$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8307/2BC92450BECD11EF98C74132C4F9AE02/Swkt8QQoD0W8PyeW9AHMK0xhROk.mft File: Swkt8QQoD0W8PyeW9AHMK0xhROk.mft (raw, json) Hash identifier: nJ9c0/GosE4uUe2iOQuFRR8lWBUOw2m/VrYvkyz1rO8= Subject key identifier: 5D:11:37:C3:E8:16:25:B8:44:17:14:64:D3:64:90:03:69:BB:DD:54 Authority key identifier: 4B:09:2D:F1:04:28:0F:45:BC:3F:27:96:F4:01:CC:2B:4C:61:44:E9 Certificate issuer: /CN=A91C8307/serialNumber=4B092DF104280F45BC3F2796F401CC2B4C6144E9 Certificate serial: 1C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Swkt8QQoD0W8PyeW9AHMK0xhROk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C8307/2BC92450BECD11EF98C74132C4F9AE02/Swkt8QQoD0W8PyeW9AHMK0xhROk.mft Manifest number: 1B Signing time: Wed 05 Feb 2025 06:21:35 +0000 Manifest this update: Wed 05 Feb 2025 06:21:35 +0000 Manifest next update: Wed 12 Feb 2025 06:21:35 +0000 Files and hashes: 1: Swkt8QQoD0W8PyeW9AHMK0xhROk.crl (hash: E4UEi6lMj3tU0S4nn7VDBJJAr3tos4j/NApjEQfmdDk=) 2: DE72D5AEBED411EF835BB47AC4F9AE02.roa (hash: 5j81/BZOYpTkz0ooChEWGP+uFOoiaPO0/qxC0SgYzdY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C8307/2BC92450BECD11EF98C74132C4F9AE02/Swkt8QQoD0W8PyeW9AHMK0xhROk.crl rsync://rpki.apnic.net/member_repository/A91C8307/2BC92450BECD11EF98C74132C4F9AE02/Swkt8QQoD0W8PyeW9AHMK0xhROk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Swkt8QQoD0W8PyeW9AHMK0xhROk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:21:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28 (0x1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C8307 Validity Not Before: Feb 5 06:21:35 2025 GMT Not After : Feb 12 06:21:35 2025 GMT Subject: CN=67a3036f-c0da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:03:85:80:6b:8e:c4:c7:a4:56:b2:b5:9d:87: 9d:16:19:bb:af:22:e8:32:f5:9d:77:10:ea:ad:59: 92:19:bf:f5:dc:4d:30:1c:c4:2c:06:e5:3c:46:3d: 99:e1:32:a0:89:a6:09:f2:13:c2:43:a9:c2:28:01: 30:79:9c:46:ac:dd:57:dc:77:7a:0d:92:06:b4:c1: 68:f3:30:64:fb:41:07:0a:17:90:a7:08:1a:29:63: c6:fc:2f:c2:70:33:d2:49:67:b8:7e:63:8a:0d:7e: 44:03:e5:59:3c:5e:95:10:2f:ae:2b:66:2a:0b:1d: 5b:94:8b:f5:02:79:94:f8:f7:dc:35:94:69:c9:2b: fd:41:ec:06:2d:a9:64:ac:76:4f:84:4e:6b:6d:ab: 35:8a:86:d6:09:50:4d:8e:95:95:d5:da:5c:cf:d7: db:e7:14:40:d0:43:07:81:6e:c4:8c:f5:0d:d4:2a: 14:d4:d5:fb:bf:9e:03:2b:c2:bd:30:f3:af:cd:11: b4:1a:d2:e2:fd:01:9e:a9:5f:71:3f:b3:24:40:5c: 46:33:3c:a0:1d:db:11:a7:f7:44:65:12:0d:42:b3: c5:63:ab:e2:99:d5:2d:c3:0a:12:0d:80:de:ad:26: cb:5f:ea:3f:a7:35:4e:75:e7:43:30:c1:8c:ca:ea: f9:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:11:37:C3:E8:16:25:B8:44:17:14:64:D3:64:90:03:69:BB:DD:54 X509v3 Authority Key Identifier: