$ rpki-client -vvf rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft File: 4vB0KtgKnbsodRhO4N1elN11eEs.mft (raw, json) Hash identifier: /98+do4SBWEouaZ29faU4e4rp+FZnglNlVKNWPCvG24= Subject key identifier: ED:B3:C4:6E:B3:9E:EF:E6:7F:D4:88:9D:CF:36:53:2E:CF:49:11:6A Authority key identifier: E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B Certificate issuer: /CN=A91C23FE/serialNumber=E2F0742AD80A9DBB2875184EE0DD5E94DD75784B Certificate serial: 1BC2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft Manifest number: 1BB8 Signing time: Fri 04 Apr 2025 16:17:36 +0000 Manifest this update: Fri 04 Apr 2025 16:17:36 +0000 Manifest next update: Fri 11 Apr 2025 16:17:36 +0000 Files and hashes: 1: 4vB0KtgKnbsodRhO4N1elN11eEs.crl (hash: TH0yqOaBFg/7jzrayfM3hOCdZU2p9wlTtlHRqvMFkb4=) 2: A88F22ECCC7011ED931BD15FC4F9AE02.roa (hash: BCcYD/VfHPlrE1idB6qMcYHXBoKVsq99H3ysbvhT4uw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.crl rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 16:17:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7106 (0x1bc2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C23FE Validity Not Before: Apr 4 16:17:36 2025 GMT Not After : Apr 11 16:17:36 2025 GMT Subject: CN=67f00620-f8ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:84:8f:53:94:85:a4:5e:ee:1a:60:0e:f7:9e: 5f:3c:8b:b9:4d:69:e4:d8:78:79:ff:0f:fe:69:ef: ba:c5:41:55:2a:b3:f8:14:af:5b:48:54:77:ba:a9: e1:d5:84:5b:d1:fe:ac:ba:f8:11:23:67:51:96:b6: d0:77:c0:63:2b:86:29:39:59:bf:41:d1:f0:08:0d: c4:97:9a:b0:0b:dc:b9:c8:d2:92:2c:d9:3c:11:2f: e7:6c:4b:06:97:08:c4:5c:44:80:f1:b0:3c:7f:a7: 2e:b5:d2:1d:64:ae:9f:e3:4b:48:c8:4b:4b:1c:64: 80:5f:9b:fd:56:76:93:80:33:52:44:c6:8b:df:0a: c2:35:ca:7a:fe:cc:70:21:6e:ed:92:84:6e:70:17: 31:b0:02:bf:ed:44:c4:5e:4c:12:42:c4:be:1e:ce: d0:69:ff:ff:6d:82:3b:15:bb:57:3d:28:ba:32:9a: 2c:0b:00:e3:06:3c:33:ab:56:fb:ed:b3:48:dc:d9: 1e:d0:10:a4:2b:e7:a2:41:2e:8b:ce:9b:c6:9e:8a: 4a:7e:97:6b:6f:80:43:c5:88:61:9f:90:c0:02:f2: db:1f:41:88:ef:fe:59:b4:14:33:86:3e:ba:d3:1b: ee:27:a6:b7:0c:89:f4:1d:1e:08:f8:2c:25:9e:ae: 32:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:B3:C4:6E:B3:9E:EF:E6:7F:D4:88:9D:CF:36:53:2E:CF:49:11:6A X509v3 Authority Key Identifier: keyid:E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:8b:08:e4:67:30:b9:cf:aa:90:e7:3c:cb:68:fc:f8:11:b2: a8:69:ac:d2:95:29:5a:d2:60:22:f4:6f:c3:44:6e:5d:33:f2: 90:4a:b6:83:f5:57:c9:b6:c6:0f:77:36:b3:29:03:9e:31:d7: 66:8e:3f:f5:e6:6a:9a:a2:b5:3d:56:79:22:ec:12:fa:5f:0e: 44:65:bd:e7:9d:21:f8:b1:c7:e7:88:2c:64:07:42:f2:fb:c3: b5:de:f5:d1:cc:7e:22:b5:79:12:cc:6b:e9:eb:13:82:dd:94: fc:a5:05:2c:7f:e8:75:00:c9:62:04:d9:ed:26:cb:c1:dc:95: d1:c8:de:d7:fe:fd:ce:78:c3:1b:b6:ca:65:f5:23:17:dd:0e: aa:02:74:8b:16:dc:6b:45:f5:e3:29:40:ba:eb:e2:eb:b5:a7: 41:f1:07:82:d6:50:cc:c6:db:b0:b0:7c:38:c2:d5:1a:00:2c: 7f:1f:38:d2:85:9c:49:3e:5b:30:b8:45:1d:17:04:6f:69:8e: c5:6d:a0:f5:dd:13:f6:19:6d:24:17:54:f2:57:87:93:47:71: 74:c7:01:56:15:cd:0e:52:80:df:8d:26:59:3d:a0:a2:ad:98: 6e:d0:0c:9a:e3:55:f1:af:03:4a:63:bb:5f:11:1a:1e:41:b6: 7b:c3:e0:f1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICG8IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzIzRkUxMTAvBgNVBAUTKEUyRjA3NDJBRDgwQTlEQkIyODc1MTg0RUUwREQ1RTk0 REQ3NTc4NEIwHhcNMjUwNDA0MTYxNzM2WhcNMjUwNDExMTYxNzM2WjAYMRYwFAYD VQQDEw02N2YwMDYyMC1mOGFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyISPU5SFpF7uGmAO955fPIu5TWnk2Hh5/w/+ae+6xUFVKrP4FK9bSFR3uqnh 1YRb0f6suvgRI2dRlrbQd8BjK4YpOVm/QdHwCA3El5qwC9y5yNKSLNk8ES/nbEsG lwjEXESA8bA8f6cutdIdZK6f40tIyEtLHGSAX5v9VnaTgDNSRMaL3wrCNcp6/sxw IW7tkoRucBcxsAK/7UTEXkwSQsS+Hs7Qaf//bYI7FbtXPSi6MposCwDjBjwzq1b7 7bNI3Nke0BCkK+eiQS6LzpvGnopKfpdrb4BDxYhhn5DAAvLbH0GI7/5ZtBQzhj66 0xvuJ6a3DIn0HR4I+Cwlnq4yHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO2zxG6z nu/mf9SInc82Uy7PSRFqMB8GA1UdIwQYMBaAFOLwdCrYCp27KHUYTuDdXpTddXhL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjNGRS84MjVDRTlBQUY5 RUIxMUU2QkRFN0E5NjhDNEY5QUUwMi80dkIwS3RnS25ic29kUmhPNE4xZWxOMTFl RXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzR2QjBLdGdLbmJzb2RSaE80TjFlbE4xMWVFcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MjNGRS84MjVDRTlBQUY5RUIxMUU2QkRFN0E5NjhDNEY5QUUwMi80dkIwS3RnS25i c29kUmhPNE4xZWxOMTFlRXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAGiwjkZzC5z6qQ5zzLaPz4EbKoaazSlSla0mAi9G/DRG5dM/KQSraD 9VfJtsYPdzazKQOeMddmjj/15mqaorU9Vnki7BL6Xw5EZb3nnSH4scfniCxkB0Ly +8O13vXRzH4itXkSzGvp6xOC3ZT8pQUsf+h1AMliBNntJsvB3JXRyN7X/v3OeMMb tspl9SMX3Q6qAnSLFtxrRfXjKUC66+LrtadB8QeC1lDMxtuwsHw4wtUaACx/HzjS hZxJPlswuEUdFwRvaY7FbaD13RP2GW0kF1TyV4eTR3F0xwFWFc0OUoDfjSZZPaCi rZhu0Aya41XxrwNKY7tfERoeQbZ7w+Dx -----END CERTIFICATE-----Generated at Sat Apr 5 14:48:39 2025 by rpki-client