$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft File: BUM8OuqKSXAsmoLuyV0WtVA86mA.mft (raw, json) Hash identifier: o9HkQBxMNiXutz8QI8pfqxtXbti7C6+lTje+h077/ik= Subject key identifier: 0A:32:F4:A0:9F:59:D0:A7:18:DE:E9:56:E3:09:74:CA:AA:66:E7:32 Authority key identifier: 05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 Certificate issuer: /CN=A91CFFA0/serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60 Certificate serial: 0D36 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft Manifest number: 0D14 Signing time: Fri 04 Apr 2025 18:10:36 +0000 Manifest this update: Fri 04 Apr 2025 18:10:35 +0000 Manifest next update: Fri 11 Apr 2025 18:10:35 +0000 Files and hashes: 1: BUM8OuqKSXAsmoLuyV0WtVA86mA.crl (hash: dakdO88PXzZB0QDq96brqjTMcnE829+J16+SdxaQhj4=) 2: 83ECD7C40CCA11ED97820077C4F9AE02.roa (hash: tsWCAJh3hDUuF0jt3mDhnNo48pJ1cTxWnbkE+ZQXBxw=) 3: 0E3F36D8C43D11EBAB31777FC4F9AE02.roa (hash: BThAKf2icEZsZqpXgnFl9VpqvpRKYGs7e0515Blb0yw=) 4: 1F4E1CC014D311EA81309110C4F9AE02.roa (hash: zPumQuSa3V5Do5kU4HAy8QEzfyGrDVZPMvaKh+jhJxk=) 5: E6F0F39214CE11EA9E740182C4F9AE02.roa (hash: zpETj3vTU+4JGJFNH2bJangxDJpoV//my0UXRjaLeMk=) 6: 4CD3C8DC14D011EA93366A85C4F9AE02.roa (hash: JwI9xru2SKVmPRR5P37ZWy6F3njGvB5RFaYgtRHbNFY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 11 Apr 2025 18:10:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3382 (0xd36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFA0 Validity Not Before: Apr 4 18:10:35 2025 GMT Not After : Apr 11 18:10:35 2025 GMT Subject: CN=67f0209c-3c33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:84:aa:80:49:c4:29:f5:c2:39:32:d0:40:90: ec:1a:b6:a2:25:2f:99:cb:a1:91:33:56:41:de:76: c3:9f:03:99:6e:49:f3:67:94:35:f9:45:a8:e4:ba: 50:48:d6:28:cb:4d:c1:cc:75:b0:8c:53:a6:1e:07: 9a:b6:bf:bc:a6:b1:54:7d:ef:4e:76:9e:70:15:37: 1e:b2:79:09:00:ef:02:a0:54:ae:cb:79:ef:f9:2b: c2:2c:1c:52:f3:a9:f6:5a:c9:41:2c:c1:62:38:f2: a2:55:60:74:83:ab:fb:e0:07:35:86:90:41:b6:20: 36:d9:b3:3c:b9:61:8b:da:38:19:a1:e5:dc:82:8d: 3a:30:d5:60:d0:ce:eb:2d:5c:ca:30:77:a8:ed:24: 60:19:b5:da:98:48:cd:10:14:d9:f6:f8:de:e6:2e: 28:0b:e9:59:54:73:01:fe:eb:42:bf:42:60:4f:bc: cf:d6:a5:8f:2d:12:53:37:96:52:7d:6e:a5:54:cd: be:20:a8:dc:ab:2e:80:21:98:7b:cc:86:b7:16:d9: 35:08:ca:d2:4c:39:ea:ec:9e:c9:4b:09:4e:ae:69: 30:e0:2b:c2:ed:8d:d4:4f:5c:3a:1c:7f:02:96:3b: 07:fd:7f:a9:93:24:df:93:00:1a:b8:98:bf:d8:c6: ad:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:32:F4:A0:9F:59:D0:A7:18:DE:E9:56:E3:09:74:CA:AA:66:E7:32 X509v3 