keyid:4B:09:2D:F1:04:28:0F:45:BC:3F:27:96:F4:01:CC:2B:4C:61:44:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C8307/2BC92450BECD11EF98C74132C4F9AE02/Swkt8QQoD0W8PyeW9AHMK0xhROk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Swkt8QQoD0W8PyeW9AHMK0xhROk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8307/2BC92450BECD11EF98C74132C4F9AE02/Swkt8QQoD0W8PyeW9AHMK0xhROk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:1a:47:75:df:4f:61:1f:20:92:16:80:50:4e:2d:76:35:c9: 4b:7a:89:7e:39:97:61:6f:a5:e3:5a:e5:0d:d7:a3:fc:ca:f7: 57:69:f4:8f:b9:e8:a0:c3:d6:3f:56:3b:e4:d9:28:6e:b7:d3: 89:93:4a:1d:de:d4:9c:06:26:2c:f4:82:4f:14:b0:3c:c0:6f: 3b:30:2b:eb:9c:cb:c3:65:ed:ee:b2:a8:30:aa:1e:b0:f4:27: 41:24:54:b6:64:bd:00:03:ed:ca:d7:24:7f:13:2a:73:5a:dd: ce:64:ff:5f:fc:f9:06:83:92:fd:f1:90:2f:cb:57:76:36:2a: 0e:24:fd:65:fe:cb:6f:48:6d:94:68:b4:08:68:c1:4a:48:00: 26:70:fa:59:ee:38:8c:52:18:e9:c0:02:04:0f:dc:06:f8:25: 58:fb:01:6e:1f:3f:7b:ec:1f:3f:9b:51:4a:8e:ed:f5:86:b0: 8d:97:01:ab:2d:b9:78:f3:68:05:60:cd:31:28:df:4b:d5:cf: b5:a3:b7:98:d2:e6:cc:22:94:e4:98:51:68:cd:93:9b:6f:f2: df:37:86:18:b7:de:e8:94:81:da:de:02:2c:8d:32:04:6e:d1: d4:1c:d7:66:5b:28:ff:4f:52:8f:00:c4:71:92:c5:c3:fe:9d: df:7f:a1:8f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD ODMwNzExMC8GA1UEBRMoNEIwOTJERjEwNDI4MEY0NUJDM0YyNzk2RjQwMUNDMkI0 QzYxNDRFOTAeFw0yNTAyMDUwNjIxMzVaFw0yNTAyMTIwNjIxMzVaMBgxFjAUBgNV BAMTDTY3YTMwMzZmLWMwZGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCiA4WAa47Ex6RWsrWdh50WGbuvIugy9Z13EOqtWZIZv/XcTTAcxCwG5TxGPZnh MqCJpgnyE8JDqcIoATB5nEas3Vfcd3oNkga0wWjzMGT7QQcKF5CnCBopY8b8L8Jw M9JJZ7h+Y4oNfkQD5Vk8XpUQL64rZioLHVuUi/UCeZT499w1lGnJK/1B7AYtqWSs dk+ETmttqzWKhtYJUE2OlZXV2lzP19vnFEDQQweBbsSM9Q3UKhTU1fu/ngMrwr0w 86/NEbQa0uL9AZ6pX3E/syRAXEYzPKAd2xGn90RlEg1Cs8Vjq+KZ1S3DChINgN6t Jstf6j+nNU5150MwwYzK6vlTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUXRE3w+gW JbhEFxRk02SQA2m73VQwHwYDVR0jBBgwFoAUSwkt8QQoD0W8PyeW9AHMK0xhROkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM4MzA3LzJCQzkyNDUwQkVD RDExRUY5OEM3NDEzMkM0RjlBRTAyL1N3a3Q4UVFvRDBXOFB5ZVc5QUhNSzB4aFJP ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvU3drdDhRUW9EMFc4UHllVzlBSE1LMHhoUk9rLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM4 MzA3LzJCQzkyNDUwQkVDRDExRUY5OEM3NDEzMkM0RjlBRTAyL1N3a3Q4UVFvRDBX OFB5ZVc5QUhNSzB4aFJPay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAoaR3XfT2EfIJIWgFBOLXY1yUt6iX45l2FvpeNa5Q3Xo/zK91dp9I+5 6KDD1j9WO+TZKG6304mTSh3e1JwGJiz0gk8UsDzAbzswK+ucy8Nl7e6yqDCqHrD0 J0EkVLZkvQAD7crXJH8TKnNa3c5k/1/8+QaDkv3xkC/LV3Y2Kg4k/WX+y29IbZRo tAhowUpIACZw+lnuOIxSGOnAAgQP3Ab4JVj7AW4fP3vsHz+bUUqO7fWGsI2XAast uXjzaAVgzTEo30vVz7Wjt5jS5swilOSYUWjNk5tv8t83hhi33uiUgdreAiyNMgRu 0dQc12ZbKP9PUo8AxHGSxcP+nd9/oY8= -----END CERTIFICATE-----Generated at Wed Feb 5 20:09:00 2025 by rpki-client