$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8BE3/E6E6BE44BF9C11EF9DA88282C4F9AE02/b9CIejkD49bhe7nP2O8mknC6ywc.mft File: b9CIejkD49bhe7nP2O8mknC6ywc.mft (raw, json) Hash identifier: fmWPTXeuxJRzrR7jcWIQK+MMSnWwtipoOq5vriJGXEk= Subject key identifier: D3:33:1A:FB:D9:C9:42:D0:AE:2E:81:49:5C:C8:65:B6:C3:C6:BF:E9 Authority key identifier: 6F:D0:88:7A:39:03:E3:D6:E1:7B:B9:CF:D8:EF:26:92:70:BA:CB:07 Certificate issuer: /CN=A91E8BE3/serialNumber=6FD0887A3903E3D6E17BB9CFD8EF269270BACB07 Certificate serial: 26 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b9CIejkD49bhe7nP2O8mknC6ywc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8BE3/E6E6BE44BF9C11EF9DA88282C4F9AE02/b9CIejkD49bhe7nP2O8mknC6ywc.mft Manifest number: 21 Signing time: Wed 05 Feb 2025 06:21:48 +0000 Manifest this update: Wed 05 Feb 2025 06:21:48 +0000 Manifest next update: Wed 12 Feb 2025 06:21:48 +0000 Files and hashes: 1: b9CIejkD49bhe7nP2O8mknC6ywc.crl (hash: 4ydFdWr5z95/E1Au1edvh7LaI7UI/aUbEPTR01uwgRQ=) 2: 3139D35EBFA811EFA9B7DC2AC4F9AE02.roa (hash: gL/pv5Q4H259tRW/M/fWgTAynaK4mXLMVK09D4O3Mmw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8BE3/E6E6BE44BF9C11EF9DA88282C4F9AE02/b9CIejkD49bhe7nP2O8mknC6ywc.crl rsync://rpki.apnic.net/member_repository/A91E8BE3/E6E6BE44BF9C11EF9DA88282C4F9AE02/b9CIejkD49bhe7nP2O8mknC6ywc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b9CIejkD49bhe7nP2O8mknC6ywc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Feb 2025 06:21:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38 (0x26) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8BE3 Validity Not Before: Feb 5 06:21:48 2025 GMT Not After : Feb 12 06:21:48 2025 GMT Subject: CN=67a3037c-59f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:10:92:92:82:f2:6d:fe:bf:a6:6b:fd:6e:d0: f3:b2:30:d5:6c:4a:91:68:b3:f2:6f:a0:2f:3f:ab: 9a:d3:c0:57:02:c4:04:ab:31:91:92:42:f1:dd:7c: ed:26:a6:c3:52:12:17:92:2a:aa:fa:d1:58:a6:55: ab:e0:28:12:2a:1d:9d:3e:13:75:bd:69:74:e7:7c: 0c:6c:9a:39:51:dc:71:3b:1f:69:75:cc:d4:d4:ab: 0d:e8:62:d9:09:8c:7a:55:5e:b1:91:5f:bf:b5:7a: 85:86:a3:df:50:ce:22:37:46:79:f8:08:23:ca:b2: 52:14:43:e0:55:49:30:04:a0:2b:92:05:38:ef:75: 01:b9:eb:b2:74:be:00:5b:8e:7a:a9:76:28:19:2a: dc:a0:f3:dc:5d:98:dc:89:f8:7e:5c:d7:e9:cf:f7: 81:1c:73:34:ac:12:22:64:a7:95:05:36:44:24:82: f2:ba:cd:34:08:7d:ec:a4:d0:4e:03:8f:ef:5e:c6: 29:d5:c5:d1:8e:e9:64:07:b3:b5:48:c6:fd:0b:4d: cf:73:83:d2:8a:9e:c0:d4:95:9a:d7:ce:95:10:d3: 33:f3:3f:33:2a:21:b4:2a:7a:c7:4d:90:f6:35:b6: 9c:92:66:84:aa:2e:5f:57:aa:7c:b7:45:10:ba:f2: 62:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:33:1A:FB:D9:C9:42:D0:AE:2E:81:49:5C:C8:65:B6:C3:C6:BF:E9 X509v3 Authority Key Identifier: keyid:6F:D0:88:7A:39:03:E3:D6:E1:7B:B9:CF:D8:EF:26:92:70:BA:CB:07 