$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0DE0/7040A8E86A8511EFB1568147C4F9AE02/jqW5VjInwuWNQ4vBe6giUHVCRDs.mft File: jqW5VjInwuWNQ4vBe6giUHVCRDs.mft (raw, json) Hash identifier: YPSF9XM1XoSKXhuZktXidePVN30Rfwt6OYRQoI4kAxM= Subject key identifier: AB:CD:17:63:26:64:CF:D1:29:E0:A2:30:9C:5D:89:38:49:49:F6:53 Authority key identifier: 8E:A5:B9:56:32:27:C2:E5:8D:43:8B:C1:7B:A8:22:50:75:42:44:3B Certificate issuer: /CN=A91B0DE0/serialNumber=8EA5B9563227C2E58D438BC17BA822507542443B Certificate serial: 57 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/jqW5VjInwuWNQ4vBe6giUHVCRDs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B0DE0/7040A8E86A8511EFB1568147C4F9AE02/jqW5VjInwuWNQ4vBe6giUHVCRDs.mft Manifest number: 56 Signing time: Sat 15 Feb 2025 08:26:56 +0000 Manifest this update: Sat 15 Feb 2025 08:26:55 +0000 Manifest next update: Sat 22 Feb 2025 08:26:55 +0000 Files and hashes: 1: jqW5VjInwuWNQ4vBe6giUHVCRDs.crl (hash: 5jv71Cffsmsf7Nfq1st24nW526iLrJYz1P1QL5xlY/w=) 2: E569D6DA6A8511EF9DB1CD4DC4F9AE02.roa (hash: n3pzdI1R6OnpGAR7FmeF9nZ8iLEx5lsOyhq7ASsGK90=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B0DE0/7040A8E86A8511EFB1568147C4F9AE02/jqW5VjInwuWNQ4vBe6giUHVCRDs.crl rsync://rpki.apnic.net/member_repository/A91B0DE0/7040A8E86A8511EFB1568147C4F9AE02/jqW5VjInwuWNQ4vBe6giUHVCRDs.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/jqW5VjInwuWNQ4vBe6giUHVCRDs.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 87 (0x57) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B0DE0 Validity Not Before: Feb 15 08:26:55 2025 GMT Not After : Feb 22 08:26:55 2025 GMT Subject: CN=67b04fcf-fdc0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:6b:bf:54:27:a2:f9:f3:b9:79:ee:6b:b8:45: 7e:1e:e9:86:ad:ee:7c:d1:f1:c0:f4:80:4c:6e:27: f9:c0:5c:75:e6:64:1b:1c:a2:fc:d5:cc:ac:f4:eb: 95:0f:5a:b3:7f:8b:9c:4c:54:8c:9e:3b:af:b2:ae: 57:00:dc:93:08:d1:61:9e:77:32:7f:7c:b0:29:a2: b6:c5:78:ad:52:e1:d0:c0:1c:ab:0f:91:92:2e:88: 65:51:a3:cb:c8:f2:a1:49:27:8f:98:05:79:56:69: 9f:16:44:62:c6:46:c5:ed:7c:92:3d:6b:ed:70:c1: 05:9d:d9:d6:a7:3b:47:52:90:71:88:49:b7:ee:fb: 76:10:b7:88:f6:81:8d:75:8c:73:bc:fb:a1:30:51: 7f:83:64:8a:83:36:97:0a:97:b1:48:63:20:f8:78: 2b:30:fa:c9:0b:9c:71:32:1a:62:be:97:ab:c1:3b: a9:2e:a4:1c:f1:80:21:0a:2c:8b:fa:cd:c8:44:44: b1:66:e9:9b:36:8e:4a:d5:75:49:43:9e:4e:d7:c3: 11:37:f7:b7:a1:69:3f:7c:ad:c3:49:f4:0d:4f:ae: 85:49:f9:6b:01:9d:74:8a:9c:d7:14:07:be:9a:99: 06:1a:ea:b3:f8:65:79:bc:f3:5d:df:40:f5:ad:c3: b2:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:CD:17:63:26:64:CF:D1:29:E0:A2:30:9C:5D:89:38:49:49:F6:53 X509v3 Authority Key Identifier: keyid:8E:A5:B9:56:32:27:C2:E5:8D:43:8B:C1:7B:A8:22:50:75:42:44:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B0DE0/7040A8E86A8511EFB1568147C4F9AE02/jqW5VjInwuWNQ4vBe6giUHVCRDs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/jqW5VjInwuWNQ4vBe6giUHVCRDs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0DE0/7040A8E86A8511EFB1568147C4F9AE02/jqW5VjInwuWNQ4vBe6giUHVCRDs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:76:45:78:42:77:63:82:41:e0:f1:ca:84:4e:a7:d6:33:4f: b6:70:32:e2:33:96:31:fd:84:55:2a:b9:ec:4c:f6:2f:bf:5f: f6:87:07:17:51:59:70:88:28:79:ff:35:5c:b7:ec:66:60:c1: 3e:00:45:47:7e:7c:9f:e1:37:df:93:9b:43:08:10:a2:1a:83: 22:fa:98:53:47:af:7e:3a:54:a0:8b:ab:d0:b7:4d:6b:86:a0: fe:3b:b5:6d:20:46:10:f7:68:2a:93:ac:76:99:aa:07:18:73: e5:8b:b7:79:ce:6c:e8:dc:86:5f:5e:1c:65:a8:eb:1b:42:8e: 04:45:b5:7c:99:6b:6b:37:b7:30:f2:95:2c:3e:ba:af:8e:a5: 3e:f7:68:b0:ba:b8:44:16:37:6b:62:8a:21:6e:77:86:3b:3c: 35:08:18:70:6a:76:e7:72:75:36:40:40:6d:a5:9f:b2:49:f1: 8f:8a:88:e1:83:33:be:78:fd:99:51:cb:03:1e:f4:09:b9:53: 2a:27:04:65:d7:0d:cb:6d:37:6b:7d:2d:69:9f:77:02:b7:59: c0:ba:d9:7d:c6:4a:e6:13:29:23:09:cd:3e:c6:2e:fa:38:e9: 9a:cb:12:66:13:81:7b:18:61:96:f0:40:b0:64:23:d4:c9:0b: 6d:4b:13:a5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBVzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC MERFMDExMC8GA1UEBRMoOEVBNUI5NTYzMjI3QzJFNThENDM4QkMxN0JBODIyNTA3 NTQyNDQzQjAeFw0yNTAyMTUwODI2NTVaFw0yNTAyMjIwODI2NTVaMBgxFjAUBgNV BAMTDTY3YjA0ZmNmLWZkYzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDEa79UJ6L587l57mu4RX4e6Yat7nzR8cD0gExuJ/nAXHXmZBscovzVzKz065UP WrN/i5xMVIyeO6+yrlcA3JMI0WGedzJ/fLAporbFeK1S4dDAHKsPkZIuiGVRo8vI 8qFJJ4+YBXlWaZ8WRGLGRsXtfJI9a+1wwQWd2danO0dSkHGISbfu+3YQt4j2gY11 jHO8+6EwUX+DZIqDNpcKl7FIYyD4eCsw+skLnHEyGmK+l6vBO6kupBzxgCEKLIv6 zchERLFm6Zs2jkrVdUlDnk7XwxE397ehaT98rcNJ9A1ProVJ+WsBnXSKnNcUB76a mQYa6rP4ZXm8813fQPWtw7LbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUq80XYyZk z9Ep4KIwnF2JOElJ9lMwHwYDVR0jBBgwFoAUjqW5VjInwuWNQ4vBe6giUHVCRDsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIwREUwLzcwNDBBOEU4NkE4 NTExRUZCMTU2ODE0N0M0RjlBRTAyL2pxVzVWaklud3VXTlE0dkJlNmdpVUhWQ1JE cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvanFXNVZqSW53dVdOUTR2QmU2Z2lVSFZDUkRzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUIw REUwLzcwNDBBOEU4NkE4NTExRUZCMTU2ODE0N0M0RjlBRTAyL2pxVzVWaklud3VX TlE0dkJlNmdpVUhWQ1JEcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAA52RXhCd2OCQeDxyoROp9YzT7ZwMuIzljH9hFUquexM9i+/X/aHBxdR WXCIKHn/NVy37GZgwT4ARUd+fJ/hN9+Tm0MIEKIagyL6mFNHr346VKCLq9C3TWuG oP47tW0gRhD3aCqTrHaZqgcYc+WLt3nObOjchl9eHGWo6xtCjgRFtXyZa2s3tzDy lSw+uq+OpT73aLC6uEQWN2tiiiFud4Y7PDUIGHBqdudydTZAQG2ln7JJ8Y+KiOGD M754/ZlRywMe9Am5UyonBGXXDcttN2t9LWmfdwK3WcC62X3GSuYTKSMJzT7GLvo4 6ZrLEmYTgXsYYZbwQLBkI9TJC21LE6U= -----END CERTIFICATE-----Generated at Sun Feb 16 15:54:15 2025 by rpki-client