$ rpki-client -vvf rpki.apnic.net/member_repository/A91BE6D7/71A51574AEF211EEB293B480C4F9AE02/cM0CtmQkeah0RicVcG5qqaidosk.mft File: cM0CtmQkeah0RicVcG5qqaidosk.mft (raw, json) Hash identifier: cAEDHQp6qNgy/FSSfuQ1+Y+NlM66wQNaL0u246VvfH0= Subject key identifier: 6C:4E:DA:91:0D:5B:40:4A:EE:DC:6A:CC:0D:E1:9F:6C:E3:50:53:23 Authority key identifier: 70:CD:02:B6:64:24:79:A8:74:46:27:15:70:6E:6A:A9:A8:9D:A2:C9 Certificate issuer: /CN=A91BE6D7/serialNumber=70CD02B6642479A874462715706E6AA9A89DA2C9 Certificate serial: FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cM0CtmQkeah0RicVcG5qqaidosk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BE6D7/71A51574AEF211EEB293B480C4F9AE02/cM0CtmQkeah0RicVcG5qqaidosk.mft Manifest number: F2 Signing time: Sat 29 Mar 2025 04:47:26 +0000 Manifest this update: Sat 29 Mar 2025 04:47:26 +0000 Manifest next update: Sat 05 Apr 2025 04:47:26 +0000 Files and hashes: 1: cM0CtmQkeah0RicVcG5qqaidosk.crl (hash: 21JvhbwwFunnsibFJF3sjXo3K5Oj7Yk7v0iDHgpHL48=) 2: 7251CC7C546211EF85988412C4F9AE02.roa (hash: MXnU/QcuEmDKktg0CnuwolgKiFkbHbMHOSWdEnSOv5c=) 3: 371059F4B8A311EEBDA30041C4F9AE02.roa (hash: S3mbIiQ1nO0L4Bz9sTuCjtwzB96XobjR5ufSof/xnsw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BE6D7/71A51574AEF211EEB293B480C4F9AE02/cM0CtmQkeah0RicVcG5qqaidosk.crl rsync://rpki.apnic.net/member_repository/A91BE6D7/71A51574AEF211EEB293B480C4F9AE02/cM0CtmQkeah0RicVcG5qqaidosk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cM0CtmQkeah0RicVcG5qqaidosk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 04:47:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 253 (0xfd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BE6D7 Validity Not Before: Mar 29 04:47:26 2025 GMT Not After : Apr 5 04:47:26 2025 GMT Subject: CN=67e77b5e-7783 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ca:b9:9f:41:b2:9e:52:5b:02:64:2e:06:26: 86:56:b7:11:82:a1:82:4f:89:40:22:6a:c6:83:84: af:58:5c:37:e9:47:e5:aa:53:8b:e2:ae:9f:b5:d0: 04:34:7c:04:40:40:e3:cb:ff:48:e7:9b:38:d5:b3: 30:12:1a:ea:e9:bc:6e:d2:38:40:1b:5e:6c:a6:68: 99:6c:5b:ff:12:86:29:b8:63:38:06:62:c4:c9:2e: bb:06:f9:12:84:fa:79:60:32:df:0f:d2:69:cd:50: 9b:d2:35:ef:a8:0c:70:11:51:fb:52:67:01:14:b0: 03:9b:2f:5c:e8:9d:48:e3:21:50:15:54:d4:4a:99: 3a:06:f5:79:3e:cb:98:7a:69:a0:e0:4d:b6:cf:97: 04:d1:44:1d:b8:60:3c:56:2a:fd:fe:99:2e:2d:65: f4:18:1a:21:b6:75:a6:69:39:8f:e0:72:13:97:fa: 86:dc:14:76:60:c5:84:46:c4:df:bf:39:d4:9b:8d: f0:25:fb:52:d7:30:fe:0f:6f:9a:03:1d:18:ed:c9: 62:1a:90:60:67:7d:c3:fd:9f:c1:da:a5:28:d4:71: 16:1c:70:33:ed:5b:33:f6:de:0a:b5:ba:1d:f0:65: fb:44:14:b5:4f:52:4f:bf:4b:dc:1b:6a:17:5b:c2: b7:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:4E:DA:91:0D:5B:40:4A:EE:DC:6A:CC:0D:E1:9F:6C:E3:50:53:23 X509v3 Authority Key Identifier: keyid:70:CD:02:B6:64:24:79:A8:74:46:27:15:70:6E:6A:A9:A8:9D:A2:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BE6D7/71A51574AEF211EEB293B480C4F9AE02/cM0CtmQkeah0RicVcG5qqaidosk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cM0CtmQkeah0RicVcG5qqaidosk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BE6D7/71A51574AEF211EEB293B480C4F9AE02/cM0CtmQkeah0RicVcG5qqaidosk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 55:7f:d5:4c:05:07:f1:55:f3:35:85:3b:a3:1c:18:21:8d:58: 8a:d3:30:37:d0:17:af:16:6f:91:42:1f:f5:ee:af:f6:11:2d: 61:fd:4d:36:43:65:59:d5:35:1c:68:26:35:63:4a:98:4c:6a: ae:f0:6c:49:41:15:7a:d2:dc:02:18:fa:f2:14:cd:b7:65:2a: 4e:97:3f:7e:43:de:fc:f9:7c:a3:26:44:b3:a8:22:d9:b2:e6: f8:a1:1b:67:3c:fb:17:18:45:e8:fd:1d:aa:ba:f5:ee:dd:a4: a7:2e:63:0e:44:6a:e7:87:eb:d7:7c:8e:60:71:f7:9d:19:fb: 6e:b3:c9:45:b0:d3:8d:02:f2:30:5b:83:78:40:c0:e8:12:1d: 47:a6:b1:a4:3a:19:61:c4:bf:fe:8d:8a:1f:11:97:2a:cf:3d: 9b:94:3a:61:29:db:1e:41:d0:92:ad:38:1e:6c:9d:2f:03:74: c0:83:8c:e0:e8:38:84:45:66:e0:09:f1:a1:20:59:60:aa:a6: 3e:b8:aa:a9:c0:16:cc:8b:45:67:76:67:84:85:1f:4e:b1:7f: 5a:34:90:7d:c3:01:8d:a4:02:04:5c:ef:fd:1a:f2:fd:f6:26: cd:eb:2b:46:eb:f1:0c:ca:d7:9f:16:fa:f2:6f:5d:fa:a9:01: f3:44:55:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAP0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkU2RDcxMTAvBgNVBAUTKDcwQ0QwMkI2NjQyNDc5QTg3NDQ2MjcxNTcwNkU2QUE5 QTg5REEyQzkwHhcNMjUwMzI5MDQ0NzI2WhcNMjUwNDA1MDQ0NzI2WjAYMRYwFAYD VQQDEw02N2U3N2I1ZS03NzgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwMq5n0GynlJbAmQuBiaGVrcRgqGCT4lAImrGg4SvWFw36UflqlOL4q6ftdAE NHwEQEDjy/9I55s41bMwEhrq6bxu0jhAG15spmiZbFv/EoYpuGM4BmLEyS67BvkS hPp5YDLfD9JpzVCb0jXvqAxwEVH7UmcBFLADmy9c6J1I4yFQFVTUSpk6BvV5PsuY emmg4E22z5cE0UQduGA8Vir9/pkuLWX0GBohtnWmaTmP4HITl/qG3BR2YMWERsTf vznUm43wJftS1zD+D2+aAx0Y7cliGpBgZ33D/Z/B2qUo1HEWHHAz7Vsz9t4Ktbod 8GX7RBS1T1JPv0vcG2oXW8K3dwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGxO2pEN W0BK7txqzA3hn2zjUFMjMB8GA1UdIwQYMBaAFHDNArZkJHmodEYnFXBuaqmonaLJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRTZENy83MUE1MTU3NEFF RjIxMUVFQjI5M0I0ODBDNEY5QUUwMi9jTTBDdG1Ra2VhaDBSaWNWY0c1cXFhaWRv c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NNMEN0bVFrZWFoMFJpY1ZjRzVxcWFpZG9zay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RTZENy83MUE1MTU3NEFFRjIxMUVFQjI5M0I0ODBDNEY5QUUwMi9jTTBDdG1Ra2Vh aDBSaWNWY0c1cXFhaWRvc2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBVf9VMBQfxVfM1hTujHBghjViK0zA30BevFm+RQh/17q/2ES1h/U02 Q2VZ1TUcaCY1Y0qYTGqu8GxJQRV60twCGPryFM23ZSpOlz9+Q978+XyjJkSzqCLZ sub4oRtnPPsXGEXo/R2quvXu3aSnLmMORGrnh+vXfI5gcfedGftus8lFsNONAvIw W4N4QMDoEh1HprGkOhlhxL/+jYofEZcqzz2blDphKdseQdCSrTgebJ0vA3TAg4zg 6DiERWbgCfGhIFlgqqY+uKqpwBbMi0VndmeEhR9OsX9aNJB9wwGNpAIEXO/9GvL9 9ibN6ytG6/EMytefFvryb136qQHzRFWw -----END CERTIFICATE-----Generated at Fri Apr 4 22:24:44 2025 by rpki-client