$ rpki-client -vvf rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft File: -iKAHFKuKl_EkbfL6-aO_KLI0dk.mft (raw, json) Hash identifier: WInWpOvGKDh4Zl7F4WW0+k85rOK8uTdIVC5hfBpLsqk= Subject key identifier: DC:9F:69:A9:D5:62:2E:AE:3D:D3:97:83:35:BE:14:46:37:96:3F:C8 Authority key identifier: FA:22:80:1C:52:AE:2A:5F:C4:91:B7:CB:EB:E6:8E:FC:A2:C8:D1:D9 Certificate issuer: /CN=A91D837B/serialNumber=FA22801C52AE2A5FC491B7CBEBE68EFCA2C8D1D9 Certificate serial: 20 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft Manifest number: 1F Signing time: Wed 05 Feb 2025 06:20:35 +0000 Manifest this update: Wed 05 Feb 2025 06:20:35 +0000 Manifest next update: Wed 12 Feb 2025 06:20:35 +0000 Files and hashes: 1: -iKAHFKuKl_EkbfL6-aO_KLI0dk.crl (hash: ev85weOq97KOtiAa51wfTerwIyZgJTDEVzVxrc0p9PM=) 2: 8F7DFE66C96E11EF98B64E15C4F9AE02.roa (hash: NJttL+qjjIMKQduatRuB9wCf9GQJviKk9JlU07XKUgE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.crl rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:20:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32 (0x20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D837B Validity Not Before: Feb 5 06:20:35 2025 GMT Not After : Feb 12 06:20:35 2025 GMT Subject: CN=67a30333-3105 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:5d:39:aa:d1:54:23:7d:7b:1a:58:ce:73:56: e5:34:f5:76:57:18:3f:e2:25:81:4e:73:c5:7e:ce: 9c:75:57:f5:76:07:27:3b:42:91:e2:26:3c:28:2d: b9:ee:36:2a:95:db:6f:54:ea:ae:ed:b0:60:4a:56: 3c:06:bd:3a:db:f2:85:0e:5c:ed:ce:0e:74:47:fc: 6c:76:75:5b:c9:02:48:5a:f4:66:0f:e8:0e:7b:3b: e6:a1:f3:b1:58:c3:39:5e:a7:d1:7e:94:43:aa:5e: 45:36:21:d9:87:31:12:c1:cd:fc:68:32:5e:0c:cf: e4:a2:83:68:e1:b4:94:35:6c:46:36:22:e2:09:03: 68:2d:6c:20:52:06:c1:31:b2:e3:f5:0d:85:08:15: a6:74:f3:e5:9b:60:75:60:da:21:02:44:c6:55:30: c0:ba:db:3d:22:a3:66:e0:d3:b4:c3:ee:03:8a:7f: be:36:d5:54:7b:74:f7:f2:be:50:aa:cf:70:33:06: ef:ed:b6:66:5b:7c:ba:a8:b5:16:dc:ab:f3:f2:08: 9a:23:96:6c:ff:91:ee:34:c3:54:a8:af:19:d4:1b: 82:4a:1c:35:3d:5a:ae:a8:62:54:11:1d:4e:fb:5a: 2f:8c:e1:e1:c1:96:34:42:fb:c7:95:35:dd:e2:2f: 1c:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:9F:69:A9:D5:62:2E:AE:3D:D3:97:83:35:BE:14:46:37:96:3F:C8 X509v3 Authority Key Identifier: keyid:FA:22:80:1C:52:AE:2A:5F:C4:91:B7:CB:EB:E6:8E:FC:A2:C8:D1:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:25:f2:c7:39:e9:7d:53:0b:e2:ec:d5:ba:e5:31:51:7c:3d: 