$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.mft File: 8EZlk8K2zqnL8C4mqua_eQ9Sfqg.mft (raw, json) Hash identifier: 0XL/iXPAB7bIMRCbw1yEu/iKM/Y4vuNx0sBXFgY0PZI= Subject key identifier: E5:3F:8E:E6:45:57:6C:53:66:BA:1E:CC:47:DA:80:3A:EF:BF:E1:50 Authority key identifier: F0:46:65:93:C2:B6:CE:A9:CB:F0:2E:26:AA:E6:BF:79:0F:52:7E:A8 Certificate issuer: /CN=A91BF8D1/serialNumber=F0466593C2B6CEA9CBF02E26AAE6BF790F527EA8 Certificate serial: 0A32 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.mft Manifest number: 0A2C Signing time: Fri 28 Mar 2025 19:59:52 +0000 Manifest this update: Fri 28 Mar 2025 19:59:51 +0000 Manifest next update: Fri 04 Apr 2025 19:59:51 +0000 Files and hashes: 1: 8EZlk8K2zqnL8C4mqua_eQ9Sfqg.crl (hash: XIsvT+vwNPITsNIG0EQimYmVZNKeQToRhz3aaTFuiDM=) 2: 19250B84675711EAA928E22DC4F9AE02.roa (hash: BfaBbqdTeXcprKlCZnPR/VFXV6AoP9YV7kqFZXcvXOo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.crl rsync://rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 19:59:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2610 (0xa32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BF8D1 Validity Not Before: Mar 28 19:59:51 2025 GMT Not After : Apr 4 19:59:51 2025 GMT Subject: CN=67e6ffb7-7fea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:a5:d3:4d:e6:1e:58:9f:f2:e3:ae:18:9f:d5: ea:74:05:26:8f:de:30:d3:0f:cf:46:04:7a:75:44: 71:35:c3:7d:25:1b:d3:f6:78:3d:60:ee:0e:ab:f7: b1:fc:17:66:89:b5:de:8a:4a:e6:51:6b:f1:8e:67: 2c:8d:59:58:65:bb:79:82:dc:3e:bf:ac:57:1f:16: b0:a2:1e:da:86:eb:5b:5f:3c:58:92:2f:21:8e:9d: 15:6b:11:9e:de:e9:1a:0b:c0:ad:40:74:69:8e:0b: 85:66:8e:9c:d9:73:7e:ec:8b:28:96:f3:3a:1d:2e: ee:1c:84:c4:53:46:27:51:c0:71:cc:f6:11:b5:71: 52:70:ab:54:f4:4c:66:16:33:88:bd:d5:ae:58:5d: 69:f1:bb:4c:ea:e6:71:89:11:e1:02:da:d8:98:25: 3f:15:5c:96:d5:cd:da:c7:21:fc:2f:30:47:ca:15: 97:ea:ab:ce:7f:cb:07:8f:52:9c:29:52:2c:c7:86: 57:96:53:ca:46:ad:b3:d4:1b:95:2b:7b:11:60:51: 91:8a:25:44:5b:7d:40:be:66:e9:5e:fa:90:f7:36: 03:dd:57:94:c4:2c:26:b3:c0:87:97:4e:80:58:1a: e6:62:c6:e3:b2:0c:03:4a:da:45:5c:34:00:e0:59: aa:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:3F:8E:E6:45:57:6C:53:66:BA:1E:CC:47:DA:80:3A:EF:BF:E1:50 X509v3 Authority Key Identifier: keyid:F0:46:65:93:C2:B6:CE:A9:CB:F0:2E:26:AA:E6:BF:79:0F:52:7E:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:bf:f9:8a:b9:6a:85:42:4d:8e:66:14:ba:dd:4f:58:a8:20: 