$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB8A3/96650F38FD1711EC82898365C4F9AE02/L8Qw8eIVy9fgjyZDiDcDUALeMak.mft File: L8Qw8eIVy9fgjyZDiDcDUALeMak.mft (raw, json) Hash identifier: ExEVhwiPk12vTouP1n9jRlOALxIQlr4FD9+/U2CTnd4= Subject key identifier: C8:13:CC:49:8E:DC:BA:0A:A6:B9:E5:7A:8D:9D:2A:4A:30:E4:26:CB Authority key identifier: 2F:C4:30:F1:E2:15:CB:D7:E0:8F:26:43:88:37:03:50:02:DE:31:A9 Certificate issuer: /CN=A91CB8A3/serialNumber=2FC430F1E215CBD7E08F26438837035002DE31A9 Certificate serial: 0288 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L8Qw8eIVy9fgjyZDiDcDUALeMak.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB8A3/96650F38FD1711EC82898365C4F9AE02/L8Qw8eIVy9fgjyZDiDcDUALeMak.mft Manifest number: 0285 Signing time: Thu 03 Apr 2025 01:35:35 +0000 Manifest this update: Thu 03 Apr 2025 01:35:34 +0000 Manifest next update: Thu 10 Apr 2025 01:35:34 +0000 Files and hashes: 1: L8Qw8eIVy9fgjyZDiDcDUALeMak.crl (hash: 3u4lGWSV1bYiW+Zf4e5B4I8vy60uQZlOww/lJLF5tLY=) 2: D2E9BA7EFD1911EC9E748466C4F9AE02.roa (hash: 3mXWOSXoGGGoIw3Jc45rTgdUlsOtzRtgn3W5YkMOraE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB8A3/96650F38FD1711EC82898365C4F9AE02/L8Qw8eIVy9fgjyZDiDcDUALeMak.crl rsync://rpki.apnic.net/member_repository/A91CB8A3/96650F38FD1711EC82898365C4F9AE02/L8Qw8eIVy9fgjyZDiDcDUALeMak.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L8Qw8eIVy9fgjyZDiDcDUALeMak.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Apr 2025 01:35:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 648 (0x288) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB8A3 Validity Not Before: Apr 3 01:35:34 2025 GMT Not After : Apr 10 01:35:34 2025 GMT Subject: CN=67ede5e6-8af2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d7:6a:f3:7c:99:03:f2:06:69:e8:c3:3c:99: 61:69:82:21:77:1d:51:30:bb:82:d4:13:6c:43:94: cb:bf:0c:88:2f:ec:01:bf:d3:98:6e:d6:32:c5:5a: a9:8f:ab:4f:1b:ef:85:e1:c0:dd:c3:d3:82:ac:28: 85:e8:cf:87:87:0d:65:0d:7c:3c:75:8d:6a:e8:72: 6f:69:90:ce:76:c5:78:68:7c:99:3e:b0:62:60:da: 8c:6e:68:f3:46:49:e5:1e:73:85:b0:0f:89:63:26: 29:ec:5b:4b:d3:3f:a6:c6:89:f9:a9:48:6c:a4:c5: 0e:d2:66:dd:12:25:0f:eb:28:43:ba:89:c0:11:85: 01:d0:a0:0e:d8:44:ce:78:66:d6:45:89:00:2a:fa: e7:22:4d:37:7f:6f:ca:47:58:f9:bd:dd:8c:b3:49: 51:32:98:ee:80:1f:dc:4c:f4:85:2f:4c:1f:a4:48: fb:51:35:a1:6e:94:6c:78:40:db:ee:fa:8e:0c:73: 77:bd:21:7c:dd:7d:f0:4d:22:ee:5a:06:76:9c:9e: 8c:7d:76:d4:e7:f9:7b:d0:7f:49:03:6c:9b:95:f3: 78:9b:f3:b5:fe:3b:f6:72:96:fa:6f:bd:e9:5e:a4: 25:8b:d5:79:2d:87:f3:2b:db:14:0f:9d:f0:9b:57: 70:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:13:CC:49:8E:DC:BA:0A:A6:B9:E5:7A:8D:9D:2A:4A:30:E4:26:CB X509v3 Authority Key Identifier: keyid:2F:C4:30:F1:E2:15:CB:D7:E0:8F:26:43:88:37:03:50:02:DE:31:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB8A3/96650F38FD1711EC82898365C4F9AE02/L8Qw8eIVy9fgjyZDiDcDUALeMak.