$ rpki-client -vvf rpki.apnic.net/member_repository/A91B732A/FFF2E6A8B63011EFA2D7FB63C4F9AE02/bz4CYgDVU58n4POqUNMgokUo1X0.mft File: bz4CYgDVU58n4POqUNMgokUo1X0.mft (raw, json) Hash identifier: fWAfauR0RBNPL2V/b+SHb82xWMai+daR0UDK5syHgqc= Subject key identifier: 27:82:1F:AE:B0:B1:16:E2:98:F2:2E:2F:F6:20:C6:7B:32:FC:4B:6B Authority key identifier: 6F:3E:02:62:00:D5:53:9F:27:E0:F3:AA:50:D3:20:A2:45:28:D5:7D Certificate issuer: /CN=A91B732A/serialNumber=6F3E026200D5539F27E0F3AA50D320A24528D57D Certificate serial: 25 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/bz4CYgDVU58n4POqUNMgokUo1X0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B732A/FFF2E6A8B63011EFA2D7FB63C4F9AE02/bz4CYgDVU58n4POqUNMgokUo1X0.mft Manifest number: 23 Signing time: Wed 05 Feb 2025 06:18:28 +0000 Manifest this update: Wed 05 Feb 2025 06:18:28 +0000 Manifest next update: Wed 12 Feb 2025 06:18:27 +0000 Files and hashes: 1: bz4CYgDVU58n4POqUNMgokUo1X0.crl (hash: d59N/gpE+70EtTfOdHS5SaMx4yJi7kP/Af8rQP9vIVs=) 2: 31EC2E5CBAAB11EFA97B2C66C4F9AE02.roa (hash: QpBoEt1C2EBI43s0+/uUFeo0zNr6mDnCWlKa7GcSILU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B732A/FFF2E6A8B63011EFA2D7FB63C4F9AE02/bz4CYgDVU58n4POqUNMgokUo1X0.crl rsync://rpki.apnic.net/member_repository/A91B732A/FFF2E6A8B63011EFA2D7FB63C4F9AE02/bz4CYgDVU58n4POqUNMgokUo1X0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/bz4CYgDVU58n4POqUNMgokUo1X0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:18:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37 (0x25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B732A Validity Not Before: Feb 5 06:18:28 2025 GMT Not After : Feb 12 06:18:27 2025 GMT Subject: CN=67a302b4-b99d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a8:88:ad:80:39:ba:e2:4f:04:36:28:e8:2f: 34:d5:54:78:9e:7e:aa:39:9c:d6:19:b1:f6:ac:43: 44:a5:5b:4b:5d:4a:70:0c:28:6c:4f:84:19:dd:1b: 16:13:ef:82:4e:7e:a6:12:96:6a:1a:c5:19:62:98: 3b:f3:78:e9:d0:1f:3a:14:67:6c:67:26:2e:cb:49: 80:fc:c8:95:a7:04:5f:52:5d:1a:b9:b1:26:d8:01: 6d:2c:9b:88:47:14:bc:3c:e6:a6:b7:37:8c:e9:e9: 53:33:ab:b6:69:f0:c2:06:04:03:14:f6:ea:6c:a0: 67:f9:4c:bf:69:fd:fc:e9:60:a2:b6:32:9c:7b:ae: 35:2c:53:72:f7:0b:96:74:db:53:b0:e4:f4:13:ae: a1:51:50:77:98:d9:8d:ce:01:3c:12:59:c0:ae:13: e0:42:f1:3b:78:74:a6:1b:c6:83:00:d6:e8:b8:18: 18:12:d0:06:fe:91:cc:8d:a5:35:68:f1:3d:7c:36: 39:31:94:00:ae:c3:7e:09:c6:9d:61:76:83:cd:2a: 56:74:ce:3b:ea:29:b8:9d:b9:88:aa:85:2a:d7:c1: bc:24:6f:f8:3e:c6:20:ac:24:f9:6d:6a:38:f6:f9: f4:0b:fc:b3:06:17:21:ea:48:f6:82:93:38:cc:cb: 9d:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:82:1F:AE:B0:B1:16:E2:98:F2:2E:2F:F6:20:C6:7B:32:FC:4B:6B X509v3 Authority Key Identifier: keyid:6F:3E:02:62:00:D5:53:9F:27:E0:F3:AA:50:D3:20:A2:45:28:D5:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B732A/FFF2E6A8B63011EFA2D7FB63C4F9AE02/bz4CYgDVU58n4POqUNMgokUo1X0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/bz4CYgDVU58n4POqUNMgokUo1X0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B732A/FFF2E6A8B63011EFA2D7FB63C4F9AE02/bz4CYgDVU58n4POqUNMgokUo1X0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7f:34:22:ae:eb:5d:b2:be:f6:f7:f5:71:ab:a1:a5:0f:6e:3c: 5e:f6:4c:ae:2a:f6:70:cd:95:f0:75:b9:5f:bf:4d:29:03:6b: 31:cd:df:69:35:94:cd:ad:f2:d4:87:b6:36:ae:78:9c:0c:63: bd:58:8a:82:66:04:51:a3:5e:03:84:63:3e:37:30:09:cf:52: db:74:6d:e2:76:ca:ad:0e:64:4c:22:07:df:15:01:e6:2f:37: 40:40:bf:71:16:a3:1b:61:7d:5b:a9:f7:7c:56:ea:5a:26:2d: 56:71:b2:94:30:ce:3a:0a:88:68:13:b9:0d:f3:5e:4a:5e:99: 08:31:b7:0b:58:d7:86:57:c4:73:f1:ca:93:66:2d:9a:ec:94: c2:37:a4:c0:fb:3c:f8:99:b1:39:3d:01:81:a0:fe:c0:11:8c: 1e:dc:ba:4d:84:0a:1e:cb:98:4d:42:79:51:69:cf:73:eb:66: 03:f8:b9:bc:b6:49:b0:ac:76:51:8d:f0:3f:b9:17:fb:e1:df: 3a:be:15:9d:54:ec:92:30:98:43:6c:ea:a9:bd:be:1f:00:bd: 38:fa:ae:5f:75:8a:4f:61:d2:6d:14:78:09:ee:d5:22:2d:46: 80:21:0a:06:ce:c4:fb:1f:d5:f5:81:a2:d9:5c:6a:12:c1:c7: bc:43:60:fa -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NzMyQTExMC8GA1UEBRMoNkYzRTAyNjIwMEQ1NTM5RjI3RTBGM0FBNTBEMzIwQTI0 NTI4RDU3RDAeFw0yNTAyMDUwNjE4MjhaFw0yNTAyMTIwNjE4MjdaMBgxFjAUBgNV BAMTDTY3YTMwMmI0LWI5OWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDBqIitgDm64k8ENijoLzTVVHiefqo5nNYZsfasQ0SlW0tdSnAMKGxPhBndGxYT 74JOfqYSlmoaxRlimDvzeOnQHzoUZ2xnJi7LSYD8yJWnBF9SXRq5sSbYAW0sm4hH FLw85qa3N4zp6VMzq7Zp8MIGBAMU9upsoGf5TL9p/fzpYKK2Mpx7rjUsU3L3C5Z0 21Ow5PQTrqFRUHeY2Y3OATwSWcCuE+BC8Tt4dKYbxoMA1ui4GBgS0Ab+kcyNpTVo 8T18NjkxlACuw34Jxp1hdoPNKlZ0zjvqKbiduYiqhSrXwbwkb/g+xiCsJPltajj2 +fQL/LMGFyHqSPaCkzjMy531AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUJ4IfrrCx FuKY8i4v9iDGezL8S2swHwYDVR0jBBgwFoAUbz4CYgDVU58n4POqUNMgokUo1X0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3MzJBL0ZGRjJFNkE4QjYz MDExRUZBMkQ3RkI2M0M0RjlBRTAyL2J6NENZZ0RWVTU4bjRQT3FVTk1nb2tVbzFY MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvYno0Q1lnRFZVNThuNFBPcVVOTWdva1VvMVgwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3 MzJBL0ZGRjJFNkE4QjYzMDExRUZBMkQ3RkI2M0M0RjlBRTAyL2J6NENZZ0RWVTU4 bjRQT3FVTk1nb2tVbzFYMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAH80Iq7rXbK+9vf1cauhpQ9uPF72TK4q9nDNlfB1uV+/TSkDazHN32k1 lM2t8tSHtjaueJwMY71YioJmBFGjXgOEYz43MAnPUtt0beJ2yq0OZEwiB98VAeYv N0BAv3EWoxthfVup93xW6lomLVZxspQwzjoKiGgTuQ3zXkpemQgxtwtY14ZXxHPx ypNmLZrslMI3pMD7PPiZsTk9AYGg/sARjB7cuk2ECh7LmE1CeVFpz3PrZgP4uby2 SbCsdlGN8D+5F/vh3zq+FZ1U7JIwmENs6qm9vh8AvTj6rl91ik9h0m0UeAnu1SIt RoAhCgbOxPsf1fWBotlcahLBx7xDYPo= -----END CERTIFICATE-----Generated at Wed Feb 5 18:56:00 2025 by rpki-client