$ rpki-client -vvf rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.mft File: PdCVvno70d2CniomSfx-gafv40w.mft (raw, json) Hash identifier: Bh8Q7pCI2H6bL67vAjrAQuINx8YoKCBSXMlQjpY0t2s= Subject key identifier: EE:2B:79:75:DD:A1:C5:00:13:DA:FB:62:0F:6A:61:A0:F7:9D:C1:91 Authority key identifier: 3D:D0:95:BE:7A:3B:D1:DD:82:9E:2A:26:49:FC:7E:81:A7:EF:E3:4C Certificate issuer: /CN=A91C8307/serialNumber=3DD095BE7A3BD1DD829E2A2649FC7E81A7EFE34C Certificate serial: 4C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PdCVvno70d2CniomSfx-gafv40w.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.mft Manifest number: 4B Signing time: Sun 11 May 2025 06:05:14 +0000 Manifest this update: Sun 11 May 2025 06:05:14 +0000 Manifest next update: Sun 18 May 2025 06:05:14 +0000 Files and hashes: 1: PdCVvno70d2CniomSfx-gafv40w.crl (hash: ziyLmCQRaIzsceMEJhIM4QMyOHcoYRQI50GiKelDFOw=) 2: DEDB3932BED411EF835BB47AC4F9AE02.roa (hash: O2sa7pTiQKdOhkw1Yh9cM+13JLJmRbo0IeSALJBybOk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.crl rsync://rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PdCVvno70d2CniomSfx-gafv40w.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 06:05:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76 (0x4c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C8307, serialNumber=3DD095BE7A3BD1DD829E2A2649FC7E81A7EFE34C Validity Not Before: May 11 06:05:14 2025 GMT Not After : May 18 06:05:14 2025 GMT Subject: CN=68203e1a-84ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:ca:80:7f:d4:d2:c1:f7:1b:1b:67:57:81:1b: 3a:f3:b9:93:cf:c0:55:1d:8c:1f:67:98:2f:ba:e8: de:51:cc:8e:af:59:27:33:78:92:26:14:4f:73:64: 8d:f6:0e:59:d9:51:a9:56:ce:64:00:6f:2d:2a:fa: f9:0d:f0:58:9b:04:fd:51:cc:af:30:65:db:94:6e: b7:33:0b:c0:85:24:46:d0:39:55:a6:28:88:21:34: 57:93:7b:71:a9:2d:a8:c2:ba:61:c3:fb:5a:2e:6a: 79:6f:4c:79:06:c2:cd:e3:a7:bf:38:d0:f4:83:0b: 45:0c:29:90:58:7d:b6:d5:95:c9:34:d9:cf:f0:c8: cd:50:b8:84:8d:17:f3:0d:12:f2:b2:0e:c4:b7:ed: 17:a8:bb:cd:60:0b:b2:d4:8e:26:1b:bb:f1:1a:26: 47:2a:91:4f:c7:b1:96:7c:bc:6a:60:4b:67:4b:15: 3d:3a:32:26:74:68:f6:9f:74:cd:3f:cc:c1:47:c0: 08:5c:a1:37:f2:8f:e1:48:d2:19:d1:f4:14:f2:be: a3:86:15:c9:00:a7:a1:8f:4e:5f:16:1f:b9:1a:2a: d4:7c:87:c5:92:03:08:29:e8:aa:d0:f5:1b:58:ef: 35:d8:e9:1b:5f:0c:be:9e:4a:50:f9:d4:36:f3:e4: 21:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:2B:79:75:DD:A1:C5:00:13:DA:FB:62:0F:6A:61:A0:F7:9D:C1:91 X509v3 Authority Key Identifier: keyid:3D:D0:95:BE:7A:3B:D1:DD:82:9E:2A:26:49:FC:7E:81:A7:EF:E3:4C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PdCVvno70d2CniomSfx-gafv40w.