$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft File: IsfsPNntTFDolKEbzXDQMQzV-Fk.mft (raw, json) Hash identifier: IsbATNfrarDsRJ3wDa7LBDWe9N05SXQ+FE31/tLaQVo= Subject key identifier: DD:A3:00:57:99:6D:66:FF:48:62:6C:6B:15:9C:35:98:80:F2:44:1F Authority key identifier: 22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59 Certificate issuer: /CN=A91EC225/serialNumber=22C7EC3CD9ED4C50E894A11BCD70D0310CD5F859 Certificate serial: 41 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft Manifest number: 40 Signing time: Fri 18 Apr 2025 17:48:52 +0000 Manifest this update: Fri 18 Apr 2025 17:48:51 +0000 Manifest next update: Fri 25 Apr 2025 17:48:51 +0000 Files and hashes: 1: IsfsPNntTFDolKEbzXDQMQzV-Fk.crl (hash: 3kIUITXfjPQvUU6poO6JH+omjrPQ8fPjguRJAJTPNZo=) 2: 25D2B94CDECD11EFA79E4065C4F9AE02.roa (hash: AoCtdlkJJmrM0z3AC3jCQKm47jbQAWLBDnBBfT5EtYM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Apr 2025 17:48:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 65 (0x41) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EC225, serialNumber=22C7EC3CD9ED4C50E894A11BCD70D0310CD5F859 Validity Not Before: Apr 18 17:48:51 2025 GMT Not After : Apr 25 17:48:51 2025 GMT Subject: CN=68029084-b590 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:96:0c:7e:99:76:a4:9e:3a:fc:29:21:3c:1b: e0:88:12:3e:ce:03:51:a8:4e:58:1e:a6:37:f9:e4: 29:f1:08:bc:e2:eb:f8:b2:7b:58:0c:09:d8:44:7b: 27:d0:31:08:33:d4:64:25:d1:66:24:a0:d5:c4:fd: 05:db:a2:51:cb:b3:58:0c:62:cc:3e:1e:0a:e8:66: 6b:a7:b5:b0:e0:49:37:23:1f:b2:93:98:a8:46:77: 0a:60:7f:8f:8c:11:ec:af:61:9d:c2:30:1a:8a:d6: 7e:14:a0:f1:15:e3:1f:f8:59:58:74:ab:8a:1e:1e: a8:e7:4c:9e:eb:52:ca:cd:71:a6:c1:34:ad:c7:17: b2:63:ed:f0:f0:88:03:4c:cc:0a:05:c0:e1:00:7e: 6f:9d:f2:55:45:88:f5:0b:86:66:bc:11:3c:bf:8e: 48:b1:3d:d6:c1:0c:68:ae:98:c0:dd:90:fc:52:16: 10:90:ea:46:dd:65:d6:cb:9f:b5:d9:ac:44:7b:d6: bb:42:e1:a4:3f:5f:49:52:32:8e:dd:bb:6f:e9:08: d1:64:d8:0f:76:4c:21:7d:a4:57:14:1e:a9:24:8c: 7f:14:1d:da:53:00:8e:ac:52:4a:4c:90:0a:03:fb: d6:5a:18:96:02:c8:f1:0a:7b:c7:56:22:bf:db:ec: 39:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:A3:00:57:99:6D:66:FF:48:62:6C:6B:15:9C:35:98:80:F2:44:1F X509v3 Authority Key Identifier: keyid:22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:21:8a:c1:eb:ba:8d:ab:29:d8:be:b2:a5:cb:21:32:77:c7: 