$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.mft File: g4L2GIxKbdZpVNVxij2cz5uL-JU.mft (raw, json) Hash identifier: l2JhcqnHPUQpyQivMU4JlPyRq2ZRThKhQz8CKivJQJc= Subject key identifier: CA:9E:55:0C:09:5B:09:A9:FF:55:D2:3F:9F:03:5C:DF:E9:BD:E9:FE Authority key identifier: 83:82:F6:18:8C:4A:6D:D6:69:54:D5:71:8A:3D:9C:CF:9B:8B:F8:95 Certificate issuer: /CN=A91CB8BA/serialNumber=8382F6188C4A6DD66954D5718A3D9CCF9B8BF895 Certificate serial: 07CB Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/g4L2GIxKbdZpVNVxij2cz5uL-JU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.mft Manifest number: 07C5 Signing time: Wed 16 Apr 2025 20:21:45 +0000 Manifest this update: Wed 16 Apr 2025 20:21:45 +0000 Manifest next update: Wed 23 Apr 2025 20:21:45 +0000 Files and hashes: 1: g4L2GIxKbdZpVNVxij2cz5uL-JU.crl (hash: g/Y7yuvVXR7q41o/EgSl/2d4fCbL6WDOoCTX2KJVfhw=) 2: 21B96F2E7BC911EBABCF472DC4F9AE02.roa (hash: jfAjvDFneg9TxfVOqlYPDujvfvVSOSgnFYEvXUOG5OY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.crl rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/g4L2GIxKbdZpVNVxij2cz5uL-JU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 23 Apr 2025 20:21:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1995 (0x7cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB8BA, serialNumber=8382F6188C4A6DD66954D5718A3D9CCF9B8BF895 Validity Not Before: Apr 16 20:21:45 2025 GMT Not After : Apr 23 20:21:45 2025 GMT Subject: CN=68001159-febe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:a3:47:be:b0:61:11:c2:af:d0:5c:d0:4e:4c: 58:6b:48:ea:1e:9f:6e:c7:f2:bc:ae:4d:4c:b5:4d: 98:0c:48:10:5b:ec:e9:73:42:55:d1:5d:87:a1:47: 25:e9:14:a4:cc:c9:15:15:c8:41:6c:c0:fe:74:ac: 24:d2:dc:d5:30:7f:f5:ba:87:a1:9e:fe:f7:40:7a: d0:87:c2:b1:82:23:02:27:bd:96:51:5b:14:f9:71: 71:55:97:37:6a:89:bf:19:c9:26:09:cb:2f:d3:51: 0c:2d:88:de:01:79:98:f2:52:3c:f0:fb:6d:43:2d: 3e:31:b9:fa:26:db:9f:cd:f8:94:d5:6c:14:5d:4f: 33:55:66:ed:f7:b8:f2:98:93:85:dc:5b:34:86:33: b9:2c:59:f9:d7:72:b0:8d:31:5f:72:2f:93:86:73: 8d:b3:ff:3c:1a:f9:74:94:57:3a:1d:94:b3:6d:00: a2:e1:9a:fd:4d:1d:64:bc:34:8e:a3:3e:1e:0e:9d: 94:0e:bc:6b:8c:ce:a8:1a:11:d3:a5:83:c3:d4:3e: e8:06:cb:6c:c2:1f:88:5a:69:21:48:2c:f9:cc:5d: c8:91:a9:a3:7e:4d:6c:af:f9:6d:3f:b5:e0:3b:f7: 9c:62:23:b2:29:e0:74:b1:b5:8d:b7:26:4f:1e:2e: 90:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:9E:55:0C:09:5B:09:A9:FF:55:D2:3F:9F:03:5C:DF:E9:BD:E9:FE X509v3 Authority Key Identifier: keyid:83:82:F6:18:8C:4A:6D:D6:69:54:D5:71:8A:3D:9C:CF:9B:8B:F8:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/g4L2GIxKbdZpVNVxij2cz5uL-JU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB8BA/2510B4E6F0FC11EAB985FA5FC4F9AE02/g4L2GIxKbdZpVNVxij2cz5uL-JU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:da:fc:f6:fa:63:6e:ad:72:38:50:0d:45:42:e3:60:5f:dc: 65:0f:f9:cb:b0:aa:19:56:5f:cc:b0:c0:af:3a:84:9e:db:1b: 2f:21:55:3a:cd:d4:ea:ee:3f:d7:6a:85:bd:a8:cc:d9:36:b7: 8e:b3:40:0a:b2:16:35:de:08:fd:cc:fa:d5:8f:74:66:37:16: 4c:a6:a6:57:61:e3:f9:f8:9a:e2:37:1c:f1:81:f6:1a:b9:fd: f6:52:9b:5f:d2:b1:9e:fc:bd:13:9e:4f:24:5f:48:25:f0:ae: 17:5c:e0:28:5d:6d:2e:d8:c6:56:e6:ee:94:9c:fd:f9:a6:0e: 7e:d4:af:73:0a:42:f7:e7:76:a2:a9:29:df:4b:62:8f:32:b2: f1:e7:c0:9e:10:b5:34:03:f9:93:a7:85:bc:f2:1b:c0:92:c3: bf:7b:a3:cf:9f:30:cb:2c:71:0c:80:9f:3e:bf:e0:5a:33:4a: 37:b4:ad:f0:cb:30:92:27:ad:f2:dd:9f:a7:4d:ad:ea:c6:0c: f4:26:01:2d:5b:8a:ec:45:8a:25:a2:03:bd:d6:f7:9f:97:b7: ad:38:f2:e5:eb:4f:23:1e:06:0b:fc:08:3d:41:e2:1a:9a:67: 27:3d:91:b1:66:ce:16:eb:4e:8f:f7:75:47:9f:7b:ae:ed:ab: 31:33:fc:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB8swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0I4QkExMTAvBgNVBAUTKDgzODJGNjE4OEM0QTZERDY2OTU0RDU3MThBM0Q5Q0NG OUI4QkY4OTUwHhcNMjUwNDE2MjAyMTQ1WhcNMjUwNDIzMjAyMTQ1WjAYMRYwFAYD VQQDEw02ODAwMTE1OS1mZWJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6KNHvrBhEcKv0FzQTkxYa0jqHp9ux/K8rk1MtU2YDEgQW+zpc0JV0V2HoUcl 6RSkzMkVFchBbMD+dKwk0tzVMH/1uoehnv73QHrQh8KxgiMCJ72WUVsU+XFxVZc3 aom/GckmCcsv01EMLYjeAXmY8lI88PttQy0+Mbn6JtufzfiU1WwUXU8zVWbt97jy mJOF3Fs0hjO5LFn513KwjTFfci+ThnONs/88Gvl0lFc6HZSzbQCi4Zr9TR1kvDSO oz4eDp2UDrxrjM6oGhHTpYPD1D7oBstswh+IWmkhSCz5zF3Ikamjfk1sr/ltP7Xg O/ecYiOyKeB0sbWNtyZPHi6QnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMqeVQwJ Wwmp/1XSP58DXN/pven+MB8GA1UdIwQYMBaAFIOC9hiMSm3WaVTVcYo9nM+bi/iV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjhCQS8yNTEwQjRFNkYw RkMxMUVBQjk4NUZBNUZDNEY5QUUwMi9nNEwyR0l4S2JkWnBWTlZ4aWoyY3o1dUwt SlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2c0TDJHSXhLYmRacFZOVnhpajJjejV1TC1KVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QjhCQS8yNTEwQjRFNkYwRkMxMUVBQjk4NUZBNUZDNEY5QUUwMi9nNEwyR0l4S2Jk WnBWTlZ4aWoyY3o1dUwtSlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBF2vz2+mNurXI4UA1FQuNgX9xlD/nLsKoZVl/MsMCvOoSe2xsvIVU6 zdTq7j/XaoW9qMzZNreOs0AKshY13gj9zPrVj3RmNxZMpqZXYeP5+JriNxzxgfYa uf32Uptf0rGe/L0Tnk8kX0gl8K4XXOAoXW0u2MZW5u6UnP35pg5+1K9zCkL353ai qSnfS2KPMrLx58CeELU0A/mTp4W88hvAksO/e6PPnzDLLHEMgJ8+v+BaM0o3tK3w yzCSJ63y3Z+nTa3qxgz0JgEtW4rsRYologO91vefl7etOPLl608jHgYL/Ag9QeIa mmcnPZGxZs4W606P93VHn3uu7asxM/xE -----END CERTIFICATE-----Generated at Fri Apr 18 18:05:32 2025 by rpki-client