$ rpki-client -vvf rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft File: D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft (raw, json) Hash identifier: L4g9RW4kWmaa71PeJ2Fi25Nfv/F9jCCP3T8Xj9TIAyQ= Subject key identifier: 9D:F1:18:4B:50:1D:17:C1:F0:E5:CA:41:B2:17:17:BA:B4:4F:76:D2 Authority key identifier: 0F:D4:43:75:21:DB:5C:0B:C9:9E:45:B5:97:54:FF:7B:67:1F:86:F3 Certificate issuer: /CN=A911E0B4/serialNumber=0FD4437521DB5C0BC99E45B59754FF7B671F86F3 Certificate serial: 52 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft Manifest number: 4F Signing time: Sun 27 Apr 2025 06:08:17 +0000 Manifest this update: Sun 27 Apr 2025 06:08:17 +0000 Manifest next update: Sun 04 May 2025 06:08:17 +0000 Files and hashes: 1: D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl (hash: PF3nKBIZD9ewLu5JIzDed5gYOHWyuySpzgCtP5wnqb0=) 2: 5AF3ECBEAFBA11EF91955453C4F9AE02.roa (hash: x22vmPwJWZ5KhIsY5PtxJtvF9T7oNt50WfxUCDRwJlo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 82 (0x52) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911E0B4, serialNumber=0FD4437521DB5C0BC99E45B59754FF7B671F86F3 Validity Not Before: Apr 27 06:08:17 2025 GMT Not After : May 4 06:08:17 2025 GMT Subject: CN=680dc9d1-ace7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:66:54:20:ab:55:1e:ce:69:3d:eb:8f:e6:19: 04:fa:14:28:d7:b9:80:6a:4c:dd:ae:20:f2:c2:ba: 21:15:36:44:b3:d2:b6:e4:fa:22:45:be:a6:1e:da: 5b:71:c3:68:93:39:5c:ff:68:6b:ab:7c:83:81:92: 33:09:b8:e0:da:5a:f5:74:c4:6a:1c:0e:0a:c2:9b: 05:13:65:fc:d7:b7:83:e0:f1:5d:8a:a9:e6:15:e5: 04:27:bd:77:b9:b1:c5:51:d0:a8:c4:3a:9f:3c:10: 26:0d:b7:f2:6f:7e:4e:7e:1a:0b:d6:18:cb:a6:44: b1:1d:f3:26:eb:66:05:27:6b:6b:63:76:bc:b9:af: fe:b6:5d:8c:0c:6c:cf:25:c1:d5:a9:55:26:62:e4: b6:5e:bc:17:17:c0:62:07:59:7e:72:c6:28:d6:db: a8:74:ef:65:97:b4:bb:25:45:96:40:55:4a:e8:f1: 63:03:33:0b:7b:62:83:16:7f:47:93:82:a3:d3:6d: 89:a8:22:10:6c:cc:70:05:f1:7b:0e:1c:e6:56:46: 6d:e2:95:c6:c0:1f:58:77:de:17:30:16:52:3f:70: dd:58:0e:36:f5:43:76:a4:ae:15:fb:7e:0d:7f:83: 14:25:5e:4e:f5:d3:12:a3:50:75:15:3e:54:08:ad: 8b:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:F1:18:4B:50:1D:17:C1:F0:E5:CA:41:B2:17:17:BA:B4:4F:76:D2 X509v3 Authority Key Identifier: keyid:0F:D4:43:75:21:DB:5C:0B:C9:9E:45:B5:97:54:FF:7B:67:1F:86:F3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:67:c3:21:75:86:4a:56:c4:42:62:42:bf:7c:26:7d:51:b3: b5:b5:15:5a:54:83:4b:d2:88:21:74:89:3a:ab:d5:9a:11:90: 00:76:15:0d:31:95:43:4a:13:7a:e1:52:ff:cf:57:51:ad:81: 3e:db:77:73:4b:cb:5e:8e:18:f6:0d:06:e4:2e:cd:ad:c6:c5: 16:33:f3:a7:dc:79:c2:dc:a0:58:af:d2:16:e4:ed:a8:44:80: c2:d1:2e:26:05:27:23:66:72:c9:2c:1d:2b:37:74:ab:4f:e2: 81:17:42:b0:48:af:ea:da:c5:1b:e5:ef:9c:2b:88:c6:70:d6: 15:e2:08:a8:e9:33:7b:19:7d:88:2c:30:06:82:88:8d:58:c5: 59:88:0b:a4:0f:e3:03:dc:b6:93:d9:06:e0:0f:b8:37:11:bd: 18:b1:8f:3b:3e:d4:f4:f0:a0:21:d2:d2:74:5c:bc:9f:c7:da: c7:e6:45:06:d1:3b:d6:3d:6d:c0:e3:4b:97:5d:c0:56:b4:b9: e4:f3:ee:70:95:06:b1:83:ff:7f:32:3c:a9:fd:c9:c7:35:0b: 39:5d:f2:78:26:70:81:db:7c:2b:a5:05:c9:ef:c8:56:ca:60: 25:b6:4a:eb:79:e9:ec:75:42:b3:42:3c:a1:b5:89:62:06:19: 72:fc:ed:eb -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBUjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx RTBCNDExMC8GA1UEBRMoMEZENDQzNzUyMURCNUMwQkM5OUU0NUI1OTc1NEZGN0I2 NzFGODZGMzAeFw0yNTA0MjcwNjA4MTdaFw0yNTA1MDQwNjA4MTdaMBgxFjAUBgNV BAMTDTY4MGRjOWQxLWFjZTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCvZlQgq1Uezmk964/mGQT6FCjXuYBqTN2uIPLCuiEVNkSz0rbk+iJFvqYe2ltx w2iTOVz/aGurfIOBkjMJuODaWvV0xGocDgrCmwUTZfzXt4Pg8V2KqeYV5QQnvXe5 scVR0KjEOp88ECYNt/Jvfk5+GgvWGMumRLEd8ybrZgUna2tjdry5r/62XYwMbM8l wdWpVSZi5LZevBcXwGIHWX5yxijW26h072WXtLslRZZAVUro8WMDMwt7YoMWf0eT gqPTbYmoIhBszHAF8XsOHOZWRm3ilcbAH1h33hcwFlI/cN1YDjb1Q3akrhX7fg1/ gxQlXk710xKjUHUVPlQIrYt7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUnfEYS1Ad F8Hw5cpBshcXurRPdtIwHwYDVR0jBBgwFoAUD9RDdSHbXAvJnkW1l1T/e2cfhvMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFFMEI0L0U5NjQ4OUFFQUYz ODExRUZBMjBERDAxM0M0RjlBRTAyL0Q5UkRkU0hiWEF2Sm5rVzFsMVRfZTJjZmh2 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvRDlSRGRTSGJYQXZKbmtXMWwxVF9lMmNmaHZNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFF MEI0L0U5NjQ4OUFFQUYzODExRUZBMjBERDAxM0M0RjlBRTAyL0Q5UkRkU0hiWEF2 Sm5rVzFsMVRfZTJjZmh2TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABRnwyF1hkpWxEJiQr98Jn1Rs7W1FVpUg0vSiCF0iTqr1ZoRkAB2FQ0x lUNKE3rhUv/PV1GtgT7bd3NLy16OGPYNBuQuza3GxRYz86fcecLcoFiv0hbk7ahE gMLRLiYFJyNmcsksHSs3dKtP4oEXQrBIr+raxRvl75wriMZw1hXiCKjpM3sZfYgs MAaCiI1YxVmIC6QP4wPctpPZBuAPuDcRvRixjzs+1PTwoCHS0nRcvJ/H2sfmRQbR O9Y9bcDjS5ddwFa0ueTz7nCVBrGD/38yPKn9ycc1Czld8ngmcIHbfCulBcnvyFbK YCW2Sut56ex1QrNCPKG1iWIGGXL87es= -----END CERTIFICATE-----Generated at Sun Apr 27 08:07:41 2025 by rpki-client on console.sobornost.net