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/L8Qw8eIVy9fgjyZDiDcDUALeMak.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB8A3/96650F38FD1711EC82898365C4F9AE02/L8Qw8eIVy9fgjyZDiDcDUALeMak.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:d5:a1:c0:eb:87:37:13:c9:02:4f:37:2d:73:f7:ec:11:f9: 02:46:b4:c3:b8:2a:fc:49:07:17:de:a3:25:63:89:66:8b:ba: a1:ce:37:5c:c7:e7:9d:59:86:b2:ca:f1:0f:88:a0:1d:f0:74: 11:7b:23:aa:e1:58:f6:ea:16:0f:e7:1b:18:1e:85:7d:86:5e: e5:dd:2c:48:a6:9d:4b:fc:79:ee:14:4e:ae:fc:b8:e3:c8:e4: d4:45:c5:00:f4:3b:87:7d:41:88:27:99:63:f0:9a:8e:77:63: 9d:44:3f:8e:4c:06:1e:f6:15:65:a8:33:f1:d1:8a:e3:ab:1b: 72:77:62:b8:38:02:49:92:a1:5b:59:12:f2:76:2f:df:2e:17: b5:9f:10:a5:dc:91:03:47:ba:9d:e3:6d:94:4e:72:92:f3:db: 09:dd:6c:ab:46:bf:6f:84:11:88:d3:b7:9f:27:bf:56:b2:7c: 6c:1c:51:72:90:47:8e:2c:4d:2f:96:9c:6f:a7:60:33:40:2e: 94:2a:db:4e:ed:53:ac:9f:0f:07:e7:16:15:78:26:9c:97:79: 4d:f5:39:bb:04:08:41:1d:18:5d:df:5b:be:95:ef:ed:97:63: fa:aa:42:00:d4:eb:b7:e1:c6:1d:da:de:98:dd:2b:ef:57:b0: eb:6a:42:cd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAogwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0I4QTMxMTAvBgNVBAUTKDJGQzQzMEYxRTIxNUNCRDdFMDhGMjY0Mzg4MzcwMzUw MDJERTMxQTkwHhcNMjUwNDAzMDEzNTM0WhcNMjUwNDEwMDEzNTM0WjAYMRYwFAYD VQQDEw02N2VkZTVlNi04YWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyddq83yZA/IGaejDPJlhaYIhdx1RMLuC1BNsQ5TLvwyIL+wBv9OYbtYyxVqp j6tPG++F4cDdw9OCrCiF6M+Hhw1lDXw8dY1q6HJvaZDOdsV4aHyZPrBiYNqMbmjz RknlHnOFsA+JYyYp7FtL0z+mxon5qUhspMUO0mbdEiUP6yhDuonAEYUB0KAO2ETO eGbWRYkAKvrnIk03f2/KR1j5vd2Ms0lRMpjugB/cTPSFL0wfpEj7UTWhbpRseEDb 7vqODHN3vSF83X3wTSLuWgZ2nJ6MfXbU5/l70H9JA2yblfN4m/O1/jv2cpb6b73p XqQli9V5LYfzK9sUD53wm1dwQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMgTzEmO 3LoKprnleo2dKkow5CbLMB8GA1UdIwQYMBaAFC/EMPHiFcvX4I8mQ4g3A1AC3jGp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjhBMy85NjY1MEYzOEZE MTcxMUVDODI4OTgzNjVDNEY5QUUwMi9MOFF3OGVJVnk5ZmdqeVpEaURjRFVBTGVN YWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0w4UXc4ZUlWeTlmZ2p5WkRpRGNEVUFMZU1hay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QjhBMy85NjY1MEYzOEZEMTcxMUVDODI4OTgzNjVDNEY5QUUwMi9MOFF3OGVJVnk5 ZmdqeVpEaURjRFVBTGVNYWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCj1aHA64c3E8kCTzctc/fsEfkCRrTDuCr8SQcX3qMlY4lmi7qhzjdc x+edWYayyvEPiKAd8HQReyOq4Vj26hYP5xsYHoV9hl7l3SxIpp1L/HnuFE6u/Ljj yOTURcUA9DuHfUGIJ5lj8JqOd2OdRD+OTAYe9hVlqDPx0Yrjqxtyd2K4OAJJkqFb WRLydi/fLhe1nxCl3JEDR7qd422UTnKS89sJ3WyrRr9vhBGI07efJ79WsnxsHFFy kEeOLE0vlpxvp2AzQC6UKttO7VOsnw8H5xYVeCacl3lN9Tm7BAhBHRhd31u+le/t l2P6qkIA1Ou34cYd2t6Y3SvvV7DrakLN -----END CERTIFICATE-----Generated at Fri Apr 4 22:06:27 2025 by rpki-client