$ rpki-client -vvf rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft File: d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft (raw, json) Hash identifier: OgDCtsFlkBN65inHgSOzZHpEStnids8LElwtdGtr6+o= Subject key identifier: B6:02:46:78:7E:6C:3E:5B:84:66:5C:C9:57:1F:86:C0:C6:DA:0E:B1 Authority key identifier: 77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92 Certificate issuer: /CN=A91DEB81/serialNumber=7776612A43C22D0A66B8F13680B3058BED5D9892 Certificate serial: 042D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft Manifest number: 0405 Signing time: Sat 29 Mar 2025 00:47:08 +0000 Manifest this update: Sat 29 Mar 2025 00:47:08 +0000 Manifest next update: Sat 05 Apr 2025 00:47:08 +0000 Files and hashes: 1: d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl (hash: y/9h8uvENPDfGN/hYrXlHjsoc+uS9SVXhjqN39H0Vjs=) 2: EEECC55A8C3611EFA07E612DC4F9AE02.roa (hash: S448nKM+pkzyKAVAq+QLZ6c2Rwj7lMGOSqjzi17yKYo=) 3: 216DB034DE9711EC9289256FC4F9AE02.roa (hash: +Y2vKS8CZ7xVCXV7DmrOc6o0OVVkIHves16LK2wsX2I=) 4: 204E25DADE9711EC9289256FC4F9AE02.roa (hash: Nm0NB5K/NvPqifGuFp/i7DvZfN/unt+xIyxa1mf1Ru8=) 5: E184C6F48F2C11EEA361B22FC4F9AE02.roa (hash: m7hFb23btwRa7iUoc5sSfQwuK6EzzQbsJrT19RdsUzA=) 6: 1FBEA1EEDE9711EC9289256FC4F9AE02.roa (hash: wFyDTsNGRzgAv8mhqHHalbGpjw+H79Gqqrm8IklHVfE=) 7: E0C5B7148F2C11EEA361B22FC4F9AE02.roa (hash: Aqyl2hhEx5BpBctkE5rWM8Kv0ZDOqQAIfUrt5yWaYks=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 00:47:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1069 (0x42d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DEB81 Validity Not Before: Mar 29 00:47:08 2025 GMT Not After : Apr 5 00:47:08 2025 GMT Subject: CN=67e7430c-f279 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:01:bf:8e:63:cd:9f:53:65:8e:e5:e9:54:0f: 07:b2:9a:36:66:98:75:a7:c6:76:e1:78:2f:66:e3: 29:03:78:71:8c:59:c6:3a:f3:77:5a:11:b5:57:9d: 8f:eb:e2:82:03:7c:22:75:49:fc:83:98:8f:80:4a: dd:c1:30:f3:ab:99:81:48:99:fa:52:da:ec:40:f4: 25:08:61:d0:ab:9e:4d:06:70:53:13:91:59:1e:00: e4:5e:de:76:55:69:08:5c:56:35:38:cc:e3:12:82: 79:0e:72:fe:58:bd:b8:43:02:b3:f3:00:35:a2:50: cb:34:d6:89:77:e9:2b:34:02:2d:6b:40:f0:ec:b4: ab:6b:1e:63:b6:ca:41:65:d2:15:de:bf:29:be:ea: 94:e3:7f:17:80:3c:78:ab:3e:0a:4a:d1:34:d6:cb: 2f:a2:ed:77:0c:3e:38:84:ca:4f:d3:1b:4b:21:1f: e4:05:e1:f4:34:4c:79:9e:0e:5e:d5:7d:fc:3e:5a: 05:8b:c6:45:e8:3b:19:fe:d3:62:25:fc:19:5b:de: ef:dd:98:11:8f:51:d8:5d:05:77:04:bb:89:65:80: e2:4a:70:38:64:e7:6a:77:97:e8:48:b6:a2:37:0b: c8:18:0f:77:c9:d2:71:69:f5:42:2e:33:bc:9b:98: ee:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:02:46:78:7E:6C:3E:5B:84:66:5C:C9:57:1F:86:C0:C6:DA:0E:B1 X509v3 Authority Key Identifier: keyid:77:76:61:2A:43:C2:2D:0A:66:B8:F1:36:80:B3:05:8B:ED:5D:98:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DEB81/CF9663C670F711ECB318E43AC4F9AE02/d3ZhKkPCLQpmuPE2gLMFi-1dmJI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:e1:70:4e:f0:8a:c2:d8:f9:90:79:ab:d8:08:52:f5:3b:10: 99:18:c9:8d:ee:12:73:7e:7b:2f:6c:a8:46:7e:e7:17:ff:a0: d5:f1:95:ef:a7:9a:0e:d1:0a:50:80:f7:9d:3f:c2:45:39:e5: 6a:7e:1e:f3:ae:91:85:bf:9c:86:c5:bc:00:cf:39:01:06:d3: 7e:61:a9:8d:91:46:f6:ad:95:98:a7:79:6a:b3:d8:ce:5b:9e: a0:bd:53:bb:10:e7:df:bb:f1:37:c9:cd:7d:fe:44:41:e1:eb: f2:86:75:62:cd:11:c4:81:82:f9:40:d7:17:4a:19:0c:15:c9: 8c:fb:73:8c:56:ac:22:73:10:30:e9:e9:8a:c4:8e:bd:5a:04: fe:55:a9:7d:24:dd:e6:d6:16:79:8b:e7:fe:b5:57:ed:74:13: 90:48:cd:41:de:06:6e:11:68:f6:df:3e:96:26:e2:0d:1b:23: 6a:fc:50:f9:68:2d:e4:39:7d:18:4d:e7:66:fa:64:34:67:96: 88:48:e9:7f:e8:aa:30:70:7e:5c:e9:0f:a7:e3:a9:c4:fe:c3: 0c:8b:8b:1c:6b:8f:9b:b8:5d:bb:7d:48:4a:40:7a:82:c2:bf: 0c:16:0c:46:f4:1e:db:9a:ca:11:2f:f1:41:db:39:4b:e6:7d: 21:c3:e7:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBC0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REVCODExMTAvBgNVBAUTKDc3NzY2MTJBNDNDMjJEMEE2NkI4RjEzNjgwQjMwNThC RUQ1RDk4OTIwHhcNMjUwMzI5MDA0NzA4WhcNMjUwNDA1MDA0NzA4WjAYMRYwFAYD VQQDEw02N2U3NDMwYy1mMjc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwAG/jmPNn1NljuXpVA8Hspo2Zph1p8Z24XgvZuMpA3hxjFnGOvN3WhG1V52P 6+KCA3widUn8g5iPgErdwTDzq5mBSJn6UtrsQPQlCGHQq55NBnBTE5FZHgDkXt52 VWkIXFY1OMzjEoJ5DnL+WL24QwKz8wA1olDLNNaJd+krNAIta0Dw7LSrax5jtspB ZdIV3r8pvuqU438XgDx4qz4KStE01ssvou13DD44hMpP0xtLIR/kBeH0NEx5ng5e 1X38PloFi8ZF6DsZ/tNiJfwZW97v3ZgRj1HYXQV3BLuJZYDiSnA4ZOdqd5foSLai NwvIGA93ydJxafVCLjO8m5juCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLYCRnh+ bD5bhGZcyVcfhsDG2g6xMB8GA1UdIwQYMBaAFHd2YSpDwi0KZrjxNoCzBYvtXZiS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERUI4MS9DRjk2NjNDNjcw RjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9kM1poS2tQQ0xRcG11UEUyZ0xNRmktMWRt SkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2QzWmhLa1BDTFFwbXVQRTJnTE1GaS0xZG1KSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RUI4MS9DRjk2NjNDNjcwRjcxMUVDQjMxOEU0M0FDNEY5QUUwMi9kM1poS2tQQ0xR cG11UEUyZ0xNRmktMWRtSkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCR4XBO8IrC2PmQeavYCFL1OxCZGMmN7hJzfnsvbKhGfucX/6DV8ZXv p5oO0QpQgPedP8JFOeVqfh7zrpGFv5yGxbwAzzkBBtN+YamNkUb2rZWYp3lqs9jO W56gvVO7EOffu/E3yc19/kRB4evyhnVizRHEgYL5QNcXShkMFcmM+3OMVqwicxAw 6emKxI69WgT+Val9JN3m1hZ5i+f+tVftdBOQSM1B3gZuEWj23z6WJuINGyNq/FD5 aC3kOX0YTedm+mQ0Z5aISOl/6KowcH5c6Q+n46nE/sMMi4sca4+buF27fUhKQHqC wr8MFgxG9B7bmsoRL/FB2zlL5n0hw+e5 -----END CERTIFICATE-----Generated at Fri Apr 4 22:01:56 2025 by rpki-client