$ rpki-client -vvf rpki.apnic.net/member_repository/A91F147C/7E0F587201E911EDAF8BDE30C4F9AE02/7aOF1FcjseHfKXP2K10jovv9JoY.mft File: 7aOF1FcjseHfKXP2K10jovv9JoY.mft (raw, json) Hash identifier: vZqc0pDne3EMP+WbkvlYmeuvwWStUtZqaNdHLMVssnE= Subject key identifier: B4:98:F2:6A:D5:37:36:ED:E7:35:4B:81:5C:FC:2D:B4:C1:58:6E:76 Authority key identifier: ED:A3:85:D4:57:23:B1:E1:DF:29:73:F6:2B:5D:23:A2:FB:FD:26:86 Certificate issuer: /CN=A91F147C/serialNumber=EDA385D45723B1E1DF2973F62B5D23A2FBFD2686 Certificate serial: 0295 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7aOF1FcjseHfKXP2K10jovv9JoY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F147C/7E0F587201E911EDAF8BDE30C4F9AE02/7aOF1FcjseHfKXP2K10jovv9JoY.mft Manifest number: 0285 Signing time: Sat 29 Mar 2025 01:54:18 +0000 Manifest this update: Sat 29 Mar 2025 01:54:18 +0000 Manifest next update: Sat 05 Apr 2025 01:54:18 +0000 Files and hashes: 1: 7aOF1FcjseHfKXP2K10jovv9JoY.crl (hash: dxlEVjLKsQIcAJ/ehqDoAXluHhPHH7lZrYel/YPo4VU=) 2: E4F8A0BA47ED11EF8A746168C4F9AE02.roa (hash: rCllvSopoGz8aDfU9lvXSKhRHbkj+3Ed22RiWwBDqfc=) 3: B2FE8B7A90E911EF93A2CE59C4F9AE02.roa (hash: WarlwyPZa6+KTn9IviJVET/FHc62uIFcyC2ylkk8TYg=) 4: F3C5DF2CF03511EF83ECDC30C4F9AE02.roa (hash: bX2GvM4twLrpOhpUXaE3dMjzmYpyVWJx7L0sV9znlKE=) 5: D756B35890E911EFBF47235AC4F9AE02.roa (hash: sXl+dZ0cNnIJUOouChkb/SBhcvOd/zmcJtMgC+yiUzY=) 6: FBE1E73689E311EF9021CE0CC4F9AE02.roa (hash: 455DCGiIcAmYhveApDA31/VkiMOYSAFDxNYnnGbSEJY=) 7: 1C7AC7FE4B0711EFBB12B717C4F9AE02.roa (hash: lOUpDRjlxbgUApviuBIHPbtPtdQ0a+j/Lmf0E0RCirU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F147C/7E0F587201E911EDAF8BDE30C4F9AE02/7aOF1FcjseHfKXP2K10jovv9JoY.crl rsync://rpki.apnic.net/member_repository/A91F147C/7E0F587201E911EDAF8BDE30C4F9AE02/7aOF1FcjseHfKXP2K10jovv9JoY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7aOF1FcjseHfKXP2K10jovv9JoY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Apr 2025 01:54:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 661 (0x295) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F147C Validity Not Before: Mar 29 01:54:18 2025 GMT Not After : Apr 5 01:54:18 2025 GMT Subject: CN=67e752ca-77b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:3f:2f:a5:e4:21:aa:f2:d6:6f:e0:c3:72:6b: cb:0d:2d:b6:d4:0a:50:b0:3a:ff:32:1a:1b:8e:86: 97:87:df:96:d8:1b:1b:d3:1f:71:38:ee:a3:fd:df: 56:51:aa:39:6e:c8:57:d7:19:e0:40:6c:61:e1:12: d6:f8:5f:0f:60:93:e9:22:c4:00:4a:c1:c7:9d:30: d3:2c:c7:cd:ef:3c:a3:51:94:df:64:cc:c4:e4:6c: 92:f6:2c:4b:13:a9:16:16:5b:38:7f:a4:e9:f6:fc: 0e:c7:b2:fd:97:be:4c:0a:86:73:5c:74:b9:58:25: 9e:d7:93:ab:81:fa:8c:27:fd:f4:e3:3c:d0:5e:44: d5:87:ad:69:05:4c:fe:59:f0:c9:a8:54:14:29:cb: b4:a9:ab:e9:71:e6:0a:bc:bb:ab:2f:88:ca:77:ae: 56:6f:74:b9:04:3a:d2:1a:08:c4:51:89:e3:c7:4b: 52:82:89:34:f2:ae:14:80:f5:d0:a6:35:8f:f5:bc: cb:ea:02:20:2f:e4:22:06:e4:67:df:ff:ca:6f:26: 12:2a:76:be:de:db:be:6b:5e:8e:34:cd:4b:fb:7b: 11:55:dc:f3:36:e9:df:c6:18:d6:ea:1f:54:cb:4c: 71:87:c4:94:5e:48:70:2c:73:74:f1:2f:16:01:1c: fb:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:98:F2:6A:D5:37:36:ED:E7:35:4B:81:5C:FC:2D:B4:C1:58:6E:76 X509v3 Authority Key Identifier: keyid:ED:A3:85:D4:57:23:B1:E1:DF:29:73:F6:2B:5D:23:A2:FB:FD:26:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F147C/7E0F587201E911EDAF8BDE30C4F9AE02/7aOF1FcjseHfKXP2K10jovv9JoY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7aOF1FcjseHfKXP2K10jovv9JoY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F147C/7E0F587201E911EDAF8BDE30C4F9AE02/7aOF1FcjseHfKXP2K10jovv9JoY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:41:0c:d3:98:b3:32:da:07:ad:5e:27:6d:21:be:9c:6c:65: a8:e8:47:06:4f:28:32:7b:b6:6b:28:bc:04:28:4f:c4:f1:32: 47:35:bd:00:ec:84:70:cf:f3:01:94:d0:db:84:f7:2c:12:6f: 91:6b:ce:11:9e:31:ab:e1:d5:e3:2f:6a:f9:ae:15:6a:48:08: 2c:42:97:a9:f8:ea:f6:1a:70:c9:5a:a4:85:29:af:ed:87:74: fa:bf:ab:85:e4:14:11:e6:de:8b:88:7f:6b:3b:ef:58:b7:05: ca:9d:0b:7d:05:0a:0c:1e:74:86:fb:e1:24:3e:c6:04:cc:a7: 17:51:73:f6:3e:35:95:3e:05:df:cb:8a:fe:69:47:04:d7:22: 70:e6:ca:55:04:3d:2c:b5:a9:d0:7f:cd:e4:21:bd:8f:c3:e1: 30:7a:e0:a3:6b:93:3a:47:51:f6:90:c3:bb:8f:95:2e:6b:53: 90:0a:6d:4e:fd:b7:c8:79:66:29:bc:95:2e:8b:fb:ac:d8:75: 0f:69:20:eb:e5:1b:d1:f4:ba:96:68:32:3c:7b:85:da:37:ec: 3f:1d:d3:ae:4c:a7:74:34:d0:49:12:78:62:08:69:01:29:59: 5d:bc:a7:0b:ea:86:89:37:16:41:29:02:7e:53:10:eb:4a:39: d1:76:1d:cb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICApUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjE0N0MxMTAvBgNVBAUTKEVEQTM4NUQ0NTcyM0IxRTFERjI5NzNGNjJCNUQyM0Ey RkJGRDI2ODYwHhcNMjUwMzI5MDE1NDE4WhcNMjUwNDA1MDE1NDE4WjAYMRYwFAYD VQQDEw02N2U3NTJjYS03N2IwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvD8vpeQhqvLWb+DDcmvLDS221ApQsDr/MhobjoaXh9+W2Bsb0x9xOO6j/d9W Uao5bshX1xngQGxh4RLW+F8PYJPpIsQASsHHnTDTLMfN7zyjUZTfZMzE5GyS9ixL E6kWFls4f6Tp9vwOx7L9l75MCoZzXHS5WCWe15OrgfqMJ/304zzQXkTVh61pBUz+ WfDJqFQUKcu0qavpceYKvLurL4jKd65Wb3S5BDrSGgjEUYnjx0tSgok08q4UgPXQ pjWP9bzL6gIgL+QiBuRn3//KbyYSKna+3tu+a16ONM1L+3sRVdzzNunfxhjW6h9U y0xxh8SUXkhwLHN08S8WARz7ywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLSY8mrV Nzbt5zVLgVz8LbTBWG52MB8GA1UdIwQYMBaAFO2jhdRXI7Hh3ylz9itdI6L7/SaG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTQ3Qy83RTBGNTg3MjAx RTkxMUVEQUY4QkRFMzBDNEY5QUUwMi83YU9GMUZjanNlSGZLWFAySzEwam92djlK b1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdhT0YxRmNqc2VIZktYUDJLMTBqb3Z2OUpvWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MTQ3Qy83RTBGNTg3MjAxRTkxMUVEQUY4QkRFMzBDNEY5QUUwMi83YU9GMUZjanNl SGZLWFAySzEwam92djlKb1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQATQQzTmLMy2getXidtIb6cbGWo6EcGTygye7ZrKLwEKE/E8TJHNb0A 7IRwz/MBlNDbhPcsEm+Ra84RnjGr4dXjL2r5rhVqSAgsQpep+Or2GnDJWqSFKa/t h3T6v6uF5BQR5t6LiH9rO+9YtwXKnQt9BQoMHnSG++EkPsYEzKcXUXP2PjWVPgXf y4r+aUcE1yJw5spVBD0stanQf83kIb2Pw+EweuCja5M6R1H2kMO7j5Uua1OQCm1O /bfIeWYpvJUui/us2HUPaSDr5RvR9LqWaDI8e4XaN+w/HdOuTKd0NNBJEnhiCGkB KVldvKcL6oaJNxZBKQJ+UxDrSjnRdh3L -----END CERTIFICATE-----Generated at Fri Apr 4 22:34:45 2025 by rpki-client