$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft File: IsfsPNntTFDolKEbzXDQMQzV-Fk.mft (raw, json) Hash identifier: NmeSuDLHErHDgXLLuC6HWmC2Y9wWQ2tRr5IAt2UsXDo= Subject key identifier: DC:1B:B3:45:48:92:71:CD:BB:A5:83:2D:1A:7D:29:C0:57:BC:EF:8A Authority key identifier: 22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59 Certificate issuer: /CN=A91EC225/serialNumber=22C7EC3CD9ED4C50E894A11BCD70D0310CD5F859 Certificate serial: 1C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft Manifest number: 1B Signing time: Tue 04 Feb 2025 17:34:58 +0000 Manifest this update: Tue 04 Feb 2025 17:34:57 +0000 Manifest next update: Tue 11 Feb 2025 17:34:57 +0000 Files and hashes: 1: IsfsPNntTFDolKEbzXDQMQzV-Fk.crl (hash: SKWjsubTXNz77DVMuSUylstdYTiTwtS/jBkbK0JYJyM=) 2: 25D2B94CDECD11EFA79E4065C4F9AE02.roa (hash: AoCtdlkJJmrM0z3AC3jCQKm47jbQAWLBDnBBfT5EtYM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Feb 2025 17:34:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28 (0x1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EC225 Validity Not Before: Feb 4 17:34:57 2025 GMT Not After : Feb 11 17:34:57 2025 GMT Subject: CN=67a24fc2-fcd1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:23:32:0d:14:65:5a:bd:66:0b:c9:2d:0b:49: b7:28:91:75:f1:fd:4b:6a:7c:2b:e2:7c:64:9e:8d: 4d:c0:c5:7f:51:94:a1:88:ab:c5:7e:94:6c:02:26: 00:d7:9c:06:bd:14:cc:a0:39:8a:31:b4:b3:f8:1f: ce:8f:ff:1f:f4:89:8e:be:2e:f0:41:b2:d3:61:ce: 62:f9:b3:0f:20:0f:d5:c1:6d:f9:7b:e6:ef:cc:db: 41:2d:f8:01:28:73:b1:91:11:81:b3:68:14:c7:97: 29:fa:14:d0:74:39:ee:28:41:d5:76:0a:63:2c:e7: af:18:01:0a:ee:a6:6d:b2:fc:05:be:fe:3e:ec:7a: 42:23:0b:de:bd:a2:42:1d:95:58:21:0e:a6:33:ca: 5c:7f:f6:db:e0:36:81:2a:99:87:47:14:a5:85:ce: 33:fc:ed:4a:78:34:81:35:9a:22:a6:73:26:8e:0a: 53:d6:a0:44:c9:67:f8:5e:73:9d:1a:f9:18:8f:7f: 07:a7:5c:64:fa:ed:1c:76:d4:60:7d:a1:2b:f7:1e: 36:86:b7:80:63:f3:70:0e:54:ea:af:e6:aa:bf:ef: de:0b:34:69:65:4e:0c:0a:3a:fd:d1:68:25:41:ad: 94:66:49:26:62:d3:85:8c:41:b3:16:7b:9b:4a:5f: 7b:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:1B:B3:45:48:92:71:CD:BB:A5:83:2D:1A:7D:29:C0:57:BC:EF:8A X509v3 Authority Key Identifier: keyid:22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ca:24:66:e7:18:82:b3:ef:f0:94:d1:ed:5c:e6:91:7b:4c:42: 