$ rpki-client -vvf rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/s8iROAA2kV3l6qhM8TOrOzWz6dM.mft File: s8iROAA2kV3l6qhM8TOrOzWz6dM.mft (raw, json) Hash identifier: BYkWncWSNb07mB9i7Ukun/co/fS1aUXEfOI9lScb+v4= Subject key identifier: 94:67:50:6C:33:3E:53:C4:81:92:1D:29:36:63:23:C3:92:95:7D:B6 Authority key identifier: B3:C8:91:38:00:36:91:5D:E5:EA:A8:4C:F1:33:AB:3B:35:B3:E9:D3 Certificate issuer: /CN=A91D891D/serialNumber=B3C891380036915DE5EAA84CF133AB3B35B3E9D3 Certificate serial: 0758 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s8iROAA2kV3l6qhM8TOrOzWz6dM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/s8iROAA2kV3l6qhM8TOrOzWz6dM.mft Manifest number: 0C2B Signing time: Fri 18 Apr 2025 21:41:02 +0000 Manifest this update: Fri 18 Apr 2025 21:41:01 +0000 Manifest next update: Fri 25 Apr 2025 21:41:01 +0000 Files and hashes: 1: s8iROAA2kV3l6qhM8TOrOzWz6dM.crl (hash: IOjbhAkwZyQYaTBJHc2FjAJLnLdCAuOCMupBRJ55AHo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/s8iROAA2kV3l6qhM8TOrOzWz6dM.crl rsync://rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/s8iROAA2kV3l6qhM8TOrOzWz6dM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s8iROAA2kV3l6qhM8TOrOzWz6dM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Apr 2025 21:41:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1880 (0x758) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D891D, serialNumber=B3C891380036915DE5EAA84CF133AB3B35B3E9D3 Validity Not Before: Apr 18 21:41:01 2025 GMT Not After : Apr 25 21:41:01 2025 GMT Subject: CN=6802c6ed-e8a2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:95:cf:12:82:c9:53:cb:3d:87:c9:74:9f:19: be:a0:3d:7e:fa:10:0c:89:13:fa:f7:31:56:b5:c8: ee:81:bf:84:ff:fa:5e:cd:7e:71:e9:5b:dc:57:d4: 6f:a4:50:1a:37:bd:f0:86:de:59:eb:b0:e2:b9:30: b0:2f:2f:7b:79:38:0d:bc:a6:ae:04:47:46:2b:87: 09:bb:93:03:e5:e1:a5:dd:88:6b:f1:3b:84:f4:7e: aa:d1:92:6a:83:02:56:28:9f:c4:e5:5a:a9:a0:f3: 7b:41:b7:e7:4f:b7:64:b3:60:7e:63:f5:72:7e:70: 8c:22:8d:be:05:97:8e:7f:e0:05:b5:6a:e6:2f:d7: d4:aa:09:a3:1a:98:a6:b5:45:59:29:9d:1e:07:6f: 6d:7d:66:31:5b:0e:b5:b6:b9:18:b3:66:ac:ff:f9: 85:12:26:29:e4:46:de:25:bc:d0:ff:8c:79:a4:77: ba:33:7a:cf:c5:f4:d9:f0:bc:e9:6a:c2:41:75:ea: d0:bd:ab:05:76:2d:5d:bb:ce:98:a3:87:b4:ca:d8: b3:0b:46:74:7c:96:b1:e7:59:af:7e:76:4a:8f:f8: 62:91:4c:50:8f:f5:26:b7:38:07:9b:9a:f8:15:42: 36:b3:1c:32:1a:fe:4a:48:b6:af:ca:89:8d:d3:9b: c8:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:67:50:6C:33:3E:53:C4:81:92:1D:29:36:63:23:C3:92:95:7D:B6 X509v3 Authority Key Identifier: keyid:B3:C8:91:38:00:36:91:5D:E5:EA:A8:4C:F1:33:AB:3B:35:B3:E9:D3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/s8iROAA2kV3l6qhM8TOrOzWz6dM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s8iROAA2kV3l6qhM8TOrOzWz6dM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D891D/381A8F2A1CC211EB82B57178C4F9AE02/s8iROAA2kV3l6qhM8TOrOzWz6dM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:e6:44:5a:02:3a:fe:ad:99:b2:0a:18:13:62:79:56:cd:af: 3a:77:9f:ce:7a:fb:a3:b7:24:60:36:22:da:78:47:44:14:a9: 7c:21:36:92:81:6f:0d:e7:f8:34:e1:32:ab:c2:87:4e:35:c5: 69:11:5c:39:cb:7a:82:b8:60:d9:54:15:a3:ea:b2:95:49:d6: 4d:3d:38:48:dd:56:c5:88:3a:93:dc:b2:22:a6:e3:88:65:ef: 4e:58:bb:65:db:12:1d:62:4d:6d:ca:53:56:40:45:96:6e:01: b0:1d:c4:38:ef:0f:71:1f:7d:f5:b8:09:fc:d3:1a:dd:cb:c5: db:76:39:11:93:65:46:0b:38:a3:ed:df:91:eb:25:86:d5:ab: e5:77:f8:87:d1:b9:be:7b:cc:66:29:f5:70:38:8a:7c:df:e2: e4:88:de:a8:ac:54:af:97:5f:65:d7:fc:88:6c:43:45:11:c2: f1:ef:e4:af:78:5e:cb:6e:ac:38:52:f5:1f:67:1a:03:c8:61: ee:01:62:fc:ce:31:3f:00:b9:bd:1c:6c:43:7b:da:24:2f:33: 62:bf:2c:7c:af:91:27:e6:b6:fa:1a:19:b4:b8:06:60:7c:85: d4:e8:cf:07:c6:f8:79:c6:e4:6d:93:ed:1a:95:52:9c:9d:45: e3:e0:d8:80 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB1gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDg5MUQxMTAvBgNVBAUTKEIzQzg5MTM4MDAzNjkxNURFNUVBQTg0Q0YxMzNBQjNC MzVCM0U5RDMwHhcNMjUwNDE4MjE0MTAxWhcNMjUwNDI1MjE0MTAxWjAYMRYwFAYD VQQDEw02ODAyYzZlZC1lOGEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzZXPEoLJU8s9h8l0nxm+oD1++hAMiRP69zFWtcjugb+E//pezX5x6VvcV9Rv pFAaN73wht5Z67DiuTCwLy97eTgNvKauBEdGK4cJu5MD5eGl3Yhr8TuE9H6q0ZJq gwJWKJ/E5VqpoPN7QbfnT7dks2B+Y/VyfnCMIo2+BZeOf+AFtWrmL9fUqgmjGpim tUVZKZ0eB29tfWYxWw61trkYs2as//mFEiYp5EbeJbzQ/4x5pHe6M3rPxfTZ8Lzp asJBderQvasFdi1du86Yo4e0ytizC0Z0fJax51mvfnZKj/hikUxQj/UmtzgHm5r4 FUI2sxwyGv5KSLavyomN05vIJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJRnUGwz PlPEgZIdKTZjI8OSlX22MB8GA1UdIwQYMBaAFLPIkTgANpFd5eqoTPEzqzs1s+nT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODkxRC8zODFBOEYyQTFD QzIxMUVCODJCNTcxNzhDNEY5QUUwMi9zOGlST0FBMmtWM2w2cWhNOFRPck96V3o2 ZE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3M4aVJPQUEya1YzbDZxaE04VE9yT3pXejZkTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODkxRC8zODFBOEYyQTFDQzIxMUVCODJCNTcxNzhDNEY5QUUwMi9zOGlST0FBMmtW M2w2cWhNOFRPck96V3o2ZE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBE5kRaAjr+rZmyChgTYnlWza86d5/OevujtyRgNiLaeEdEFKl8ITaS gW8N5/g04TKrwodONcVpEVw5y3qCuGDZVBWj6rKVSdZNPThI3VbFiDqT3LIipuOI Ze9OWLtl2xIdYk1tylNWQEWWbgGwHcQ47w9xH331uAn80xrdy8XbdjkRk2VGCzij 7d+R6yWG1avld/iH0bm+e8xmKfVwOIp83+LkiN6orFSvl19l1/yIbENFEcLx7+Sv eF7Lbqw4UvUfZxoDyGHuAWL8zjE/ALm9HGxDe9okLzNivyx8r5En5rb6Ghm0uAZg fIXU6M8Hxvh5xuRtk+0alVKcnUXj4NiA -----END CERTIFICATE-----Generated at Sun Apr 20 14:49:36 2025 by rpki-client