$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/maB2Nu64AHCDMDGWpYxBvsxoj4A.mft File: maB2Nu64AHCDMDGWpYxBvsxoj4A.mft (raw, json) Hash identifier: PQIDoQIJSvzg9QedvUjw4F6Qm+7jIRtrmrGgVzsA3LU= Subject key identifier: C7:70:FD:CE:C5:C1:FF:5A:EE:25:A4:BA:C0:B3:41:AC:26:FD:AA:FF Authority key identifier: 99:A0:76:36:EE:B8:00:70:83:30:31:96:A5:8C:41:BE:CC:68:8F:80 Certificate issuer: /CN=A91EEC3B/serialNumber=99A07636EEB8007083303196A58C41BECC688F80 Certificate serial: 0BC5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/maB2Nu64AHCDMDGWpYxBvsxoj4A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/maB2Nu64AHCDMDGWpYxBvsxoj4A.mft Manifest number: 2C0B Signing time: Sun 20 Apr 2025 16:23:24 +0000 Manifest this update: Sun 20 Apr 2025 16:23:24 +0000 Manifest next update: Sun 27 Apr 2025 16:23:24 +0000 Files and hashes: 1: maB2Nu64AHCDMDGWpYxBvsxoj4A.crl (hash: 72q5GO8vSmkHyzhRmDRwWozmKU7AkhceqHkxme++TQE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/maB2Nu64AHCDMDGWpYxBvsxoj4A.crl rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/maB2Nu64AHCDMDGWpYxBvsxoj4A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/maB2Nu64AHCDMDGWpYxBvsxoj4A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 16:23:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3013 (0xbc5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EEC3B, serialNumber=99A07636EEB8007083303196A58C41BECC688F80 Validity Not Before: Apr 20 16:23:24 2025 GMT Not After : Apr 27 16:23:24 2025 GMT Subject: CN=68051f7c-ef56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:40:ed:20:09:80:db:74:6b:46:76:e3:ca:3b: 53:c7:8d:31:24:39:3f:c4:b0:84:36:08:b0:3c:93: 00:d4:2e:6f:1f:e2:4f:39:72:14:6b:40:fd:1b:01: 03:ce:21:16:af:88:d1:d0:ab:cb:bd:7a:a4:33:f9: 16:de:62:fb:28:89:69:4f:d6:3f:c2:bf:6e:3b:85: ac:0f:85:66:e7:18:9c:fc:cd:ea:e9:38:64:68:76: 30:02:9f:92:82:d5:8c:40:98:a6:a3:01:0f:41:1f: 88:78:ce:72:ae:3b:12:6b:83:5e:a8:93:b8:9a:a7: 5d:91:15:40:c1:ad:8e:76:1e:51:95:ef:a8:76:6e: ab:ca:f6:ae:3a:c2:b1:7d:4d:69:15:d0:70:e4:69: fc:38:f7:11:c8:f1:85:c7:9b:9c:c5:f8:0e:84:6f: f3:bb:19:eb:93:0d:9c:9e:d2:28:29:73:6c:77:cc: 77:5a:d6:c9:87:27:15:9b:5b:8d:ea:15:cd:7c:bd: 65:ad:94:f1:d4:a6:41:38:f1:75:4f:07:16:3d:cc: b4:ee:fa:ca:74:7a:db:54:5d:fb:05:c3:55:de:b2: 16:08:6f:cf:41:1b:08:df:b1:80:9e:b2:e7:f6:c5: 5c:a3:88:09:19:8b:cc:8a:f6:96:2b:98:cf:df:ef: b5:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:70:FD:CE:C5:C1:FF:5A:EE:25:A4:BA:C0:B3:41:AC:26:FD:AA:FF X509v3 Authority Key Identifier: keyid:99:A0:76:36:EE:B8:00:70:83:30:31:96:A5:8C:41:BE:CC:68:8F:80 