$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.mft File: 4h8k4MVNu5P2Z4FEAtZq1AgHERQ.mft (raw, json) Hash identifier: a8/CNBJtZjjI14E9E8upZcDMgnTx3uWcbO/i/onkmzQ= Subject key identifier: FC:C3:39:1A:FF:95:64:CB:51:7C:11:6D:4C:DA:5F:55:85:E3:76:0E Authority key identifier: E2:1F:24:E0:C5:4D:BB:93:F6:67:81:44:02:D6:6A:D4:08:07:11:14 Certificate issuer: /CN=A91C4060/serialNumber=E21F24E0C54DBB93F667814402D66AD408071114 Certificate serial: 0709 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.mft Manifest number: 0702 Signing time: Sat 12 Apr 2025 21:36:00 +0000 Manifest this update: Sat 12 Apr 2025 21:35:59 +0000 Manifest next update: Sat 19 Apr 2025 21:35:59 +0000 Files and hashes: 1: 4h8k4MVNu5P2Z4FEAtZq1AgHERQ.crl (hash: Oi7GUzB8GWw94ZLJGuZUdJjjDehx643pjBR1PrF9qR8=) 2: 71C26BD039D211EB84B9FD6BC4F9AE02.roa (hash: 1uZF2QAxlIwO0QnFgrG3CrAusMfAKjQaAjjZhLnhprI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.crl rsync://rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 17:48:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1801 (0x709) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4060, serialNumber=E21F24E0C54DBB93F667814402D66AD408071114 Validity Not Before: Apr 12 21:35:59 2025 GMT Not After : Apr 19 21:35:59 2025 GMT Subject: CN=67fadcbf-e24e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:11:69:d8:84:6d:ca:5d:58:1c:3a:75:c7:4d: df:dd:be:74:ed:ad:d7:ce:3a:ef:d7:ef:b9:08:ce: c7:8b:67:d5:ce:86:68:59:36:76:de:7a:a9:e3:6e: 6c:b4:b2:4a:79:24:62:b9:2f:65:b2:5f:d5:8c:aa: 5b:a4:3f:ce:de:08:86:36:16:ba:04:88:4b:6f:c8: bf:b3:d9:57:c8:bf:78:63:11:62:08:15:10:f2:74: 8d:0f:22:93:5a:c2:ef:cc:27:90:62:7d:d4:1a:b7: 1e:d7:cb:a5:ff:e6:5d:b1:00:24:a9:50:8d:ba:2b: 15:e9:b4:84:d5:e2:04:82:ab:79:bf:34:59:fe:76: f0:96:84:78:3e:47:57:ec:f4:22:4c:96:09:88:f6: aa:fe:d8:e8:8c:a6:f4:20:e5:c9:63:b6:95:35:9e: 23:ba:58:1d:fa:29:08:46:e1:f6:6b:a7:12:9a:0b: cc:cf:b1:5c:e7:06:2a:4e:55:2e:af:93:05:bb:f4: 7f:1f:8d:85:30:5f:a8:85:ee:2a:fa:d7:bb:d2:da: c0:8b:70:65:d6:ed:c0:3d:ae:9d:7f:0e:bb:3f:ef: 92:bc:6f:17:58:7d:53:20:ca:11:a4:16:09:fd:15: 69:a2:e0:d3:f6:b5:23:17:56:c7:f7:88:2d:7d:65: 26:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:C3:39:1A:FF:95:64:CB:51:7C:11:6D:4C:DA:5F:55:85:E3:76:0E X509v3 Authority Key Identifier: keyid:E2:1F:24:E0:C5:4D:BB:93:F6:67:81:44:02:D6:6A:D4:08:07:11:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:ad:be:de:11:96:78:b1:11:19:b7:d7:73:69:e3:3e:aa:dc: 