$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAD6F/46C94094144B11E788A2795EC4F9AE02/a4ZCQd8BLyOSegHA44bgeqtJxSI.mft File: a4ZCQd8BLyOSegHA44bgeqtJxSI.mft (raw, json) Hash identifier: 62PxSXHG55nkS1yoDxVMELAMNfCXRXErAJxNLWF1yjU= Subject key identifier: 7B:48:47:5D:CA:DB:89:E9:FB:92:D1:6D:01:A9:47:9E:1A:A0:5B:B6 Authority key identifier: 6B:86:42:41:DF:01:2F:23:92:7A:01:C0:E3:86:E0:7A:AB:49:C5:22 Certificate issuer: /CN=A91FAD6F/serialNumber=6B864241DF012F23927A01C0E386E07AAB49C522 Certificate serial: 1B31 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a4ZCQd8BLyOSegHA44bgeqtJxSI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FAD6F/46C94094144B11E788A2795EC4F9AE02/a4ZCQd8BLyOSegHA44bgeqtJxSI.mft Manifest number: 1B24 Signing time: Fri 04 Apr 2025 16:20:09 +0000 Manifest this update: Fri 04 Apr 2025 16:20:09 +0000 Manifest next update: Fri 11 Apr 2025 16:20:09 +0000 Files and hashes: 1: a4ZCQd8BLyOSegHA44bgeqtJxSI.crl (hash: TVd8cGMedgh6NTNyfXjxv1+bO1+gEZf1dEZtJAb0LiE=) 2: 26834412EFF211E9B74F3A6AC4F9AE02.roa (hash: ZmGMH4g7cGfub9A5Ucup2yr3pAIXwRpZ1v4yX9SvAOs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FAD6F/46C94094144B11E788A2795EC4F9AE02/a4ZCQd8BLyOSegHA44bgeqtJxSI.crl rsync://rpki.apnic.net/member_repository/A91FAD6F/46C94094144B11E788A2795EC4F9AE02/a4ZCQd8BLyOSegHA44bgeqtJxSI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a4ZCQd8BLyOSegHA44bgeqtJxSI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 16:20:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6961 (0x1b31) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FAD6F Validity Not Before: Apr 4 16:20:09 2025 GMT Not After : Apr 11 16:20:09 2025 GMT Subject: CN=67f006b9-48e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:67:f9:2f:55:20:99:92:6e:36:b1:19:34:a7: 29:bf:55:e3:28:86:ef:aa:5c:fa:6f:a5:61:55:ba: 2c:cb:d2:b6:32:12:8e:7d:64:fc:70:79:9f:90:ae: 9f:c0:b1:00:9f:b8:3b:c7:64:a4:9f:22:f2:21:18: 98:0c:91:53:7f:ed:46:2d:2a:32:14:9e:8f:e3:d6: 2e:c1:88:3c:18:06:0c:0a:ca:26:44:a7:eb:7a:1c: 67:f0:94:35:4a:18:75:d9:8c:ce:ca:36:9e:8d:50: a7:6f:7d:87:d3:ea:6c:14:38:24:14:90:83:36:c7: 08:6b:6a:1a:bc:d6:26:08:f3:22:fa:1e:55:55:07: 7e:72:d3:c0:ad:0f:14:2c:bd:8c:54:b8:2b:f8:24: 30:a3:a5:74:b9:90:f4:c9:63:75:20:ad:df:bd:ba: b7:9f:d7:26:b3:d5:6a:80:d7:3a:3b:d9:f6:da:48: 32:40:59:d8:b0:a0:54:be:44:be:b7:6a:ce:16:05: d9:b3:88:a2:e5:42:3b:05:77:76:7d:6e:d2:1d:4f: 9e:85:85:92:3d:17:38:95:4c:c5:bf:05:32:d1:f6: e3:75:49:dc:aa:f4:e6:71:4d:50:ae:0a:7e:96:01: 79:84:dd:54:ff:62:7e:f1:35:eb:1e:a9:fd:b2:d0: 27:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:48:47:5D:CA:DB:89:E9:FB:92:D1:6D:01:A9:47:9E:1A:A0:5B:B6 X509v3 Authority Key Identifier: keyid:6B:86:42:41:DF:01:2F:23:92:7A:01:C0:E3:86:E0:7A:AB:49:C5:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FAD6F/46C94094144B11E788A2795EC4F9AE02/a4ZCQd8BLyOSegHA44bgeqtJxSI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/a4ZCQd8BLyOSegHA44bgeqtJxSI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAD6F/46C94094144B11E788A2795EC4F9AE02/a4ZCQd8BLyOSegHA44bgeqtJxSI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:2e:34:70:f8:b3:f5:c6:a6:23:60:f5:84:41:d9:a7:db:63: 39:9c:10:d5:bf:21:a9:54:2d:ef:c4:3b:de:13:7b:76:1c:c3: db:76:f1:86:05:b8:77:81:00:00:81:e5:bb:ad:68:55:b6:5d: 6f:20:29:c3:96:61:bf:63:a1:77:84:22:43:af:47:f9:72:86: bc:9c:64:33:ce:51:20:b0:ef:c7:e3:83:a8:28:4a:35:35:22: d2:fe:94:09:66:18:c0:d5:d9:3b:5b:d3:5b:de:05:6d:7c:62: 1e:38:ae:a9:f2:dc:d0:93:30:bc:a1:53:c1:af:5e:df:69:f0: 9a:ad:72:c8:29:a9:b2:8a:db:00:36:90:6b:1e:e3:7d:b7:91: 49:ad:c2:d6:cf:91:9e:9d:4d:59:11:55:c9:09:5e:cf:01:85: 8d:42:c6:c6:a9:1f:05:bf:1c:e9:dc:49:94:f5:e8:8b:ea:65: e2:ba:46:b5:09:76:7f:13:5b:69:9d:6c:5e:48:c9:5c:95:e2: b1:d9:6b:42:05:dc:15:67:20:5c:c0:87:3a:a1:3e:b7:dd:71: 62:72:88:30:d3:7f:70:ed:99:6b:cc:44:c1:ea:41:2c:00:94: a0:62:4b:1c:46:83:be:b7:5f:f4:bc:b1:9b:f5:bf:e7:c4:71: 36:06:00:91 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGzEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkFENkYxMTAvBgNVBAUTKDZCODY0MjQxREYwMTJGMjM5MjdBMDFDMEUzODZFMDdB QUI0OUM1MjIwHhcNMjUwNDA0MTYyMDA5WhcNMjUwNDExMTYyMDA5WjAYMRYwFAYD VQQDEw02N2YwMDZiOS00OGUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwWf5L1UgmZJuNrEZNKcpv1XjKIbvqlz6b6VhVbosy9K2MhKOfWT8cHmfkK6f wLEAn7g7x2SknyLyIRiYDJFTf+1GLSoyFJ6P49YuwYg8GAYMCsomRKfrehxn8JQ1 Shh12YzOyjaejVCnb32H0+psFDgkFJCDNscIa2oavNYmCPMi+h5VVQd+ctPArQ8U LL2MVLgr+CQwo6V0uZD0yWN1IK3fvbq3n9cms9VqgNc6O9n22kgyQFnYsKBUvkS+ t2rOFgXZs4ii5UI7BXd2fW7SHU+ehYWSPRc4lUzFvwUy0fbjdUncqvTmcU1Qrgp+ lgF5hN1U/2J+8TXrHqn9stAnawIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHtIR13K 24np+5LRbQGpR54aoFu2MB8GA1UdIwQYMBaAFGuGQkHfAS8jknoBwOOG4HqrScUi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQUQ2Ri80NkM5NDA5NDE0 NEIxMUU3ODhBMjc5NUVDNEY5QUUwMi9hNFpDUWQ4Qkx5T1NlZ0hBNDRiZ2VxdEp4 U0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2E0WkNRZDhCTHlPU2VnSEE0NGJnZXF0SnhTSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QUQ2Ri80NkM5NDA5NDE0NEIxMUU3ODhBMjc5NUVDNEY5QUUwMi9hNFpDUWQ4Qkx5 T1NlZ0hBNDRiZ2VxdEp4U0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCgLjRw+LP1xqYjYPWEQdmn22M5nBDVvyGpVC3vxDveE3t2HMPbdvGG Bbh3gQAAgeW7rWhVtl1vICnDlmG/Y6F3hCJDr0f5coa8nGQzzlEgsO/H44OoKEo1 NSLS/pQJZhjA1dk7W9Nb3gVtfGIeOK6p8tzQkzC8oVPBr17fafCarXLIKamyitsA NpBrHuN9t5FJrcLWz5GenU1ZEVXJCV7PAYWNQsbGqR8Fvxzp3EmU9eiL6mXiuka1 CXZ/E1tpnWxeSMlcleKx2WtCBdwVZyBcwIc6oT633XFicogw039w7ZlrzETB6kEs AJSgYkscRoO+t1/0vLGb9b/nxHE2BgCR -----END CERTIFICATE-----Generated at Sat Apr 5 13:19:54 2025 by rpki-client