92:fe:8b:c3:51:fd:ad:f0:24:d2:e9:1c:ad:8a:bb:05:5c:70: e6:01:bd:56:94:33:fe:97:52:8f:3d:94:aa:5e:59:6a:85:18: 4d:43:d6:ee:29:c0:4e:46:3e:0c:91:3d:66:03:19:da:0f:55: 86:28:89:d7:c9:ec:e4:40:cb:12:e6:4d:2e:25:6d:61:ae:a7: 65:9c:a6:f7:fe:de:98:f3:ba:a1:61:a5:f9:bd:7d:cd:9d:31: de:de:b1:6e:b7:e9:4c:48:0c:86:a4:99:77:8f:c6:c4:73:ae: 30:37:f5:97:7f:57:44:c3:7f:3c:64:34:44:ba:9d:3b:82:29: dc:cf:a7:b8:7a:6f:42:fc:f8:87:ed:43:e0:37:e6:6b:70:66: 39:0f:49:3f:df:fa:aa:34:18:ef:23:c4:60:be:2a:63:0e:0f: 70:48:e5:8b:02:92:c5:e8:b2:2f:35:45:d5:49:92:19:bf:23: c6:fe:b9:41:aa:3e:f3:28:85:38:74:c7:63:33:77:55:bb:de: 73:3f:6a:4a:a6:c7:2c:59:ed:13:57:ca:b0:d1:0a:2e:99:cb: 3d:9d:91:6f:7e:48:cb:d4:8a:93:86:e7:ab:36:e9:9e:28:2a: bf:f8:15:f6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCjIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkY4RDExMTAvBgNVBAUTKEYwNDY2NTkzQzJCNkNFQTlDQkYwMkUyNkFBRTZCRjc5 MEY1MjdFQTgwHhcNMjUwMzI4MTk1OTUxWhcNMjUwNDA0MTk1OTUxWjAYMRYwFAYD VQQDEw02N2U2ZmZiNy03ZmVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxqXTTeYeWJ/y464Yn9XqdAUmj94w0w/PRgR6dURxNcN9JRvT9ng9YO4Oq/ex /BdmibXeikrmUWvxjmcsjVlYZbt5gtw+v6xXHxawoh7ahutbXzxYki8hjp0VaxGe 3ukaC8CtQHRpjguFZo6c2XN+7IsolvM6HS7uHITEU0YnUcBxzPYRtXFScKtU9Exm FjOIvdWuWF1p8btM6uZxiRHhAtrYmCU/FVyW1c3axyH8LzBHyhWX6qvOf8sHj1Kc KVIsx4ZXllPKRq2z1BuVK3sRYFGRiiVEW31AvmbpXvqQ9zYD3VeUxCwms8CHl06A WBrmYsbjsgwDStpFXDQA4FmqNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOU/juZF V2xTZroezEfagDrvv+FQMB8GA1UdIwQYMBaAFPBGZZPCts6py/AuJqrmv3kPUn6o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjhEMS83QzRFMzRCQzY3 NTUxMUVBQTA4NzMwMkJDNEY5QUUwMi84RVpsazhLMnpxbkw4QzRtcXVhX2VROVNm cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhFWmxrOEsyenFuTDhDNG1xdWFfZVE5U2ZxZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RjhEMS83QzRFMzRCQzY3NTUxMUVBQTA4NzMwMkJDNEY5QUUwMi84RVpsazhLMnpx bkw4QzRtcXVhX2VROVNmcWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQALv/mKuWqFQk2OZhS63U9YqCCS/ovDUf2t8CTS6RytirsFXHDmAb1W lDP+l1KPPZSqXllqhRhNQ9buKcBORj4MkT1mAxnaD1WGKInXyezkQMsS5k0uJW1h rqdlnKb3/t6Y87qhYaX5vX3NnTHe3rFut+lMSAyGpJl3j8bEc64wN/WXf1dEw388 ZDREup07gincz6e4em9C/PiH7UPgN+ZrcGY5D0k/3/qqNBjvI8RgvipjDg9wSOWL ApLF6LIvNUXVSZIZvyPG/rlBqj7zKIU4dMdjM3dVu95zP2pKpscsWe0TV8qw0Qou mcs9nZFvfkjL1IqThuerNumeKCq/+BX2 -----END CERTIFICATE-----Generated at Fri Apr 4 18:45:32 2025 by rpki-client