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8BE3/E6E6BE44BF9C11EF9DA88282C4F9AE02/b9CIejkD49bhe7nP2O8mknC6ywc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/b9CIejkD49bhe7nP2O8mknC6ywc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8BE3/E6E6BE44BF9C11EF9DA88282C4F9AE02/b9CIejkD49bhe7nP2O8mknC6ywc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:ce:c3:24:c7:37:77:6f:ad:ff:aa:2b:d6:ec:07:7c:d2:11: 45:5d:d1:68:75:c5:56:8f:a0:24:d2:49:0d:53:d6:22:ba:fd: 19:fa:06:cd:30:24:99:20:fe:df:14:9e:d1:0b:66:b6:5b:08: a2:5b:c9:ef:12:e7:e8:e8:c0:70:b9:6f:b0:4a:1d:87:c0:e1: f8:6b:d0:0c:61:55:7b:d8:4b:61:64:24:33:f0:15:47:41:df: b0:f3:15:f7:2f:1a:ec:1e:91:d8:c5:01:47:0e:69:23:2f:69: aa:c4:ad:44:40:39:12:b2:57:ad:d6:91:40:26:82:31:77:8a: 49:7c:45:29:e5:a5:3e:81:9a:75:06:a6:67:7b:64:c1:46:e3: 24:2b:0a:08:1f:5d:de:c1:67:f3:3c:46:6e:4c:39:38:85:cf: e6:bb:8a:dd:71:f6:8d:61:e3:dd:f7:8a:80:be:82:8d:c2:3b: cf:90:ba:e3:61:d3:e0:3f:2f:7e:3a:f5:26:19:72:6f:0a:6f: e6:c1:e8:48:e0:43:ff:7a:16:5d:5c:3a:02:2a:1f:b0:59:6c: e9:b5:4d:4d:63:d4:6a:a8:64:58:60:8b:7b:cb:c9:5f:4e:31: 61:ca:01:4c:cb:36:ce:06:38:8d:67:0d:99:1a:9e:56:e2:74: b1:82:de:32 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF OEJFMzExMC8GA1UEBRMoNkZEMDg4N0EzOTAzRTNENkUxN0JCOUNGRDhFRjI2OTI3 MEJBQ0IwNzAeFw0yNTAyMDUwNjIxNDhaFw0yNTAyMTIwNjIxNDhaMBgxFjAUBgNV BAMTDTY3YTMwMzdjLTU5ZjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCmEJKSgvJt/r+ma/1u0POyMNVsSpFos/JvoC8/q5rTwFcCxASrMZGSQvHdfO0m psNSEheSKqr60VimVavgKBIqHZ0+E3W9aXTnfAxsmjlR3HE7H2l1zNTUqw3oYtkJ jHpVXrGRX7+1eoWGo99QziI3Rnn4CCPKslIUQ+BVSTAEoCuSBTjvdQG567J0vgBb jnqpdigZKtyg89xdmNyJ+H5c1+nP94EcczSsEiJkp5UFNkQkgvK6zTQIfeyk0E4D j+9exinVxdGO6WQHs7VIxv0LTc9zg9KKnsDUlZrXzpUQ0zPzPzMqIbQqesdNkPY1 tpySZoSqLl9Xqny3RRC68mK1AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU0zMa+9nJ QtCuLoFJXMhltsPGv+kwHwYDVR0jBBgwFoAUb9CIejkD49bhe7nP2O8mknC6ywcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4QkUzL0U2RTZCRTQ0QkY5 QzExRUY5REE4ODI4MkM0RjlBRTAyL2I5Q0llamtENDliaGU3blAyTzhta25DNnl3 Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvYjlDSWVqa0Q0OWJoZTduUDJPOG1rbkM2eXdjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4 QkUzL0U2RTZCRTQ0QkY5QzExRUY5REE4ODI4MkM0RjlBRTAyL2I5Q0llamtENDli aGU3blAyTzhta25DNnl3Yy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABzOwyTHN3dvrf+qK9bsB3zSEUVd0Wh1xVaPoCTSSQ1T1iK6/Rn6Bs0w JJkg/t8UntELZrZbCKJbye8S5+jowHC5b7BKHYfA4fhr0AxhVXvYS2FkJDPwFUdB 37DzFfcvGuwekdjFAUcOaSMvaarErURAORKyV63WkUAmgjF3ikl8RSnlpT6BmnUG pmd7ZMFG4yQrCggfXd7BZ/M8Rm5MOTiFz+a7it1x9o1h4933ioC+go3CO8+QuuNh 0+A/L3469SYZcm8Kb+bB6EjgQ/96Fl1cOgIqH7BZbOm1TU1j1GqoZFhgi3vLyV9O MWHKAUzLNs4GOI1nDZkanlbidLGC3jI= -----END CERTIFICATE-----Generated at Wed Feb 5 19:08:40 2025 by rpki-client