$ rpki-client -vvf rpki.apnic.net/member_repository/A91E39B4/1EE1829E3DA111EA8B67E94FC4F9AE02/l7PdKrPIm8iiu8HbgDvOaOqlqhI.mft File: l7PdKrPIm8iiu8HbgDvOaOqlqhI.mft (raw, json) Hash identifier: ySP9LtED6AAAJdR2SwBwyEa4BKKxHu5E+solzth6NkA= Subject key identifier: 3B:58:05:88:FD:04:64:9A:DB:51:EC:D9:03:C8:1B:73:22:D8:17:7F Authority key identifier: 97:B3:DD:2A:B3:C8:9B:C8:A2:BB:C1:DB:80:3B:CE:68:EA:A5:AA:12 Certificate issuer: /CN=A91E39B4/serialNumber=97B3DD2AB3C89BC8A2BBC1DB803BCE68EAA5AA12 Certificate serial: 0B18 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l7PdKrPIm8iiu8HbgDvOaOqlqhI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E39B4/1EE1829E3DA111EA8B67E94FC4F9AE02/l7PdKrPIm8iiu8HbgDvOaOqlqhI.mft Manifest number: 0B04 Signing time: Wed 12 Mar 2025 19:04:51 +0000 Manifest this update: Wed 12 Mar 2025 19:04:50 +0000 Manifest next update: Wed 19 Mar 2025 19:04:50 +0000 Files and hashes: 1: l7PdKrPIm8iiu8HbgDvOaOqlqhI.crl (hash: VmOHrk3BkOFzqZj20OPPKyOLsWmWWpdXyxW35aM5ukM=) 2: 46F57CF8137B11EBA3B47E37C4F9AE02.roa (hash: 2qnnF6MVOAPWKTwVx6xcANvt7+ipRsuxDi1zcVsoM90=) 3: D968823E3DA111EA9A3FD550C4F9AE02.roa (hash: LHN9DyWzlGRcwkpXqFqZ90XaKLujDGwCFAysXhBXguc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E39B4/1EE1829E3DA111EA8B67E94FC4F9AE02/l7PdKrPIm8iiu8HbgDvOaOqlqhI.crl rsync://rpki.apnic.net/member_repository/A91E39B4/1EE1829E3DA111EA8B67E94FC4F9AE02/l7PdKrPIm8iiu8HbgDvOaOqlqhI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l7PdKrPIm8iiu8HbgDvOaOqlqhI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Mar 2025 19:04:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2840 (0xb18) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E39B4 Validity Not Before: Mar 12 19:04:50 2025 GMT Not After : Mar 19 19:04:50 2025 GMT Subject: CN=67d1dad3-691a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:71:a3:e6:38:6d:e8:dc:15:19:13:ee:c3:a4: 4e:e1:3a:15:c3:fb:fa:86:83:40:99:36:ba:27:a2: e0:83:1a:7b:1d:ea:fc:3d:32:13:0a:c5:aa:4a:08: 65:a0:04:b6:1f:d5:64:ac:7c:59:36:d4:ee:5a:35: 52:c3:12:37:24:44:e9:19:db:83:3c:d2:19:ee:ad: 29:54:5a:1c:d5:7d:ad:ae:ff:27:4e:23:45:2f:83: 03:b8:55:da:8d:20:70:6e:32:a2:02:ab:0e:f8:21: 21:1f:c3:5e:93:df:91:73:bc:24:76:0c:c3:0d:87: 0c:19:a3:43:55:66:06:6a:3d:df:eb:7c:62:35:35: ae:6f:af:ce:85:db:54:25:a4:5b:20:72:a5:ff:50: a9:c3:fe:aa:9c:4a:b1:8f:c2:84:2d:3f:1e:1c:35: ba:ab:99:0f:17:ae:f8:30:b0:0e:32:02:bc:16:b6: 33:46:ee:ff:2d:6a:46:42:79:56:f6:58:7b:8d:35: 7e:19:8f:a4:5c:13:c7:94:26:0a:ec:0d:3a:42:c8: 10:02:91:f8:ff:37:c8:d1:e2:65:5e:98:17:37:84: 5e:11:ad:0e:49:3d:ee:a4:df:3d:e5:5c:c7:cf:c6: 15:dd:a2:76:9d:66:ae:35:47:27:2f:b9:82:96:79: e2:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:58:05:88:FD:04:64:9A:DB:51:EC:D9:03:C8:1B:73:22:D8:17:7F X509v3 Authority Key Identifier: keyid:97:B3:DD:2A:B3:C8:9B:C8:A2:BB:C1:DB:80:3B:CE:68:EA:A5:AA:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E39B4/1EE1829E3DA111EA8B67E94FC4F9AE02/l7PdKrPIm8iiu8HbgDvOaOqlqhI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l7PdKrPIm8iiu8HbgDvOaOqlqhI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E39B4/1EE1829E3DA111EA8B67E94FC4F9AE02/l7PdKrPIm8iiu8HbgDvOaOqlqhI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:05:7f:3a:5a:e2:e3:d8:6f:66:3c:20:15:26:14:ec:e0:0b: 4f:fa:30:58:e0:72:e1:6a:d5:57:26:1e:f3:f0:1c:bd:5b:75: cc:e8:1a:19:9b:2a:fc:70:da:41:12:e1:a7:c0:f4:c0:39:6b: 00:81:2d:b9:e8:c8:32:5e:d2:6e:ae:4f:d5:62:46:13:74:6d: f5:fc:b8:22:71:24:1c:1a:ed:ed:e6:89:f8:28:3d:09:e7:71: f3:84:cc:15:44:2d:0f:5d:2c:7d:a7:09:f2:f7:a3:f0:52:52: 89:66:0a:79:46:f0:79:91:bc:5f:e0:1b:a2:2f:47:b2:64:78: aa:9c:6f:48:59:f9:f7:b3:b2:15:21:66:d9:8a:13:3a:1c:13: f8:4d:29:dd:a0:cc:2c:b0:02:55:78:d9:b3:42:39:84:f2:f8: f3:e2:17:be:3c:23:42:09:dc:25:56:27:56:af:c4:5c:f6:62: 9f:d1:9b:84:0b:56:b8:a8:93:15:5d:e0:83:0a:57:34:3e:f3: 48:8d:9d:e4:cc:33:87:19:c5:7e:3d:78:e8:ec:92:5c:65:5e: 29:c6:5e:fa:b3:36:d2:ee:6e:b9:67:34:b3:74:22:0b:ba:0b: 69:04:e7:8f:20:77:d3:0c:f7:ce:db:b5:dc:e9:73:9a:a8:23: f5:73:58:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCxgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTM5QjQxMTAvBgNVBAUTKDk3QjNERDJBQjNDODlCQzhBMkJCQzFEQjgwM0JDRTY4 RUFBNUFBMTIwHhcNMjUwMzEyMTkwNDUwWhcNMjUwMzE5MTkwNDUwWjAYMRYwFAYD VQQDEw02N2QxZGFkMy02OTFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5XGj5jht6NwVGRPuw6RO4ToVw/v6hoNAmTa6J6Lggxp7Her8PTITCsWqSghl oAS2H9VkrHxZNtTuWjVSwxI3JETpGduDPNIZ7q0pVFoc1X2trv8nTiNFL4MDuFXa jSBwbjKiAqsO+CEhH8Nek9+Rc7wkdgzDDYcMGaNDVWYGaj3f63xiNTWub6/OhdtU JaRbIHKl/1Cpw/6qnEqxj8KELT8eHDW6q5kPF674MLAOMgK8FrYzRu7/LWpGQnlW 9lh7jTV+GY+kXBPHlCYK7A06QsgQApH4/zfI0eJlXpgXN4ReEa0OST3upN895VzH z8YV3aJ2nWauNUcnL7mClnniiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDtYBYj9 BGSa21Hs2QPIG3Mi2Bd/MB8GA1UdIwQYMBaAFJez3SqzyJvIorvB24A7zmjqpaoS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMzlCNC8xRUUxODI5RTNE QTExMUVBOEI2N0U5NEZDNEY5QUUwMi9sN1BkS3JQSW04aWl1OEhiZ0R2T2FPcWxx aEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2w3UGRLclBJbThpaXU4SGJnRHZPYU9xbHFoSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MzlCNC8xRUUxODI5RTNEQTExMUVBOEI2N0U5NEZDNEY5QUUwMi9sN1BkS3JQSW04 aWl1OEhiZ0R2T2FPcWxxaEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCgBX86WuLj2G9mPCAVJhTs4AtP+jBY4HLhatVXJh7z8By9W3XM6BoZ myr8cNpBEuGnwPTAOWsAgS256MgyXtJurk/VYkYTdG31/LgicSQcGu3t5on4KD0J 53HzhMwVRC0PXSx9pwny96PwUlKJZgp5RvB5kbxf4BuiL0eyZHiqnG9IWfn3s7IV IWbZihM6HBP4TSndoMwssAJVeNmzQjmE8vjz4he+PCNCCdwlVidWr8Rc9mKf0ZuE C1a4qJMVXeCDClc0PvNIjZ3kzDOHGcV+PXjo7JJcZV4pxl76szbS7m65ZzSzdCIL ugtpBOePIHfTDPfO27Xc6XOaqCP1c1gH -----END CERTIFICATE-----Generated at Thu Mar 13 21:29:18 2025 by rpki-client