$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3D89/D3ED585820B811EFBE1C2815C4F9AE02/SPlgCbzUzgbNYNEl8KkbI_7DA2A.mft File: SPlgCbzUzgbNYNEl8KkbI_7DA2A.mft (raw, json) Hash identifier: ip9fMaVkAp/qyQRmTOlPiOYJG56YmE7E8FNpyNMz8U8= Subject key identifier: 7A:91:51:9C:1F:B0:C4:FA:E1:9A:DE:CF:AD:F5:AF:29:3A:D3:14:FC Authority key identifier: 48:F9:60:09:BC:D4:CE:06:CD:60:D1:25:F0:A9:1B:23:FE:C3:03:60 Certificate issuer: /CN=A91D3D89/serialNumber=48F96009BCD4CE06CD60D125F0A91B23FEC30360 Certificate serial: 9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SPlgCbzUzgbNYNEl8KkbI_7DA2A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3D89/D3ED585820B811EFBE1C2815C4F9AE02/SPlgCbzUzgbNYNEl8KkbI_7DA2A.mft Manifest number: 9C Signing time: Sat 29 Mar 2025 05:38:11 +0000 Manifest this update: Sat 29 Mar 2025 05:38:10 +0000 Manifest next update: Sat 05 Apr 2025 05:38:10 +0000 Files and hashes: 1: SPlgCbzUzgbNYNEl8KkbI_7DA2A.crl (hash: GDOqrXbSoLcVN6ezsSo9quDJZOauldirQsUd8flxPnY=) 2: 37D4A3DE20BA11EF9B035D1FC4F9AE02.roa (hash: XvWRCynYkFhCMaJDNTtD88NyWN5MgwjlrDADWnFFA8Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3D89/D3ED585820B811EFBE1C2815C4F9AE02/SPlgCbzUzgbNYNEl8KkbI_7DA2A.crl rsync://rpki.apnic.net/member_repository/A91D3D89/D3ED585820B811EFBE1C2815C4F9AE02/SPlgCbzUzgbNYNEl8KkbI_7DA2A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SPlgCbzUzgbNYNEl8KkbI_7DA2A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 05:08:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 158 (0x9e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3D89 Validity Not Before: Mar 29 05:38:10 2025 GMT Not After : Apr 5 05:38:10 2025 GMT Subject: CN=67e78743-b9ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:6d:f7:15:b6:cf:71:28:b8:71:89:8f:ff:1f: ac:99:a5:aa:5d:c6:79:98:1a:84:6e:05:26:74:6e: 84:f2:1f:35:01:29:ac:a7:6b:5d:ef:63:e9:91:f3: 98:c2:3a:da:df:b1:a9:fb:b1:ac:19:f3:a6:39:cd: 3b:0f:c2:12:d7:dd:b3:b7:5d:7c:2a:8f:05:86:18: 4e:80:81:cd:4a:1a:de:6d:32:aa:dd:dd:79:06:7c: 7c:86:f7:a9:f9:c4:ff:35:e9:6d:6e:36:88:52:02: af:6a:0d:cb:11:a3:1a:02:ee:43:ea:e5:3b:56:39: 79:92:b3:dd:86:3c:03:f7:7f:01:bc:c6:50:51:82: ec:63:b5:15:93:70:3c:71:31:3f:93:d2:2d:df:ba: 2c:fd:15:fc:c9:d5:b1:16:64:b0:4f:9b:51:b3:9e: 8d:04:24:9b:ae:5a:15:39:0f:96:a6:34:2e:ce:2e: 60:43:ae:99:b1:6d:33:d7:28:75:aa:a2:13:5b:44: 92:be:7c:2f:7d:93:8a:c5:58:3d:6e:27:fc:7c:63: 2d:0f:55:4d:fe:84:72:f8:55:59:87:3e:bd:19:87: 5a:e9:a8:73:77:76:2d:59:17:20:4d:9f:a3:60:56: dd:70:fd:3c:51:a1:d8:9d:96:58:fe:15:0d:5a:9e: b8:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:91:51:9C:1F:B0:C4:FA:E1:9A:DE:CF:AD:F5:AF:29:3A:D3:14:FC X509v3 Authority Key Identifier: keyid:48:F9:60:09:BC:D4:CE:06:CD:60:D1:25:F0:A9:1B:23:FE:C3:03:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3D89/D3ED585820B811EFBE1C2815C4F9AE02/SPlgCbzUzgbNYNEl8KkbI_7DA2A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/SPlgCbzUzgbNYNEl8KkbI_7DA2A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3D89/D3ED585820B811EFBE1C2815C4F9AE02/SPlgCbzUzgbNYNEl8KkbI_7DA2A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 87:52:a2:46:88:21:e0:e0:d9:e5:62:25:3c:4b:ff:f7:16:17: 37:e2:b1:06:8d:de:10:b4:5c:ff:93:df:3e:85:ce:99:c0:5e: 82:7b:8c:53:37:9b:90:ba:1f:ad:d8:83:a2:fe:2a:b0:b1:31: 1d:fb:cd:00:2f:18:d0:96:f3:7c:4a:ff:3c:f8:dc:de:b5:34: f3:05:01:d1:4a:9f:b0:68:28:bc:1f:dc:8a:70:95:ad:88:06: 21:7b:6a:5e:a2:aa:0b:71:46:19:25:e4:d6:b9:89:b3:97:3d: 59:26:78:4c:55:19:4b:d9:86:1f:ec:cd:db:a9:c4:4a:02:f0: 42:0b:d7:d9:ff:7b:e8:4b:ed:de:3a:34:96:83:2f:40:88:49: e6:58:c4:08:e0:c5:91:4a:2f:ed:8b:5c:1b:46:a6:ba:18:88: 89:06:a7:3b:12:49:43:c6:28:b3:f1:79:e0:92:14:95:7d:c2: b4:de:87:f5:2e:11:ad:d7:7f:f4:b2:4f:0e:35:fc:03:1f:68: a2:04:c5:5a:37:b9:92:70:c3:7d:4a:7e:93:8a:c6:fc:6c:d6: a4:3b:76:c0:40:0d:e0:f7:24:a0:09:0b:b4:ff:32:bf:f0:a9: 0e:38:96:12:c7:b4:10:fb:56:c8:21:41:d7:3c:04:96:f8:d7: 70:3e:3c:0b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDNEODkxMTAvBgNVBAUTKDQ4Rjk2MDA5QkNENENFMDZDRDYwRDEyNUYwQTkxQjIz RkVDMzAzNjAwHhcNMjUwMzI5MDUzODEwWhcNMjUwNDA1MDUzODEwWjAYMRYwFAYD VQQDEw02N2U3ODc0My1iOWVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt233FbbPcSi4cYmP/x+smaWqXcZ5mBqEbgUmdG6E8h81ASmsp2td72PpkfOY wjra37Gp+7GsGfOmOc07D8IS192zt118Ko8FhhhOgIHNShrebTKq3d15Bnx8hvep +cT/NeltbjaIUgKvag3LEaMaAu5D6uU7Vjl5krPdhjwD938BvMZQUYLsY7UVk3A8 cTE/k9It37os/RX8ydWxFmSwT5tRs56NBCSbrloVOQ+WpjQuzi5gQ66ZsW0z1yh1 qqITW0SSvnwvfZOKxVg9bif8fGMtD1VN/oRy+FVZhz69GYda6ahzd3YtWRcgTZ+j YFbdcP08UaHYnZZY/hUNWp64wQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHqRUZwf sMT64Zrez631ryk60xT8MB8GA1UdIwQYMBaAFEj5YAm81M4GzWDRJfCpGyP+wwNg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEM0Q4OS9EM0VENTg1ODIw QjgxMUVGQkUxQzI4MTVDNEY5QUUwMi9TUGxnQ2J6VXpnYk5ZTkVsOEtrYklfN0RB MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NQbGdDYnpVemdiTllORWw4S2tiSV83REEyQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE M0Q4OS9EM0VENTg1ODIwQjgxMUVGQkUxQzI4MTVDNEY5QUUwMi9TUGxnQ2J6VXpn Yk5ZTkVsOEtrYklfN0RBMkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCHUqJGiCHg4NnlYiU8S//3Fhc34rEGjd4QtFz/k98+hc6ZwF6Ce4xT N5uQuh+t2IOi/iqwsTEd+80ALxjQlvN8Sv88+NzetTTzBQHRSp+waCi8H9yKcJWt iAYhe2peoqoLcUYZJeTWuYmzlz1ZJnhMVRlL2YYf7M3bqcRKAvBCC9fZ/3voS+3e OjSWgy9AiEnmWMQI4MWRSi/ti1wbRqa6GIiJBqc7EklDxiiz8XngkhSVfcK03of1 LhGt13/0sk8ONfwDH2iiBMVaN7mScMN9Sn6Tisb8bNakO3bAQA3g9ySgCQu0/zK/ 8KkOOJYSx7QQ+1bIIUHXPASW+NdwPjwL -----END CERTIFICATE-----Generated at Fri Apr 4 18:37:28 2025 by rpki-client