$ rpki-client -vvf rpki.apnic.net/member_repository/A9112FE1/C456102E09F111F08B44A325C4F9AE02/PR_LclXFJQPhCuWEsRiaFc9WB04.mft File: PR_LclXFJQPhCuWEsRiaFc9WB04.mft (raw, json) Hash identifier: vMdZWBAnPCwGpNW/fTWrNrQ0EJIpVG2TtDkdWIno0y8= Subject key identifier: 89:86:B1:80:2F:00:A9:69:BB:EF:DF:DD:79:08:46:D1:5F:C4:B6:56 Authority key identifier: 3D:1F:CB:72:55:C5:25:03:E1:0A:E5:84:B1:18:9A:15:CF:56:07:4E Certificate issuer: /CN=A9112FE1/serialNumber=3D1FCB7255C52503E10AE584B1189A15CF56074E Certificate serial: 23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PR_LclXFJQPhCuWEsRiaFc9WB04.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9112FE1/C456102E09F111F08B44A325C4F9AE02/PR_LclXFJQPhCuWEsRiaFc9WB04.mft Manifest number: 1B Signing time: Fri 25 Apr 2025 07:03:02 +0000 Manifest this update: Fri 25 Apr 2025 07:03:01 +0000 Manifest next update: Fri 02 May 2025 07:03:01 +0000 Files and hashes: 1: PR_LclXFJQPhCuWEsRiaFc9WB04.crl (hash: RySri+7YMkji8h7lMtzvcBA4Hyg3pSDlaFKgJMHiqz0=) 2: F6A8B3960A1511F0BB6C770DC4F9AE02.roa (hash: n0hZf8SnzH9l6EO9lSPm/WcouXJHThPcn/CT1MilQ1w=) 3: D87376860A1511F09D97420DC4F9AE02.roa (hash: lSMVl0dtBor2vIuchkye7ISSmPTtUsBuhCBwH/5seS0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9112FE1/C456102E09F111F08B44A325C4F9AE02/PR_LclXFJQPhCuWEsRiaFc9WB04.crl rsync://rpki.apnic.net/member_repository/A9112FE1/C456102E09F111F08B44A325C4F9AE02/PR_LclXFJQPhCuWEsRiaFc9WB04.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PR_LclXFJQPhCuWEsRiaFc9WB04.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:50:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35 (0x23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9112FE1, serialNumber=3D1FCB7255C52503E10AE584B1189A15CF56074E Validity Not Before: Apr 25 07:03:01 2025 GMT Not After : May 2 07:03:01 2025 GMT Subject: CN=680b33a5-0d46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:6c:a9:18:39:64:19:b6:16:02:fd:61:3c:c2: 19:6c:e4:89:7b:20:ed:2d:f2:71:79:c4:c2:81:a0: 66:aa:89:75:51:a8:f1:d6:b3:d5:be:c4:de:01:10: a7:fb:e9:03:df:25:20:c7:7c:06:1c:00:2a:cc:ea: 2f:7d:33:43:38:d4:e8:bd:c7:99:8b:c5:c3:4e:48: ca:48:aa:31:83:69:74:f3:84:bf:0b:3c:4d:1d:7b: b7:88:dd:62:75:67:ad:27:86:6e:64:75:ab:62:0a: 58:75:ed:91:b6:a5:a2:6a:62:94:af:d1:9d:bc:0f: cb:d8:aa:f7:37:5e:76:f8:ae:68:96:93:14:d5:c8: d0:47:b3:df:54:64:62:3c:2a:77:8d:8a:5a:c9:6e: f6:6f:0d:77:6a:2d:e3:6c:42:f1:25:72:f7:53:e8: fd:01:d5:d9:07:44:31:33:1e:22:a6:f4:e5:24:96: 7c:51:5a:bc:f4:e0:6d:a9:5f:8c:7f:6e:86:7c:0d: 75:d2:c3:79:45:17:16:e6:0d:c6:92:d8:2d:51:5d: 44:1f:3e:da:54:be:50:e0:66:27:f2:11:63:d5:00: d5:af:1e:63:a4:78:36:86:5c:92:1c:99:19:0e:49: e8:03:52:f2:a5:45:18:cd:f9:1e:cf:3c:57:e9:e0: c0:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:86:B1:80:2F:00:A9:69:BB:EF:DF:DD:79:08:46:D1:5F:C4:B6:56 X509v3 Authority Key Identifier: keyid:3D:1F:CB:72:55:C5:25:03:E1:0A:E5:84:B1:18:9A:15:CF:56:07:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9112FE1/C456102E09F111F08B44A325C4F9AE02/PR_LclXFJQPhCuWEsRiaFc9WB04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PR_LclXFJQPhCuWEsRiaFc9WB04.