$ rpki-client -vvf rpki.apnic.net/member_repository/A91FCABC/C551641205B911EEA9130B37C4F9AE02/l85Wj2RoJWRz-Es4s84D6jVJ64k.mft File: l85Wj2RoJWRz-Es4s84D6jVJ64k.mft (raw, json) Hash identifier: TDGTtoV96wboFQ9SrCIRBeIpUXcvRx58KidlXpiJ2vA= Subject key identifier: D3:98:B8:92:F5:CD:19:20:70:52:C1:C9:B6:79:CA:B3:56:73:B3:E4 Authority key identifier: 97:CE:56:8F:64:68:25:64:73:F8:4B:38:B3:CE:03:EA:35:49:EB:89 Certificate issuer: /CN=A91FCABC/serialNumber=97CE568F6468256473F84B38B3CE03EA3549EB89 Certificate serial: 0141 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/l85Wj2RoJWRz-Es4s84D6jVJ64k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FCABC/C551641205B911EEA9130B37C4F9AE02/l85Wj2RoJWRz-Es4s84D6jVJ64k.mft Manifest number: 013E Signing time: Sat 15 Feb 2025 05:21:21 +0000 Manifest this update: Sat 15 Feb 2025 05:21:21 +0000 Manifest next update: Sat 22 Feb 2025 05:21:21 +0000 Files and hashes: 1: l85Wj2RoJWRz-Es4s84D6jVJ64k.crl (hash: QrIqZChw3cq4UoFjgK7kaIjIJ98NRXw4tCANA4Yv8no=) 2: 35BBCFB005C111EEA3A8584CC4F9AE02.roa (hash: HMZ69Vk7ZS0Jv78BueT5h2a9dKdT1kZJMuqKYnjLHLY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FCABC/C551641205B911EEA9130B37C4F9AE02/l85Wj2RoJWRz-Es4s84D6jVJ64k.crl rsync://rpki.apnic.net/member_repository/A91FCABC/C551641205B911EEA9130B37C4F9AE02/l85Wj2RoJWRz-Es4s84D6jVJ64k.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/l85Wj2RoJWRz-Es4s84D6jVJ64k.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Feb 2025 05:15:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 321 (0x141) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FCABC Validity Not Before: Feb 15 05:21:21 2025 GMT Not After : Feb 22 05:21:21 2025 GMT Subject: CN=67b02451-58e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:c0:90:67:34:12:91:ad:50:6b:d9:f7:c7:d0: 12:2f:6f:4d:dd:81:db:40:a6:b4:61:e8:14:aa:0f: da:72:bd:5c:10:67:37:9b:07:43:51:46:d3:e9:e9: 43:a1:29:6a:3e:d7:0f:68:25:e2:6f:9d:ed:1c:9e: 04:6f:f2:5d:13:9c:07:8c:75:a5:96:72:ca:21:26: cb:34:d6:6a:e3:98:04:61:32:47:ee:f1:43:1d:80: 48:ce:12:4e:0e:a2:f0:be:37:8d:53:ba:2c:d3:8f: ee:11:bb:b9:2a:19:fa:48:ba:8f:59:14:ba:18:7c: f4:da:fc:05:52:b2:c2:c0:17:27:74:fb:56:bc:e8: d8:53:c4:de:99:e6:bf:23:f6:78:64:35:56:97:d1: 50:6e:db:a1:79:b9:a9:0f:3c:c1:96:55:1c:c1:55: 00:66:c6:12:72:48:3a:05:0a:bf:67:ef:b5:44:bd: 17:6f:e7:05:b4:a4:2a:fd:6b:cd:d7:81:0e:79:2a: 21:7a:cf:6e:51:5f:71:1c:ff:50:33:5e:f0:c6:ea: 87:1a:9f:af:94:71:88:65:74:0c:26:d1:94:4c:18: 1d:b5:31:fb:20:8f:b3:26:ea:f5:71:ef:f1:9f:66: da:4c:f1:bc:bf:a7:49:56:80:28:01:df:bc:44:57: b3:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:98:B8:92:F5:CD:19:20:70:52:C1:C9:B6:79:CA:B3:56:73:B3:E4 X509v3 Authority Key Identifier: keyid:97:CE:56:8F:64:68:25:64:73:F8:4B:38:B3:CE:03:EA:35:49:EB:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FCABC/C551641205B911EEA9130B37C4F9AE02/l85Wj2RoJWRz-Es4s84D6jVJ64k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/l85Wj2RoJWRz-Es4s84D6jVJ64k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FCABC/C551641205B911EEA9130B37C4F9AE02/l85Wj2RoJWRz-Es4s84D6jVJ64k.