Authority Key Identifier: keyid:05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:d0:92:35:99:5d:47:00:65:23:91:77:1f:60:65:95:16:9d: 7f:5b:52:0c:a7:e3:b8:e4:8e:5c:c9:99:61:71:13:1c:f1:4b: 5f:9c:8b:3d:50:5a:0c:c3:26:bb:18:df:b1:c2:11:0b:5d:23: 3d:00:e4:7e:b5:e4:48:f6:76:40:6e:7f:f0:b3:c4:ce:7e:43: 4e:f2:40:aa:e5:01:94:97:6c:9a:84:f6:46:ef:e7:90:01:1e: 31:3d:21:97:24:66:48:2e:da:69:fb:d3:09:da:77:95:75:e2: 33:80:9c:2f:3c:1e:a1:03:ea:8a:3b:f2:5e:67:8c:36:87:c6: 6f:1f:17:ee:c4:ab:fe:b3:41:5e:ea:c5:aa:76:f5:d4:50:10: e2:95:55:20:1a:c0:49:ff:ad:5e:2f:b1:f6:73:46:7f:24:03: 02:20:68:97:99:cd:85:97:c3:0a:68:be:54:11:1f:b7:48:9f: 58:30:08:c5:0d:6a:16:5e:99:84:3c:15:32:5b:72:1d:97:a6: 7a:e0:57:f4:c5:94:5c:7b:ae:ea:5d:ef:d2:0f:76:35:51:12: 0a:20:ba:62:ef:bf:fc:b0:85:d3:ca:fa:82:67:19:66:df:ac: a8:c0:fa:53:e2:40:f7:b5:d0:ec:40:06:ae:cf:0d:32:df:db: 14:31:71:cb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDTYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZGQTAxMTAvBgNVBAUTKDA1NDMzQzNBRUE4QTQ5NzAyQzlBODJFRUM5NUQxNkI1 NTAzQ0VBNjAwHhcNMjUwNDA0MTgxMDM1WhcNMjUwNDExMTgxMDM1WjAYMRYwFAYD VQQDEw02N2YwMjA5Yy0zYzMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwoSqgEnEKfXCOTLQQJDsGraiJS+Zy6GRM1ZB3nbDnwOZbknzZ5Q1+UWo5LpQ SNYoy03BzHWwjFOmHgeatr+8prFUfe9Odp5wFTcesnkJAO8CoFSuy3nv+SvCLBxS 86n2WslBLMFiOPKiVWB0g6v74Ac1hpBBtiA22bM8uWGL2jgZoeXcgo06MNVg0M7r LVzKMHeo7SRgGbXamEjNEBTZ9vje5i4oC+lZVHMB/utCv0JgT7zP1qWPLRJTN5ZS fW6lVM2+IKjcqy6AIZh7zIa3Ftk1CMrSTDnq7J7JSwlOrmkw4CvC7Y3UT1w6HH8C ljsH/X+pkyTfkwAauJi/2Mat5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAoy9KCf WdCnGN7pVuMJdMqqZucyMB8GA1UdIwQYMBaAFAVDPDrqiklwLJqC7sldFrVQPOpg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xNTBCRjY5MEQ4 Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NYQXNtb0x1eVYwV3RWQTg2 bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0JVTThPdXFLU1hBc21vTHV5VjBXdFZBODZtQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkZBMC8xNTBCRjY5MEQ4Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NY QXNtb0x1eVYwV3RWQTg2bUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAp0JI1mV1HAGUjkXcfYGWVFp1/W1IMp+O45I5cyZlhcRMc8UtfnIs9 UFoMwya7GN+xwhELXSM9AOR+teRI9nZAbn/ws8TOfkNO8kCq5QGUl2yahPZG7+eQ AR4xPSGXJGZILtpp+9MJ2neVdeIzgJwvPB6hA+qKO/JeZ4w2h8ZvHxfuxKv+s0Fe 6sWqdvXUUBDilVUgGsBJ/61eL7H2c0Z/JAMCIGiXmc2Fl8MKaL5UER+3SJ9YMAjF DWoWXpmEPBUyW3Idl6Z64Ff0xZRce67qXe/SD3Y1URIKILpi77/8sIXTyvqCZxlm 36yowPpT4kD3tdDsQAauzw0y39sUMXHL -----END CERTIFICATE-----Generated at Sun Apr 6 07:57:00 2025 by rpki-client