$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft File: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft (raw, json) Hash identifier: egYwxDUJoAgdZHCU5Y8xSytOocNvV4gTNHau5QJx9dc= Subject key identifier: 5A:49:7B:BC:A4:A7:26:7D:AC:B3:99:5E:FD:17:75:66:D4:86:7E:EA Authority key identifier: AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 Certificate issuer: /CN=A91F3F02/serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661 Certificate serial: 0F7A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft Manifest number: 0F4B Signing time: Sun 16 Feb 2025 17:57:37 +0000 Manifest this update: Sun 16 Feb 2025 17:57:36 +0000 Manifest next update: Sun 23 Feb 2025 17:57:36 +0000 Files and hashes: 1: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl (hash: AAWo877d3DvW9vGS/yLItPqgSfZbkpO86hY3oIxdr+U=) 2: 4BF23558026D11EBB136622CC4F9AE02.roa (hash: dSSI9SuJi0kxWDguXGuvNHYcVsK2PtNwvDQAV3GyLYI=) 3: B3876B1821C911EB991D562EC4F9AE02.roa (hash: uBn0Hxz91FaVyD43QnMkuJqRyt7MMlvjQXxOWdloNks=) 4: B2B2930C21C911EB991D562EC4F9AE02.roa (hash: Qy0DDR285MRVUCU2wSq2l1CDAExHpBwuWLjgKYsgDgk=) 5: 8663E8B6658A11E9930DC678C4F9AE02.roa (hash: nnsGbqSAK23dzd+NhzAKnl4RNtdUbFKnIUPab2S+fr0=) 6: F98DEF9A231F11EB99F53580C4F9AE02.roa (hash: 5v8ULnLB7hAe2Fg8TDMfEBDhvjvsx+AYmHjpRnzhKsw=) 7: E049FDF87A4511EBBB2D0A52C4F9AE02.roa (hash: 01USCsNqqndn4P4yTkoqoN05MdA4R11oCs3iWFycohA=) 8: B490CD0621C911EB991D562EC4F9AE02.roa (hash: Juh4AVBFoxym4U719T7P+CRblg1s/scR/hB7gB0qaXY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3962 (0xf7a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3F02 Validity Not Before: Feb 16 17:57:36 2025 GMT Not After : Feb 23 17:57:36 2025 GMT Subject: CN=67b22711-c506 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:1f:b4:9a:b8:eb:08:4a:2b:01:a7:9a:48:e3: 6b:f1:0b:76:03:af:65:fa:bc:22:be:2c:37:8f:0c: 9d:ec:25:1d:8e:36:82:e3:cb:0b:d9:66:50:3f:8d: 26:55:aa:ba:b6:dc:a7:02:f6:9b:18:44:b0:0d:e3: bb:53:ee:9a:8c:33:60:01:c5:aa:96:b2:d0:57:9d: a5:bb:82:52:a4:3c:d2:cb:52:77:a9:74:59:40:a5: c6:a9:7d:13:53:0c:be:ec:6c:d2:d9:89:8f:44:3d: b8:19:10:5b:f9:74:69:19:3d:63:5c:44:e5:bb:3f: ac:7e:99:98:be:d0:fd:ec:4d:bc:dd:03:ba:bb:75: f9:3b:2e:b2:0d:f2:d8:98:66:f8:0b:65:6b:ab:e2: e5:2e:7b:25:dc:09:39:dc:b4:f7:e0:5f:b7:35:2f: dd:c8:8e:39:cb:a2:48:4b:a7:5b:6a:6d:5f:e2:c2: 79:5e:92:f9:46:18:5a:84:8c:92:25:75:60:de:e8: 95:21:60:98:5f:aa:dc:15:59:e7:8f:bd:05:e1:0f: b8:9c:34:c8:b4:9b:6d:18:97:0f:98:73:7a:05:ca: ce:9f:09:00:db:63:f7:03:60:85:c3:72:d6:c9:20: 6a:eb:4c:70:c1:a5:5e:4a:76:d0:00:d7:0c:d3:ff: 