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9112FE1/C456102E09F111F08B44A325C4F9AE02/PR_LclXFJQPhCuWEsRiaFc9WB04.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:af:22:38:5e:f5:e9:cb:22:1f:05:e2:d8:6d:db:85:87:20: 2b:e2:0e:ca:8b:19:11:29:9e:e9:ea:1b:18:49:5e:a1:79:0f: 46:43:21:5f:27:41:a2:f4:9e:5b:58:dd:84:f0:76:02:3d:99: 1a:c7:4c:fd:1b:02:6e:36:3c:99:42:06:16:a7:b9:70:85:0e: ac:25:05:a3:eb:6c:d1:05:49:d3:b6:7c:8f:4c:18:26:e2:a1: 93:7d:3c:3a:5e:56:03:0e:4a:5b:da:79:92:25:61:ad:a3:d2: d4:2f:ac:78:a2:35:82:78:08:ef:ca:f7:bc:34:5c:65:7e:dd: 1e:3d:e8:a9:94:cc:80:42:de:d8:9f:a5:15:b0:1b:fd:65:37: d4:3e:fc:a5:0c:9c:54:e6:1f:eb:07:86:9c:b9:0c:b8:c7:5d: 80:18:9f:74:40:fd:a6:17:bd:6b:6d:b4:ca:e5:3e:9a:97:73: 85:2d:e2:0e:8e:81:ac:75:c5:20:a6:d6:c6:d3:e1:16:ea:67: 7a:47:81:9f:fe:2a:7b:ff:9b:b7:a7:a9:5a:e1:c5:12:f8:57: 38:1c:5d:a3:95:a4:fa:ff:8e:38:b3:03:57:c9:1f:87:ba:e5: 34:e7:fc:e5:1a:4c:b9:7d:b7:7e:47:aa:76:9c:45:27:56:db: c0:65:45:cb -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx MkZFMTExMC8GA1UEBRMoM0QxRkNCNzI1NUM1MjUwM0UxMEFFNTg0QjExODlBMTVD RjU2MDc0RTAeFw0yNTA0MjUwNzAzMDFaFw0yNTA1MDIwNzAzMDFaMBgxFjAUBgNV BAMTDTY4MGIzM2E1LTBkNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQD4bKkYOWQZthYC/WE8whls5Il7IO0t8nF5xMKBoGaqiXVRqPHWs9W+xN4BEKf7 6QPfJSDHfAYcACrM6i99M0M41Oi9x5mLxcNOSMpIqjGDaXTzhL8LPE0de7eI3WJ1 Z60nhm5kdatiClh17ZG2paJqYpSv0Z28D8vYqvc3Xnb4rmiWkxTVyNBHs99UZGI8 KneNilrJbvZvDXdqLeNsQvElcvdT6P0B1dkHRDEzHiKm9OUklnxRWrz04G2pX4x/ boZ8DXXSw3lFFxbmDcaS2C1RXUQfPtpUvlDgZifyEWPVANWvHmOkeDaGXJIcmRkO SegDUvKlRRjN+R7PPFfp4MDPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUiYaxgC8A qWm779/deQhG0V/EtlYwHwYDVR0jBBgwFoAUPR/LclXFJQPhCuWEsRiaFc9WB04w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEyRkUxL0M0NTYxMDJFMDlG MTExRjA4QjQ0QTMyNUM0RjlBRTAyL1BSX0xjbFhGSlFQaEN1V0VzUmlhRmM5V0Iw NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUFJfTGNsWEZKUVBoQ3VXRXNSaWFGYzlXQjA0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEy RkUxL0M0NTYxMDJFMDlGMTExRjA4QjQ0QTMyNUM0RjlBRTAyL1BSX0xjbFhGSlFQ aEN1V0VzUmlhRmM5V0IwNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAD6vIjhe9enLIh8F4tht24WHICviDsqLGREpnunqGxhJXqF5D0ZDIV8n QaL0nltY3YTwdgI9mRrHTP0bAm42PJlCBhanuXCFDqwlBaPrbNEFSdO2fI9MGCbi oZN9PDpeVgMOSlvaeZIlYa2j0tQvrHiiNYJ4CO/K97w0XGV+3R496KmUzIBC3tif pRWwG/1lN9Q+/KUMnFTmH+sHhpy5DLjHXYAYn3RA/aYXvWtttMrlPpqXc4Ut4g6O gax1xSCm1sbT4RbqZ3pHgZ/+Knv/m7enqVrhxRL4VzgcXaOVpPr/jjizA1fJH4e6 5TTn/OUaTLl9t35HqnacRSdW28BlRcs= -----END CERTIFICATE-----Generated at Fri Apr 25 10:43:26 2025 by rpki-client on console.sobornost.net