$ rpki-client -vvf rpki.apnic.net/member_repository/A91C65E8/A1F23A641D9911E295EB528608B02CD2/vNzosG8FliNAMAycR0e1olGiGcQ.mft File: vNzosG8FliNAMAycR0e1olGiGcQ.mft (raw, json) Hash identifier: lt/dufYlKwReIvdwqyRDMjK1DnRcKRC1aKsk5FqePUI= Subject key identifier: 08:E8:4F:A0:D1:60:6D:2B:D5:F9:A0:2D:F6:8A:FF:F4:F7:38:AC:87 Authority key identifier: BC:DC:E8:B0:6F:05:96:23:40:30:0C:9C:47:47:B5:A2:51:A2:19:C4 Certificate issuer: /CN=A91C65E8/serialNumber=BCDCE8B06F05962340300C9C4747B5A251A219C4 Certificate serial: 3492 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vNzosG8FliNAMAycR0e1olGiGcQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C65E8/A1F23A641D9911E295EB528608B02CD2/vNzosG8FliNAMAycR0e1olGiGcQ.mft Manifest number: 3482 Signing time: Sun 20 Apr 2025 14:54:00 +0000 Manifest this update: Sun 20 Apr 2025 14:54:00 +0000 Manifest next update: Sun 27 Apr 2025 14:54:00 +0000 Files and hashes: 1: vNzosG8FliNAMAycR0e1olGiGcQ.crl (hash: Hu4DsDpWCt1Xnir7AeOhK9lKtEfT3BxAWOQbBqGN9pM=) 2: 3FEFA562483D11EC82E81112C4F9AE02.roa (hash: rK0c8XECyvN9kLfaJ8Yz0Teq8RiIt0v2rBtEKSM98ow=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C65E8/A1F23A641D9911E295EB528608B02CD2/vNzosG8FliNAMAycR0e1olGiGcQ.crl rsync://rpki.apnic.net/member_repository/A91C65E8/A1F23A641D9911E295EB528608B02CD2/vNzosG8FliNAMAycR0e1olGiGcQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vNzosG8FliNAMAycR0e1olGiGcQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 14:53:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13458 (0x3492) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C65E8, serialNumber=BCDCE8B06F05962340300C9C4747B5A251A219C4 Validity Not Before: Apr 20 14:54:00 2025 GMT Not After : Apr 27 14:54:00 2025 GMT Subject: CN=68050a88-1dba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:68:5d:25:df:f4:4e:a3:27:33:8e:c7:41:23: b4:8a:5f:e4:f6:50:0c:e1:f5:23:7c:8e:57:f5:7a: 31:64:23:36:07:60:ac:22:69:12:24:48:bf:a0:fc: 2e:30:c9:d6:61:d4:ad:a4:95:0f:17:9e:0c:86:df: 67:d4:c7:78:66:f0:4c:35:02:98:2b:34:ef:4b:30: b2:eb:71:03:31:36:8d:28:f2:44:6a:dd:16:ca:dc: 6d:8d:d9:e6:e7:c6:ac:ce:89:6c:f3:5c:3f:d9:5e: cf:2e:13:6c:89:92:c6:db:90:7b:84:e0:9c:c3:47: 8e:7c:ee:4e:7e:9d:39:6a:e9:1a:c8:2a:66:44:5c: 59:59:75:c4:96:d6:6e:a1:8f:94:fc:c1:7b:dc:46: 02:2d:e1:bb:c5:47:6b:3d:45:b9:eb:b8:09:36:d3: 85:12:37:67:e5:cd:d6:56:59:05:dd:fe:db:04:13: 89:f5:76:de:01:d6:a8:c3:3c:1f:01:e8:55:54:cc: 2c:3a:79:a6:96:24:33:29:5a:a3:c2:c0:c1:2e:d2: 80:70:8a:f6:e7:1f:08:55:a9:de:80:79:ff:ab:24: 8e:cb:0a:43:d3:b2:7d:3c:d6:5c:0f:7a:13:04:24: a2:9e:c3:9e:a2:60:aa:cf:05:8d:48:37:09:87:1a: b2:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:E8:4F:A0:D1:60:6D:2B:D5:F9:A0:2D:F6:8A:FF:F4:F7:38:AC:87 X509v3 Authority Key Identifier: keyid:BC:DC:E8:B0:6F:05:96:23:40:30:0C:9C:47:47:B5:A2:51:A2:19:C4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C65E8/A1F23A641D9911E295EB528608B02CD2/vNzosG8FliNAMAycR0e1olGiGcQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vNzosG8FliNAMAycR0e1olGiGcQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C65E8/A1F23A641D9911E295EB528608B02CD2/vNzosG8FliNAMAycR0e1olGiGcQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:2c:de:ed:41:11:56:d0:3a:8f:2c:fb:07:26:b2:f0:64:88: 7a:90:7a:c7:4e:24:9b:7f:9b:c7:a8:48:63:66:aa:54:78:d3: 36:1b:b0:45:3c:72:5b:35:46:18:46:f4:d1:84:4b:af:b8:0c: 42:31:5e:0f:ca:0c:8f:ba:bd:89:1b:f3:d0:b2:2e:c1:bd:4a: ea:4f:7e:8b:b7:36:be:44:60:20:a9:4d:86:c9:0c:45:0d:00: 3d:eb:3b:c9:9b:b2:6d:59:7c:3e:7a:d6:11:c3:49:7e:3b:6a: b1:6b:72:0a:23:a8:aa:a0:66:38:d0:c3:67:f0:4e:7f:3f:58: 67:a3:36:d6:4e:67:35:e5:77:9e:bd:56:5d:0d:27:ac:fa:86: 9b:04:01:55:67:a4:ad:ae:d7:97:7f:4e:24:30:74:5a:30:4b: 44:c1:7d:42:13:7a:bf:c9:6f:ec:5a:9d:79:74:ba:e9:1f:5b: 8b:66:a4:07:0c:fd:b3:bd:88:85:cd:30:8d:17:d7:3b:02:95: df:2e:60:46:ff:29:1e:68:58:76:2e:a2:0c:e4:16:6f:ba:1c: 2c:05:0e:ff:ed:6b:6d:3e:9b:fb:ce:d2:8f:cb:8c:e8:14:5a: 3e:ba:98:ff:0f:4a:fc:b3:1f:58:98:19:ab:25:8f:2e:ca:5c: bd:c6:fe:70 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzY1RTgxMTAvBgNVBAUTKEJDRENFOEIwNkYwNTk2MjM0MDMwMEM5QzQ3NDdCNUEy NTFBMjE5QzQwHhcNMjUwNDIwMTQ1NDAwWhcNMjUwNDI3MTQ1NDAwWjAYMRYwFAYD VQQDEw02ODA1MGE4OC0xZGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxWhdJd/0TqMnM47HQSO0il/k9lAM4fUjfI5X9XoxZCM2B2CsImkSJEi/oPwu MMnWYdStpJUPF54Mht9n1Md4ZvBMNQKYKzTvSzCy63EDMTaNKPJEat0Wytxtjdnm 58aszols81w/2V7PLhNsiZLG25B7hOCcw0eOfO5Ofp05aukayCpmRFxZWXXEltZu oY+U/MF73EYCLeG7xUdrPUW567gJNtOFEjdn5c3WVlkF3f7bBBOJ9XbeAdaowzwf AehVVMwsOnmmliQzKVqjwsDBLtKAcIr25x8IVanegHn/qySOywpD07J9PNZcD3oT BCSinsOeomCqzwWNSDcJhxqyjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAjoT6DR YG0r1fmgLfaK//T3OKyHMB8GA1UdIwQYMBaAFLzc6LBvBZYjQDAMnEdHtaJRohnE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjVFOC9BMUYyM0E2NDFE OTkxMUUyOTVFQjUyODYwOEIwMkNEMi92Tnpvc0c4RmxpTkFNQXljUjBlMW9sR2lH Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZOem9zRzhGbGlOQU1BeWNSMGUxb2xHaUdjUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NjVFOC9BMUYyM0E2NDFEOTkxMUUyOTVFQjUyODYwOEIwMkNEMi92Tnpvc0c4Rmxp TkFNQXljUjBlMW9sR2lHY1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA0LN7tQRFW0DqPLPsHJrLwZIh6kHrHTiSbf5vHqEhjZqpUeNM2G7BF PHJbNUYYRvTRhEuvuAxCMV4PygyPur2JG/PQsi7BvUrqT36Ltza+RGAgqU2GyQxF DQA96zvJm7JtWXw+etYRw0l+O2qxa3IKI6iqoGY40MNn8E5/P1hnozbWTmc15Xee vVZdDSes+oabBAFVZ6StrteXf04kMHRaMEtEwX1CE3q/yW/sWp15dLrpH1uLZqQH DP2zvYiFzTCNF9c7ApXfLmBG/ykeaFh2LqIM5BZvuhwsBQ7/7WttPpv7ztKPy4zo FFo+upj/D0r8sx9YmBmrJY8uyly9xv5w -----END CERTIFICATE-----Generated at Tue Apr 22 00:34:43 2025 by rpki-client