2d:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:49:7B:BC:A4:A7:26:7D:AC:B3:99:5E:FD:17:75:66:D4:86:7E:EA X509v3 Authority Key Identifier: keyid:AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:81:62:12:8b:02:b1:5e:32:35:a5:7b:83:4e:f6:92:10:23: 80:15:45:ba:e8:fb:9d:4f:b6:5a:98:73:4a:7a:c0:8b:64:32: 89:22:2c:db:61:8f:17:37:30:3d:7e:8e:e7:c9:e8:48:49:f1: a6:15:6b:11:b8:23:46:67:ab:dd:21:24:63:93:e9:a4:11:bf: 8b:fd:d9:d3:70:b7:98:c9:db:91:00:c7:86:82:4e:6a:b0:bc: ff:49:19:41:48:e3:83:1a:8d:79:c2:58:6e:f6:eb:b5:9a:07: dc:1a:c8:10:ff:a3:0f:e7:e8:0e:a1:8e:f7:42:aa:87:19:e7: 26:17:5c:a0:3e:d3:95:45:a2:6e:d7:95:54:50:da:da:e1:f9: d7:b3:3b:b6:c2:9a:d7:23:6d:68:bf:e7:0c:f0:e6:61:b0:6d: 37:c1:32:05:21:78:f4:b4:96:9c:b6:83:65:b6:9e:43:24:b0: ad:d8:7f:ef:56:e4:7d:c2:42:46:0b:a5:8a:b6:14:dc:ef:e3: 43:ba:2d:d1:d0:76:bb:f2:81:32:37:24:72:14:e9:82:b6:c9: ce:69:0a:24:41:28:a6:f5:50:d5:4a:ff:3f:31:8c:1c:a1:32: 20:8f:6e:14:4b:48:a8:4e:c6:aa:de:b2:ba:c7:c7:58:b8:67: 6b:a9:e2:ef -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD3owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjNGMDIxMTAvBgNVBAUTKEFGNDQ3ODA4MTNCQjZDMDVFOTk3NTQ1QjA4RDM3OTM2 RkZBQzQ2NjEwHhcNMjUwMjE2MTc1NzM2WhcNMjUwMjIzMTc1NzM2WjAYMRYwFAYD VQQDEw02N2IyMjcxMS1jNTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvh+0mrjrCEorAaeaSONr8Qt2A69l+rwiviw3jwyd7CUdjjaC48sL2WZQP40m Vaq6ttynAvabGESwDeO7U+6ajDNgAcWqlrLQV52lu4JSpDzSy1J3qXRZQKXGqX0T Uwy+7GzS2YmPRD24GRBb+XRpGT1jXETluz+sfpmYvtD97E283QO6u3X5Oy6yDfLY mGb4C2Vrq+LlLnsl3Ak53LT34F+3NS/dyI45y6JIS6dbam1f4sJ5XpL5RhhahIyS JXVg3uiVIWCYX6rcFVnnj70F4Q+4nDTItJttGJcPmHN6BcrOnwkA22P3A2CFw3LW ySBq60xwwaVeSnbQANcM0/8t2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFpJe7yk pyZ9rLOZXv0XdWbUhn7qMB8GA1UdIwQYMBaAFK9EeAgTu2wF6ZdUWwjTeTb/rEZh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0YwMi9DQ0FCNTc1MDYz RjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JBWHBsMVJiQ05ONU52LXNS bUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3IwUjRDQk83YkFYcGwxUmJDTk41TnYtc1JtRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG M0YwMi9DQ0FCNTc1MDYzRjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JB WHBsMVJiQ05ONU52LXNSbUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAhgWISiwKxXjI1pXuDTvaSECOAFUW66PudT7ZamHNKesCLZDKJIizb YY8XNzA9fo7nyehISfGmFWsRuCNGZ6vdISRjk+mkEb+L/dnTcLeYyduRAMeGgk5q sLz/SRlBSOODGo15wlhu9uu1mgfcGsgQ/6MP5+gOoY73QqqHGecmF1ygPtOVRaJu 15VUUNra4fnXszu2wprXI21ov+cM8OZhsG03wTIFIXj0tJactoNltp5DJLCt2H/v VuR9wkJGC6WKthTc7+NDui3R0Ha78oEyNyRyFOmCtsnOaQokQSim9VDVSv8/MYwc oTIgj24US0ioTsaq3rK6x8dYuGdrqeLv -----END CERTIFICATE-----Generated at Sun Feb 16 20:23:32 2025 by rpki-client