$ rpki-client -vvf rpki.apnic.net/member_repository/A91AAC4B/DE3F889ACD7D11EFAA07230AC4F9AE02/44pe3hloyTdeUVUfrpiIigu1RJA.mft File: 44pe3hloyTdeUVUfrpiIigu1RJA.mft (raw, json) Hash identifier: 6XnS9TlH5MAL2414emva6onXRAzgr1nr+JA24aNCLKg= Subject key identifier: D3:97:B4:C6:AA:35:FE:BF:1B:F3:6C:56:A3:41:DA:11:59:AD:9D:CB Authority key identifier: E3:8A:5E:DE:19:68:C9:37:5E:51:55:1F:AE:98:88:8A:0B:B5:44:90 Certificate issuer: /CN=A91AAC4B/serialNumber=E38A5EDE1968C9375E51551FAE98888A0BB54490 Certificate serial: 12 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/44pe3hloyTdeUVUfrpiIigu1RJA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AAC4B/DE3F889ACD7D11EFAA07230AC4F9AE02/44pe3hloyTdeUVUfrpiIigu1RJA.mft Manifest number: 11 Signing time: Wed 05 Feb 2025 06:27:08 +0000 Manifest this update: Wed 05 Feb 2025 06:27:08 +0000 Manifest next update: Wed 12 Feb 2025 06:27:08 +0000 Files and hashes: 1: 44pe3hloyTdeUVUfrpiIigu1RJA.crl (hash: bsjqdu32HwgwTMyG/EyqONzCvHve62KFsSXAGXG6Wo4=) 2: B6A31094CD7E11EFBBAE2137C4F9AE02.roa (hash: f1IFYkIgMkQ3+JyMSl70ACqIsH3T9EI7K8/rW2krDH4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AAC4B/DE3F889ACD7D11EFAA07230AC4F9AE02/44pe3hloyTdeUVUfrpiIigu1RJA.crl rsync://rpki.apnic.net/member_repository/A91AAC4B/DE3F889ACD7D11EFAA07230AC4F9AE02/44pe3hloyTdeUVUfrpiIigu1RJA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/44pe3hloyTdeUVUfrpiIigu1RJA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:27:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18 (0x12) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AAC4B Validity Not Before: Feb 5 06:27:08 2025 GMT Not After : Feb 12 06:27:08 2025 GMT Subject: CN=67a304bc-0736 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:2a:a1:cf:b5:ca:59:e7:8e:03:05:95:83:b6: e4:8f:1f:fd:64:a9:23:fa:0e:d6:d3:8e:69:63:22: f1:50:0c:fb:e6:c0:ae:18:aa:3f:34:58:50:50:07: f0:6a:5b:f5:dc:80:d2:f7:34:06:66:60:9f:8a:05: ae:68:b1:6b:60:d9:50:92:28:9c:a0:c6:09:be:6f: 33:c6:74:9f:bb:17:ed:64:9b:e4:b7:31:fd:c2:51: 0a:9b:e5:1a:9f:51:c2:de:a9:52:a6:ba:60:30:6d: 8c:2a:93:6c:ed:a5:3a:f9:44:a9:e2:9b:5a:bc:ab: 38:2c:02:0a:65:33:05:30:5f:e6:cf:df:38:63:93: 39:30:4f:c6:64:18:93:41:0f:4f:f4:b8:a7:2e:3d: 9b:81:90:c8:04:3d:a3:bf:e8:ae:0b:71:7a:06:1c: 69:ae:0d:b5:d0:60:86:6d:c9:0c:b4:16:61:4f:d8: 87:39:20:8d:dc:78:fa:1a:ef:cc:ed:13:30:d9:f2: 9c:7a:95:87:95:be:f2:fc:d1:9b:38:b0:ac:99:6a: b1:39:48:b0:a7:ce:ff:5c:8e:44:f1:b5:02:9c:1a: 20:6a:d5:aa:a1:84:d6:21:31:83:ba:07:f7:ea:75: 14:0f:14:73:66:df:17:a7:1d:e8:fa:fe:53:b6:2c: fc:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:97:B4:C6:AA:35:FE:BF:1B:F3:6C:56:A3:41:DA:11:59:AD:9D:CB X509v3 Authority Key Identifier: keyid:E3:8A:5E:DE:19:68:C9:37:5E:51:55:1F:AE:98:88:8A:0B:B5:44:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AAC4B/DE3F889ACD7D11EFAA07230AC4F9AE02/44pe3hloyTdeUVUfrpiIigu1RJA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/44pe3hloyTdeUVUfrpiIigu1RJA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AAC4B/DE3F889ACD7D11EFAA07230AC4F9AE02/44pe3hloyTdeUVUfrpiIigu1RJA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c2:91:23:39:43:ee:43:6b:d3:7a:1b:e8:cd:12:5c:a7:31:44: 50:f3:aa:d3:9b:7f:1a:22:49:5d:10:2c:1e:5f:69:4f:7b:f0: fe:d8:f7:97:93:0f:40:8e:05:23:d8:09:6d:c2:ab:f8:c2:ed: 8c:a1:3a:dd:70:b4:7c:76:73:8f:ee:91:84:2c:99:73:7d:e7: 55:a0:a3:9e:36:f4:90:38:5d:e5:ce:72:43:4c:3f:9d:16:6d: 69:e7:61:98:f4:c5:36:b1:bb:ba:16:ad:79:e0:5e:02:cf:74: 95:48:7a:60:a3:e4:30:92:b3:11:5d:e6:74:fc:99:b5:26:11: c9:e5:65:de:43:5b:94:fa:5c:50:2d:2b:b0:f9:49:f3:4a:f6: 3a:24:13:29:13:34:ca:09:70:bf:f4:23:c2:75:42:87:7f:fd: 1c:7b:ee:14:cd:7a:56:f9:b3:23:49:a7:b4:e4:17:4b:82:a0: 4b:34:32:09:13:1f:5c:60:d5:d1:3b:af:f0:a4:49:11:ed:37: cb:5d:42:73:eb:b7:3a:0a:64:10:46:35:e0:cd:9b:e1:89:ab: 52:40:5a:d7:7c:f0:bb:03:4c:7f:2d:26:c1:c9:b7:70:e3:c1: 64:82:49:80:53:bc:42:d9:04:ed:aa:06:37:6a:51:de:d9:55: 21:fa:f0:b2 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBEjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB QUM0QjExMC8GA1UEBRMoRTM4QTVFREUxOTY4QzkzNzVFNTE1NTFGQUU5ODg4OEEw QkI1NDQ5MDAeFw0yNTAyMDUwNjI3MDhaFw0yNTAyMTIwNjI3MDhaMBgxFjAUBgNV BAMTDTY3YTMwNGJjLTA3MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDyKqHPtcpZ544DBZWDtuSPH/1kqSP6DtbTjmljIvFQDPvmwK4Yqj80WFBQB/Bq W/XcgNL3NAZmYJ+KBa5osWtg2VCSKJygxgm+bzPGdJ+7F+1km+S3Mf3CUQqb5Rqf UcLeqVKmumAwbYwqk2ztpTr5RKnim1q8qzgsAgplMwUwX+bP3zhjkzkwT8ZkGJNB D0/0uKcuPZuBkMgEPaO/6K4LcXoGHGmuDbXQYIZtyQy0FmFP2Ic5II3cePoa78zt EzDZ8px6lYeVvvL80Zs4sKyZarE5SLCnzv9cjkTxtQKcGiBq1aqhhNYhMYO6B/fq dRQPFHNm3xenHej6/lO2LPxdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU05e0xqo1 /r8b82xWo0HaEVmtncswHwYDVR0jBBgwFoAU44pe3hloyTdeUVUfrpiIigu1RJAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFBQzRCL0RFM0Y4ODlBQ0Q3 RDExRUZBQTA3MjMwQUM0RjlBRTAyLzQ0cGUzaGxveVRkZVVWVWZycGlJaWd1MVJK QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvNDRwZTNobG95VGRlVVZVZnJwaUlpZ3UxUkpBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFB QzRCL0RFM0Y4ODlBQ0Q3RDExRUZBQTA3MjMwQUM0RjlBRTAyLzQ0cGUzaGxveVRk ZVVWVWZycGlJaWd1MVJKQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMKRIzlD7kNr03ob6M0SXKcxRFDzqtObfxoiSV0QLB5faU978P7Y95eT D0COBSPYCW3Cq/jC7YyhOt1wtHx2c4/ukYQsmXN951Wgo5429JA4XeXOckNMP50W bWnnYZj0xTaxu7oWrXngXgLPdJVIemCj5DCSsxFd5nT8mbUmEcnlZd5DW5T6XFAt K7D5SfNK9jokEykTNMoJcL/0I8J1Qod//Rx77hTNelb5syNJp7TkF0uCoEs0MgkT H1xg1dE7r/CkSRHtN8tdQnPrtzoKZBBGNeDNm+GJq1JAWtd88LsDTH8tJsHJt3Dj wWSCSYBTvELZBO2qBjdqUd7ZVSH68LI= -----END CERTIFICATE-----Generated at Wed Feb 5 20:07:52 2025 by rpki-client