6d:de:7d:a7:0e:84:4e:d2:e9:a9:84:d3:43:d3:f9:7e:b5:e5: 57:41:ec:62:4b:a7:5d:6c:96:77:aa:b8:e5:9e:89:86:9d:45: f2:9b:7a:11:4b:83:54:29:9c:7b:e4:7e:91:fb:a4:54:b2:47: c6:65:d1:a8:5e:0d:18:fb:22:11:00:a6:cc:03:a6:57:96:81: 5b:05:a1:6f:cd:a6:00:47:69:b7:73:8d:d5:09:d6:dd:55:e5: 79:e9:83:af:ff:ad:bf:40:6a:81:2e:40:4b:c0:1d:08:43:f5: de:0a:5d:13:0a:c3:7a:c2:36:f3:c2:98:eb:5d:89:bc:22:d8: 9b:d0:c3:8f:b2:1c:14:57:64:64:d2:36:61:fe:ac:73:97:76: 0d:2b:f9:86:5f:bd:1e:0e:fc:53:50:f4:56:ac:23:21:e7:64: aa:78:9d:03:f0:32:f2:bf:f4:cf:c0:9e:85:6d:41:52:06:c7: b4:1c:cc:10:22:72:2d:d1:ae:89:e6:7d:d6:e4:42:a7:fe:1f: 5b:cf:2d:96:93:7c:5d:a9:07:b9:23:cd:fa:94:0f:de:5f:4a: df:be:01:9e:be:01:ba:cd:77:a3:75:e0:dc:d5:52:c3:3b:8c: 59:bc:01:a9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBwkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzQwNjAxMTAvBgNVBAUTKEUyMUYyNEUwQzU0REJCOTNGNjY3ODE0NDAyRDY2QUQ0 MDgwNzExMTQwHhcNMjUwNDEyMjEzNTU5WhcNMjUwNDE5MjEzNTU5WjAYMRYwFAYD VQQDEw02N2ZhZGNiZi1lMjRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsxFp2IRtyl1YHDp1x03f3b507a3Xzjrv1++5CM7Hi2fVzoZoWTZ23nqp425s tLJKeSRiuS9lsl/VjKpbpD/O3giGNha6BIhLb8i/s9lXyL94YxFiCBUQ8nSNDyKT WsLvzCeQYn3UGrce18ul/+ZdsQAkqVCNuisV6bSE1eIEgqt5vzRZ/nbwloR4PkdX 7PQiTJYJiPaq/tjojKb0IOXJY7aVNZ4julgd+ikIRuH2a6cSmgvMz7Fc5wYqTlUu r5MFu/R/H42FMF+ohe4q+te70trAi3Bl1u3APa6dfw67P++SvG8XWH1TIMoRpBYJ /RVpouDT9rUjF1bH94gtfWUmyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPzDORr/ lWTLUXwRbUzaX1WF43YOMB8GA1UdIwQYMBaAFOIfJODFTbuT9meBRALWatQIBxEU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNDA2MC81NjkzODlGRTM5 RDAxMUVCOEY0NzE1NjlDNEY5QUUwMi80aDhrNE1WTnU1UDJaNEZFQXRacTFBZ0hF UlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRoOGs0TVZOdTVQMlo0RkVBdFpxMUFnSEVSUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NDA2MC81NjkzODlGRTM5RDAxMUVCOEY0NzE1NjlDNEY5QUUwMi80aDhrNE1WTnU1 UDJaNEZFQXRacTFBZ0hFUlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhrb7eEZZ4sREZt9dzaeM+qtxt3n2nDoRO0umphNND0/l+teVXQexi S6ddbJZ3qrjlnomGnUXym3oRS4NUKZx75H6R+6RUskfGZdGoXg0Y+yIRAKbMA6ZX loFbBaFvzaYAR2m3c43VCdbdVeV56YOv/62/QGqBLkBLwB0IQ/XeCl0TCsN6wjbz wpjrXYm8Itib0MOPshwUV2Rk0jZh/qxzl3YNK/mGX70eDvxTUPRWrCMh52SqeJ0D 8DLyv/TPwJ6FbUFSBse0HMwQInIt0a6J5n3W5EKn/h9bzy2Wk3xdqQe5I836lA/e X0rfvgGevgG6zXejdeDc1VLDO4xZvAGp -----END CERTIFICATE-----Generated at Sun Apr 13 01:24:43 2025 by rpki-client