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/maB2Nu64AHCDMDGWpYxBvsxoj4A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/maB2Nu64AHCDMDGWpYxBvsxoj4A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/maB2Nu64AHCDMDGWpYxBvsxoj4A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 26:05:0d:a8:32:b7:1f:f4:40:6b:0c:8c:29:73:4a:cd:1b:05: 86:9c:45:63:e4:b7:9a:ad:15:17:b9:a1:71:8a:6d:d4:2f:7a: 06:20:0f:b6:5e:e5:a3:a0:1a:e4:9a:fb:34:c6:2d:2f:b2:d6: 07:b9:6a:76:e2:2d:1b:36:cb:90:c8:45:73:76:73:42:12:3a: a6:13:67:53:df:cb:d1:d5:f9:14:54:f1:54:93:2e:15:64:ef: 1d:54:28:0a:39:e8:9a:30:79:1f:d9:a3:23:59:ba:ab:aa:5a: 10:a3:53:a4:08:cc:8c:2d:15:23:f4:79:10:3a:93:93:db:74: 44:4c:a9:e0:be:c7:1e:75:df:77:50:c1:c5:f8:64:c1:79:37: c6:19:e3:21:50:36:da:75:94:0d:c5:e5:55:22:a8:c2:81:e5: 9e:80:b0:8c:4c:94:26:c0:16:fd:02:c7:be:38:bc:0a:e7:6a: 2a:1d:06:54:50:ab:8a:34:92:b4:29:47:90:b3:12:f2:60:c7: 3a:8e:c3:cf:05:ec:51:9b:f2:50:ca:42:cb:a8:26:7c:14:c9: 5f:69:10:75:ea:d2:a7:25:0c:2c:ec:a6:1a:ae:93:2f:23:59: ec:1f:0a:c2:1a:6f:33:1e:1b:5a:e9:09:a2:bd:f9:bf:af:1c: 10:c4:19:1b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC8UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUVDM0IxMTAvBgNVBAUTKDk5QTA3NjM2RUVCODAwNzA4MzMwMzE5NkE1OEM0MUJF Q0M2ODhGODAwHhcNMjUwNDIwMTYyMzI0WhcNMjUwNDI3MTYyMzI0WjAYMRYwFAYD VQQDEw02ODA1MWY3Yy1lZjU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2EDtIAmA23RrRnbjyjtTx40xJDk/xLCENgiwPJMA1C5vH+JPOXIUa0D9GwED ziEWr4jR0KvLvXqkM/kW3mL7KIlpT9Y/wr9uO4WsD4Vm5xic/M3q6ThkaHYwAp+S gtWMQJimowEPQR+IeM5yrjsSa4NeqJO4mqddkRVAwa2Odh5Rle+odm6ryvauOsKx fU1pFdBw5Gn8OPcRyPGFx5ucxfgOhG/zuxnrkw2cntIoKXNsd8x3WtbJhycVm1uN 6hXNfL1lrZTx1KZBOPF1TwcWPcy07vrKdHrbVF37BcNV3rIWCG/PQRsI37GAnrLn 9sVco4gJGYvMivaWK5jP3++1twIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMdw/c7F wf9a7iWkusCzQawm/ar/MB8GA1UdIwQYMBaAFJmgdjbuuABwgzAxlqWMQb7MaI+A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUMzQi82QjM3RTE5Qzg0 MTcxMUU3ODVGMTcwODBDNEY5QUUwMi9tYUIyTnU2NEFIQ0RNREdXcFl4QnZzeG9q NEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21hQjJOdTY0QUhDRE1ER1dwWXhCdnN4b2o0QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RUMzQi82QjM3RTE5Qzg0MTcxMUU3ODVGMTcwODBDNEY5QUUwMi9tYUIyTnU2NEFI Q0RNREdXcFl4QnZzeG9qNEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAmBQ2oMrcf9EBrDIwpc0rNGwWGnEVj5LearRUXuaFxim3UL3oGIA+2 XuWjoBrkmvs0xi0vstYHuWp24i0bNsuQyEVzdnNCEjqmE2dT38vR1fkUVPFUky4V ZO8dVCgKOeiaMHkf2aMjWbqrqloQo1OkCMyMLRUj9HkQOpOT23RETKngvscedd93 UMHF+GTBeTfGGeMhUDbadZQNxeVVIqjCgeWegLCMTJQmwBb9Ase+OLwK52oqHQZU UKuKNJK0KUeQsxLyYMc6jsPPBexRm/JQykLLqCZ8FMlfaRB16tKnJQws7KYarpMv I1nsHwrCGm8zHhta6Qmivfm/rxwQxBkb -----END CERTIFICATE-----Generated at Mon Apr 21 17:05:39 2025 by rpki-client