$ rpki-client -vvf rpki.apnic.net/member_repository/A91E772F/1E77E732E2EB11EEAD6E9A0BC4F9AE02/G_l27-qyMS6i2shrmKOYzwxb1vA.mft File: G_l27-qyMS6i2shrmKOYzwxb1vA.mft (raw, json) Hash identifier: hC9rDoDhUA1SvV4I2zDQ56+ULEHQb6Iq9wnryqY/8sM= Subject key identifier: 16:4C:CE:4E:93:E0:03:11:13:72:1C:6D:DF:EB:7A:96:07:C1:A4:69 Authority key identifier: 1B:F9:76:EF:EA:B2:31:2E:A2:DA:C8:6B:98:A3:98:CF:0C:5B:D6:F0 Certificate issuer: /CN=A91E772F/serialNumber=1BF976EFEAB2312EA2DAC86B98A398CF0C5BD6F0 Certificate serial: CB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G_l27-qyMS6i2shrmKOYzwxb1vA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E772F/1E77E732E2EB11EEAD6E9A0BC4F9AE02/G_l27-qyMS6i2shrmKOYzwxb1vA.mft Manifest number: CA Signing time: Thu 17 Apr 2025 04:35:13 +0000 Manifest this update: Thu 17 Apr 2025 04:35:13 +0000 Manifest next update: Thu 24 Apr 2025 04:35:13 +0000 Files and hashes: 1: G_l27-qyMS6i2shrmKOYzwxb1vA.crl (hash: tI+6C5xVvCbq6aU1gjRI7RpJ88tL1qk5qB9xM9R36so=) 2: 82743A06E2EB11EEBAC73D0CC4F9AE02.roa (hash: y03lKIB42nw4jlkFQ7G75iFQPvcCfwFRDTzAnmoLg+c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E772F/1E77E732E2EB11EEAD6E9A0BC4F9AE02/G_l27-qyMS6i2shrmKOYzwxb1vA.crl rsync://rpki.apnic.net/member_repository/A91E772F/1E77E732E2EB11EEAD6E9A0BC4F9AE02/G_l27-qyMS6i2shrmKOYzwxb1vA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G_l27-qyMS6i2shrmKOYzwxb1vA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Apr 2025 04:35:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 203 (0xcb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E772F, serialNumber=1BF976EFEAB2312EA2DAC86B98A398CF0C5BD6F0 Validity Not Before: Apr 17 04:35:13 2025 GMT Not After : Apr 24 04:35:13 2025 GMT Subject: CN=68008501-0d25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:3c:b1:4b:54:0f:80:0e:f8:b6:ea:0d:90:32: 8f:3f:e6:bc:d6:61:c3:fe:92:fc:43:f0:9e:e6:a8: 5e:da:b6:9e:94:b4:e3:e3:43:08:3a:e8:b7:1e:2e: b1:78:27:ec:b4:7e:65:db:bf:ac:86:11:34:13:be: 76:b3:1a:e5:71:d3:e2:9f:62:12:81:a4:b4:5a:85: 6f:ba:44:d6:b4:3e:ec:20:60:ae:40:73:d3:10:26: 75:1b:75:e7:4d:5b:83:cc:5b:b2:ce:8d:b8:67:e9: 6f:85:a0:cd:d1:17:ee:37:93:53:bd:d9:30:e7:38: a8:b5:f2:eb:62:f8:28:77:52:87:8b:6e:1c:80:5f: 98:d3:c4:04:9a:4e:9d:db:68:5c:d0:0b:f1:65:4f: 25:b3:de:47:1e:cf:b1:cc:e9:c0:6f:f5:0f:4b:66: 4f:d3:e9:b2:3f:3a:05:c8:40:a6:1e:a3:3b:83:8f: 79:c0:21:f5:49:09:4a:63:14:81:1e:15:50:f6:c4: 63:f1:d8:3e:13:a1:e9:11:d7:ac:c3:03:a2:7e:55: f9:15:a2:24:2e:3d:29:79:f1:83:ea:cf:9b:9c:c4: da:56:50:69:dd:fb:59:8d:f2:b3:b6:c6:73:e6:07: 8c:4e:b8:b3:e5:6c:bf:16:b6:9c:38:75:13:4b:a0: 2a:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:4C:CE:4E:93:E0:03:11:13:72:1C:6D:DF:EB:7A:96:07:C1:A4:69 X509v3 Authority Key Identifier: keyid:1B:F9:76:EF:EA:B2:31:2E:A2:DA:C8:6B:98:A3:98:CF:0C:5B:D6:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E772F/1E77E732E2EB11EEAD6E9A0BC4F9AE02/G_l27-qyMS6i2shrmKOYzwxb1vA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/G_l27-qyMS6i2shrmKOYzwxb1vA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E772F/1E77E732E2EB11EEAD6E9A0BC4F9AE02/G_l27-qyMS6i2shrmKOYzwxb1vA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 83:37:a1:a0:1f:62:77:5a:e3:d5:e4:f4:7d:d7:6a:58:60:56: f6:0d:4b:a7:f0:a5:76:1d:99:28:51:15:cd:96:81:f9:08:42: 8a:35:28:32:c8:96:92:01:c0:24:ae:d7:f5:d0:1e:d1:97:eb: bf:5d:b3:48:aa:a6:aa:76:d6:ee:97:1e:5b:01:70:a4:16:90: cb:1a:46:62:d4:de:62:36:78:54:e9:95:62:80:6e:0f:0c:05: 30:b4:da:e2:c8:f5:21:e3:6e:09:60:61:31:e9:f7:92:d6:d8: dd:3c:59:60:47:c4:6f:55:20:af:bc:36:d5:aa:bd:bf:81:a6: f3:a0:b2:3c:bb:30:ff:15:63:81:22:d6:ec:23:51:c0:44:0c: d3:19:c0:06:d7:3d:54:26:e3:d1:2b:7b:7b:fd:38:05:73:21: 9f:42:c9:4a:43:2f:8b:ec:55:26:ab:52:7c:f3:ff:bc:e4:0e: d4:2f:73:29:78:be:7f:6c:4e:7d:ff:3d:aa:fc:17:30:d7:e0: 8a:38:cb:ea:b1:34:10:68:b5:f8:70:98:df:96:94:f8:88:71: 3c:f4:bf:72:fb:86:2e:e3:2c:8e:1b:11:03:d7:6c:55:fb:ad: ca:2a:8b:61:d9:a6:68:e7:20:9f:88:42:91:fb:c9:24:35:70: 7b:21:01:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTc3MkYxMTAvBgNVBAUTKDFCRjk3NkVGRUFCMjMxMkVBMkRBQzg2Qjk4QTM5OENG MEM1QkQ2RjAwHhcNMjUwNDE3MDQzNTEzWhcNMjUwNDI0MDQzNTEzWjAYMRYwFAYD VQQDEw02ODAwODUwMS0wZDI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxjyxS1QPgA74tuoNkDKPP+a81mHD/pL8Q/Ce5qhe2raelLTj40MIOui3Hi6x eCfstH5l27+shhE0E752sxrlcdPin2ISgaS0WoVvukTWtD7sIGCuQHPTECZ1G3Xn TVuDzFuyzo24Z+lvhaDN0RfuN5NTvdkw5ziotfLrYvgod1KHi24cgF+Y08QEmk6d 22hc0AvxZU8ls95HHs+xzOnAb/UPS2ZP0+myPzoFyECmHqM7g495wCH1SQlKYxSB HhVQ9sRj8dg+E6HpEdeswwOiflX5FaIkLj0pefGD6s+bnMTaVlBp3ftZjfKztsZz 5geMTriz5Wy/FracOHUTS6AqwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBZMzk6T 4AMRE3Icbd/repYHwaRpMB8GA1UdIwQYMBaAFBv5du/qsjEuotrIa5ijmM8MW9bw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNzcyRi8xRTc3RTczMkUy RUIxMUVFQUQ2RTlBMEJDNEY5QUUwMi9HX2wyNy1xeU1TNmkyc2hybUtPWXp3eGIx dkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dfbDI3LXF5TVM2aTJzaHJtS09Zend4YjF2QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NzcyRi8xRTc3RTczMkUyRUIxMUVFQUQ2RTlBMEJDNEY5QUUwMi9HX2wyNy1xeU1T Nmkyc2hybUtPWXp3eGIxdkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCDN6GgH2J3WuPV5PR912pYYFb2DUun8KV2HZkoURXNloH5CEKKNSgy yJaSAcAkrtf10B7Rl+u/XbNIqqaqdtbulx5bAXCkFpDLGkZi1N5iNnhU6ZVigG4P DAUwtNriyPUh424JYGEx6feS1tjdPFlgR8RvVSCvvDbVqr2/gabzoLI8uzD/FWOB ItbsI1HARAzTGcAG1z1UJuPRK3t7/TgFcyGfQslKQy+L7FUmq1J88/+85A7UL3Mp eL5/bE59/z2q/Bcw1+CKOMvqsTQQaLX4cJjflpT4iHE89L9y+4Yu4yyOGxED12xV +63KKoth2aZo5yCfiEKR+8kkNXB7IQFS -----END CERTIFICATE-----Generated at Sat Apr 19 00:41:04 2025 by rpki-client