$ rpki-client -vvf rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/FdYNYNak9QCRCZpy4NBe7z6vduk.mft File: FdYNYNak9QCRCZpy4NBe7z6vduk.mft (raw, json) Hash identifier: vZf2PKvbtuwVUA3WV8zLc91mkO4mbWywBFxmXs0AHSs= Subject key identifier: 08:31:8A:22:DD:27:B5:14:04:FD:B8:AA:59:FD:DF:8B:43:C9:F1:78 Authority key identifier: 15:D6:0D:60:D6:A4:F5:00:91:09:9A:72:E0:D0:5E:EF:3E:AF:76:E9 Certificate issuer: /CN=A91F61DD/serialNumber=15D60D60D6A4F50091099A72E0D05EEF3EAF76E9 Certificate serial: 049E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FdYNYNak9QCRCZpy4NBe7z6vduk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/FdYNYNak9QCRCZpy4NBe7z6vduk.mft Manifest number: 0496 Signing time: Sat 05 Apr 2025 00:05:37 +0000 Manifest this update: Sat 05 Apr 2025 00:05:37 +0000 Manifest next update: Sat 12 Apr 2025 00:05:37 +0000 Files and hashes: 1: FdYNYNak9QCRCZpy4NBe7z6vduk.crl (hash: XIMo2YokBUIW+P866rDKVq2r8u/VJ4pzVzXBjUAY1/w=) 2: BFEEB5E4309D11ECABBBBF25C4F9AE02.roa (hash: CjEb36vV7LXCUvQdsPq41e7nYE3GW5xo8YCCxuuK9YE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/FdYNYNak9QCRCZpy4NBe7z6vduk.crl rsync://rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/FdYNYNak9QCRCZpy4NBe7z6vduk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FdYNYNak9QCRCZpy4NBe7z6vduk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 00:05:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1182 (0x49e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F61DD Validity Not Before: Apr 5 00:05:37 2025 GMT Not After : Apr 12 00:05:37 2025 GMT Subject: CN=67f073d1-d380 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:bf:a1:27:b8:a4:1a:f8:b5:a3:7a:53:83:8f: 69:3b:c7:68:7f:ff:08:8b:58:82:68:e8:92:e3:94: cf:aa:05:3d:62:b6:d4:e8:ab:36:d4:1c:61:70:4f: 32:07:2f:97:5d:16:fa:ea:38:61:7f:66:7a:a4:f8: 13:21:a7:61:70:8e:ba:3e:7f:4c:8d:8f:83:54:91: db:7d:c3:af:2b:bf:67:bf:23:48:c1:f4:6c:e6:43: 01:d8:51:d5:c4:60:20:fd:80:39:19:5a:20:14:a8: 4c:ed:a0:7d:1a:94:c2:f2:b1:58:02:03:b7:53:39: ca:23:70:aa:68:ad:15:d8:0a:c9:2c:06:cc:c5:5a: 23:92:99:c9:3d:f3:0e:cd:1f:dc:4f:f1:c2:3e:a5: 86:05:ed:6e:c8:63:65:c0:e8:73:27:a4:4b:c8:aa: da:1d:4f:28:a3:0e:3e:fa:b5:79:8a:7f:b8:dc:17: 80:e9:81:d4:b9:55:62:3d:38:14:23:e8:64:eb:1d: ee:19:d7:06:87:64:64:03:cb:66:44:5b:ef:8d:b8: da:f5:1b:a4:6b:23:5a:fb:d2:ce:2f:bb:4d:cf:fa: dc:86:9a:d7:21:11:ce:fa:9b:ab:b5:45:3e:a9:0b: 01:e5:71:c1:3a:ba:0c:62:ff:5a:67:91:63:94:21: 7b:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:31:8A:22:DD:27:B5:14:04:FD:B8:AA:59:FD:DF:8B:43:C9:F1:78 X509v3 Authority Key Identifier: keyid:15:D6:0D:60:D6:A4:F5:00:91:09:9A:72:E0:D0:5E:EF:3E:AF:76:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/FdYNYNak9QCRCZpy4NBe7z6vduk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FdYNYNak9QCRCZpy4NBe7z6vduk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F61DD/7C78E2BC309311ECAB68433FC4F9AE02/FdYNYNak9QCRCZpy4NBe7z6vduk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bd:5f:81:20:ac:f0:e3:6b:65:e7:5b:1d:1b:83:cd:58:c7:99: 13:67:15:a2:0c:a8:dd:e4:2d:3e:a8:18:72:e0:be:7a:ba:18: 08:6c:b6:59:77:f9:d5:c1:30:eb:9c:6e:48:1d:03:fb:3e:01: 06:85:f7:9e:7b:83:a2:e4:4c:be:df:33:07:e1:ed:83:8b:b9: 9f:5a:02:17:2e:f5:bd:89:0a:a9:6f:10:58:93:19:7a:73:6f: d1:7f:3b:07:7a:c5:6c:c5:90:7c:02:22:54:9d:0a:53:ea:58: e9:4e:e4:ad:d2:0d:02:bd:69:3e:e4:81:c9:09:20:a6:1f:16: 3d:7a:1a:70:96:f4:ba:ba:a1:9f:d1:02:30:18:43:9c:e7:2b: d0:9e:24:d3:6a:6f:91:6f:32:a1:f3:24:ee:c9:36:cc:b2:7f: 99:bc:21:f4:03:27:20:31:a9:1f:24:e5:a0:6a:84:e8:2f:cb: 65:c2:8e:d9:21:7d:52:6d:c3:4a:a5:90:7e:b4:0b:f7:b7:4d: 8c:8f:97:e7:95:17:d3:2e:a9:81:b6:20:97:cc:46:f4:50:37: 95:66:c4:c7:38:6c:46:42:ec:02:b7:a0:8a:fd:6b:c8:c3:c8: 19:9d:e2:29:a4:a3:07:74:ff:ee:50:9a:3f:bc:53:7b:96:bd: 4f:3a:4b:e7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBJ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjYxREQxMTAvBgNVBAUTKDE1RDYwRDYwRDZBNEY1MDA5MTA5OUE3MkUwRDA1RUVG M0VBRjc2RTkwHhcNMjUwNDA1MDAwNTM3WhcNMjUwNDEyMDAwNTM3WjAYMRYwFAYD VQQDEw02N2YwNzNkMS1kMzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA27+hJ7ikGvi1o3pTg49pO8dof/8Ii1iCaOiS45TPqgU9YrbU6Ks21BxhcE8y By+XXRb66jhhf2Z6pPgTIadhcI66Pn9MjY+DVJHbfcOvK79nvyNIwfRs5kMB2FHV xGAg/YA5GVogFKhM7aB9GpTC8rFYAgO3UznKI3CqaK0V2ArJLAbMxVojkpnJPfMO zR/cT/HCPqWGBe1uyGNlwOhzJ6RLyKraHU8oow4++rV5in+43BeA6YHUuVViPTgU I+hk6x3uGdcGh2RkA8tmRFvvjbja9RukayNa+9LOL7tNz/rchprXIRHO+purtUU+ qQsB5XHBOroMYv9aZ5FjlCF7pwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAgxiiLd J7UUBP24qln934tDyfF4MB8GA1UdIwQYMBaAFBXWDWDWpPUAkQmacuDQXu8+r3bp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNjFERC83Qzc4RTJCQzMw OTMxMUVDQUI2ODQzM0ZDNEY5QUUwMi9GZFlOWU5hazlRQ1JDWnB5NE5CZTd6NnZk dWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZkWU5ZTmFrOVFDUkNacHk0TkJlN3o2dmR1ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NjFERC83Qzc4RTJCQzMwOTMxMUVDQUI2ODQzM0ZDNEY5QUUwMi9GZFlOWU5hazlR Q1JDWnB5NE5CZTd6NnZkdWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC9X4EgrPDja2XnWx0bg81Yx5kTZxWiDKjd5C0+qBhy4L56uhgIbLZZ d/nVwTDrnG5IHQP7PgEGhfeee4Oi5Ey+3zMH4e2Di7mfWgIXLvW9iQqpbxBYkxl6 c2/RfzsHesVsxZB8AiJUnQpT6ljpTuSt0g0CvWk+5IHJCSCmHxY9ehpwlvS6uqGf 0QIwGEOc5yvQniTTam+RbzKh8yTuyTbMsn+ZvCH0AycgMakfJOWgaoToL8tlwo7Z IX1SbcNKpZB+tAv3t02Mj5fnlRfTLqmBtiCXzEb0UDeVZsTHOGxGQuwCt6CK/WvI w8gZneIppKMHdP/uUJo/vFN7lr1POkvn -----END CERTIFICATE-----Generated at Sat Apr 5 19:33:47 2025 by rpki-client