$ rpki-client -vvf rpki.apnic.net/member_repository/A91A014A/CC07DAB674FF11EDAB9C9075C4F9AE02/kL0d8TqZHDHxGE1RGvMDFvwAIQI.mft File: kL0d8TqZHDHxGE1RGvMDFvwAIQI.mft (raw, json) Hash identifier: YNX9CCMCXzYrT+toCWIlI4MiZupAcKhFIPQDiF1xi5U= Subject key identifier: DA:75:06:81:E1:DB:2B:54:86:DC:D1:81:E6:44:A7:09:3D:81:20:4A Authority key identifier: 90:BD:1D:F1:3A:99:1C:31:F1:18:4D:51:1A:F3:03:16:FC:00:21:02 Certificate issuer: /CN=A91A014A/serialNumber=90BD1DF13A991C31F1184D511AF30316FC002102 Certificate serial: 01CB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kL0d8TqZHDHxGE1RGvMDFvwAIQI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A014A/CC07DAB674FF11EDAB9C9075C4F9AE02/kL0d8TqZHDHxGE1RGvMDFvwAIQI.mft Manifest number: 01C7 Signing time: Wed 07 May 2025 02:14:44 +0000 Manifest this update: Wed 07 May 2025 02:14:44 +0000 Manifest next update: Wed 14 May 2025 02:14:44 +0000 Files and hashes: 1: kL0d8TqZHDHxGE1RGvMDFvwAIQI.crl (hash: l+qykR4LSNcacr9Fzky1o0jw8ETsxaMiN9/Ns05t8IQ=) 2: 203FA37E750611ED95126872C4F9AE02.roa (hash: dipdNfnJaJs6s5CVnvO1Wlubse6AOUfgpacGaixKSoQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A014A/CC07DAB674FF11EDAB9C9075C4F9AE02/kL0d8TqZHDHxGE1RGvMDFvwAIQI.crl rsync://rpki.apnic.net/member_repository/A91A014A/CC07DAB674FF11EDAB9C9075C4F9AE02/kL0d8TqZHDHxGE1RGvMDFvwAIQI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kL0d8TqZHDHxGE1RGvMDFvwAIQI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 13 May 2025 23:16:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 459 (0x1cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A014A, serialNumber=90BD1DF13A991C31F1184D511AF30316FC002102 Validity Not Before: May 7 02:14:44 2025 GMT Not After : May 14 02:14:44 2025 GMT Subject: CN=681ac214-be95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:5b:05:04:ea:1a:7b:da:65:db:f6:50:ae:73: 63:5a:55:11:34:89:3a:bb:0e:dc:44:bd:58:f6:94: 69:80:9e:75:7b:0a:6a:e9:39:9d:14:11:39:19:a2: 79:63:97:ef:82:65:47:cd:8a:fd:44:ec:92:c5:69: e7:e5:cd:da:ac:f1:21:78:08:26:1f:5e:f1:36:77: 7d:9b:9b:a1:ac:56:07:16:29:12:a4:a5:d1:18:00: 03:36:c7:b3:84:87:a7:aa:e9:33:ad:be:a3:1e:aa: e1:86:a9:00:7f:67:64:fb:12:a8:40:60:00:02:43: 28:0c:c7:2d:4b:ca:6d:34:a4:c1:0b:f4:a7:40:5b: a4:e1:f9:5f:51:19:bd:df:08:93:f6:87:2b:35:a1: d5:46:4a:b9:27:d9:f9:17:3a:03:7e:09:25:fa:c9: fe:8e:60:f4:c8:46:ec:ae:dc:d4:9a:a3:59:02:1a: b8:2c:a5:37:98:52:cb:78:04:a3:d3:81:18:0e:72: 15:7c:0c:f5:14:55:a5:a8:1c:39:d7:77:05:ef:ad: 7d:83:1b:93:38:c7:1f:9f:bb:41:e1:1b:a8:ed:38: 43:e4:89:ae:e1:96:df:bb:1f:8c:8d:6c:3c:6d:7d: 88:20:64:6e:a6:38:8c:f6:b6:3c:fc:64:0b:77:c0: a0:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:75:06:81:E1:DB:2B:54:86:DC:D1:81:E6:44:A7:09:3D:81:20:4A X509v3 Authority Key Identifier: keyid:90:BD:1D:F1:3A:99:1C:31:F1:18:4D:51:1A:F3:03:16:FC:00:21:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A014A/CC07DAB674FF11EDAB9C9075C4F9AE02/kL0d8TqZHDHxGE1RGvMDFvwAIQI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kL0d8TqZHDHxGE1RGvMDFvwAIQI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A014A/CC07DAB674FF11EDAB9C9075C4F9AE02/kL0d8TqZHDHxGE1RGvMDFvwAIQI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:3c:7e:0e:57:b9:72:7f:b0:85:56:74:ad:e5:af:71:b6:8c: 9a:ca:f8:91:d5:c6:4f:bc:56:34:c8:69:14:d2:2f:e6:8f:e5: 37:1b:73:ea:8c:f0:59:bf:d5:9b:d7:e0:d1:a3:49:d5:32:f4: 8f:1d:bc:98:ad:da:9b:f9:84:f1:22:85:6c:b6:ff:8d:2d:e9: 29:07:b3:e9:78:67:ed:8c:c3:df:f7:d7:6a:78:fc:2f:02:bf: 49:ad:63:32:2b:7a:d5:a9:5a:af:0a:30:59:f7:b8:2b:74:99: ec:5e:f3:02:3d:ee:3b:02:9a:ff:51:31:c9:7a:24:af:f6:bf: ae:3e:49:1f:10:cd:77:a2:35:7f:2d:fc:5f:b5:0b:ef:2e:9e: 2b:ac:ac:a8:89:25:6a:3a:74:22:5a:a1:32:ae:9e:1c:91:7f: 8e:5c:b6:62:86:25:0b:7f:52:5e:11:f4:7b:66:51:b9:8c:fa: 19:c5:79:ec:51:17:09:1b:a2:55:04:49:41:6b:a3:08:da:4b: 2d:a4:71:60:28:56:e0:3a:3d:1e:ef:af:45:8a:cc:13:9c:d0: eb:dd:08:63:7e:b4:25:87:5c:13:55:d3:36:fc:22:89:15:34: a2:06:74:7b:dc:92:55:b5:c9:8f:a8:77:c6:b4:da:d8:7b:c4: 7b:66:a8:d9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTAxNEExMTAvBgNVBAUTKDkwQkQxREYxM0E5OTFDMzFGMTE4NEQ1MTFBRjMwMzE2 RkMwMDIxMDIwHhcNMjUwNTA3MDIxNDQ0WhcNMjUwNTE0MDIxNDQ0WjAYMRYwFAYD VQQDEw02ODFhYzIxNC1iZTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsFsFBOoae9pl2/ZQrnNjWlURNIk6uw7cRL1Y9pRpgJ51ewpq6TmdFBE5GaJ5 Y5fvgmVHzYr9ROySxWnn5c3arPEheAgmH17xNnd9m5uhrFYHFikSpKXRGAADNsez hIenqukzrb6jHqrhhqkAf2dk+xKoQGAAAkMoDMctS8ptNKTBC/SnQFuk4flfURm9 3wiT9ocrNaHVRkq5J9n5FzoDfgkl+sn+jmD0yEbsrtzUmqNZAhq4LKU3mFLLeASj 04EYDnIVfAz1FFWlqBw513cF7619gxuTOMcfn7tB4Ruo7ThD5Imu4Zbfux+MjWw8 bX2IIGRupjiM9rY8/GQLd8Cg9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNp1BoHh 2ytUhtzRgeZEpwk9gSBKMB8GA1UdIwQYMBaAFJC9HfE6mRwx8RhNURrzAxb8ACEC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDE0QS9DQzA3REFCNjc0 RkYxMUVEQUI5QzkwNzVDNEY5QUUwMi9rTDBkOFRxWkhESHhHRTFSR3ZNREZ2d0FJ UUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tMMGQ4VHFaSERIeEdFMVJHdk1ERnZ3QUlRSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MDE0QS9DQzA3REFCNjc0RkYxMUVEQUI5QzkwNzVDNEY5QUUwMi9rTDBkOFRxWkhE SHhHRTFSR3ZNREZ2d0FJUUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA+PH4OV7lyf7CFVnSt5a9xtoyayviR1cZPvFY0yGkU0i/mj+U3G3Pq jPBZv9Wb1+DRo0nVMvSPHbyYrdqb+YTxIoVstv+NLekpB7PpeGftjMPf99dqePwv Ar9JrWMyK3rVqVqvCjBZ97grdJnsXvMCPe47Apr/UTHJeiSv9r+uPkkfEM13ojV/ LfxftQvvLp4rrKyoiSVqOnQiWqEyrp4ckX+OXLZihiULf1JeEfR7ZlG5jPoZxXns URcJG6JVBElBa6MI2kstpHFgKFbgOj0e769FiswTnNDr3QhjfrQlh1wTVdM2/CKJ FTSiBnR73JJVtcmPqHfGtNrYe8R7ZqjZ -----END CERTIFICATE-----Generated at Wed May 7 11:39:18 2025 by rpki-client