78:94:ab:8a:94:88:f5:2c:f1:84:10:aa:92:e7:2a:de:0f:5e: 3a:2a:23:ed:0c:6c:70:a9:11:59:81:1a:6b:f4:87:bb:b6:0c: 1f:d0:d2:2c:85:a8:34:34:f9:96:37:c7:6e:4e:3d:38:13:c7: ed:93:8b:23:ad:2a:48:25:c9:fa:b1:fb:6a:31:10:b2:b6:51: f4:bf:1e:71:55:2a:49:66:7a:60:a8:11:63:a8:15:11:3d:12: 8b:b4:57:72:cc:07:87:14:76:d0:ba:c2:5f:e6:36:05:69:c8: 19:9c:0b:8f:00:b5:56:79:f6:c5:34:45:62:b9:70:58:8d:c9: 30:93:5c:ca:6a:b3:b7:6c:8a:49:f4:af:49:fd:c2:92:84:c0: ec:11:d0:91:ef:bd:a6:33:55:e8:a2:75:62:c0:54:6c:5c:7a: 94:5a:4a:45:f2:01:b2:6b:2c:dc:4a:f9:66:23:6f:c5:b9:b7: ac:01:87:0e:a5:93:f7:63:ce:e8:6d:77:ca:a1:f4:a1:92:f0: 73:22:50:89:bd:c8:8b:0b:9b:0b:62:b3:42:ca:e3:6e:4a:b6: 6b:55:18:5a:23:51:75:5c:1b:81:2f:22:e9:60:a2:3d:2f:73: 72:51:54:97 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QzIyNTExMC8GA1UEBRMoMjJDN0VDM0NEOUVENEM1MEU4OTRBMTFCQ0Q3MEQwMzEw Q0Q1Rjg1OTAeFw0yNTAyMDQxNzM0NTdaFw0yNTAyMTExNzM0NTdaMBgxFjAUBgNV BAMTDTY3YTI0ZmMyLWZjZDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCcIzINFGVavWYLyS0LSbcokXXx/UtqfCvifGSejU3AxX9RlKGIq8V+lGwCJgDX nAa9FMygOYoxtLP4H86P/x/0iY6+LvBBstNhzmL5sw8gD9XBbfl75u/M20Et+AEo c7GREYGzaBTHlyn6FNB0Oe4oQdV2CmMs568YAQrupm2y/AW+/j7sekIjC969okId lVghDqYzylx/9tvgNoEqmYdHFKWFzjP87Up4NIE1miKmcyaOClPWoETJZ/hec50a +RiPfwenXGT67Rx21GB9oSv3HjaGt4Bj83AOVOqv5qq/794LNGllTgwKOv3RaCVB rZRmSSZi04WMQbMWe5tKX3sTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU3BuzRUiS cc27pYMtGn0pwFe874owHwYDVR0jBBgwFoAUIsfsPNntTFDolKEbzXDQMQzV+Fkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVDMjI1L0M5NDQ3RkYwQkVG OTExRUZCQ0Y2ODk0NEM0RjlBRTAyL0lzZnNQTm50VEZEb2xLRWJ6WERRTVF6Vi1G ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSXNmc1BObnRURkRvbEtFYnpYRFFNUXpWLUZrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVD MjI1L0M5NDQ3RkYwQkVGOTExRUZCQ0Y2ODk0NEM0RjlBRTAyL0lzZnNQTm50VEZE b2xLRWJ6WERRTVF6Vi1Gay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMokZucYgrPv8JTR7VzmkXtMQniUq4qUiPUs8YQQqpLnKt4PXjoqI+0M bHCpEVmBGmv0h7u2DB/Q0iyFqDQ0+ZY3x25OPTgTx+2TiyOtKkglyfqx+2oxELK2 UfS/HnFVKklmemCoEWOoFRE9Eou0V3LMB4cUdtC6wl/mNgVpyBmcC48AtVZ59sU0 RWK5cFiNyTCTXMpqs7dsikn0r0n9wpKEwOwR0JHvvaYzVeiidWLAVGxcepRaSkXy AbJrLNxK+WYjb8W5t6wBhw6lk/djzuhtd8qh9KGS8HMiUIm9yIsLmwtis0LK425K tmtVGFojUXVcG4EvIulgoj0vc3JRVJc= -----END CERTIFICATE-----Generated at Wed Feb 5 19:52:37 2025 by rpki-client