$ rpki-client -vvf rpki.apnic.net/member_repository/A91FD1C3/FB71C56656CF11EEA8C50456C4F9AE02/GHotNbr5BXwPC40mLS5dYiajI4I.mft File: GHotNbr5BXwPC40mLS5dYiajI4I.mft (raw, json) Hash identifier: ie/Sf5+U1U9/M4gJiKLDcamOvHrGKQsS5gEp0gmxa7k= Subject key identifier: 26:77:7D:A7:84:1D:30:8E:DC:52:04:C1:CD:DC:09:CE:BF:AE:88:65 Authority key identifier: 18:7A:2D:35:BA:F9:05:7C:0F:0B:8D:26:2D:2E:5D:62:26:A3:23:82 Certificate issuer: /CN=A91FD1C3/serialNumber=187A2D35BAF9057C0F0B8D262D2E5D6226A32382 Certificate serial: 012B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GHotNbr5BXwPC40mLS5dYiajI4I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FD1C3/FB71C56656CF11EEA8C50456C4F9AE02/GHotNbr5BXwPC40mLS5dYiajI4I.mft Manifest number: 0127 Signing time: Sat 05 Apr 2025 04:02:31 +0000 Manifest this update: Sat 05 Apr 2025 04:02:30 +0000 Manifest next update: Sat 12 Apr 2025 04:02:30 +0000 Files and hashes: 1: GHotNbr5BXwPC40mLS5dYiajI4I.crl (hash: zxmRUsN+827PhCulo8ih9Uk8k14BMxa2RDoi1/zEA3g=) 2: 5773966456D011EE9C8F8C56C4F9AE02.roa (hash: iKZhrYsqwja6p9Jg0/rXm6hAG4LxSI3ekb53k0lCuBw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FD1C3/FB71C56656CF11EEA8C50456C4F9AE02/GHotNbr5BXwPC40mLS5dYiajI4I.crl rsync://rpki.apnic.net/member_repository/A91FD1C3/FB71C56656CF11EEA8C50456C4F9AE02/GHotNbr5BXwPC40mLS5dYiajI4I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GHotNbr5BXwPC40mLS5dYiajI4I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 12 Apr 2025 04:02:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 299 (0x12b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FD1C3 Validity Not Before: Apr 5 04:02:30 2025 GMT Not After : Apr 12 04:02:30 2025 GMT Subject: CN=67f0ab56-180e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:f6:d3:27:bf:f4:c7:b4:d3:a7:fc:e1:2c:97: 18:01:b9:78:6e:2c:15:f5:ed:d5:a5:36:e1:4f:f1: 8b:60:de:c9:ac:07:ed:dc:65:81:1e:03:44:9a:b9: 35:04:fe:f3:2c:ea:61:61:38:8b:14:4b:1f:d5:1a: d7:64:32:2b:3b:f5:c2:ef:4b:38:fc:95:c3:0c:e2: ff:bc:b2:25:ec:e7:b5:e7:44:88:48:01:96:6a:34: 3d:b4:8b:9e:c1:67:5b:8d:86:1e:9c:29:11:3f:5d: dc:c5:d9:f2:3d:cd:9a:52:e0:69:60:9e:bf:f7:dc: d5:ac:92:82:39:cf:36:89:33:9a:9d:a5:14:d6:6d: 61:60:33:7b:b7:fc:92:91:fd:01:2c:44:17:4f:86: 39:2d:cd:6b:67:cc:c3:18:d1:e9:9a:39:47:bf:d8: 7b:df:a1:d6:ea:c7:a9:40:bc:3a:76:2d:0a:3c:27: 31:25:42:34:d2:f3:1b:f3:2b:43:e7:75:b9:7f:a3: 18:03:66:70:fe:89:4b:9b:fa:aa:29:74:42:50:dd: 92:b5:50:f2:a8:39:e8:46:75:f5:7d:26:a0:c1:c8: 24:df:64:f4:03:42:c3:fe:5a:f3:6b:cf:13:e9:97: b7:6a:2c:cb:04:8d:58:47:d1:25:df:5f:88:f6:87: 9c:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:77:7D:A7:84:1D:30:8E:DC:52:04:C1:CD:DC:09:CE:BF:AE:88:65 X509v3 Authority Key Identifier: keyid:18:7A:2D:35:BA:F9:05:7C:0F:0B:8D:26:2D:2E:5D:62:26:A3:23:82 