$ rpki-client -vvf rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/US2b3oE8t7x3GQqE-bGNuOtOIl8.mft File: US2b3oE8t7x3GQqE-bGNuOtOIl8.mft (raw, json) Hash identifier: fQTrlBrGey6hwIhsKaN/eSJnJq3uCKbkRHBkuBeb/Jk= Subject key identifier: 5D:3D:B7:63:B2:7B:59:12:2A:1D:33:BA:D6:AE:0A:A2:E0:05:BA:AE Authority key identifier: 51:2D:9B:DE:81:3C:B7:BC:77:19:0A:84:F9:B1:8D:B8:EB:4E:22:5F Certificate issuer: /CN=A91C956C/serialNumber=512D9BDE813CB7BC77190A84F9B18DB8EB4E225F Certificate serial: 04FA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US2b3oE8t7x3GQqE-bGNuOtOIl8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/US2b3oE8t7x3GQqE-bGNuOtOIl8.mft Manifest number: 04ED Signing time: Sat 29 Mar 2025 00:01:14 +0000 Manifest this update: Sat 29 Mar 2025 00:01:13 +0000 Manifest next update: Sat 05 Apr 2025 00:01:13 +0000 Files and hashes: 1: US2b3oE8t7x3GQqE-bGNuOtOIl8.crl (hash: KP5cXzam4wqaw6ffveXVxUgMiarndJM2gmStxM9pm38=) 2: 2F3F56C42BB411EF8D887F3AC4F9AE02.roa (hash: Qi+WEKvtCWtvGFWFUb38yBqHoAd83mtV7+scTOUOMc4=) 3: E1755B4E24D711EDBE2C660BC4F9AE02.roa (hash: aLricGiGlyJJZTbRrMECo3zkg40wJti6wIrN+dUyP7s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/US2b3oE8t7x3GQqE-bGNuOtOIl8.crl rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/US2b3oE8t7x3GQqE-bGNuOtOIl8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US2b3oE8t7x3GQqE-bGNuOtOIl8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 00:01:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1274 (0x4fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C956C Validity Not Before: Mar 29 00:01:13 2025 GMT Not After : Apr 5 00:01:13 2025 GMT Subject: CN=67e73849-8a08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:0d:de:11:b9:c3:3d:9f:1e:2e:42:74:e7:48: 66:bc:63:10:a5:2e:8d:6e:1d:ff:cf:2b:3b:9e:b9: 8a:0c:30:7d:26:19:13:b8:44:57:2a:a3:e1:6d:20: 02:55:9c:24:e9:cb:c1:c3:8d:2b:88:c2:01:e8:6b: 2e:8f:a3:9f:55:24:f2:58:44:dc:81:70:b5:5d:85: 59:c3:2e:f8:da:22:0c:78:f4:40:fc:24:12:0f:fd: 5f:d3:c2:13:09:a0:58:fc:30:e4:7c:7a:72:5f:0c: d9:0d:e5:35:f0:10:63:df:4f:f6:0f:1e:2d:bb:1c: d2:64:ae:d2:23:c3:c2:0e:3d:f2:06:b1:ec:30:fe: db:08:65:72:e8:42:e2:10:a5:24:ae:71:73:1b:76: 90:97:19:2e:05:6a:90:74:0a:cb:f7:ab:26:52:9b: eb:7d:0c:16:3a:57:e8:9c:50:3d:d1:13:97:13:db: fd:aa:26:2d:f3:8d:5a:a7:ec:51:11:25:48:04:1e: d4:9e:a2:39:15:61:c4:8c:63:28:2a:13:54:fa:be: f5:b7:d5:22:04:35:d8:12:d7:d4:6c:42:b5:a1:24: c7:80:25:97:bb:f6:1d:cf:bf:28:e6:4d:30:50:46: 65:e5:0e:3d:59:da:ec:23:bb:ef:7b:bc:6b:ff:29: c2:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:3D:B7:63:B2:7B:59:12:2A:1D:33:BA:D6:AE:0A:A2:E0:05:BA:AE X509v3 Authority Key Identifier: