$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft File: xOTw2gEK9YY3zFlihHHpmLckPFI.mft (raw, json) Hash identifier: ArIqjy8PRd4ITeP/boj4grVHwB34yzWyCDw/3kWFzok= Subject key identifier: DB:6F:50:FC:B8:1D:C1:1C:E9:E9:38:96:4D:D1:D0:77:3C:EA:A3:55 Authority key identifier: C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 Certificate issuer: /CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Certificate serial: 08D3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft Manifest number: 08BE Signing time: Wed 12 Mar 2025 20:14:36 +0000 Manifest this update: Wed 12 Mar 2025 20:14:35 +0000 Manifest next update: Wed 19 Mar 2025 20:14:35 +0000 Files and hashes: 1: xOTw2gEK9YY3zFlihHHpmLckPFI.crl (hash: Q8knTADXsaz3QCXPWd8xPhfW7PVM1aFIzILXpWgFJCM=) 2: 5353EA28781F11EEBA05B17FC4F9AE02.roa (hash: yfWpHkNEQh2G2/td7i4AwoD5izJRxTmfi2zYrBb7ip0=) 3: 863670328FD011EEB6FFC636C4F9AE02.roa (hash: LXbUGEX0BzxPJTGdu8cpn4olWR+ALKon9w0YiyjSIgs=) 4: 03706138786411EC8624EB12C4F9AE02.roa (hash: v1LJQRKcSsr5fZtI1cfsXADOOD23gM5W/71UiLOuA2g=) 5: F4E74AA8B99911EF9A0C3B63C4F9AE02.roa (hash: 9K+/QIvWHuZSt1H4NN5SMc8oOUogkYlKWodRdIYoXcE=) 6: 6A6E4770A10F11EF840C2548C4F9AE02.roa (hash: hGMtMKEqwODOU8waS4uGb4bFguPGRuvaBHiKMUVPICY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Mar 2025 20:14:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2259 (0x8d3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D83D0 Validity Not Before: Mar 12 20:14:35 2025 GMT Not After : Mar 19 20:14:35 2025 GMT Subject: CN=67d1eb2c-89f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:c9:ea:a0:2c:ac:e0:f4:f9:61:05:53:4b:81: 13:a7:e2:4e:2f:ec:19:20:47:ae:90:bf:35:91:d1: b5:cd:5b:d4:f8:ec:cb:7f:26:04:d9:c1:0a:36:61: c3:37:40:e2:a0:b2:86:df:9e:bb:39:ad:fc:8d:02: bc:c5:72:58:66:33:70:9d:ce:17:59:70:87:0b:46: 7c:fe:29:a1:41:5a:d1:15:e3:ac:eb:7a:11:4d:15: 6f:0f:ea:48:7b:d1:7c:2f:77:13:9b:9a:d1:38:e4: 94:fe:44:03:67:53:ef:5f:20:60:8c:bc:d9:b5:9d: ef:e5:57:03:bc:55:4f:91:c4:ab:b5:20:3d:61:d3: 66:07:95:9a:c6:7d:7e:84:90:ed:87:95:e6:58:50: cb:d8:41:76:07:20:a2:6b:e3:14:6c:b0:48:e0:7f: f4:8c:64:17:25:27:2c:35:8d:0f:b6:30:7f:42:2e: 88:8c:d8:c7:4b:2f:eb:c5:e2:eb:5d:ab:5a:b2:4a: c7:be:8c:53:b4:24:c0:ab:82:61:9f:06:ba:27:24: 27:cd:93:22:82:bb:59:28:37:ae:b1:6c:af:8d:87: a8:64:69:0b:bb:8a:be:18:a1:40:8e:09:3f:77:cd: 5c:a1:c8:b2:9c:eb:c2:7e:50:bf:31:82:77:39:3e: 66:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:6F:50:FC:B8:1D:C1:1C:E9:E9:38:96:4D:D1:D0:77:3C:EA:A3:55 X509v3 Authority Key