$ rpki-client -vvf rpki.apnic.net/member_repository/A91C572B/F7E5C1680E9A11EEA6449E71C4F9AE02/33nDugFSYeOshDI5zkcDWQHWapQ.mft File: 33nDugFSYeOshDI5zkcDWQHWapQ.mft (raw, json) Hash identifier: EAdGvtXfVCv9Hyuft0A72Aj5TSjUTnDBXbshaNXPTP8= Subject key identifier: 61:C0:9B:34:DD:62:D9:C3:DF:2A:C0:46:59:D7:61:2F:87:67:A7:2D Authority key identifier: DF:79:C3:BA:01:52:61:E3:AC:84:32:39:CE:47:03:59:01:D6:6A:94 Certificate issuer: /CN=A91C572B/serialNumber=DF79C3BA015261E3AC843239CE47035901D66A94 Certificate serial: 015A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/33nDugFSYeOshDI5zkcDWQHWapQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C572B/F7E5C1680E9A11EEA6449E71C4F9AE02/33nDugFSYeOshDI5zkcDWQHWapQ.mft Manifest number: 0152 Signing time: Sat 29 Mar 2025 03:39:38 +0000 Manifest this update: Sat 29 Mar 2025 03:39:38 +0000 Manifest next update: Sat 05 Apr 2025 03:39:38 +0000 Files and hashes: 1: 33nDugFSYeOshDI5zkcDWQHWapQ.crl (hash: 7Ktz3f2G6R+xF3wndq5wXocVzHtLbsImuhV75ILfZ/s=) 2: 18DC0A381C0311EE9B0F2938C4F9AE02.roa (hash: +NXIJ3XAp8BvWngt2c/RnkPBxhwMNcZtq308qJwKx8k=) 3: 17C68D301C0311EE9B0F2938C4F9AE02.roa (hash: Wkz//5KDfJfxYrwNIm5g/VaiBGq0PmVllCjJzHHJxNQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C572B/F7E5C1680E9A11EEA6449E71C4F9AE02/33nDugFSYeOshDI5zkcDWQHWapQ.crl rsync://rpki.apnic.net/member_repository/A91C572B/F7E5C1680E9A11EEA6449E71C4F9AE02/33nDugFSYeOshDI5zkcDWQHWapQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/33nDugFSYeOshDI5zkcDWQHWapQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 03:39:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 346 (0x15a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C572B Validity Not Before: Mar 29 03:39:38 2025 GMT Not After : Apr 5 03:39:38 2025 GMT Subject: CN=67e76b7a-b18d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:bd:bf:3b:20:7e:61:b8:3b:fb:e3:19:17:9a: f2:ed:8b:db:e6:37:f8:9c:80:b7:fb:df:01:45:7a: 8a:2e:ea:bf:a2:91:a1:20:42:ab:98:b0:84:bd:43: 3c:f6:98:14:c6:13:fb:6b:e0:d0:36:d6:fc:fc:7a: 88:9c:7a:07:8b:29:2b:5c:6a:f2:2a:6e:cf:fb:95: 7e:4f:e5:6f:84:83:5f:0a:d0:e5:8d:8b:07:d5:d4: 06:e0:13:ec:91:0c:c6:8c:fb:bd:0b:d5:f4:7d:d7: 3a:3c:c2:77:62:3b:00:33:98:5c:bd:17:92:44:c3: 84:f5:b0:64:1f:53:52:25:95:b5:80:c3:df:92:7d: ed:e0:c7:3a:c7:22:95:de:1d:61:0c:30:c0:f8:cd: b2:d2:31:57:56:4a:0c:96:1d:07:e2:f9:cd:97:ba: 78:a9:3f:01:1a:51:f5:a6:e5:06:00:93:59:6c:e6: 7a:d6:e4:b2:40:01:8e:0d:f3:d4:67:66:6c:b6:b0: 4c:51:07:bf:32:18:1d:8b:c1:57:ea:73:2b:11:a3: ad:11:3a:05:1e:ac:15:76:ae:ed:10:c2:c2:0c:0e: c3:63:45:16:13:c2:e0:a5:b8:4d:51:6c:3b:3a:13: ca:74:4d:d9:4d:55:92:93:55:e6:9c:e7:8a:f8:93: 98:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:C0:9B:34:DD:62:D9:C3:DF:2A:C0:46:59:D7:61:2F:87:67:A7:2D X509v3 Authority Key Identifier: keyid:DF:79:C3:BA:01:52:61:E3:AC:84:32:39:CE:47:03:59:01:D6:6A:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C572B/F7E5C1680E9A11EEA6449E71C4F9AE02/33nDugFSYeOshDI5zkcDWQHWapQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/33nDugFSYeOshDI5zkcDWQHWapQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C572B/F7E5C1680E9A11EEA6449E71C4F9AE02/33nDugFSYeOshDI5zkcDWQHWapQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:67:4e:f8:e7:7f:c4:55:c2:40:d3:7d:a2:0e:92:1b:4d:16: 6b:35:59:ee:02:02:b4:a8:37:d9:8f:d9:c2:09:0b:c8:f0:5a: 7e:d0:9e:c1:8a:36:e1:1e:e8:6d:a3:ea:0f:c8:10:3d:44:5e: d5:e4:cd:9c:90:3e:4d:8b:c9:d7:99:46:01:22:6e:92:1b:97: 62:b2:87:bb:66:77:90:a6:01:28:66:0a:6c:79:6d:f3:1b:c4: dd:fe:5a:73:98:bf:3c:f3:40:b1:b1:d8:5d:a7:8d:e5:33:d7: 60:03:bf:20:e6:97:4a:1b:f5:48:e4:8d:d5:c0:0c:84:e3:2b: 99:e0:4f:13:37:b2:ab:cd:f4:ed:a9:36:fa:d3:79:90:bd:a0: 8f:23:72:a1:b2:33:56:e5:53:a2:27:3a:8a:8f:ab:96:4d:c7: 7f:8d:38:c3:ef:d0:06:f3:a5:34:e4:96:bb:72:fd:9e:ab:d0: e8:5a:fa:bd:78:c6:f7:db:d9:34:f3:89:d3:04:99:f7:f8:cb: e1:02:f4:7e:1d:fc:40:eb:ac:8c:73:28:9e:c3:34:30:99:39: 62:7e:71:ae:6d:cf:9d:09:4c:67:8e:51:f4:00:55:34:6f:ad: d2:e0:99:3b:5b:da:92:e4:bf:a5:54:90:09:8d:95:a2:04:53: c6:69:dc:56 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzU3MkIxMTAvBgNVBAUTKERGNzlDM0JBMDE1MjYxRTNBQzg0MzIzOUNFNDcwMzU5 MDFENjZBOTQwHhcNMjUwMzI5MDMzOTM4WhcNMjUwNDA1MDMzOTM4WjAYMRYwFAYD VQQDEw02N2U3NmI3YS1iMThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7L2/OyB+Ybg7++MZF5ry7Yvb5jf4nIC3+98BRXqKLuq/opGhIEKrmLCEvUM8 9pgUxhP7a+DQNtb8/HqInHoHiykrXGryKm7P+5V+T+VvhINfCtDljYsH1dQG4BPs kQzGjPu9C9X0fdc6PMJ3YjsAM5hcvReSRMOE9bBkH1NSJZW1gMPfkn3t4Mc6xyKV 3h1hDDDA+M2y0jFXVkoMlh0H4vnNl7p4qT8BGlH1puUGAJNZbOZ61uSyQAGODfPU Z2ZstrBMUQe/Mhgdi8FX6nMrEaOtEToFHqwVdq7tEMLCDA7DY0UWE8LgpbhNUWw7 OhPKdE3ZTVWSk1XmnOeK+JOY/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGHAmzTd YtnD3yrARlnXYS+HZ6ctMB8GA1UdIwQYMBaAFN95w7oBUmHjrIQyOc5HA1kB1mqU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTcyQi9GN0U1QzE2ODBF OUExMUVFQTY0NDlFNzFDNEY5QUUwMi8zM25EdWdGU1llT3NoREk1emtjRFdRSFdh cFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMzbkR1Z0ZTWWVPc2hESTV6a2NEV1FIV2FwUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NTcyQi9GN0U1QzE2ODBFOUExMUVFQTY0NDlFNzFDNEY5QUUwMi8zM25EdWdGU1ll T3NoREk1emtjRFdRSFdhcFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKZ07453/EVcJA032iDpIbTRZrNVnuAgK0qDfZj9nCCQvI8Fp+0J7B ijbhHuhto+oPyBA9RF7V5M2ckD5Ni8nXmUYBIm6SG5disoe7ZneQpgEoZgpseW3z G8Td/lpzmL8880Cxsdhdp43lM9dgA78g5pdKG/VI5I3VwAyE4yuZ4E8TN7KrzfTt qTb603mQvaCPI3KhsjNW5VOiJzqKj6uWTcd/jTjD79AG86U05Ja7cv2eq9DoWvq9 eMb329k084nTBJn3+MvhAvR+HfxA66yMcyiewzQwmTlifnGubc+dCUxnjlH0AFU0 b63S4Jk7W9qS5L+lVJAJjZWiBFPGadxW -----END CERTIFICATE-----Generated at Fri Apr 4 21:53:51 2025 by rpki-client