60:30:ba:06:fa:1e:0b:12:85:fc:04:d2:0f:a3:eb:64:cc:92: 04:49:97:80:95:7f:1f:ed:aa:75:4d:80:70:5d:65:4a:39:a3: 54:22:bd:6f:d9:75:78:5e:e7:d9:d2:1c:27:3d:c6:57:64:49: c9:98:6a:12:cb:7a:3d:cb:6a:e2:2c:48:f0:7a:7c:58:7e:cf: 2b:ac:47:80:ae:09:0b:79:76:85:ec:b9:7e:d0:e5:1d:ff:4c: 50:92:12:48:b9:b9:57:08:4a:31:20:b6:26:6b:dc:4c:e3:00: a4:ba:89:88:86:2c:a3:c9:02:b2:dc:64:b1:ef:da:99:52:3a: 46:16:06:3f:5c:e3:2c:3d:a7:e0:42:fe:99:fa:b9:91:13:59: 3e:d6:23:a2:dd:94:71:b7:d9:9c:58:2a:3e:9d:d4:9d:dc:72: ea:0f:d8:21:55:dc:b9:8b:34:28:a1:bd:38:69:15:2b:04:08: ca:71:3d:d7:25:1a:4f:2b:99:d1:10:06:13:ca:ed:80:03:5d: 43:98:07:c0:3b:2d:91:40:ce:18:37:ae:8b:4b:74:5d:0c:1c: 2d:b3:20:fe:c9:16:75:86:bc:f3:60:78:dc:8d:7e:c3:d6:ea: 28:4d:cf:20 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QzIyNTExMC8GA1UEBRMoMjJDN0VDM0NEOUVENEM1MEU4OTRBMTFCQ0Q3MEQwMzEw Q0Q1Rjg1OTAeFw0yNTA0MTgxNzQ4NTFaFw0yNTA0MjUxNzQ4NTFaMBgxFjAUBgNV BAMTDTY4MDI5MDg0LWI1OTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDulgx+mXaknjr8KSE8G+CIEj7OA1GoTlgepjf55CnxCLzi6/iye1gMCdhEeyfQ MQgz1GQl0WYkoNXE/QXbolHLs1gMYsw+HgroZmuntbDgSTcjH7KTmKhGdwpgf4+M EeyvYZ3CMBqK1n4UoPEV4x/4WVh0q4oeHqjnTJ7rUsrNcabBNK3HF7Jj7fDwiANM zAoFwOEAfm+d8lVFiPULhma8ETy/jkixPdbBDGiumMDdkPxSFhCQ6kbdZdbLn7XZ rER71rtC4aQ/X0lSMo7du2/pCNFk2A92TCF9pFcUHqkkjH8UHdpTAI6sUkpMkAoD +9ZaGJYCyPEKe8dWIr/b7DnNAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU3aMAV5lt Zv9IYmxrFZw1mIDyRB8wHwYDVR0jBBgwFoAUIsfsPNntTFDolKEbzXDQMQzV+Fkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVDMjI1L0M5NDQ3RkYwQkVG OTExRUZCQ0Y2ODk0NEM0RjlBRTAyL0lzZnNQTm50VEZEb2xLRWJ6WERRTVF6Vi1G ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSXNmc1BObnRURkRvbEtFYnpYRFFNUXpWLUZrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVD MjI1L0M5NDQ3RkYwQkVGOTExRUZCQ0Y2ODk0NEM0RjlBRTAyL0lzZnNQTm50VEZE b2xLRWJ6WERRTVF6Vi1Gay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABchisHruo2rKdi+sqXLITJ3x2Awugb6HgsShfwE0g+j62TMkgRJl4CV fx/tqnVNgHBdZUo5o1QivW/ZdXhe59nSHCc9xldkScmYahLLej3LauIsSPB6fFh+ zyusR4CuCQt5doXsuX7Q5R3/TFCSEki5uVcISjEgtiZr3EzjAKS6iYiGLKPJArLc ZLHv2plSOkYWBj9c4yw9p+BC/pn6uZETWT7WI6LdlHG32ZxYKj6d1J3ccuoP2CFV 3LmLNCihvThpFSsECMpxPdclGk8rmdEQBhPK7YADXUOYB8A7LZFAzhg3rotLdF0M HC2zIP7JFnWGvPNgeNyNfsPW6ihNzyA= -----END CERTIFICATE-----Generated at Sat Apr 19 03:17:03 2025 by rpki-client