keyid:51:2D:9B:DE:81:3C:B7:BC:77:19:0A:84:F9:B1:8D:B8:EB:4E:22:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/US2b3oE8t7x3GQqE-bGNuOtOIl8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US2b3oE8t7x3GQqE-bGNuOtOIl8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C956C/FB305A5E0C8A11ECA3191B0CC4F9AE02/US2b3oE8t7x3GQqE-bGNuOtOIl8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 84:80:d2:26:9f:cd:24:16:d7:d5:99:18:d1:ea:55:28:89:5b: d5:7e:3c:c7:5d:e3:34:7c:14:3c:1c:d6:f9:80:f8:3f:34:5d: bd:b7:89:c8:1d:e6:73:36:44:1d:f1:ef:bb:b8:5e:f6:54:6f: d8:14:25:21:e2:1f:db:ed:f0:27:1d:52:50:72:bc:a3:9f:3e: 26:b4:69:23:80:a2:a6:09:ea:52:cf:0f:81:d4:3e:0a:ab:24: e7:22:ec:f9:e0:23:95:66:84:ec:1d:b6:e8:3e:d6:95:b3:30: 09:32:b7:68:5c:75:9d:53:58:b9:e6:d7:48:4b:f3:02:cd:76: 33:c5:4c:0e:79:91:d7:a6:42:48:f0:f1:d5:78:f3:f7:2c:0a: 00:18:d3:a8:2e:2d:e9:91:d5:5b:d4:f7:ef:92:78:28:61:9d: 21:6c:46:65:ee:b1:6f:52:90:8a:ea:3b:49:17:48:9b:85:8c: cd:ee:89:80:c0:0a:94:af:07:55:13:7d:c8:ae:5c:5d:3e:25: 48:36:cf:66:ff:fd:f0:6b:c8:2f:e8:92:71:7e:4c:98:23:38: 54:52:c1:8c:8f:c7:7a:ac:56:48:b0:80:c9:8c:7d:99:31:f3: 5d:02:48:fc:d0:25:1f:b7:67:8a:5d:b3:be:29:22:ee:b2:c0: fb:b2:3d:91 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzk1NkMxMTAvBgNVBAUTKDUxMkQ5QkRFODEzQ0I3QkM3NzE5MEE4NEY5QjE4REI4 RUI0RTIyNUYwHhcNMjUwMzI5MDAwMTEzWhcNMjUwNDA1MDAwMTEzWjAYMRYwFAYD VQQDEw02N2U3Mzg0OS04YTA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0A3eEbnDPZ8eLkJ050hmvGMQpS6Nbh3/zys7nrmKDDB9JhkTuERXKqPhbSAC VZwk6cvBw40riMIB6Gsuj6OfVSTyWETcgXC1XYVZwy742iIMePRA/CQSD/1f08IT CaBY/DDkfHpyXwzZDeU18BBj30/2Dx4tuxzSZK7SI8PCDj3yBrHsMP7bCGVy6ELi EKUkrnFzG3aQlxkuBWqQdArL96smUpvrfQwWOlfonFA90ROXE9v9qiYt841ap+xR ESVIBB7UnqI5FWHEjGMoKhNU+r71t9UiBDXYEtfUbEK1oSTHgCWXu/Ydz78o5k0w UEZl5Q49WdrsI7vve7xr/ynCuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF09t2Oy e1kSKh0zutauCqLgBbquMB8GA1UdIwQYMBaAFFEtm96BPLe8dxkKhPmxjbjrTiJf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTU2Qy9GQjMwNUE1RTBD OEExMUVDQTMxOTFCMENDNEY5QUUwMi9VUzJiM29FOHQ3eDNHUXFFLWJHTnVPdE9J bDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VTMmIzb0U4dDd4M0dRcUUtYkdOdU90T0lsOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OTU2Qy9GQjMwNUE1RTBDOEExMUVDQTMxOTFCMENDNEY5QUUwMi9VUzJiM29FOHQ3 eDNHUXFFLWJHTnVPdE9JbDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCEgNImn80kFtfVmRjR6lUoiVvVfjzHXeM0fBQ8HNb5gPg/NF29t4nI HeZzNkQd8e+7uF72VG/YFCUh4h/b7fAnHVJQcryjnz4mtGkjgKKmCepSzw+B1D4K qyTnIuz54COVZoTsHbboPtaVszAJMrdoXHWdU1i55tdIS/MCzXYzxUwOeZHXpkJI 8PHVePP3LAoAGNOoLi3pkdVb1PfvkngoYZ0hbEZl7rFvUpCK6jtJF0ibhYzN7omA wAqUrwdVE33IrlxdPiVINs9m//3wa8gv6JJxfkyYIzhUUsGMj8d6rFZIsIDJjH2Z MfNdAkj80CUft2eKXbO+KSLussD7sj2R -----END CERTIFICATE-----Generated at Fri Apr 4 22:19:49 2025 by rpki-client