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C8307/3432F60CBECD11EF98C74132C4F9AE02/PdCVvno70d2CniomSfx-gafv40w.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:04:07:c8:df:a7:5a:f9:24:f9:d0:4d:ec:4f:cc:f9:32:f6: 9a:b3:4c:5d:1c:63:55:61:2a:93:71:a7:2b:4f:eb:12:5d:44: 21:38:b6:ff:8d:73:2c:b6:b3:2c:4b:ae:82:74:8f:73:d8:49: 2d:73:46:6f:6a:41:c7:f8:c2:65:6a:e1:b0:dd:4e:ca:0a:b7: b0:e4:7b:1e:ff:80:50:b3:61:0f:43:1c:c7:32:6c:c1:cd:65: b9:f6:c3:54:db:66:95:ea:20:79:fe:da:c7:3c:57:98:69:db: 29:b0:69:db:26:5b:40:bb:88:a6:3c:b1:5c:1f:e9:99:0f:ff: 7f:6e:60:c8:d2:9d:5a:53:17:06:ab:54:7c:98:da:56:dc:ef: f3:15:6c:c7:f6:11:72:a0:22:8c:78:f8:45:1c:98:4d:3b:4c: ac:86:be:67:64:67:84:bd:f3:38:02:a3:9d:fc:9b:98:38:17: 3f:ea:f8:7e:23:93:ae:18:b1:f8:3d:1e:6e:54:9c:e2:3d:d8: 79:cf:52:09:cb:55:d7:c4:9d:0e:2e:eb:d5:f3:d7:f1:30:5b: 66:af:21:d5:76:d6:ee:a3:a6:18:f3:1d:27:b7:26:20:ee:e5: 25:ed:83:e5:60:88:eb:9b:74:40:6d:78:22:de:6f:fe:16:bb: 82:c4:b2:fd -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBTDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD ODMwNzExMC8GA1UEBRMoM0REMDk1QkU3QTNCRDFERDgyOUUyQTI2NDlGQzdFODFB N0VGRTM0QzAeFw0yNTA1MTEwNjA1MTRaFw0yNTA1MTgwNjA1MTRaMBgxFjAUBgNV BAMTDTY4MjAzZTFhLTg0Y2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDHyoB/1NLB9xsbZ1eBGzrzuZPPwFUdjB9nmC+66N5RzI6vWSczeJImFE9zZI32 DlnZUalWzmQAby0q+vkN8FibBP1RzK8wZduUbrczC8CFJEbQOVWmKIghNFeTe3Gp LajCumHD+1ouanlvTHkGws3jp7840PSDC0UMKZBYfbbVlck02c/wyM1QuISNF/MN EvKyDsS37Reou81gC7LUjiYbu/EaJkcqkU/HsZZ8vGpgS2dLFT06MiZ0aPafdM0/ zMFHwAhcoTfyj+FI0hnR9BTyvqOGFckAp6GPTl8WH7kaKtR8h8WSAwgp6KrQ9RtY 7zXY6RtfDL6eSlD51Dbz5CEbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU7it5dd2h xQAT2vtiD2phoPedwZEwHwYDVR0jBBgwFoAUPdCVvno70d2CniomSfx+gafv40ww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM4MzA3LzM0MzJGNjBDQkVD RDExRUY5OEM3NDEzMkM0RjlBRTAyL1BkQ1Z2bm83MGQyQ25pb21TZngtZ2FmdjQw dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUGRDVnZubzcwZDJDbmlvbVNmeC1nYWZ2NDB3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM4 MzA3LzM0MzJGNjBDQkVDRDExRUY5OEM3NDEzMkM0RjlBRTAyL1BkQ1Z2bm83MGQy Q25pb21TZngtZ2FmdjQwdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAgEB8jfp1r5JPnQTexPzPky9pqzTF0cY1VhKpNxpytP6xJdRCE4tv+N cyy2syxLroJ0j3PYSS1zRm9qQcf4wmVq4bDdTsoKt7Dkex7/gFCzYQ9DHMcybMHN Zbn2w1TbZpXqIHn+2sc8V5hp2ymwadsmW0C7iKY8sVwf6ZkP/39uYMjSnVpTFwar VHyY2lbc7/MVbMf2EXKgIox4+EUcmE07TKyGvmdkZ4S98zgCo538m5g4Fz/q+H4j k64Ysfg9Hm5UnOI92HnPUgnLVdfEnQ4u69Xz1/EwW2avIdV21u6jphjzHSe3JiDu 5SXtg+VgiOubdEBteCLeb/4Wu4LEsv0= -----END CERTIFICATE-----Generated at Sun May 11 23:02:49 2025 by rpki-client