$ rpki-client -vvf rpki.apnic.net/member_repository/A91E87AB/916B0666145811EC9ED6C73BC4F9AE02/BKfrBJqTf9nyuG4Vnd310sma1B4.mft File: BKfrBJqTf9nyuG4Vnd310sma1B4.mft (raw, json) Hash identifier: zTL0gnmY04V2YlUvZmKty+Rd2bPkwkFJ6VWxaFIfQgw= Subject key identifier: DE:A8:9E:2F:61:88:AB:44:11:A1:3B:89:BF:07:44:3E:E1:09:15:F2 Authority key identifier: 04:A7:EB:04:9A:93:7F:D9:F2:B8:6E:15:9D:DD:F5:D2:C9:9A:D4:1E Certificate issuer: /CN=A91E87AB/serialNumber=04A7EB049A937FD9F2B86E159DDDF5D2C99AD41E Certificate serial: 04DF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKfrBJqTf9nyuG4Vnd310sma1B4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E87AB/916B0666145811EC9ED6C73BC4F9AE02/BKfrBJqTf9nyuG4Vnd310sma1B4.mft Manifest number: 04D9 Signing time: Fri 04 Apr 2025 23:53:29 +0000 Manifest this update: Fri 04 Apr 2025 23:53:29 +0000 Manifest next update: Fri 11 Apr 2025 23:53:28 +0000 Files and hashes: 1: BKfrBJqTf9nyuG4Vnd310sma1B4.crl (hash: TB9vJNURZDGAZPyX1WDjQuiu2udlRBe4/CfoCcgS1zU=) 2: 709F3B2E145C11EC9A902165C4F9AE02.roa (hash: UibVZP54wNfnJM5fmfROJ4sssLQa2oOrL7RimgDBnPw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E87AB/916B0666145811EC9ED6C73BC4F9AE02/BKfrBJqTf9nyuG4Vnd310sma1B4.crl rsync://rpki.apnic.net/member_repository/A91E87AB/916B0666145811EC9ED6C73BC4F9AE02/BKfrBJqTf9nyuG4Vnd310sma1B4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKfrBJqTf9nyuG4Vnd310sma1B4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 23:53:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1247 (0x4df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E87AB Validity Not Before: Apr 4 23:53:29 2025 GMT Not After : Apr 11 23:53:28 2025 GMT Subject: CN=67f070f9-94a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:a9:d2:94:32:f6:77:bb:06:52:4e:97:fa:0b: 58:91:0e:d2:27:2c:6d:da:32:1e:82:03:3b:44:e9: a0:75:06:6a:0f:5a:61:ce:7a:df:2e:bd:4b:6b:49: 73:85:ca:b7:2d:3c:57:0f:74:e6:98:5d:f5:dc:42: 30:39:46:c1:34:b8:dc:31:12:7d:0f:67:18:8e:d5: 5b:83:7a:b0:6c:98:2c:66:ff:bb:06:da:38:68:be: 47:6b:7c:93:44:5f:e0:58:5f:bd:c1:9d:d3:30:4e: 17:e8:3e:31:14:48:2f:47:0a:c6:81:cf:81:73:97: 59:b0:91:bb:f1:6d:1c:1d:ea:37:63:16:e2:e6:00: 6e:d5:81:b7:97:56:6a:0c:0c:ce:7f:82:5a:08:da: b0:7f:7b:57:80:81:fa:ad:7b:5f:8e:52:df:34:f7: 21:a6:dd:ff:a5:95:4d:72:43:ac:a1:d2:11:f3:63: 31:1d:b0:bf:7f:bd:b5:ed:a9:f1:26:54:ea:6a:a1: 45:38:78:4c:42:43:28:7f:43:fd:07:55:05:c2:92: 0a:79:de:67:98:2b:47:1b:fb:fa:89:aa:94:d3:fa: 3f:3a:4a:d7:c0:61:2b:fb:ed:6b:c0:3f:26:ef:9e: 46:89:7f:b2:5b:4d:ea:56:80:c5:cf:c3:60:36:05: 17:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:A8:9E:2F:61:88:AB:44:11:A1:3B:89:BF:07:44:3E:E1:09:15:F2 X509v3 Authority Key Identifier: keyid:04:A7:EB:04:9A:93:7F:D9:F2:B8:6E:15:9D:DD:F5:D2:C9:9A:D4:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E87AB/916B0666145811EC9ED6C73BC4F9AE02/BKfrBJqTf9nyuG4Vnd310sma1B4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKfrBJqTf9nyuG4Vnd310sma1B4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E87AB/916B0666145811EC9ED6C73BC4F9AE02/BKfrBJqTf9nyuG4Vnd310sma1B4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c1:5f:c8:fc:72:fc:f7:af:88:0d:aa:f7:ff:07:20:94:9e:00: c1:5e:0b:eb:cc:8c:ea:f5:d3:19:2b:22:87:c7:0f:ad:d4:76: 0a:a5:76:b4:d0:95:84:88:db:cc:d9:c1:99:d5:27:c1:50:c9: 6a:66:8a:c6:ea:d5:95:f8:8e:83:33:3f:5d:3b:34:d2:94:19: 57:13:0b:73:ca:c9:3d:39:74:e4:d0:78:bf:dd:e5:2b:4c:93: d3:d4:4e:77:b6:5d:f9:a8:47:63:e6:33:8c:03:51:14:12:b2: 15:d4:23:b2:3f:7f:af:0a:9b:0f:09:5b:5f:9e:83:2c:9c:32: 09:12:35:4a:1a:31:93:c6:42:ce:fa:3c:53:c8:bb:9b:53:fc: 5a:cf:61:47:67:45:90:1a:ba:f0:6f:d5:c7:e2:d7:d7:b8:05: ab:18:f4:06:03:b5:22:ab:2e:98:da:2f:c1:f4:43:8f:d8:c6: d7:17:2b:27:93:75:7a:84:e0:9e:fd:87:86:88:0a:05:71:0d: c7:05:3b:09:46:01:64:83:3e:e1:9d:69:5c:2f:bf:66:6c:49: ae:53:a6:fa:04:10:87:cf:97:9f:bb:c0:e8:6a:31:2e:59:75: 51:b9:3e:b0:ba:f0:45:c2:79:0f:7c:a0:4c:73:26:e6:17:51: e6:ae:d1:e2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBN8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg3QUIxMTAvBgNVBAUTKDA0QTdFQjA0OUE5MzdGRDlGMkI4NkUxNTlERERGNUQy Qzk5QUQ0MUUwHhcNMjUwNDA0MjM1MzI5WhcNMjUwNDExMjM1MzI4WjAYMRYwFAYD VQQDEw02N2YwNzBmOS05NGE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoKnSlDL2d7sGUk6X+gtYkQ7SJyxt2jIeggM7ROmgdQZqD1phznrfLr1La0lz hcq3LTxXD3TmmF313EIwOUbBNLjcMRJ9D2cYjtVbg3qwbJgsZv+7Bto4aL5Ha3yT RF/gWF+9wZ3TME4X6D4xFEgvRwrGgc+Bc5dZsJG78W0cHeo3Yxbi5gBu1YG3l1Zq DAzOf4JaCNqwf3tXgIH6rXtfjlLfNPchpt3/pZVNckOsodIR82MxHbC/f7217anx JlTqaqFFOHhMQkMof0P9B1UFwpIKed5nmCtHG/v6iaqU0/o/OkrXwGEr++1rwD8m 755GiX+yW03qVoDFz8NgNgUXwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN6oni9h iKtEEaE7ib8HRD7hCRXyMB8GA1UdIwQYMBaAFASn6wSak3/Z8rhuFZ3d9dLJmtQe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODdBQi85MTZCMDY2NjE0 NTgxMUVDOUVENkM3M0JDNEY5QUUwMi9CS2ZyQkpxVGY5bnl1RzRWbmQzMTBzbWEx QjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JLZnJCSnFUZjlueXVHNFZuZDMxMHNtYTFCNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF ODdBQi85MTZCMDY2NjE0NTgxMUVDOUVENkM3M0JDNEY5QUUwMi9CS2ZyQkpxVGY5 bnl1RzRWbmQzMTBzbWExQjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDBX8j8cvz3r4gNqvf/ByCUngDBXgvrzIzq9dMZKyKHxw+t1HYKpXa0 0JWEiNvM2cGZ1SfBUMlqZorG6tWV+I6DMz9dOzTSlBlXEwtzysk9OXTk0Hi/3eUr TJPT1E53tl35qEdj5jOMA1EUErIV1COyP3+vCpsPCVtfnoMsnDIJEjVKGjGTxkLO +jxTyLubU/xaz2FHZ0WQGrrwb9XH4tfXuAWrGPQGA7Uiqy6Y2i/B9EOP2MbXFysn k3V6hOCe/YeGiAoFcQ3HBTsJRgFkgz7hnWlcL79mbEmuU6b6BBCHz5efu8DoajEu WXVRuT6wuvBFwnkPfKBMcybmF1HmrtHi -----END CERTIFICATE-----Generated at Sat Apr 5 19:11:39 2025 by rpki-client