$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft File: cn1G1OfHecpnYSxgtGVS68IZkPs.mft (raw, json) Hash identifier: eP3JrVa7POuXEYF3aTKIFWseuG0r7SC4KIYrNiOWjio= Subject key identifier: 69:DF:64:8C:2F:8B:05:53:B6:6C:89:45:97:DB:70:A7:99:DC:32:AD Authority key identifier: 72:7D:46:D4:E7:C7:79:CA:67:61:2C:60:B4:65:52:EB:C2:19:90:FB Certificate issuer: /CN=A91D4D97/serialNumber=727D46D4E7C779CA67612C60B46552EBC21990FB Certificate serial: 0437 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cn1G1OfHecpnYSxgtGVS68IZkPs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft Manifest number: 0433 Signing time: Sat 12 Apr 2025 23:55:48 +0000 Manifest this update: Sat 12 Apr 2025 23:55:48 +0000 Manifest next update: Sat 19 Apr 2025 23:55:48 +0000 Files and hashes: 1: cn1G1OfHecpnYSxgtGVS68IZkPs.crl (hash: tMmtzI/601TleNcJnrsqhS9GYjzdk4cGMuj6YP3aOho=) 2: A9E2BE54567B11ECB346816BC4F9AE02.roa (hash: TPVU1s6exIqwh/rpq/ezgL4ll5z3zJFyVmt+0YWYn8g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.crl rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cn1G1OfHecpnYSxgtGVS68IZkPs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 23:55:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1079 (0x437) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4D97, serialNumber=727D46D4E7C779CA67612C60B46552EBC21990FB Validity Not Before: Apr 12 23:55:48 2025 GMT Not After : Apr 19 23:55:48 2025 GMT Subject: CN=67fafd84-bf2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:ea:6e:42:d5:4a:56:5e:58:68:7c:48:07:27: 54:e3:20:1c:b7:6b:1c:ec:8b:fe:e7:29:29:8b:51: eb:5a:b5:2a:5b:79:e1:a8:c2:fa:5d:83:c3:75:3a: bb:7e:2e:cd:ec:96:33:8f:b2:02:29:1a:19:7f:1c: 1d:fd:cc:4e:39:f0:2c:11:54:ce:17:de:4b:f5:c4: d0:ee:6e:02:fa:2f:a5:f1:4d:19:b6:68:92:cd:a5: 3e:a1:e4:dc:a9:5e:0e:0a:f5:19:b4:2c:56:dc:8a: f2:a3:46:33:50:83:53:b8:22:c8:ba:04:6c:76:1e: e0:ef:ed:c9:bd:5f:2e:bf:05:0d:5d:2c:f9:ef:ad: c1:dc:63:ac:d6:87:9a:08:65:99:87:c6:18:29:99: 25:26:c8:f3:6c:06:bb:90:11:04:48:97:af:4c:a2: 00:3a:1a:4b:da:7d:cc:b9:29:d3:a8:77:5e:c1:85: f2:10:fd:59:ce:2a:e5:a4:0c:8b:2f:73:3b:c7:6f: 5f:cd:76:8e:f3:db:c0:0f:eb:7c:d4:a7:06:d8:f7: 04:a1:f9:c9:7e:0d:3d:fd:89:bd:ef:33:52:e0:15: 63:bb:04:2c:6e:06:5f:5d:2f:93:5b:6b:b4:c9:d8: 0e:74:66:6a:2f:0d:1c:32:46:e7:b6:52:2c:f9:e4: 83:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:DF:64:8C:2F:8B:05:53:B6:6C:89:45:97:DB:70:A7:99:DC:32:AD X509v3 Authority Key Identifier: keyid:72:7D:46:D4:E7:C7:79:CA:67:61:2C:60:B4:65:52:EB:C2:19:90:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cn1G1OfHecpnYSxgtGVS68IZkPs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption be:6b:f0:3a:4a:31:9c:cf:4a:1e:79:84:1a:28:c2:a1:47:c1: e1:91:f9:bc:a7:48:39:66:49:e0:34:6b:c6:df:a3:83:6f:f5: 85:07:c6:5c:4c:13:b8:e1:43:68:35:d0:e8:08:f8:41:46:cb: 91:e8:98:ec:63:19:a0:26:20:7c:6b:a0:33:ad:f6:91:69:03: 09:2d:da:86:60:5d:82:68:7f:46:3e:a3:82:fa:ab:fb:95:c8: f3:57:06:97:15:5c:73:44:5a:da:12:96:08:02:b1:83:a7:bc: 86:6e:61:60:ff:dd:8b:a2:39:1d:0f:58:43:11:ca:fc:8e:52: f1:e9:2b:a1:70:a9:22:c9:af:45:aa:d6:6c:de:3f:4c:75:71: bf:0d:db:98:fa:82:04:18:a8:eb:a8:a8:08:0a:b5:70:e1:ee: e9:66:85:e4:fc:12:c4:5c:06:55:45:f9:c3:fb:de:cd:47:af: 55:17:59:7d:5a:55:69:fc:fc:4d:9d:75:0e:a8:44:29:4e:d2: d4:88:58:4f:63:46:18:98:16:c7:a1:7e:92:2f:4f:ea:70:49: d0:5b:e2:1f:2e:39:d8:21:bf:bc:10:31:b8:26:b5:81:3c:04: 3e:a8:b5:3d:e1:b6:4e:21:1f:ff:3d:2d:87:59:21:7c:87:23: 34:32:7d:57 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBDcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDREOTcxMTAvBgNVBAUTKDcyN0Q0NkQ0RTdDNzc5Q0E2NzYxMkM2MEI0NjU1MkVC QzIxOTkwRkIwHhcNMjUwNDEyMjM1NTQ4WhcNMjUwNDE5MjM1NTQ4WjAYMRYwFAYD VQQDEw02N2ZhZmQ4NC1iZjJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1epuQtVKVl5YaHxIBydU4yAct2sc7Iv+5ykpi1HrWrUqW3nhqML6XYPDdTq7 fi7N7JYzj7ICKRoZfxwd/cxOOfAsEVTOF95L9cTQ7m4C+i+l8U0ZtmiSzaU+oeTc qV4OCvUZtCxW3Iryo0YzUINTuCLIugRsdh7g7+3JvV8uvwUNXSz5763B3GOs1oea CGWZh8YYKZklJsjzbAa7kBEESJevTKIAOhpL2n3MuSnTqHdewYXyEP1ZzirlpAyL L3M7x29fzXaO89vAD+t81KcG2PcEofnJfg09/Ym97zNS4BVjuwQsbgZfXS+TW2u0 ydgOdGZqLw0cMkbntlIs+eSDhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGnfZIwv iwVTtmyJRZfbcKeZ3DKtMB8GA1UdIwQYMBaAFHJ9RtTnx3nKZ2EsYLRlUuvCGZD7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENEQ5Ny8xRjYxNDZFMDU2 NzgxMUVDOTIyQTM1NjdDNEY5QUUwMi9jbjFHMU9mSGVjcG5ZU3hndEdWUzY4SVpr UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NuMUcxT2ZIZWNwbllTeGd0R1ZTNjhJWmtQcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NEQ5Ny8xRjYxNDZFMDU2NzgxMUVDOTIyQTM1NjdDNEY5QUUwMi9jbjFHMU9mSGVj cG5ZU3hndEdWUzY4SVprUHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC+a/A6SjGcz0oeeYQaKMKhR8Hhkfm8p0g5ZkngNGvG36ODb/WFB8Zc TBO44UNoNdDoCPhBRsuR6JjsYxmgJiB8a6AzrfaRaQMJLdqGYF2CaH9GPqOC+qv7 lcjzVwaXFVxzRFraEpYIArGDp7yGbmFg/92LojkdD1hDEcr8jlLx6SuhcKkiya9F qtZs3j9MdXG/DduY+oIEGKjrqKgICrVw4e7pZoXk/BLEXAZVRfnD+97NR69VF1l9 WlVp/PxNnXUOqEQpTtLUiFhPY0YYmBbHoX6SL0/qcEnQW+IfLjnYIb+8EDG4JrWB PAQ+qLU94bZOIR//PS2HWSF8hyM0Mn1X -----END CERTIFICATE-----Generated at Sun Apr 13 04:50:44 2025 by rpki-client