$ rpki-client -vvf rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft File: CekFd0f2O6Ciga54ATZozt6kCrQ.mft (raw, json) Hash identifier: A3OIMrsyhboL+IzQL8Ug8G4ISdKhfqbtqOeNxSgiBNQ= Subject key identifier: 36:A9:63:F9:E4:51:13:B7:F4:DC:91:00:BE:04:31:47:AD:34:9E:79 Authority key identifier: 09:E9:05:77:47:F6:3B:A0:A2:81:AE:78:01:36:68:CE:DE:A4:0A:B4 Certificate issuer: /CN=A91CDAFB/serialNumber=09E9057747F63BA0A281AE78013668CEDEA40AB4 Certificate serial: 0155 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CekFd0f2O6Ciga54ATZozt6kCrQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft Manifest number: 0153 Signing time: Sat 29 Mar 2025 03:34:39 +0000 Manifest this update: Sat 29 Mar 2025 03:34:38 +0000 Manifest next update: Sat 05 Apr 2025 03:34:38 +0000 Files and hashes: 1: CekFd0f2O6Ciga54ATZozt6kCrQ.crl (hash: rWs4/FWJm0+e8lDYFIvaMH4pyh095V117RAIAgA32IY=) 2: 2815D106041A11EEA67A6B4DC4F9AE02.roa (hash: BGY/uPAB8s6bOk+iTJOiyTH1PPXIxJM6rQPQkuaz0DI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.crl rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CekFd0f2O6Ciga54ATZozt6kCrQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 03:34:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 341 (0x155) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CDAFB Validity Not Before: Mar 29 03:34:38 2025 GMT Not After : Apr 5 03:34:38 2025 GMT Subject: CN=67e76a4e-a9dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:1a:33:b4:fb:c4:9b:0a:88:06:c4:dc:d4:84: 93:51:29:ce:9f:4d:be:f6:e7:cc:bf:07:fd:45:0b: 78:6b:9f:73:dd:60:b1:08:96:1f:bc:d8:8c:62:a4: 76:52:e1:0a:72:67:e7:b4:c6:8b:1b:11:09:b3:3f: 2a:8b:e2:90:7f:d2:31:b4:ab:10:8f:60:b7:db:87: ae:dc:5e:5b:e3:8e:6c:a6:ff:8d:42:49:9a:a3:23: 4d:20:93:bb:02:fe:b2:93:4b:d4:f8:ec:0c:6a:dd: 7c:c9:cb:49:3e:0b:bd:ee:f2:14:fd:10:da:ef:ce: d8:21:4d:b2:3c:f4:13:6e:4f:a6:90:59:bc:70:bb: 13:73:fe:4a:36:4b:77:5b:ab:32:52:c6:09:e2:b7: fb:cc:3a:af:d8:e3:6e:f3:78:69:99:bf:48:65:f1: 60:b2:44:72:98:f7:a3:88:bc:27:c1:0f:e6:89:fa: ee:18:35:40:74:b2:21:ad:e1:89:17:d7:13:40:f9: db:41:cd:1d:a2:dc:cb:e8:52:7b:49:02:cb:1e:5d: 60:20:f3:86:3d:7b:eb:97:59:8f:3b:db:df:ab:76: 7c:56:36:06:1c:67:18:df:79:b4:e0:3d:d6:a1:02: e2:ad:62:c6:41:41:53:ed:48:2c:1c:b1:07:dd:a3: ab:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:A9:63:F9:E4:51:13:B7:F4:DC:91:00:BE:04:31:47:AD:34:9E:79 X509v3 Authority Key Identifier: keyid:09:E9:05:77:47:F6:3B:A0:A2:81:AE:78:01:36:68:CE:DE:A4:0A:B4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CekFd0f2O6Ciga54ATZozt6kCrQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CDAFB/EC0F6A38034111EEA5215247C4F9AE02/CekFd0f2O6Ciga54ATZozt6kCrQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:f3:ce:7a:a2:0e:7f:60:a9:8b:df:0f:b2:30:16:58:09:e3: b9:70:15:2c:39:bb:3b:3b:bd:f8:8d:da:d3:69:f0:00:68:a4: c1:75:5c:41:d2:8b:94:67:bc:56:f0:40:1d:c3:57:ff:d0:2a: 22:7d:04:02:07:f1:2c:5c:9c:de:82:9f:24:96:0d:e1:39:4d: 13:93:28:59:c8:d0:a2:ef:51:0a:e5:ff:e8:27:45:d5:a8:e8: 63:4e:41:79:31:44:de:76:b5:f2:8b:3b:28:25:f8:30:85:43: e0:99:8d:a7:fe:dd:7c:c3:9c:2a:50:33:24:de:a9:d6:c5:fd: 9f:32:0a:5b:0c:51:69:3a:a6:ed:94:b2:dc:51:50:80:68:df: 6a:7b:77:2a:47:6b:86:c1:9b:ab:7c:ab:0a:af:f8:65:b3:6b: d9:09:9a:e2:71:96:2b:9e:5b:73:59:6a:45:76:91:34:69:f8: 04:c7:7a:0f:0f:3e:ee:7a:ec:d3:b9:27:08:15:ac:36:78:6a: bc:f0:4f:f1:d4:86:8f:86:b7:d0:39:99:4e:f6:d8:22:7d:1c: fe:c7:5d:2c:06:0a:1b:53:dd:ae:6d:af:cc:b7:c7:c2:98:af: 0d:f3:75:4a:4c:c6:b3:58:b1:83:63:ab:0b:14:14:e9:7a:a9: da:e8:43:09 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0RBRkIxMTAvBgNVBAUTKDA5RTkwNTc3NDdGNjNCQTBBMjgxQUU3ODAxMzY2OENF REVBNDBBQjQwHhcNMjUwMzI5MDMzNDM4WhcNMjUwNDA1MDMzNDM4WjAYMRYwFAYD VQQDEw02N2U3NmE0ZS1hOWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8xoztPvEmwqIBsTc1ISTUSnOn02+9ufMvwf9RQt4a59z3WCxCJYfvNiMYqR2 UuEKcmfntMaLGxEJsz8qi+KQf9IxtKsQj2C324eu3F5b445spv+NQkmaoyNNIJO7 Av6yk0vU+OwMat18yctJPgu97vIU/RDa787YIU2yPPQTbk+mkFm8cLsTc/5KNkt3 W6syUsYJ4rf7zDqv2ONu83hpmb9IZfFgskRymPejiLwnwQ/mifruGDVAdLIhreGJ F9cTQPnbQc0dotzL6FJ7SQLLHl1gIPOGPXvrl1mPO9vfq3Z8VjYGHGcY33m04D3W oQLirWLGQUFT7UgsHLEH3aOrbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDapY/nk URO39NyRAL4EMUetNJ55MB8GA1UdIwQYMBaAFAnpBXdH9jugooGueAE2aM7epAq0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDREFGQi9FQzBGNkEzODAz NDExMUVFQTUyMTUyNDdDNEY5QUUwMi9DZWtGZDBmMk82Q2lnYTU0QVRab3p0NmtD clEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Nla0ZkMGYyTzZDaWdhNTRBVFpvenQ2a0NyUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD REFGQi9FQzBGNkEzODAzNDExMUVFQTUyMTUyNDdDNEY5QUUwMi9DZWtGZDBmMk82 Q2lnYTU0QVRab3p0NmtDclEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCX8856og5/YKmL3w+yMBZYCeO5cBUsObs7O734jdrTafAAaKTBdVxB 0ouUZ7xW8EAdw1f/0CoifQQCB/EsXJzegp8klg3hOU0TkyhZyNCi71EK5f/oJ0XV qOhjTkF5MUTedrXyizsoJfgwhUPgmY2n/t18w5wqUDMk3qnWxf2fMgpbDFFpOqbt lLLcUVCAaN9qe3cqR2uGwZurfKsKr/hls2vZCZricZYrnltzWWpFdpE0afgEx3oP Dz7ueuzTuScIFaw2eGq88E/x1IaPhrfQOZlO9tgifRz+x10sBgobU92uba/Mt8fC mK8N83VKTMazWLGDY6sLFBTpeqna6EMJ -----END CERTIFICATE-----Generated at Fri Apr 4 22:15:04 2025 by rpki-client