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c3:6b:fc:07:48:e4:7c:2c:20:73:96:a4:e9:12:4d:d9:3f:1c: e0:6e:94:96:63:1b:b0:2b:72:45:52:58:5f:f9:86:4e:c9:a2: bb:65:04:ad:a7:91:84:00:b3:c3:86:33:58:06:4b:a7:ec:cd: af:39:7b:86:87:87:fd:66:41:a9:87:8d:36:25:ae:15:be:a2: 78:81:e0:d5:21:b6:17:d6:0c:81:18:bf:54:10:2b:9c:3e:9e: 5b:7f:a9:b4:b9:11:83:4b:fa:14:65:1f:b1:06:1c:c8:f0:31: c0:88:13:ac:bd:ad:64:ed:7a:3b:dc:6c:f7:67:55:76:f7:85: 13:2f:5e:9a:ec:0f:61:4c:4c:d5:e4:45:74:92:fa:b4:20:51: 51:dd:12:8c:a0:0c:bb:80:a7:42:c8:34:52:09:59:37:59:6f: 26:2b:1f:0d:c7:dd:d3:ac:ea:a3:72:6b:66:1e:cc:4a:3f:35: 77:7a:8e:24:4a:9c:e3:af:9a:6b:d8:9b:a3:fa:09:03:1d:e3: 4f:e4:a0:f6:46:04:d8:97:ad:c4:f5:04:c5:39:0c:91:6a:c4: f2:4c:02:2c:1b:3f:73:d1:09:af:a0:11:48:6c:ba:47:0d:a1: 8b:6c:1e:bf:4b:a8:4b:0d:ca:66:2d:cd:6c:94:ba:08:88:f9: 52:89:e0:da -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkNBQkMxMTAvBgNVBAUTKDk3Q0U1NjhGNjQ2ODI1NjQ3M0Y4NEIzOEIzQ0UwM0VB MzU0OUVCODkwHhcNMjUwMjE1MDUyMTIxWhcNMjUwMjIyMDUyMTIxWjAYMRYwFAYD VQQDEw02N2IwMjQ1MS01OGU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzcCQZzQSka1Qa9n3x9ASL29N3YHbQKa0YegUqg/acr1cEGc3mwdDUUbT6elD oSlqPtcPaCXib53tHJ4Eb/JdE5wHjHWllnLKISbLNNZq45gEYTJH7vFDHYBIzhJO DqLwvjeNU7os04/uEbu5Khn6SLqPWRS6GHz02vwFUrLCwBcndPtWvOjYU8Temea/ I/Z4ZDVWl9FQbtuhebmpDzzBllUcwVUAZsYSckg6BQq/Z++1RL0Xb+cFtKQq/WvN 14EOeSohes9uUV9xHP9QM17wxuqHGp+vlHGIZXQMJtGUTBgdtTH7II+zJur1ce/x n2baTPG8v6dJVoAoAd+8RFeznQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNOYuJL1 zRkgcFLBybZ5yrNWc7PkMB8GA1UdIwQYMBaAFJfOVo9kaCVkc/hLOLPOA+o1SeuJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQ0FCQy9DNTUxNjQxMjA1 QjkxMUVFQTkxMzBCMzdDNEY5QUUwMi9sODVXajJSb0pXUnotRXM0czg0RDZqVko2 NGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2w4NVdqMlJvSldSei1FczRzODRENmpWSjY0ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG Q0FCQy9DNTUxNjQxMjA1QjkxMUVFQTkxMzBCMzdDNEY5QUUwMi9sODVXajJSb0pX UnotRXM0czg0RDZqVko2NGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDDa/wHSOR8LCBzlqTpEk3ZPxzgbpSWYxuwK3JFUlhf+YZOyaK7ZQSt p5GEALPDhjNYBkun7M2vOXuGh4f9ZkGph402Ja4VvqJ4geDVIbYX1gyBGL9UECuc Pp5bf6m0uRGDS/oUZR+xBhzI8DHAiBOsva1k7Xo73Gz3Z1V294UTL16a7A9hTEzV 5EV0kvq0IFFR3RKMoAy7gKdCyDRSCVk3WW8mKx8Nx93TrOqjcmtmHsxKPzV3eo4k Spzjr5pr2Juj+gkDHeNP5KD2RgTYl63E9QTFOQyRasTyTAIsGz9z0QmvoBFIbLpH DaGLbB6/S6hLDcpmLc1slLoIiPlSieDa -----END CERTIFICATE-----Generated at Sun Feb 16 15:24:26 2025 by rpki-client