$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft File: 4CEd1HfFtNoX56IChgOs2OcWZrU.mft (raw, json) Hash identifier: BzRTE1b7B5TxiP3ceFnevq88AFEnqNO54DUjoqmcPTw= Subject key identifier: F3:60:6D:10:81:F6:52:0B:CC:7F:F3:4A:EB:05:2F:7C:DA:56:0D:EA Authority key identifier: E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5 Certificate issuer: /CN=A91EB1BE/serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5 Certificate serial: 12C2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft Manifest number: 12B1 Signing time: Sun 20 Apr 2025 16:59:32 +0000 Manifest this update: Sun 20 Apr 2025 16:59:31 +0000 Manifest next update: Sun 27 Apr 2025 16:59:31 +0000 Files and hashes: 1: 4CEd1HfFtNoX56IChgOs2OcWZrU.crl (hash: Sh+Z9qXyweFsrA6so4KLeqY0svsD1rlY4tR6CyWUb2c=) 2: 31E1DE72B04B11EE9F3B384BC4F9AE02.roa (hash: SUqha04b2ntyDAUGFXYiqHZijUV69AXBCBCtIkXQ4as=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 16:59:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4802 (0x12c2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB1BE, serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5 Validity Not Before: Apr 20 16:59:31 2025 GMT Not After : Apr 27 16:59:31 2025 GMT Subject: CN=680527f3-f6a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:81:58:65:e7:26:fe:03:44:cb:dd:f9:eb:50: 08:3f:71:de:b9:9a:e4:8c:80:c0:09:72:35:d8:03: 5e:2b:8f:84:7f:9c:ae:7e:fd:89:d6:78:aa:a9:e5: 52:6a:e9:a8:b0:1b:1f:bf:7c:d5:11:93:f4:f3:d2: 87:31:60:b9:a1:eb:c0:93:15:93:75:90:6a:9d:1d: 2c:a6:8b:44:46:e1:03:b1:cc:e6:db:b8:c0:67:87: 21:50:90:76:d2:f6:4b:40:ee:e8:c7:fd:68:1c:65: d2:9a:4c:e2:72:e8:ba:11:d8:1a:02:23:0f:0c:af: f3:3c:44:ee:07:7d:8f:b6:c0:25:e7:65:d6:66:00: 2a:ba:9d:2e:0f:aa:b1:b5:5a:d1:e5:2d:60:28:8e: 42:0d:c7:dc:53:55:a9:38:dc:d6:a5:e1:47:26:ad: 91:1c:bd:b2:56:37:12:73:bf:f7:f2:8d:70:bd:58: c3:42:b3:d4:a0:1b:b3:04:e8:3e:16:f1:ba:76:f9: a7:bc:74:eb:71:45:07:4e:ef:99:a8:03:ed:35:13: b0:a9:5a:69:b8:84:d1:90:14:cf:d0:fc:b2:e7:fd: e0:ee:40:4c:da:de:a8:42:80:ee:83:39:f0:ec:be: 5a:e4:7c:48:75:26:82:ea:d8:66:dc:b1:48:8d:ee: ae:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:60:6D:10:81:F6:52:0B:CC:7F:F3:4A:EB:05:2F:7C:DA:56:0D:EA X509v3 Authority Key Identifier: keyid:E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:06:f6:02:fe:1c:40:91:7f:46:39:c2:ca:b8:23:78:f3:c6: 79:ad:d8:ac:3a:6c:1b:3b:8d:8e:72:c9:c5:ba:c2:44:13:a9: 5f:19:b1:0a:04:e2:cd:7e:14:20:1f:e8:71:ca:cd:dc:e2:a2: c4:aa:2a:60:cc:f1:3f:72:2d:0d:f2:ea:02:d6:1e:1b:12:57: 48:38:a6:be:a6:da:4a:83:b6:ac:c6:b4:77:82:a0:3a:5a:b9: 44:49:a7:e2:a4:c5:7d:ee:12:a5:a9:7a:6b:17:42:63:c3:69: 0b:4f:28:76:5e:f5:e3:6f:3c:20:df:dd:4a:25:3b:e3:c9:e4: 58:82:e0:f3:80:52:99:5f:95:b5:ce:c1:ac:d1:09:92:65:25: f3:08:e7:eb:a5:52:07:19:c5:f9:28:40:f8:41:0f:72:32:6f: 98:0d:08:0a:d3:42:2f:c0:ac:9b:7a:76:4c:e6:a9:d5:07:ae: 71:f6:0b:9a:06:c5:20:af:ac:48:98:08:35:1e:6e:a7:02:aa: 9e:bc:b9:fa:69:be:cb:c6:dc:11:16:ae:e7:1d:99:44:13:40: bd:05:74:4a:49:52:4a:53:c6:19:e9:20:20:00:dd:e2:f4:74: 56:c3:5a:ce:20:f8:21:4d:cf:7b:9f:89:48:f3:2a:a0:78:b2: ec:08:de:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEsIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUIxQkUxMTAvBgNVBAUTKEUwMjExREQ0NzdDNUI0REExN0U3QTIwMjg2MDNBQ0Q4 RTcxNjY2QjUwHhcNMjUwNDIwMTY1OTMxWhcNMjUwNDI3MTY1OTMxWjAYMRYwFAYD VQQDEw02ODA1MjdmMy1mNmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA34FYZecm/gNEy93561AIP3HeuZrkjIDACXI12ANeK4+Ef5yufv2J1niqqeVS aumosBsfv3zVEZP089KHMWC5oevAkxWTdZBqnR0spotERuEDsczm27jAZ4chUJB2 0vZLQO7ox/1oHGXSmkzicui6EdgaAiMPDK/zPETuB32PtsAl52XWZgAqup0uD6qx tVrR5S1gKI5CDcfcU1WpONzWpeFHJq2RHL2yVjcSc7/38o1wvVjDQrPUoBuzBOg+ FvG6dvmnvHTrcUUHTu+ZqAPtNROwqVppuITRkBTP0Pyy5/3g7kBM2t6oQoDugznw 7L5a5HxIdSaC6thm3LFIje6unQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPNgbRCB 9lILzH/zSusFL3zaVg3qMB8GA1UdIwQYMBaAFOAhHdR3xbTaF+eiAoYDrNjnFma1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjFCRS81QTU3Nzg2Q0Mw QzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnROb1g1NklDaGdPczJPY1da clUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRDRWQxSGZGdE5vWDU2SUNoZ09zMk9jV1pyVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QjFCRS81QTU3Nzg2Q0MwQzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnRO b1g1NklDaGdPczJPY1daclUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABBvYC/hxAkX9GOcLKuCN488Z5rdisOmwbO42OcsnFusJEE6lfGbEK BOLNfhQgH+hxys3c4qLEqipgzPE/ci0N8uoC1h4bEldIOKa+ptpKg7asxrR3gqA6 WrlESafipMV97hKlqXprF0Jjw2kLTyh2XvXjbzwg391KJTvjyeRYguDzgFKZX5W1 zsGs0QmSZSXzCOfrpVIHGcX5KED4QQ9yMm+YDQgK00IvwKybenZM5qnVB65x9gua BsUgr6xImAg1Hm6nAqqevLn6ab7LxtwRFq7nHZlEE0C9BXRKSVJKU8YZ6SAgAN3i 9HRWw1rOIPghTc97n4lI8yqgeLLsCN6w -----END CERTIFICATE-----Generated at Tue Apr 22 16:18:50 2025 by rpki-client