$ rpki-client -vvf rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft File: 1AI0WEr2BZHzfdP7on68uFzHZWo.mft (raw, json) Hash identifier: 6xf0TD+65eyAznjURW3RTgIXPAVBFde46S+3IM6ctP4= Subject key identifier: 37:53:D4:4F:F5:45:AA:89:B6:30:CF:ED:61:91:83:83:19:0C:58:07 Authority key identifier: D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A Certificate issuer: /CN=A91E27F3/serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Certificate serial: 347C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft Manifest number: 3477 Signing time: Sat 12 Apr 2025 15:04:44 +0000 Manifest this update: Sat 12 Apr 2025 15:04:44 +0000 Manifest next update: Sat 19 Apr 2025 15:04:44 +0000 Files and hashes: 1: 1AI0WEr2BZHzfdP7on68uFzHZWo.crl (hash: LnQXTCtwJaf8imXgIU2pJ5o3pb147oy0yzXq0VdYvTw=) 2: 1B4B4FC2152F11ECB72E546FC4F9AE02.roa (hash: 08icoQFu/lUzJ7/49iluwBG/IFFfyhiQgRTkubc2rPw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 19 Apr 2025 14:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13436 (0x347c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E27F3, serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Validity Not Before: Apr 12 15:04:44 2025 GMT Not After : Apr 19 15:04:44 2025 GMT Subject: CN=67fa810c-a5f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:3d:4a:9a:a9:48:af:4d:9b:43:79:09:28:a8: b6:11:cf:22:e5:fb:e4:91:f8:39:c2:3e:6a:74:6e: d0:9d:71:71:24:4f:5c:d2:d5:6f:7e:ad:50:de:44: 2c:1f:32:ea:35:6f:c5:1f:3c:06:75:c8:2d:30:ef: f5:81:34:bb:4b:d3:dc:80:29:4b:44:85:b4:08:30: b1:fe:d3:34:18:a9:52:92:d0:a0:03:1f:72:d1:98: a5:18:9c:c9:a7:fc:59:2c:7a:4e:1e:18:e0:a4:2a: c6:5e:b1:e9:68:90:16:44:c1:77:4f:12:5d:6a:bd: 33:ff:26:25:e7:70:39:fd:ef:ce:07:ac:0a:fc:d3: ec:0a:3c:d8:22:a6:56:3b:fe:8d:50:76:2c:d0:c3: 42:3e:b9:1c:68:d3:b6:40:21:06:bd:1d:8e:12:92: 02:7a:e2:f5:ba:a2:a6:a6:4a:4e:fc:d2:a8:52:c9: 8f:63:46:46:77:eb:ae:82:01:2b:ba:20:f2:57:a0: 45:da:5b:b8:a9:41:3f:01:94:45:88:a2:07:54:da: 40:e1:fa:79:77:fc:38:3d:de:9b:50:65:f7:b8:c7: 5f:c1:e7:58:c3:31:bb:ea:89:59:16:96:13:f2:b2: 85:d5:8c:af:1b:b8:0e:b2:18:ee:47:54:13:7d:01: 9e:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:53:D4:4F:F5:45:AA:89:B6:30:CF:ED:61:91:83:83:19:0C:58:07 X509v3 Authority Key Identifier: keyid:D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:9a:55:cd:62:7e:d8:5e:74:41:5d:58:90:aa:46:85:d1:de: 9a:bb:f3:e9:6b:02:9c:5e:84:af:2f:f6:10:79:0c:2b:cf:cc: af:8b:c8:87:c1:36:ba:1d:13:13:14:83:e0:3f:14:3c:12:96: 0a:3d:89:8e:20:c0:05:68:e1:b5:e0:d2:fd:7e:a4:0f:b0:c9: ee:ea:98:1d:d3:80:c6:a3:eb:98:ea:7f:01:0a:ee:fd:73:49: e4:96:82:03:7d:73:dd:87:f4:9f:39:74:65:e5:1e:57:64:71: b0:e4:f3:77:e0:5d:5c:89:bc:26:df:74:85:62:4a:ce:71:8c: 95:49:31:bb:e5:b8:ee:f5:12:99:47:64:7a:67:cf:01:f4:fe: f8:29:0c:91:1a:a7:f2:53:a4:8a:b2:06:76:30:50:df:50:2f: 31:37:8a:95:3e:59:db:d9:83:8a:39:b9:1c:5c:11:29:03:a0: 7f:c8:2e:03:13:91:a8:99:5a:68:79:24:24:ea:20:75:15:3b: 33:9e:32:09:7a:ea:0c:08:c3:02:40:fc:b3:2e:96:1b:26:ec: de:7b:fd:7b:6f:72:7b:f1:c6:78:c0:07:fe:38:95:48:1f:1c: e0:a8:33:7a:66:81:53:5b:7f:10:08:f3:c0:c1:50:0d:3a:09: 9f:b9:23:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTI3RjMxMTAvBgNVBAUTKEQ0MDIzNDU4NEFGNjA1OTFGMzdERDNGQkEyN0VCQ0I4 NUNDNzY1NkEwHhcNMjUwNDEyMTUwNDQ0WhcNMjUwNDE5MTUwNDQ0WjAYMRYwFAYD VQQDEw02N2ZhODEwYy1hNWY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8D1KmqlIr02bQ3kJKKi2Ec8i5fvkkfg5wj5qdG7QnXFxJE9c0tVvfq1Q3kQs HzLqNW/FHzwGdcgtMO/1gTS7S9PcgClLRIW0CDCx/tM0GKlSktCgAx9y0ZilGJzJ p/xZLHpOHhjgpCrGXrHpaJAWRMF3TxJdar0z/yYl53A5/e/OB6wK/NPsCjzYIqZW O/6NUHYs0MNCPrkcaNO2QCEGvR2OEpICeuL1uqKmpkpO/NKoUsmPY0ZGd+uuggEr uiDyV6BF2lu4qUE/AZRFiKIHVNpA4fp5d/w4Pd6bUGX3uMdfwedYwzG76olZFpYT 8rKF1YyvG7gOshjuR1QTfQGebQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDdT1E/1 RaqJtjDP7WGRg4MZDFgHMB8GA1UdIwQYMBaAFNQCNFhK9gWR833T+6J+vLhcx2Vq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjdGMy9BNkRFMUNFODFE QTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJaSHpmZFA3b242OHVGekha V28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFBSTBXRXIyQlpIemZkUDdvbjY4dUZ6SFpXby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MjdGMy9BNkRFMUNFODFEQTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJa SHpmZFA3b242OHVGekhaV28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB+mlXNYn7YXnRBXViQqkaF0d6au/PpawKcXoSvL/YQeQwrz8yvi8iH wTa6HRMTFIPgPxQ8EpYKPYmOIMAFaOG14NL9fqQPsMnu6pgd04DGo+uY6n8BCu79 c0nkloIDfXPdh/SfOXRl5R5XZHGw5PN34F1cibwm33SFYkrOcYyVSTG75bju9RKZ R2R6Z88B9P74KQyRGqfyU6SKsgZ2MFDfUC8xN4qVPlnb2YOKObkcXBEpA6B/yC4D E5GomVpoeSQk6iB1FTsznjIJeuoMCMMCQPyzLpYbJuzee/17b3J78cZ4wAf+OJVI HxzgqDN6ZoFTW38QCPPAwVANOgmfuSOW -----END CERTIFICATE-----Generated at Sat Apr 12 17:29:13 2025 by rpki-client