$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBD27/DE5E774E7DCD11ECA6BD9D32C4F9AE02/8hTt1--NAG-Coif85lvF8-ZIo_o.mft File: 8hTt1--NAG-Coif85lvF8-ZIo_o.mft (raw, json) Hash identifier: 3JvkPdN8Wic4ZhPjrZTU9ydXGNP8+NfwWCptpQaTvBU= Subject key identifier: DD:42:41:EA:0B:0E:C0:05:80:94:79:37:D8:33:68:C3:80:1D:4D:58 Authority key identifier: F2:14:ED:D7:EF:8D:00:6F:82:A2:27:FC:E6:5B:C5:F3:E6:48:A3:FA Certificate issuer: /CN=A91DBD27/serialNumber=F214EDD7EF8D006F82A227FCE65BC5F3E648A3FA Certificate serial: 03D6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8hTt1--NAG-Coif85lvF8-ZIo_o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBD27/DE5E774E7DCD11ECA6BD9D32C4F9AE02/8hTt1--NAG-Coif85lvF8-ZIo_o.mft Manifest number: 03D1 Signing time: Fri 11 Apr 2025 00:32:49 +0000 Manifest this update: Fri 11 Apr 2025 00:32:49 +0000 Manifest next update: Fri 18 Apr 2025 00:32:49 +0000 Files and hashes: 1: 8hTt1--NAG-Coif85lvF8-ZIo_o.crl (hash: 0VTNrOKvpB52inyWLmT4ycnU2gs3GTdSBcUceKZcI60=) 2: 1A15CABE7DD111ECBB4A7D84C4F9AE02.roa (hash: aUKFEcgAYH8+/UqmZ13PB+UHXTWO1HzOhS9AQMfTurg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBD27/DE5E774E7DCD11ECA6BD9D32C4F9AE02/8hTt1--NAG-Coif85lvF8-ZIo_o.crl rsync://rpki.apnic.net/member_repository/A91DBD27/DE5E774E7DCD11ECA6BD9D32C4F9AE02/8hTt1--NAG-Coif85lvF8-ZIo_o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8hTt1--NAG-Coif85lvF8-ZIo_o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 00:32:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 982 (0x3d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBD27, serialNumber=F214EDD7EF8D006F82A227FCE65BC5F3E648A3FA Validity Not Before: Apr 11 00:32:49 2025 GMT Not After : Apr 18 00:32:49 2025 GMT Subject: CN=67f86331-b0a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:8a:53:b4:08:11:db:b8:cd:cd:c7:0f:0a:42: 77:b4:f8:ce:fc:f8:36:98:7a:37:2e:b1:ae:05:5f: da:54:f8:0a:27:ba:b9:35:87:2e:00:dd:80:66:f8: 7e:15:97:ec:86:ff:26:93:6e:43:66:37:b3:c2:65: 56:68:00:67:62:39:7c:47:5c:60:3c:d8:77:95:9f: e5:1a:aa:36:82:7a:6a:93:c3:0d:1e:f6:40:e3:24: 65:7c:15:67:be:a2:f0:8a:07:ec:90:a9:75:98:58: ba:1a:ac:12:71:cb:38:50:2e:4b:54:5a:bf:14:7e: a5:fe:b0:92:0d:6b:85:5c:9f:dd:c4:d2:c0:04:0e: 20:6d:67:98:ba:bf:06:ce:0e:ac:21:aa:de:fb:01: a1:39:2a:55:33:59:59:43:c4:f5:5f:8d:ac:7b:a6: b7:cc:e6:6f:1c:d8:6d:e7:6d:cf:43:54:02:61:a0: 76:20:bc:5d:e2:47:01:1e:21:3b:e3:ca:17:74:9f: 24:1b:2c:36:48:ae:e3:32:7a:c3:5c:43:82:ee:42: 31:0c:5a:56:ae:f1:77:0f:68:12:0f:fe:b1:86:9b: 25:db:88:50:f5:f2:a3:8e:57:9e:aa:f3:15:46:21: 29:5a:e5:21:c7:8b:2f:17:d4:c0:42:b5:97:56:c8: c3:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:42:41:EA:0B:0E:C0:05:80:94:79:37:D8:33:68:C3:80:1D:4D:58 X509v3 Authority Key Identifier: keyid:F2:14:ED:D7:EF:8D:00:6F:82:A2:27:FC:E6:5B:C5:F3:E6:48:A3:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBD27/DE5E774E7DCD11ECA6BD9D32C4F9AE02/8hTt1--NAG-Coif85lvF8-ZIo_o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8hTt1--NAG-Coif85lvF8-ZIo_o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBD27/DE5E774E7DCD11ECA6BD9D32C4F9AE02/8hTt1--NAG-Coif85lvF8-ZIo_o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:9d:db:d7:fd:ba:65:44:b9:1c:da:8c:fc:54:bf:23:10:b0: 03:96:01:97:ff:78:49:64:b7:f9:db:b4:7b:cc:ca:b5:c7:a3: 33:49:77:45:2e:d8:6d:a0:24:58:d3:b7:3b:bf:c5:64:9f:87: 2a:31:d3:0d:0e:b8:71:d3:24:7a:bc:51:cb:8d:e3:9b:4f:4a: 69:67:ce:2c:2f:53:b3:a6:8a:24:6f:12:07:88:bb:00:25:ca: 0c:b5:f6:0c:3f:39:93:66:1d:bd:d0:d8:61:fa:ca:fa:fc:a5: fb:e0:ef:b5:3b:75:5e:8d:66:66:28:3e:cb:98:6c:a5:43:ab: f1:de:36:e1:cf:b2:24:70:e7:72:c7:80:2f:fb:79:60:e7:02: 65:8b:f4:e6:9c:a3:5d:bc:44:05:69:2a:bf:98:64:41:57:a9: 80:5b:9c:2f:2b:d1:14:94:88:c2:d0:bf:29:b7:15:a5:cd:26: 4c:bf:6b:4e:d5:7a:8b:46:de:e1:28:48:65:22:1d:89:ad:32: 24:97:db:be:4c:25:85:d1:22:67:9f:a7:ad:66:ce:c0:42:2b: 77:1b:7d:32:b4:c1:c7:da:50:69:61:e9:fe:5c:b2:3d:68:26: 67:8f:06:52:72:07:ad:bb:a7:e8:dd:7c:0d:06:52:9c:e4:26: c3:6a:a2:8e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA9YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REJEMjcxMTAvBgNVBAUTKEYyMTRFREQ3RUY4RDAwNkY4MkEyMjdGQ0U2NUJDNUYz RTY0OEEzRkEwHhcNMjUwNDExMDAzMjQ5WhcNMjUwNDE4MDAzMjQ5WjAYMRYwFAYD VQQDEw02N2Y4NjMzMS1iMGExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy4pTtAgR27jNzccPCkJ3tPjO/Pg2mHo3LrGuBV/aVPgKJ7q5NYcuAN2AZvh+ FZfshv8mk25DZjezwmVWaABnYjl8R1xgPNh3lZ/lGqo2gnpqk8MNHvZA4yRlfBVn vqLwigfskKl1mFi6GqwSccs4UC5LVFq/FH6l/rCSDWuFXJ/dxNLABA4gbWeYur8G zg6sIare+wGhOSpVM1lZQ8T1X42se6a3zOZvHNht523PQ1QCYaB2ILxd4kcBHiE7 48oXdJ8kGyw2SK7jMnrDXEOC7kIxDFpWrvF3D2gSD/6xhpsl24hQ9fKjjleeqvMV RiEpWuUhx4svF9TAQrWXVsjDUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN1CQeoL DsAFgJR5N9gzaMOAHU1YMB8GA1UdIwQYMBaAFPIU7dfvjQBvgqIn/OZbxfPmSKP6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQkQyNy9ERTVFNzc0RTdE Q0QxMUVDQTZCRDlEMzJDNEY5QUUwMi84aFR0MS0tTkFHLUNvaWY4NWx2RjgtWklv X28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhoVHQxLS1OQUctQ29pZjg1bHZGOC1aSW9fby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QkQyNy9ERTVFNzc0RTdEQ0QxMUVDQTZCRDlEMzJDNEY5QUUwMi84aFR0MS0tTkFH LUNvaWY4NWx2RjgtWklvX28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCzndvX/bplRLkc2oz8VL8jELADlgGX/3hJZLf527R7zMq1x6MzSXdF LthtoCRY07c7v8Vkn4cqMdMNDrhx0yR6vFHLjeObT0ppZ84sL1OzpookbxIHiLsA JcoMtfYMPzmTZh290Nhh+sr6/KX74O+1O3VejWZmKD7LmGylQ6vx3jbhz7IkcOdy x4Av+3lg5wJli/TmnKNdvEQFaSq/mGRBV6mAW5wvK9EUlIjC0L8ptxWlzSZMv2tO 1XqLRt7hKEhlIh2JrTIkl9u+TCWF0SJnn6etZs7AQit3G30ytMHH2lBpYen+XLI9 aCZnjwZScgetu6fo3XwNBlKc5CbDaqKO -----END CERTIFICATE-----Generated at Sat Apr 12 18:51:56 2025 by rpki-client