$ rpki-client -vvf rpki.apnic.net/member_repository/A91F1605/7250CA446C3411EB9E37AA21C4F9AE02/8EaQuwPg05YrSAjk0GyyajSQ5RY.mft File: 8EaQuwPg05YrSAjk0GyyajSQ5RY.mft (raw, json) Hash identifier: G83HZiYAT7MSv2SxlII2vyByMXoju+/QnQtykR0I7O8= Subject key identifier: C7:71:E3:6A:8B:FC:F0:11:99:07:4B:CC:FB:0C:07:09:6C:CF:DD:B3 Authority key identifier: F0:46:90:BB:03:E0:D3:96:2B:48:08:E4:D0:6C:B2:6A:34:90:E5:16 Certificate issuer: /CN=A91F1605/serialNumber=F04690BB03E0D3962B4808E4D06CB26A3490E516 Certificate serial: 068C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8EaQuwPg05YrSAjk0GyyajSQ5RY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F1605/7250CA446C3411EB9E37AA21C4F9AE02/8EaQuwPg05YrSAjk0GyyajSQ5RY.mft Manifest number: 0686 Signing time: Sun 20 Apr 2025 21:54:42 +0000 Manifest this update: Sun 20 Apr 2025 21:54:42 +0000 Manifest next update: Sun 27 Apr 2025 21:54:42 +0000 Files and hashes: 1: 8EaQuwPg05YrSAjk0GyyajSQ5RY.crl (hash: thVpBr+2H6QqqH+eKC5thlCkwvv1f0LdM9L9MTt8ROY=) 2: 64237DC06C3611EBB6BA1A24C4F9AE02.roa (hash: 52JrCnBm7L06RLcpZu8B4A+YSslnAZRmYTLK9Jex7Yg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F1605/7250CA446C3411EB9E37AA21C4F9AE02/8EaQuwPg05YrSAjk0GyyajSQ5RY.crl rsync://rpki.apnic.net/member_repository/A91F1605/7250CA446C3411EB9E37AA21C4F9AE02/8EaQuwPg05YrSAjk0GyyajSQ5RY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8EaQuwPg05YrSAjk0GyyajSQ5RY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 21:54:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1676 (0x68c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F1605, serialNumber=F04690BB03E0D3962B4808E4D06CB26A3490E516 Validity Not Before: Apr 20 21:54:42 2025 GMT Not After : Apr 27 21:54:42 2025 GMT Subject: CN=68056d22-5dab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:b6:83:64:14:c2:53:39:c0:52:9a:ae:75:a5: 5b:9d:7f:75:fe:5a:b6:da:c3:12:f4:26:ca:c6:73: 4f:a9:d7:25:77:df:7c:0a:96:ba:52:5b:8f:cb:7b: 55:d4:c3:db:56:cd:db:bc:7f:96:c2:96:12:14:fb: 08:83:ae:30:f3:3b:46:7e:1a:c8:25:a4:cc:3d:cf: bf:dc:9b:7c:fa:b8:1f:77:82:73:c9:b5:30:72:4a: f3:ae:b3:40:6b:be:ac:4d:4b:0b:01:9c:b8:0c:c2: 28:9d:84:64:c6:f7:0b:a9:53:e3:34:79:ed:69:72: af:76:9e:be:15:de:3f:c8:f1:1e:d7:d4:04:33:3a: f5:f8:05:c6:e9:29:53:80:9b:9c:c7:26:d7:d5:eb: d6:93:0e:af:e1:5d:3a:cc:4e:60:33:1b:1d:4d:f7: 72:46:6e:96:eb:1d:92:a7:15:ac:ed:cc:67:44:c1: 47:4f:19:24:f3:35:14:71:67:16:33:0e:6b:fb:3a: 3a:6e:de:c2:f5:81:4f:36:00:3d:36:e9:a0:46:a6: 57:df:dd:1c:60:16:c0:12:f7:80:ee:6f:70:95:1e: 78:2c:2e:7b:34:d9:2b:34:52:ea:0b:c8:dd:c2:08: d8:e5:42:46:8f:0e:cb:f7:6c:74:b3:f4:b9:92:c3: ed:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:71:E3:6A:8B:FC:F0:11:99:07:4B:CC:FB:0C:07:09:6C:CF:DD:B3 X509v3 Authority Key Identifier: keyid:F0:46:90:BB:03:E0:D3:96:2B:48:08:E4:D0:6C:B2:6A:34:90:E5:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F1605/7250CA446C3411EB9E37AA21C4F9AE02/8EaQuwPg05YrSAjk0GyyajSQ5RY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8EaQuwPg05YrSAjk0GyyajSQ5RY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F1605/7250CA446C3411EB9E37AA21C4F9AE02/8EaQuwPg05YrSAjk0GyyajSQ5RY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 67:df:9b:14:15:b9:e3:23:d3:03:66:d2:28:ef:b3:31:db:ee: fc:a7:40:21:f4:40:58:0e:e6:a9:3d:36:42:a9:38:b6:a4:18: 63:18:f7:11:d2:c9:07:90:8f:27:c9:e8:a7:c9:8d:ec:cf:db: 8f:2b:73:31:d1:0e:b2:3c:90:eb:1e:25:72:11:55:c1:f3:80: 32:ea:7a:b8:a2:03:ff:61:08:2c:ef:46:de:a5:09:68:8f:88: 8a:79:4d:95:52:8e:fe:8e:b9:4f:5c:de:86:bd:6e:00:ca:13: 86:b8:63:1c:34:70:2f:7b:df:48:42:51:30:31:f6:5c:46:cb: 8a:68:5a:94:46:65:fd:6c:f1:6c:17:90:c2:2d:95:2c:ff:30: 3f:24:27:eb:db:81:d9:3d:d4:a9:ea:d8:98:e8:14:92:9e:91: af:25:3f:fb:7c:56:8d:b5:86:d1:94:96:02:0f:5d:b1:59:69: c7:1f:f1:24:31:30:58:b8:f8:d1:86:76:78:d5:39:c3:f8:9b: 12:d5:3c:fd:9e:3a:52:63:8e:3b:90:06:5a:f9:06:86:4f:f9: 4a:90:80:c5:90:e7:c7:73:4e:f3:76:bb:97:bc:61:f5:5b:d8: c0:9c:c7:97:e9:06:25:0d:0b:99:de:33:69:da:c0:ac:61:ac: 8b:ce:f4:74 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBowwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjE2MDUxMTAvBgNVBAUTKEYwNDY5MEJCMDNFMEQzOTYyQjQ4MDhFNEQwNkNCMjZB MzQ5MEU1MTYwHhcNMjUwNDIwMjE1NDQyWhcNMjUwNDI3MjE1NDQyWjAYMRYwFAYD VQQDEw02ODA1NmQyMi01ZGFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1baDZBTCUznAUpqudaVbnX91/lq22sMS9CbKxnNPqdcld998Cpa6UluPy3tV 1MPbVs3bvH+WwpYSFPsIg64w8ztGfhrIJaTMPc+/3Jt8+rgfd4JzybUwckrzrrNA a76sTUsLAZy4DMIonYRkxvcLqVPjNHntaXKvdp6+Fd4/yPEe19QEMzr1+AXG6SlT gJucxybX1evWkw6v4V06zE5gMxsdTfdyRm6W6x2SpxWs7cxnRMFHTxkk8zUUcWcW Mw5r+zo6bt7C9YFPNgA9NumgRqZX390cYBbAEveA7m9wlR54LC57NNkrNFLqC8jd wgjY5UJGjw7L92x0s/S5ksPtVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMdx42qL /PARmQdLzPsMBwlsz92zMB8GA1UdIwQYMBaAFPBGkLsD4NOWK0gI5NBssmo0kOUW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMTYwNS83MjUwQ0E0NDZD MzQxMUVCOUUzN0FBMjFDNEY5QUUwMi84RWFRdXdQZzA1WXJTQWprMEd5eWFqU1E1 UlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhFYVF1d1BnMDVZclNBamswR3l5YWpTUTVSWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MTYwNS83MjUwQ0E0NDZDMzQxMUVCOUUzN0FBMjFDNEY5QUUwMi84RWFRdXdQZzA1 WXJTQWprMEd5eWFqU1E1UlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBn35sUFbnjI9MDZtIo77Mx2+78p0Ah9EBYDuapPTZCqTi2pBhjGPcR 0skHkI8nyeinyY3sz9uPK3Mx0Q6yPJDrHiVyEVXB84Ay6nq4ogP/YQgs70bepQlo j4iKeU2VUo7+jrlPXN6GvW4AyhOGuGMcNHAve99IQlEwMfZcRsuKaFqURmX9bPFs F5DCLZUs/zA/JCfr24HZPdSp6tiY6BSSnpGvJT/7fFaNtYbRlJYCD12xWWnHH/Ek MTBYuPjRhnZ41TnD+JsS1Tz9njpSY447kAZa+QaGT/lKkIDFkOfHc07zdruXvGH1 W9jAnMeX6QYlDQuZ3jNp2sCsYayLzvR0 -----END CERTIFICATE-----Generated at Tue Apr 22 17:24:34 2025 by rpki-client