$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/IaR__8gaEzNcB7kmBaLd_RgHoUw.mft File: IaR__8gaEzNcB7kmBaLd_RgHoUw.mft (raw, json) Hash identifier: nODANFBx7ovrHDZYxUp/oXnwcqiphehVBv+aypg9GCI= Subject key identifier: 87:9A:9F:C1:7E:7C:AA:E7:3B:80:9B:E5:BC:8E:58:D5:D2:03:7E:97 Authority key identifier: 21:A4:7F:FF:C8:1A:13:33:5C:07:B9:26:05:A2:DD:FD:18:07:A1:4C Certificate issuer: /CN=A91BF905/serialNumber=21A47FFFC81A13335C07B92605A2DDFD1807A14C Certificate serial: 0AFA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IaR__8gaEzNcB7kmBaLd_RgHoUw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/IaR__8gaEzNcB7kmBaLd_RgHoUw.mft Manifest number: 0AEC Signing time: Fri 30 May 2025 19:36:08 +0000 Manifest this update: Fri 30 May 2025 19:36:08 +0000 Manifest next update: Fri 06 Jun 2025 19:36:08 +0000 Files and hashes: 1: IaR__8gaEzNcB7kmBaLd_RgHoUw.crl (hash: +mY21AU7BT305xwgKsgOR/CzoQw+4n4SAw8+e4dMAKo=) 2: CDEFCF14801F11EF99206C47C4F9AE02.roa (hash: kISEPEmE2ZLNGr7M+gIIuLb+wfjhIl0pN5Ozrn7290M=) 3: A558194E801F11EFB86B2647C4F9AE02.roa (hash: yZl4Rgg31ofEgyuQezY4Q6zD53Q3cflOAAa2hJJAiIg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/IaR__8gaEzNcB7kmBaLd_RgHoUw.crl rsync://rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/IaR__8gaEzNcB7kmBaLd_RgHoUw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IaR__8gaEzNcB7kmBaLd_RgHoUw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 19:36:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2810 (0xafa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BF905, serialNumber=21A47FFFC81A13335C07B92605A2DDFD1807A14C Validity Not Before: May 30 19:36:08 2025 GMT Not After : Jun 6 19:36:08 2025 GMT Subject: CN=683a08a8-5f92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:33:f8:76:4d:5d:e1:bc:aa:3a:02:91:00:31: 0c:d3:c8:b1:79:d2:3d:5b:9c:c1:ee:84:83:54:e3: 1b:7e:9f:f1:d8:26:70:7a:ff:5d:3d:3e:6c:31:22: 15:40:18:fa:0f:42:c4:6d:55:4f:83:23:cf:a2:c6: 1d:4a:46:67:a5:92:01:9d:e6:98:b6:fe:ba:c7:eb: d1:e9:ca:ba:0f:87:f5:c1:bf:1c:30:e3:e6:c2:ef: bd:7d:ec:43:70:f3:3d:16:cd:80:38:6c:d8:e6:4e: 30:e0:9d:7b:59:de:59:cf:9a:bb:9e:44:97:f2:62: d6:98:bf:d9:8b:aa:69:cb:a6:ef:5b:69:e0:3d:96: 09:aa:71:18:22:e3:f4:40:e6:d0:88:dc:90:5d:71: 9f:45:08:db:32:69:f9:53:e5:a7:7f:ca:10:66:ad: f9:da:fd:a4:29:99:06:c1:04:67:cb:87:c0:6a:4f: 69:54:8f:d7:42:f5:ec:7f:95:3c:3f:65:51:1f:6e: db:8a:69:50:2a:67:9a:b0:46:fd:39:4d:e8:62:71: bd:96:0b:d4:a3:28:c9:d5:1e:4f:93:74:5c:c0:0a: e9:a9:75:27:18:b8:c8:71:6f:6a:92:8c:8e:df:98: c3:dc:b6:d9:61:c9:09:c6:4d:a5:5c:00:43:b8:bf: 91:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:9A:9F:C1:7E:7C:AA:E7:3B:80:9B:E5:BC:8E:58:D5:D2:03:7E:97 X509v3 Authority Key Identifier: keyid:21:A4:7F:FF:C8:1A:13:33:5C:07:B9:26:05:A2:DD:FD:18:07:A1:4C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/IaR__8gaEzNcB7kmBaLd_RgHoUw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IaR__8gaEzNcB7kmBaLd_RgHoUw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF905/1FA7C46C48D311EA8AAE4668C4F9AE02/IaR__8gaEzNcB7kmBaLd_RgHoUw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 30:75:a4:e3:4c:1a:7b:e6:af:51:c6:7f:1a:6e:70:6e:4c:ef: c1:ff:66:2e:a0:ed:d3:a6:85:0f:57:d5:4b:be:6d:de:b5:8b: aa:dc:53:4b:1e:79:51:d6:1f:d1:07:d2:08:3b:42:c3:bc:05: 35:44:5c:6c:14:64:b2:25:dc:f2:ac:97:6f:a6:32:33:94:e1: c2:4c:93:73:05:2d:ec:80:b2:83:19:5a:ef:2b:3b:f5:7b:0a: bd:bb:27:bf:15:8d:13:a5:71:41:72:f3:a6:b3:ce:d3:b2:4e: bd:fa:72:fe:6f:ad:be:00:99:2c:8a:9a:7d:ae:4d:7a:6a:b5: b9:e5:cd:3c:ff:01:ae:52:fb:9c:6c:b9:d1:36:7b:24:7a:d7: 29:c7:3c:99:a7:65:e7:49:64:1c:bc:61:58:70:b9:37:d9:e6: a2:fa:5c:07:43:76:05:6c:38:03:47:d8:5e:c4:6d:d3:06:44: da:6e:bc:c3:06:7f:4a:0f:14:0a:78:29:cb:7f:13:29:a6:7b: 9a:3f:3d:85:14:9c:ca:75:b1:a6:d9:50:e1:d9:b5:29:d7:15: e6:3a:b9:2f:84:29:bf:cd:f3:cd:4d:79:81:68:8f:b8:90:ee: b6:ae:e0:8d:cb:b8:2d:43:f2:ec:27:fa:41:5c:ae:16:b6:7a: a0:99:ad:2d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkY5MDUxMTAvBgNVBAUTKDIxQTQ3RkZGQzgxQTEzMzM1QzA3QjkyNjA1QTJEREZE MTgwN0ExNEMwHhcNMjUwNTMwMTkzNjA4WhcNMjUwNjA2MTkzNjA4WjAYMRYwFAYD VQQDEw02ODNhMDhhOC01ZjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwDP4dk1d4byqOgKRADEM08ixedI9W5zB7oSDVOMbfp/x2CZwev9dPT5sMSIV QBj6D0LEbVVPgyPPosYdSkZnpZIBneaYtv66x+vR6cq6D4f1wb8cMOPmwu+9fexD cPM9Fs2AOGzY5k4w4J17Wd5Zz5q7nkSX8mLWmL/Zi6ppy6bvW2ngPZYJqnEYIuP0 QObQiNyQXXGfRQjbMmn5U+Wnf8oQZq352v2kKZkGwQRny4fAak9pVI/XQvXsf5U8 P2VRH27bimlQKmeasEb9OU3oYnG9lgvUoyjJ1R5Pk3RcwArpqXUnGLjIcW9qkoyO 35jD3LbZYckJxk2lXABDuL+RVQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIean8F+ fKrnO4Cb5byOWNXSA36XMB8GA1UdIwQYMBaAFCGkf//IGhMzXAe5JgWi3f0YB6FM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjkwNS8xRkE3QzQ2QzQ4 RDMxMUVBOEFBRTQ2NjhDNEY5QUUwMi9JYVJfXzhnYUV6TmNCN2ttQmFMZF9SZ0hv VXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lhUl9fOGdhRXpOY0I3a21CYUxkX1JnSG9Vdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RjkwNS8xRkE3QzQ2QzQ4RDMxMUVBOEFBRTQ2NjhDNEY5QUUwMi9JYVJfXzhnYUV6 TmNCN2ttQmFMZF9SZ0hvVXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAwdaTjTBp75q9Rxn8abnBuTO/B/2YuoO3TpoUPV9VLvm3etYuq3FNL HnlR1h/RB9IIO0LDvAU1RFxsFGSyJdzyrJdvpjIzlOHCTJNzBS3sgLKDGVrvKzv1 ewq9uye/FY0TpXFBcvOms87Tsk69+nL+b62+AJksipp9rk16arW55c08/wGuUvuc bLnRNnsketcpxzyZp2XnSWQcvGFYcLk32eai+lwHQ3YFbDgDR9hexG3TBkTabrzD Bn9KDxQKeCnLfxMppnuaPz2FFJzKdbGm2VDh2bUp1xXmOrkvhCm/zfPNTXmBaI+4 kO62ruCNy7gtQ/LsJ/pBXK4Wtnqgma0t -----END CERTIFICATE-----Generated at Sat May 31 17:18:57 2025 by rpki-client