Identifier: keyid:C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:34:53:4b:b4:4b:ea:cc:75:0d:f7:86:96:55:26:d1:82:78: e7:a6:8d:ee:9e:68:53:6d:91:c9:9b:df:ee:e5:94:1b:7b:bc: 32:93:9d:c9:ba:d8:d9:5f:94:ed:48:04:d8:ba:74:d2:46:75: db:31:be:2b:38:65:1c:6d:d1:5f:25:ca:5f:f2:2f:1d:05:9c: 21:31:7d:e0:b0:db:d2:d1:08:9e:7b:82:dc:10:39:7d:8e:21: d1:34:aa:66:70:15:b9:c2:e5:75:cd:31:c8:28:22:c6:00:3f: 69:28:16:4b:06:41:18:2d:9f:65:2f:bb:60:0a:f3:e8:f8:56: 65:81:91:0c:47:b1:4f:3f:7a:0b:4b:15:f9:62:0f:a8:30:f6: 0c:6f:a1:7b:2c:fd:86:c7:60:b5:50:18:e8:66:74:61:04:dc: 44:0a:03:ad:8a:7d:a0:ce:a0:87:14:ee:09:18:d5:cc:0f:b1: c6:04:b4:1e:45:c6:85:37:c1:8f:9b:5a:6a:99:8a:58:ec:bf: 6c:45:62:23:b7:63:74:c2:1e:4d:9d:16:68:10:8d:0e:b5:57: f3:1c:0d:dc:36:b8:b1:07:f8:56:09:4e:ea:3c:71:9b:63:f0: 46:bd:92:30:c0:b5:5f:a6:a0:ec:6e:b4:94:06:95:63:fa:ee: 1d:60:80:6d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCNMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzRDAxMTAvBgNVBAUTKEM0RTRGMERBMDEwQUY1ODYzN0NDNTk2Mjg0NzFFOTk4 QjcyNDNDNTIwHhcNMjUwMzEyMjAxNDM1WhcNMjUwMzE5MjAxNDM1WjAYMRYwFAYD VQQDEw02N2QxZWIyYy04OWY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArMnqoCys4PT5YQVTS4ETp+JOL+wZIEeukL81kdG1zVvU+OzLfyYE2cEKNmHD N0DioLKG3567Oa38jQK8xXJYZjNwnc4XWXCHC0Z8/imhQVrRFeOs63oRTRVvD+pI e9F8L3cTm5rROOSU/kQDZ1PvXyBgjLzZtZ3v5VcDvFVPkcSrtSA9YdNmB5Waxn1+ hJDth5XmWFDL2EF2ByCia+MUbLBI4H/0jGQXJScsNY0PtjB/Qi6IjNjHSy/rxeLr XataskrHvoxTtCTAq4Jhnwa6JyQnzZMigrtZKDeusWyvjYeoZGkLu4q+GKFAjgk/ d81cociynOvCflC/MYJ3OT5m1wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNtvUPy4 HcEc6ek4lk3R0Hc86qNVMB8GA1UdIwQYMBaAFMTk8NoBCvWGN8xZYoRx6Zi3JDxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNEMC8wQTE2MjA4QUFG QkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZWTN6RmxpaEhIcG1MY2tQ RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hPVHcyZ0VLOVlZM3pGbGloSEhwbUxja1BGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODNEMC8wQTE2MjA4QUFGQkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZ WTN6RmxpaEhIcG1MY2tQRkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAfNFNLtEvqzHUN94aWVSbRgnjnpo3unmhTbZHJm9/u5ZQbe7wyk53J utjZX5TtSATYunTSRnXbMb4rOGUcbdFfJcpf8i8dBZwhMX3gsNvS0Qiee4LcEDl9 jiHRNKpmcBW5wuV1zTHIKCLGAD9pKBZLBkEYLZ9lL7tgCvPo+FZlgZEMR7FPP3oL SxX5Yg+oMPYMb6F7LP2Gx2C1UBjoZnRhBNxECgOtin2gzqCHFO4JGNXMD7HGBLQe RcaFN8GPm1pqmYpY7L9sRWIjt2N0wh5NnRZoEI0OtVfzHA3cNrixB/hWCU7qPHGb Y/BGvZIwwLVfpqDsbrSUBpVj+u4dYIBt -----END CERTIFICATE-----Generated at Thu Mar 13 21:28:13 2025 by rpki-client