$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC068/D77B9D66D5C411EE89C1970DC4F9AE02/ixqAZb6Iqmwbo_7bVOCH59KttN4.mft File: ixqAZb6Iqmwbo_7bVOCH59KttN4.mft (raw, json) Hash identifier: o1qi+OQSPxIFNTwyQmfmBK3ygc05Bpwt1FTXx64J3Yw= Subject key identifier: BB:01:A8:49:3C:01:81:E6:FA:89:6A:1C:30:B8:E5:68:F2:97:47:D2 Authority key identifier: 8B:1A:80:65:BE:88:AA:6C:1B:A3:FE:DB:54:E0:87:E7:D2:AD:B4:DE Certificate issuer: /CN=A91DC068/serialNumber=8B1A8065BE88AA6C1BA3FEDB54E087E7D2ADB4DE Certificate serial: C5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ixqAZb6Iqmwbo_7bVOCH59KttN4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC068/D77B9D66D5C411EE89C1970DC4F9AE02/ixqAZb6Iqmwbo_7bVOCH59KttN4.mft Manifest number: C3 Signing time: Thu 13 Mar 2025 03:57:09 +0000 Manifest this update: Thu 13 Mar 2025 03:57:08 +0000 Manifest next update: Thu 20 Mar 2025 03:57:08 +0000 Files and hashes: 1: ixqAZb6Iqmwbo_7bVOCH59KttN4.crl (hash: Nihzy32QmCk/L1w/OIB9Wced2KsvM9HTsLc0Ldldz7U=) 2: 4DDA8A18D5DD11EEA5B1C711C4F9AE02.roa (hash: 7NF0a7gVZb8HkKVv5D+iUAVQYzeaU/GvlIm5srrDqhc=) 3: 4D69D2D2D5DD11EEA5B1C711C4F9AE02.roa (hash: iquf1jLmI/5hIALZdOdH20RZr48fjxEqckCcFT9dYVA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC068/D77B9D66D5C411EE89C1970DC4F9AE02/ixqAZb6Iqmwbo_7bVOCH59KttN4.crl rsync://rpki.apnic.net/member_repository/A91DC068/D77B9D66D5C411EE89C1970DC4F9AE02/ixqAZb6Iqmwbo_7bVOCH59KttN4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ixqAZb6Iqmwbo_7bVOCH59KttN4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Mar 2025 03:57:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 197 (0xc5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC068 Validity Not Before: Mar 13 03:57:08 2025 GMT Not After : Mar 20 03:57:08 2025 GMT Subject: CN=67d25794-ef90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:70:35:51:4d:9d:05:d1:9b:d0:56:29:a8:3f: a9:7d:3f:a6:ad:c7:fa:ae:c9:d2:b0:9b:d3:71:23: b5:c0:ca:b6:be:87:f0:5b:57:7f:12:5b:82:c9:3b: d0:a6:bd:a6:94:0b:36:8c:bf:25:37:a5:a6:c1:38: 62:db:53:22:19:5c:7d:9a:4a:19:3a:b0:69:17:60: bb:3d:92:5a:7e:2b:a7:ce:e3:0f:df:29:47:47:3a: 51:75:9a:93:11:54:10:de:26:8d:d8:c1:74:81:c3: 3a:6e:2e:2f:01:8a:2e:4e:b6:5e:f3:57:60:ce:f1: 74:bc:ed:39:7c:72:8e:19:e6:0c:79:3b:8d:d9:63: 7c:8e:32:a5:0c:72:68:04:71:56:e6:6d:de:7d:10: 56:70:eb:dd:09:b0:2e:ee:fc:35:bb:ed:e1:94:4a: bf:fa:6a:70:fe:0c:ee:2b:7f:f2:47:0c:28:74:ce: fe:49:19:8c:77:dd:05:54:4c:ea:5e:27:2e:84:c8: b9:e4:b4:35:51:bd:6e:0b:d1:c7:22:7f:97:fc:30: 1e:e9:bf:f7:c4:fd:93:91:47:63:85:52:bf:60:4a: c5:cb:d3:96:33:a5:e4:32:0e:f4:31:77:cc:70:a2: fa:ad:99:aa:86:3c:db:35:58:cd:86:1f:5b:aa:80: c0:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:01:A8:49:3C:01:81:E6:FA:89:6A:1C:30:B8:E5:68:F2:97:47:D2 X509v3 Authority Key Identifier: keyid:8B:1A:80:65:BE:88:AA:6C:1B:A3:FE:DB:54:E0:87:E7:D2:AD:B4:DE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC068/D77B9D66D5C411EE89C1970DC4F9AE02/ixqAZb6Iqmwbo_7bVOCH59KttN4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ixqAZb6Iqmwbo_7bVOCH59KttN4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC068/D77B9D66D5C411EE89C1970DC4F9AE02/ixqAZb6Iqmwbo_7bVOCH59KttN4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:cf:65:25:87:af:d0:2c:30:81:ac:67:0f:c3:c1:5b:d9:af: 18:5e:e0:76:f3:f1:94:a2:d8:c0:c2:4f:ae:a4:18:b0:13:24: 98:07:72:88:9e:8d:3c:d5:5c:ab:25:3a:74:ce:8c:d9:b9:7a: 8f:32:b3:0f:a8:7e:83:e1:3b:26:a1:ca:73:9a:bd:8a:3f:bd: 15:b0:1e:65:13:b0:ea:d9:b9:28:a2:f4:5c:6f:42:2a:95:4f: 57:12:7f:16:5d:d4:47:ba:90:95:ba:2a:03:aa:b7:7d:87:43: 31:78:85:b0:32:20:13:5a:62:b5:d7:0b:fa:38:da:a5:13:cf: fe:0a:d8:9a:50:9a:48:6f:02:78:6d:12:25:bc:28:8f:da:a0: 99:0b:83:fc:76:8d:3e:d6:e9:2c:c9:3c:78:ea:97:ac:2d:4c: d0:ad:96:b2:fa:0b:f2:be:81:8f:34:f7:ba:b8:00:36:b8:a2: 48:e8:ff:64:7c:65:12:9d:f0:e3:0a:5a:6c:83:23:dd:86:8c: e3:e8:41:26:8a:29:11:e3:90:06:20:55:f4:ee:33:a4:b0:52: 81:33:a0:47:43:45:37:d8:2a:9f:5b:99:51:d6:92:e8:b0:0b: 8d:20:ce:d8:36:28:50:f8:23:09:2a:ce:35:23:99:99:6c:ca: be:9f:b8:31 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REMwNjgxMTAvBgNVBAUTKDhCMUE4MDY1QkU4OEFBNkMxQkEzRkVEQjU0RTA4N0U3 RDJBREI0REUwHhcNMjUwMzEzMDM1NzA4WhcNMjUwMzIwMDM1NzA4WjAYMRYwFAYD VQQDEw02N2QyNTc5NC1lZjkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3nA1UU2dBdGb0FYpqD+pfT+mrcf6rsnSsJvTcSO1wMq2vofwW1d/EluCyTvQ pr2mlAs2jL8lN6WmwThi21MiGVx9mkoZOrBpF2C7PZJafiunzuMP3ylHRzpRdZqT EVQQ3iaN2MF0gcM6bi4vAYouTrZe81dgzvF0vO05fHKOGeYMeTuN2WN8jjKlDHJo BHFW5m3efRBWcOvdCbAu7vw1u+3hlEq/+mpw/gzuK3/yRwwodM7+SRmMd90FVEzq XicuhMi55LQ1Ub1uC9HHIn+X/DAe6b/3xP2TkUdjhVK/YErFy9OWM6XkMg70MXfM cKL6rZmqhjzbNVjNhh9bqoDA8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLsBqEk8 AYHm+olqHDC45Wjyl0fSMB8GA1UdIwQYMBaAFIsagGW+iKpsG6P+21Tgh+fSrbTe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzA2OC9ENzdCOUQ2NkQ1 QzQxMUVFODlDMTk3MERDNEY5QUUwMi9peHFBWmI2SXFtd2JvXzdiVk9DSDU5S3R0 TjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2l4cUFaYjZJcW13Ym9fN2JWT0NINTlLdHRONC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzA2OC9ENzdCOUQ2NkQ1QzQxMUVFODlDMTk3MERDNEY5QUUwMi9peHFBWmI2SXFt d2JvXzdiVk9DSDU5S3R0TjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBAz2Ulh6/QLDCBrGcPw8Fb2a8YXuB28/GUotjAwk+upBiwEySYB3KI no081VyrJTp0zozZuXqPMrMPqH6D4Tsmocpzmr2KP70VsB5lE7Dq2bkoovRcb0Iq lU9XEn8WXdRHupCVuioDqrd9h0MxeIWwMiATWmK11wv6ONqlE8/+CtiaUJpIbwJ4 bRIlvCiP2qCZC4P8do0+1uksyTx46pesLUzQrZay+gvyvoGPNPe6uAA2uKJI6P9k fGUSnfDjClpsgyPdhozj6EEmiikR45AGIFX07jOksFKBM6BHQ0U32CqfW5lR1pLo sAuNIM7YNihQ+CMJKs41I5mZbMq+n7gx -----END CERTIFICATE-----Generated at Thu Mar 13 21:31:43 2025 by rpki-client