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FD1C3/FB71C56656CF11EEA8C50456C4F9AE02/GHotNbr5BXwPC40mLS5dYiajI4I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GHotNbr5BXwPC40mLS5dYiajI4I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FD1C3/FB71C56656CF11EEA8C50456C4F9AE02/GHotNbr5BXwPC40mLS5dYiajI4I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a5:9a:c5:9d:a9:57:84:64:f5:f1:3f:fd:35:91:17:5f:1e:01: 17:18:24:45:28:64:06:7a:20:8d:2f:f7:45:e3:15:e2:cd:1e: 58:dc:0e:09:14:77:74:9f:1f:76:bd:d9:9a:84:a7:80:dc:c8: da:53:93:ee:70:c0:f3:5a:c9:e4:3e:20:ec:69:cc:f0:80:c3: 7e:48:57:33:17:eb:f3:a7:22:f6:3e:93:31:75:4e:34:ca:e9: da:bf:0c:64:d4:78:c8:30:2f:59:85:39:74:85:9c:13:c8:09: 52:3b:8b:df:24:70:7d:a5:a5:f8:2d:c7:09:f3:38:d4:cc:8a: 48:77:87:64:f8:e8:fc:cf:cb:d7:a6:de:dd:ab:8b:eb:bd:c2: 70:f0:ce:74:95:fd:c2:d0:c3:9d:93:20:74:52:a8:14:0e:2e: c5:0c:bf:17:fb:4f:fd:ee:79:6b:5e:f5:c1:82:29:5a:3d:a5: d0:7f:ae:66:71:f8:d2:47:24:f1:26:39:1f:fb:b9:50:e6:8c: bf:b6:ca:d1:b0:6d:d4:30:2e:b6:09:9e:44:b7:1b:96:e8:c1: 15:fd:e6:48:57:a6:3e:54:06:50:52:79:70:db:ef:24:1b:bf: d0:3e:0f:66:47:af:86:22:89:b7:d3:e6:19:76:3a:92:bc:69: d2:82:4d:84 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkQxQzMxMTAvBgNVBAUTKDE4N0EyRDM1QkFGOTA1N0MwRjBCOEQyNjJEMkU1RDYy MjZBMzIzODIwHhcNMjUwNDA1MDQwMjMwWhcNMjUwNDEyMDQwMjMwWjAYMRYwFAYD VQQDEw02N2YwYWI1Ni0xODBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1/bTJ7/0x7TTp/zhLJcYAbl4biwV9e3VpTbhT/GLYN7JrAft3GWBHgNEmrk1 BP7zLOphYTiLFEsf1RrXZDIrO/XC70s4/JXDDOL/vLIl7Oe150SISAGWajQ9tIue wWdbjYYenCkRP13cxdnyPc2aUuBpYJ6/99zVrJKCOc82iTOanaUU1m1hYDN7t/yS kf0BLEQXT4Y5Lc1rZ8zDGNHpmjlHv9h736HW6sepQLw6di0KPCcxJUI00vMb8ytD 53W5f6MYA2Zw/olLm/qqKXRCUN2StVDyqDnoRnX1fSagwcgk32T0A0LD/lrza88T 6Ze3aizLBI1YR9El31+I9oecSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCZ3faeE HTCO3FIEwc3cCc6/rohlMB8GA1UdIwQYMBaAFBh6LTW6+QV8DwuNJi0uXWImoyOC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRDFDMy9GQjcxQzU2NjU2 Q0YxMUVFQThDNTA0NTZDNEY5QUUwMi9HSG90TmJyNUJYd1BDNDBtTFM1ZFlpYWpJ NEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dIb3ROYnI1Qlh3UEM0MG1MUzVkWWlhakk0SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RDFDMy9GQjcxQzU2NjU2Q0YxMUVFQThDNTA0NTZDNEY5QUUwMi9HSG90TmJyNUJY d1BDNDBtTFM1ZFlpYWpJNEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQClmsWdqVeEZPXxP/01kRdfHgEXGCRFKGQGeiCNL/dF4xXizR5Y3A4J FHd0nx92vdmahKeA3MjaU5PucMDzWsnkPiDsaczwgMN+SFczF+vzpyL2PpMxdU40 yunavwxk1HjIMC9ZhTl0hZwTyAlSO4vfJHB9paX4LccJ8zjUzIpId4dk+Oj8z8vX pt7dq4vrvcJw8M50lf3C0MOdkyB0UqgUDi7FDL8X+0/97nlrXvXBgilaPaXQf65m cfjSRyTxJjkf+7lQ5oy/tsrRsG3UMC62CZ5EtxuW6MEV/eZIV6Y+VAZQUnlw2+8k G7/QPg9mR6+GIom30+YZdjqSvGnSgk2E -----END CERTIFICATE-----Generated at Sun Apr 6 07:37:09 2025 by rpki-client