$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft File: IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft (raw, json) Hash identifier: 2dyJDCMFJThuIa5nOre7s8RdyPvudCuJ+I4c1vvZTyw= Subject key identifier: E6:E1:42:3E:66:36:69:22:88:EE:E6:0C:B2:C8:B8:68:91:40:55:D3 Authority key identifier: 21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA Certificate issuer: /CN=A91EA409/serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Certificate serial: 55 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft Manifest number: 53 Signing time: Wed 09 Apr 2025 06:04:42 +0000 Manifest this update: Wed 09 Apr 2025 06:04:41 +0000 Manifest next update: Wed 16 Apr 2025 06:04:41 +0000 Files and hashes: 1: IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl (hash: sXzUoO454pPzFAHIAbRw5CEzv45D6Vrp4LsY4DqtxRc=) 2: E9F177B89D9C11EFA9526A6CC4F9AE02.roa (hash: /L7H1H9bfON5bqOj4q1pWVjciM/BYtStadHGVAVA9LE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 16 Apr 2025 06:04:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 85 (0x55) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA409 Validity Not Before: Apr 9 06:04:41 2025 GMT Not After : Apr 16 06:04:41 2025 GMT Subject: CN=67f60dfa-aff8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:c4:ac:97:82:b4:63:15:49:14:b2:93:67:94: 48:cd:a5:4c:54:2b:6b:35:35:d8:1c:2f:6c:c5:29: 13:ee:b9:6a:da:49:49:fe:93:cd:2f:d0:bc:29:48: e6:86:91:0e:31:01:1a:c9:4d:28:06:f4:50:ee:af: 09:f1:1e:59:6b:b9:41:a2:d8:eb:64:9f:ee:f5:e4: 3d:a6:ed:f2:ff:bb:ca:04:b4:7c:e1:3a:ee:b7:54: 92:3f:bb:ab:26:1a:be:81:1d:cd:f0:8c:c5:b2:fa: f6:b2:13:e4:93:0d:02:64:77:a6:67:b9:1b:f0:58: 64:4d:ab:df:6a:9e:0d:e5:44:69:2c:82:d1:40:15: 9a:7b:42:a0:98:53:98:f4:9c:34:bf:e9:54:4e:8a: 32:cf:da:d4:af:f4:fd:33:cc:f5:18:e8:11:91:30: e1:4d:19:59:31:e9:b3:a6:90:63:22:8c:0b:35:c5: 02:b3:9f:9b:48:ba:f2:da:21:8b:f9:de:58:b5:4f: 8b:26:d5:84:01:67:fd:82:c4:f7:b8:72:11:52:54: af:0f:3e:79:e4:9e:05:b1:f1:b7:2b:ce:40:ae:0f: 26:83:f5:b9:e5:f1:57:e7:28:84:8f:44:56:b4:58: c8:3e:da:a1:5e:30:a4:6f:f8:56:6a:b2:a6:e0:ba: 7f:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:E1:42:3E:66:36:69:22:88:EE:E6:0C:B2:C8:B8:68:91:40:55:D3 X509v3 Authority Key Identifier: keyid:21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 84:35:15:b9:cf:fd:8c:9e:36:f4:c8:5b:18:2d:b3:f5:41:2d: fc:38:0b:43:73:d6:18:5e:ac:57:62:d0:c6:02:8b:05:22:8e: 89:66:f5:84:2f:42:87:8f:3e:6a:3a:34:13:20:d9:d3:27:96: 59:12:a8:7f:ea:02:5c:4c:93:d4:8c:95:c7:04:19:44:57:4c: 69:26:b9:29:f3:62:02:0f:4c:40:af:fc:43:14:d6:55:de:bf: db:f1:90:c7:62:51:f8:9d:37:b4:ed:5a:36:25:ab:e3:2d:66: 20:4d:f0:9d:bc:05:7a:b9:a9:38:a3:fb:bc:e0:05:03:fa:a8: 7b:0c:6f:e4:51:e3:1e:a2:20:4a:54:c4:cc:ae:9a:ef:01:81: 5f:16:24:20:0f:e2:8d:24:ca:af:10:1f:3a:3c:7c:52:82:ac: 3c:68:94:8d:06:46:18:bf:10:3f:54:d4:c4:52:d0:12:e7:19: 16:4e:d8:80:97:e8:46:8c:b9:a4:be:d9:f4:05:10:a7:a0:88: 9a:27:16:a5:ad:9b:11:04:d1:a6:97:2c:4f:5b:dc:79:72:09: 13:5c:65:6b:fb:1a:83:d8:c6:55:31:10:a4:b3:02:66:76:3c: c6:7b:b6:dc:30:98:c3:e0:3e:c8:da:fc:d2:1b:fe:dd:3a:08: 49:c0:e4:d4 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBVTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QTQwOTExMC8GA1UEBRMoMjE2NERENTlBNjE1RDVGMkUzMzkzRTcyMDk4QTczQUQ4 NjhFNzhEQTAeFw0yNTA0MDkwNjA0NDFaFw0yNTA0MTYwNjA0NDFaMBgxFjAUBgNV BAMTDTY3ZjYwZGZhLWFmZjgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDCxKyXgrRjFUkUspNnlEjNpUxUK2s1NdgcL2zFKRPuuWraSUn+k80v0LwpSOaG kQ4xARrJTSgG9FDurwnxHllruUGi2Otkn+715D2m7fL/u8oEtHzhOu63VJI/u6sm Gr6BHc3wjMWy+vayE+STDQJkd6ZnuRvwWGRNq99qng3lRGksgtFAFZp7QqCYU5j0 nDS/6VROijLP2tSv9P0zzPUY6BGRMOFNGVkx6bOmkGMijAs1xQKzn5tIuvLaIYv5 3li1T4sm1YQBZ/2CxPe4chFSVK8PPnnkngWx8bcrzkCuDyaD9bnl8VfnKISPRFa0 WMg+2qFeMKRv+FZqsqbgun8DAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU5uFCPmY2 aSKI7uYMssi4aJFAVdMwHwYDVR0jBBgwFoAUIWTdWaYV1fLjOT5yCYpzrYaOeNow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBNDA5L0Y5NDRFM0NDOUNB QjExRUZBQjU5NTUxNkM0RjlBRTAyL0lXVGRXYVlWMWZMak9UNXlDWXB6cllhT2VO by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSVdUZFdhWVYxZkxqT1Q1eUNZcHpyWWFPZU5vLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVB NDA5L0Y5NDRFM0NDOUNBQjExRUZBQjU5NTUxNkM0RjlBRTAyL0lXVGRXYVlWMWZM ak9UNXlDWXB6cllhT2VOby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIQ1FbnP/YyeNvTIWxgts/VBLfw4C0Nz1hherFdi0MYCiwUijolm9YQv QoePPmo6NBMg2dMnllkSqH/qAlxMk9SMlccEGURXTGkmuSnzYgIPTECv/EMU1lXe v9vxkMdiUfidN7TtWjYlq+MtZiBN8J28BXq5qTij+7zgBQP6qHsMb+RR4x6iIEpU xMyumu8BgV8WJCAP4o0kyq8QHzo8fFKCrDxolI0GRhi/ED9U1MRS0BLnGRZO2ICX 6EaMuaS+2fQFEKegiJonFqWtmxEE0aaXLE9b3HlyCRNcZWv7GoPYxlUxEKSzAmZ2 PMZ7ttwwmMPgPsja/NIb/t06CEnA5NQ= -----END CERTIFICATE-----Generated at Thu Apr 10 23:21:08 2025 by rpki-client