$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft File: IHitW73x1MW5cLvik02aNV2zHOg.mft (raw, json) Hash identifier: dJ1NTg42OlcEyc4ICKf/4d0i3zSFaHc4KiwqJcfFUgc= Subject key identifier: 2D:E8:57:14:34:03:B4:F3:07:5B:B6:65:7E:27:7D:C6:68:A8:15:CD Authority key identifier: 20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 Certificate issuer: /CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Certificate serial: 04DA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft Manifest number: 04D1 Signing time: Thu 10 Apr 2025 23:46:41 +0000 Manifest this update: Thu 10 Apr 2025 23:46:40 +0000 Manifest next update: Thu 17 Apr 2025 23:46:40 +0000 Files and hashes: 1: IHitW73x1MW5cLvik02aNV2zHOg.crl (hash: ryrdnz//clE+mecESVFs/FIgPFn04M40SUSsmBGPIKY=) 2: E29A419EF46211EF9923C56AC4F9AE02.roa (hash: 5Fe3FjJ0ub0BI/9H9Qf01f9cVEZeKsER3XuQ53VFfiI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 17 Apr 2025 23:46:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1242 (0x4da) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4DFA, serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Validity Not Before: Apr 10 23:46:40 2025 GMT Not After : Apr 17 23:46:40 2025 GMT Subject: CN=67f85861-a700 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:54:e8:e3:18:0a:e6:cc:10:a7:ec:6e:e5:57: bb:b6:54:e3:1f:01:c8:da:d9:26:6d:07:15:f6:69: 29:c1:11:5b:a1:74:f2:c8:aa:8e:dd:6b:b8:38:d2: dd:96:9f:de:a3:ea:b8:18:e5:17:19:ac:39:3b:bb: bf:39:97:e0:c4:5e:71:bd:2f:0a:d3:1a:be:5c:31: 65:d4:56:08:dc:55:49:b6:be:2c:5c:4e:33:e0:0a: a4:28:ee:b0:b8:55:33:04:bc:88:de:32:3c:13:65: ae:45:3f:d3:9a:35:92:04:41:95:1f:1c:bd:db:2e: ac:77:de:a6:90:4b:71:88:5d:b3:0a:8d:7f:a3:64: e3:40:b0:e3:3f:b9:cf:76:db:da:f0:b6:11:59:88: 0a:de:f7:ce:54:41:c8:74:cb:68:10:f8:83:3a:85: 3d:c3:e5:d9:1c:18:38:d7:52:63:f5:d7:9d:25:46: 56:e4:1d:f2:e0:94:93:17:86:7a:de:6f:91:79:74: f2:c3:da:ac:8c:24:55:e5:2d:5b:af:68:62:a5:3c: 3f:95:09:db:f6:c9:ed:a8:67:68:fa:cf:8f:3f:6d: 12:ac:f9:df:25:3e:b3:00:ec:4d:74:96:e9:34:0a: 92:5e:20:f3:0a:b6:91:fb:cf:dc:36:5c:b0:b1:2a: 7b:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:E8:57:14:34:03:B4:F3:07:5B:B6:65:7E:27:7D:C6:68:A8:15:CD X509v3 Authority Key Identifier: keyid:20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:86:8b:da:c8:10:f5:61:31:4b:0e:20:1b:51:8c:16:e5:21: 57:1a:71:8e:f8:fd:ef:67:ff:d6:36:25:8a:ac:47:72:50:9f: 63:99:70:1b:f8:f6:bc:36:ca:63:be:6f:c8:fe:41:9d:c2:a1: 16:68:5d:05:99:47:64:a6:c4:23:17:d5:c8:b9:3c:50:4b:07: 06:3a:26:11:c9:97:c5:ab:2c:42:d9:31:93:e2:95:ba:55:13: 23:ce:fb:0a:49:ba:db:5b:7f:61:1f:b8:d6:74:71:2b:ff:df: ab:44:d7:ce:b8:1f:ed:3e:5e:c1:38:71:b4:17:83:28:6a:0b: 6c:76:d2:b6:50:bc:cc:9f:55:17:eb:26:fb:f1:2c:a6:fe:53: c7:b4:55:ac:6c:4f:97:2f:a9:3f:a0:77:c2:15:a7:8d:32:8c: a9:da:89:d6:48:ef:b1:a3:a8:64:70:29:7f:37:e1:14:71:72: 14:2a:ae:39:6a:0d:73:8c:e0:2f:fe:68:04:73:9f:77:3f:af: d9:39:79:11:bd:17:9a:59:8d:bf:ec:0d:eb:b3:b3:ed:4a:90: 97:bf:5a:eb:ae:4f:0c:55:04:95:56:aa:e8:1e:7d:2a:ee:94: 1c:ac:4a:8f:22:7b:69:29:be:96:e4:e4:7b:50:db:5c:8e:17: af:69:ae:ce -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBNowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTRERkExMTAvBgNVBAUTKDIwNzhBRDVCQkRGMUQ0QzVCOTcwQkJFMjkzNEQ5QTM1 NURCMzFDRTgwHhcNMjUwNDEwMjM0NjQwWhcNMjUwNDE3MjM0NjQwWjAYMRYwFAYD VQQDEw02N2Y4NTg2MS1hNzAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoVTo4xgK5swQp+xu5Ve7tlTjHwHI2tkmbQcV9mkpwRFboXTyyKqO3Wu4ONLd lp/eo+q4GOUXGaw5O7u/OZfgxF5xvS8K0xq+XDFl1FYI3FVJtr4sXE4z4AqkKO6w uFUzBLyI3jI8E2WuRT/TmjWSBEGVHxy92y6sd96mkEtxiF2zCo1/o2TjQLDjP7nP dtva8LYRWYgK3vfOVEHIdMtoEPiDOoU9w+XZHBg411Jj9dedJUZW5B3y4JSTF4Z6 3m+ReXTyw9qsjCRV5S1br2hipTw/lQnb9sntqGdo+s+PP20SrPnfJT6zAOxNdJbp NAqSXiDzCraR+8/cNlywsSp7uQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC3oVxQ0 A7TzB1u2ZX4nfcZoqBXNMB8GA1UdIwQYMBaAFCB4rVu98dTFuXC74pNNmjVdsxzo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNERGQS84NDU5ODRDRTFB ODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFNVzVjTHZpazAyYU5WMnpI T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lIaXRXNzN4MU1XNWNMdmlrMDJhTlYyekhPZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NERGQS84NDU5ODRDRTFBODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFN VzVjTHZpazAyYU5WMnpIT2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAGhovayBD1YTFLDiAbUYwW5SFXGnGO+P3vZ//WNiWKrEdyUJ9jmXAb +Pa8Nspjvm/I/kGdwqEWaF0FmUdkpsQjF9XIuTxQSwcGOiYRyZfFqyxC2TGT4pW6 VRMjzvsKSbrbW39hH7jWdHEr/9+rRNfOuB/tPl7BOHG0F4MoagtsdtK2ULzMn1UX 6yb78Sym/lPHtFWsbE+XL6k/oHfCFaeNMoyp2onWSO+xo6hkcCl/N+EUcXIUKq45 ag1zjOAv/mgEc593P6/ZOXkRvReaWY2/7A3rs7PtSpCXv1rrrk8MVQSVVqroHn0q 7pQcrEqPIntpKb6W5OR7UNtcjhevaa7O -----END CERTIFICATE-----Generated at Sat Apr 12 17:31:28 2025 by rpki-client