$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft File: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft (raw, json) Hash identifier: 8qvKBN3/tVXsF7B6LAmwZIeOUif+Vf9/QvWt/aMs2JA= Subject key identifier: FA:69:DA:DC:F2:27:5A:7B:C3:D9:69:DF:9F:D2:C1:C7:D0:DB:24:76 Authority key identifier: AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 Certificate issuer: /CN=A91F3F02/serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661 Certificate serial: 0F86 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft Manifest number: 0F57 Signing time: Wed 12 Mar 2025 17:30:08 +0000 Manifest this update: Wed 12 Mar 2025 17:30:08 +0000 Manifest next update: Wed 19 Mar 2025 17:30:08 +0000 Files and hashes: 1: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl (hash: ZS2Bpaof63RMqsLU/jhCJpSgt1QIFDytVITNcvfgtXA=) 2: 4BF23558026D11EBB136622CC4F9AE02.roa (hash: dSSI9SuJi0kxWDguXGuvNHYcVsK2PtNwvDQAV3GyLYI=) 3: B3876B1821C911EB991D562EC4F9AE02.roa (hash: uBn0Hxz91FaVyD43QnMkuJqRyt7MMlvjQXxOWdloNks=) 4: B2B2930C21C911EB991D562EC4F9AE02.roa (hash: Qy0DDR285MRVUCU2wSq2l1CDAExHpBwuWLjgKYsgDgk=) 5: 8663E8B6658A11E9930DC678C4F9AE02.roa (hash: nnsGbqSAK23dzd+NhzAKnl4RNtdUbFKnIUPab2S+fr0=) 6: F98DEF9A231F11EB99F53580C4F9AE02.roa (hash: 5v8ULnLB7hAe2Fg8TDMfEBDhvjvsx+AYmHjpRnzhKsw=) 7: E049FDF87A4511EBBB2D0A52C4F9AE02.roa (hash: 01USCsNqqndn4P4yTkoqoN05MdA4R11oCs3iWFycohA=) 8: B490CD0621C911EB991D562EC4F9AE02.roa (hash: Juh4AVBFoxym4U719T7P+CRblg1s/scR/hB7gB0qaXY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 19 Mar 2025 17:30:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3974 (0xf86) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3F02 Validity Not Before: Mar 12 17:30:08 2025 GMT Not After : Mar 19 17:30:08 2025 GMT Subject: CN=67d1c4a0-377f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:14:ca:d3:45:ed:7f:8a:e4:a8:63:27:14:a2: ce:9a:c4:73:c5:d0:f3:13:64:b7:ce:04:c5:b0:7f: 33:93:dc:aa:0a:ca:ca:37:f6:ae:1d:62:d8:aa:9f: fe:13:9d:76:6d:3d:1f:68:0f:62:a4:71:be:cf:5e: 06:af:33:63:f8:02:99:3e:03:80:7f:87:77:4f:b3: 61:f8:53:44:c4:3b:6c:7d:3b:18:cf:97:4c:e3:73: f2:b6:a0:43:00:85:92:3c:e7:43:28:30:57:26:e4: 4b:a2:61:3f:b9:2b:f5:90:31:0b:2a:e8:fe:b9:b1: 18:a8:e2:4a:f2:6b:30:e1:9a:5a:9f:11:77:55:40: d4:86:c7:4f:4b:e4:b4:c5:84:88:dd:ba:75:64:89: 87:ab:86:12:6a:ef:9f:54:46:9f:05:39:6c:fb:b9: 6d:16:eb:87:c6:6d:09:3e:91:ea:37:59:0e:cb:4f: f3:9d:e6:bd:43:70:2a:7c:3b:25:2e:41:fc:e1:3d: 00:a5:e8:fd:21:52:eb:13:a7:6a:c6:0f:ed:3d:20: 2c:c2:2d:a4:4f:db:6d:fb:15:ff:9d:49:b9:7a:ce: 65:49:70:08:3e:6a:e8:80:34:5a:ed:88:4e:29:de: 81:3a:cb:a8:cd:e4:cd:23:fa:61:2a:8c:d8:d1:c3: 