U7vP04tnDHT84cHeM3dS5R8cfk6EOVd/7d4xE9cfoK4lIvf6Iif cluUtYOD1fS9D+Y5tnY4hSFpke5hlzRBvcI+igicgjrC9uXnsxgixi4qJOrSijyG LrKWOGLlkmf1EvSon+dZp5k7W3C//HLlQE/5WoRFOW+rBa8LbmN0IZiN/IqhFq0q pIq0qQQMas8SZNsWsfQ9C75vBjg0wsu4Lh+/zb5uHO7PdA1lVDmytO5qGg67H5YJ MsjASRkGt+S0//j6m6DtSnuMzzYOVeQuxqXYUwmtd8zflkZ4/rYe+StDI5kIhquy LD8Cl5Ri3UgN9zU5ljynacCTfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPDQClim M/ESFc4YMDJq/hX2YrQpMB8GA1UdIwQYMBaAFPvRqEih+JqNJNsLaBegh/st9d8I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQUZDRS8yRDM0QzM5MkIy OUMxMUVEOThBODMxNEFDNEY5QUUwMi8tOUdvU0tING1vMGsyd3RvRjZDSC15MzEz d2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy05R29TS0g0bW8wazJ3dG9GNkNILXkzMTN3Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QUZDRS8yRDM0QzM5MkIyOUMxMUVEOThBODMxNEFDNEY5QUUwMi8tOUdvU0tING1v MGsyd3RvRjZDSC15MzEzd2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCL5S9zYgzW9stiSWHfC/QsTv8Dvui8Wfte8cwxU0/XSyX5kwu6RNNl bpHCCEpCqGCB16PJXDDmITbU847teJAb6vMI+S9TuhEoOxVYu8J3GdYWj53HUDc4 XOYrDNiJ2bJ1vrtmbOhsDr3A953nMnY13GBJFeMM1mF0ftPdvMrFanovfVEUPP5E 1Jw8ieu98T0o/4+ymng3SUgvO8F4p5CR4dlKsVwLUGbnejtakUta7VFM8NiJFvtH FegRjzrS+1ZF8stl27a6zfFBtlfNmPLJdju/B04J30aKpPvdM9NrJqXDU3lDCSEc WgPcrCu4ZJugWrddWShuaMQCuSvQs9Vl -----END CERTIFICATE-----Generated at Fri Apr 4 21:07:38 2025 by rpki-client