2b:a2:19:b5:08:2f:a3:f1:80:69:a8:11:5d:c5:06:87:16:7a: fa:f2:d8:31:79:d8:4f:e2:80:50:f1:76:8c:d1:0e:7e:b3:26: 58:2e:8c:1d:d1:f8:f2:40:d5:28:38:eb:2f:f2:b4:d0:a5:6c: 91:cb:37:ba:02:2d:a0:35:05:26:1b:23:fb:17:b3:11:9f:a5: 7f:e8:df:ce:ee:c7:e8:0e:de:9d:b9:b8:6e:80:2f:32:9e:95: 20:6e:6b:b5:21:19:29:0c:5d:49:b1:a3:02:47:51:4c:ac:47: 5f:c0:62:47:ab:c8:82:ea:19:ff:81:b6:54:b3:52:62:72:3c: fe:58:a5:a8:0b:ec:86:bb:6d:89:26:8d:d6:ba:3b:84:0a:a3: d9:f1:78:12:99:c6:3b:27:73:f8:c7:35:ae:ab:0a:fb:c7:01: 24:b9:f6:8c:aa:8a:27:aa:0f:6f:2b:d4:ad:48:12:c4:8f:38: 52:f9:49:f9:c3:be:80:43:b9:2e:e1:70:53:80:aa:60:93:93: c2:84:55:4d:78:80:e4:31:d4:da:91:a3:d9:56:66:36:0d:a2: 5d:25:ea:d2:40:52:8a:b0:eb:9a:8d:80:78:a6:31:7d:70:d1: 94:db:82:e8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE ODM3QjExMC8GA1UEBRMoRkEyMjgwMUM1MkFFMkE1RkM0OTFCN0NCRUJFNjhFRkNB MkM4RDFEOTAeFw0yNTAyMDUwNjIwMzVaFw0yNTAyMTIwNjIwMzVaMBgxFjAUBgNV BAMTDTY3YTMwMzMzLTMxMDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCpXTmq0VQjfXsaWM5zVuU09XZXGD/iJYFOc8V+zpx1V/V2Byc7QpHiJjwoLbnu NiqV229U6q7tsGBKVjwGvTrb8oUOXO3ODnRH/Gx2dVvJAkha9GYP6A57O+ah87FY wzlep9F+lEOqXkU2IdmHMRLBzfxoMl4Mz+Sig2jhtJQ1bEY2IuIJA2gtbCBSBsEx suP1DYUIFaZ08+WbYHVg2iECRMZVMMC62z0io2bg07TD7gOKf7421VR7dPfyvlCq z3AzBu/ttmZbfLqotRbcq/PyCJojlmz/ke40w1SorxnUG4JKHDU9Wq6oYlQRHU77 Wi+M4eHBljRC+8eVNd3iLxzJAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU3J9pqdVi Lq4905eDNb4URjeWP8gwHwYDVR0jBBgwFoAU+iKAHFKuKl/EkbfL6+aO/KLI0dkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4MzdCLzE1OEQ3RjNDQjk5 QzExRUY5NjM4Rjc2OUM0RjlBRTAyLy1pS0FIRkt1S2xfRWtiZkw2LWFPX0tMSTBk ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvLWlLQUhGS3VLbF9Fa2JmTDYtYU9fS0xJMGRrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4 MzdCLzE1OEQ3RjNDQjk5QzExRUY5NjM4Rjc2OUM0RjlBRTAyLy1pS0FIRkt1S2xf RWtiZkw2LWFPX0tMSTBkay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGMl8sc56X1TC+Ls1brlMVF8PSuiGbUIL6PxgGmoEV3FBocWevry2DF5 2E/igFDxdozRDn6zJlgujB3R+PJA1Sg46y/ytNClbJHLN7oCLaA1BSYbI/sXsxGf pX/o387ux+gO3p25uG6ALzKelSBua7UhGSkMXUmxowJHUUysR1/AYkeryILqGf+B tlSzUmJyPP5YpagL7Ia7bYkmjda6O4QKo9nxeBKZxjsnc/jHNa6rCvvHASS59oyq iieqD28r1K1IEsSPOFL5SfnDvoBDuS7hcFOAqmCTk8KEVU14gOQx1NqRo9lWZjYN ol0l6tJAUoqw65qNgHimMX1w0ZTbgug= -----END CERTIFICATE-----Generated at Wed Feb 5 20:10:22 2025 by rpki-client