5f:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:69:DA:DC:F2:27:5A:7B:C3:D9:69:DF:9F:D2:C1:C7:D0:DB:24:76 X509v3 Authority Key Identifier: keyid:AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:d6:e4:29:6c:6d:5e:5c:7c:08:78:64:92:c5:f7:1f:82:58: 69:85:25:c2:83:da:4f:0c:73:a4:75:6e:a2:2d:8a:a2:97:47: 99:e4:bf:02:e6:60:3b:cd:35:eb:aa:1a:64:5a:c1:41:8b:ff: d6:ec:a1:b1:5d:8a:6b:2e:15:f5:d1:85:94:52:37:ca:af:ba: 9d:b2:f5:75:25:25:f7:36:86:f2:ac:a4:8f:9f:ec:17:96:d5: db:49:7e:50:64:dc:e1:ec:a3:d7:38:60:f0:7a:d5:ed:cc:18: c2:e9:6b:93:ff:09:e2:bb:ed:d5:eb:09:d5:1a:35:21:10:c4: df:6c:32:dd:b8:33:30:24:24:f6:0e:f6:35:9d:f2:bb:6f:5a: 68:aa:40:d5:cf:23:36:f4:be:c2:c5:44:2e:2c:5d:7d:32:5f: 8c:f6:1a:ad:a9:67:71:89:6d:87:f3:74:bc:a6:db:ee:8a:87: 73:6a:15:94:67:2c:66:34:7b:40:16:94:08:13:c1:37:75:c1: db:08:43:53:06:13:ab:13:5f:a2:3c:ab:b8:4e:2a:1a:27:07: bd:f0:47:1e:4f:2f:5b:0d:4b:25:85:73:fb:5e:1a:a4:bd:a9: e2:9b:74:fe:98:76:91:f2:64:f8:88:a8:e9:0e:39:40:33:fb: b3:e4:0b:6c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD4YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjNGMDIxMTAvBgNVBAUTKEFGNDQ3ODA4MTNCQjZDMDVFOTk3NTQ1QjA4RDM3OTM2 RkZBQzQ2NjEwHhcNMjUwMzEyMTczMDA4WhcNMjUwMzE5MTczMDA4WjAYMRYwFAYD VQQDEw02N2QxYzRhMC0zNzdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzxTK00Xtf4rkqGMnFKLOmsRzxdDzE2S3zgTFsH8zk9yqCsrKN/auHWLYqp/+ E512bT0faA9ipHG+z14GrzNj+AKZPgOAf4d3T7Nh+FNExDtsfTsYz5dM43PytqBD AIWSPOdDKDBXJuRLomE/uSv1kDELKuj+ubEYqOJK8msw4ZpanxF3VUDUhsdPS+S0 xYSI3bp1ZImHq4YSau+fVEafBTls+7ltFuuHxm0JPpHqN1kOy0/znea9Q3AqfDsl LkH84T0Apej9IVLrE6dqxg/tPSAswi2kT9tt+xX/nUm5es5lSXAIPmrogDRa7YhO Kd6BOsuozeTNI/phKozY0cNfdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPpp2tzy J1p7w9lp35/SwcfQ2yR2MB8GA1UdIwQYMBaAFK9EeAgTu2wF6ZdUWwjTeTb/rEZh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0YwMi9DQ0FCNTc1MDYz RjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JBWHBsMVJiQ05ONU52LXNS bUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3IwUjRDQk83YkFYcGwxUmJDTk41TnYtc1JtRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG M0YwMi9DQ0FCNTc1MDYzRjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JB WHBsMVJiQ05ONU52LXNSbUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAv1uQpbG1eXHwIeGSSxfcfglhphSXCg9pPDHOkdW6iLYqil0eZ5L8C 5mA7zTXrqhpkWsFBi//W7KGxXYprLhX10YWUUjfKr7qdsvV1JSX3NobyrKSPn+wX ltXbSX5QZNzh7KPXOGDwetXtzBjC6WuT/wniu+3V6wnVGjUhEMTfbDLduDMwJCT2 DvY1nfK7b1poqkDVzyM29L7CxUQuLF19Ml+M9hqtqWdxiW2H83S8ptvuiodzahWU ZyxmNHtAFpQIE8E3dcHbCENTBhOrE1+iPKu4TioaJwe98EceTy9bDUslhXP7Xhqk vanim3T+mHaR8mT4iKjpDjlAM/uz5Ats -----END CERTIFICATE-----Generated at Thu Mar 13 21:31:10 2025 by rpki-client