$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft File: PFRw6B-koZCHAh0K130zbOvipo0.mft (raw, json) Hash identifier: ht89XwAAShnH0+E8LHKmcxqzZS6UTtMUVf7fPSjoF2Q= Subject key identifier: C3:9E:DA:77:5C:A3:AB:55:2E:3B:A9:3D:E2:F2:63:3E:1C:D6:D9:28 Authority key identifier: 3C:54:70:E8:1F:A4:A1:90:87:02:1D:0A:D7:7D:33:6C:EB:E2:A6:8D Certificate issuer: /CN=A9143CB3/serialNumber=3C5470E81FA4A19087021D0AD77D336CEBE2A68D Certificate serial: 1AD1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft Manifest number: 1ACE Signing time: Mon 28 Apr 2025 16:25:11 +0000 Manifest this update: Mon 28 Apr 2025 16:25:11 +0000 Manifest next update: Mon 05 May 2025 16:25:11 +0000 Files and hashes: 1: PFRw6B-koZCHAh0K130zbOvipo0.crl (hash: zmwZK3tVaLguynLUvB9r8VCqNDcXXzPuAY6UR+cLO5M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.crl rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 14:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6865 (0x1ad1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143CB3, serialNumber=3C5470E81FA4A19087021D0AD77D336CEBE2A68D Validity Not Before: Apr 28 16:25:11 2025 GMT Not After : May 5 16:25:11 2025 GMT Subject: CN=680fabe7-20a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:e0:a6:ff:13:05:1e:d1:f3:1a:23:71:a2:70: aa:55:6d:ba:e1:9b:97:fc:7b:d9:6b:a2:09:ba:1a: 22:36:db:3e:2a:43:fb:08:51:22:1d:2c:0a:30:eb: 9d:1b:02:99:2b:68:d1:26:71:de:73:ce:0c:5c:8a: e7:9b:30:56:b8:b3:ea:28:17:9e:4f:b7:58:33:6f: 48:68:1d:80:55:48:b8:80:db:73:ff:e1:bd:b4:b3: 45:a4:b5:8b:bf:50:ce:f8:56:9d:fc:46:c4:80:fb: 48:0f:49:ba:7c:ee:af:18:3c:a4:1d:f3:62:a6:b4: 30:76:b9:c2:4e:2e:c5:db:b7:18:f7:5e:da:11:9e: 5b:70:62:08:28:da:27:8d:ee:83:da:64:da:50:34: dd:99:33:66:a3:bc:4d:15:7f:c0:85:00:20:84:ac: da:3a:58:cd:44:19:39:00:4d:36:77:b3:87:72:5b: 35:cf:97:a2:d4:b7:9d:c3:91:6c:d3:9d:1b:fd:9a: 11:78:13:79:82:4b:e1:47:58:db:e5:81:5c:04:ef: 9a:ab:39:5b:cb:63:16:af:79:70:3d:6b:f4:a2:e9: 22:8d:db:11:c6:89:ef:34:e4:3e:c0:e0:92:61:96: 4d:8c:fe:3e:13:d8:f0:a1:c4:ea:05:0f:3b:c3:fb: 25:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:9E:DA:77:5C:A3:AB:55:2E:3B:A9:3D:E2:F2:63:3E:1C:D6:D9:28 X509v3 Authority Key Identifier: keyid:3C:54:70:E8:1F:A4:A1:90:87:02:1D:0A:D7:7D:33:6C:EB:E2:A6:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:4b:d0:1a:6e:e9:d1:fd:76:ea:52:c0:08:56:53:55:95:93: 8f:fe:ba:60:6c:c9:5a:ef:4b:cc:77:15:0b:bf:a6:fb:7c:fe: d4:6a:60:3c:5c:1a:77:e9:21:24:ed:c1:93:45:33:87:f1:51: 1e:a9:04:67:9d:e6:86:0e:9a:a6:2d:18:f4:a2:ea:bf:a8:fc: 99:5e:23:81:2c:72:b7:b3:87:1b:41:6d:d7:28:72:7e:d8:90: 9c:c2:8d:ac:35:77:36:ca:2a:55:a2:4a:5b:8a:e1:fa:15:b7: 0e:19:dd:20:1d:f4:83:5d:31:6e:39:73:63:64:c2:7e:aa:75: 6b:9a:f1:ff:85:f8:9f:4d:f8:3c:c0:3e:f4:26:d7:b8:b8:0f: e3:ed:ea:97:5e:1c:6f:6b:59:b4:68:64:36:58:38:8d:51:07: c1:3f:da:d4:4a:3e:90:27:be:a0:90:e2:f3:43:06:7e:28:b8: a7:6b:91:99:b1:03:23:b6:46:2d:77:b7:f9:53:a7:b9:31:8d: 8a:39:bb:22:d5:94:a6:7f:a6:4f:24:8c:50:b8:34:f6:97:be: ae:43:55:24:a2:85:7f:84:9e:b6:67:ed:6f:58:a5:2b:c5:95: b9:ab:49:cb:0f:c5:30:00:c1:af:f2:f7:ce:84:f7:71:25:fa: 0d:25:a1:cd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGtEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNDQjMxMTAvBgNVBAUTKDNDNTQ3MEU4MUZBNEExOTA4NzAyMUQwQUQ3N0QzMzZD RUJFMkE2OEQwHhcNMjUwNDI4MTYyNTExWhcNMjUwNTA1MTYyNTExWjAYMRYwFAYD VQQDEw02ODBmYWJlNy0yMGE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAneCm/xMFHtHzGiNxonCqVW264ZuX/HvZa6IJuhoiNts+KkP7CFEiHSwKMOud GwKZK2jRJnHec84MXIrnmzBWuLPqKBeeT7dYM29IaB2AVUi4gNtz/+G9tLNFpLWL v1DO+Fad/EbEgPtID0m6fO6vGDykHfNiprQwdrnCTi7F27cY917aEZ5bcGIIKNon je6D2mTaUDTdmTNmo7xNFX/AhQAghKzaOljNRBk5AE02d7OHcls1z5ei1Ledw5Fs 050b/ZoReBN5gkvhR1jb5YFcBO+aqzlby2MWr3lwPWv0oukijdsRxonvNOQ+wOCS YZZNjP4+E9jwocTqBQ87w/slYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMOe2ndc o6tVLjupPeLyYz4c1tkoMB8GA1UdIwQYMBaAFDxUcOgfpKGQhwIdCtd9M2zr4qaN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xNTE2Njc5RTI1 OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi9QRlJ3NkIta29aQ0hBaDBLMTMwemJPdmlw bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1BGUnc2Qi1rb1pDSEFoMEsxMzB6Yk92aXBvMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0NCMy8xNTE2Njc5RTI1OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi9QRlJ3NkIta29a Q0hBaDBLMTMwemJPdmlwbzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCfS9AabunR/XbqUsAIVlNVlZOP/rpgbMla70vMdxULv6b7fP7UamA8 XBp36SEk7cGTRTOH8VEeqQRnneaGDpqmLRj0ouq/qPyZXiOBLHK3s4cbQW3XKHJ+ 2JCcwo2sNXc2yipVokpbiuH6FbcOGd0gHfSDXTFuOXNjZMJ+qnVrmvH/hfifTfg8 wD70Jte4uA/j7eqXXhxva1m0aGQ2WDiNUQfBP9rUSj6QJ76gkOLzQwZ+KLina5GZ sQMjtkYtd7f5U6e5MY2KObsi1ZSmf6ZPJIxQuDT2l76uQ1UkooV/hJ62Z+1vWKUr xZW5q0nLD8UwAMGv8vfOhPdxJfoNJaHN -----END CERTIFICATE-----Generated at Mon Apr 28 20:10:31 2025 by rpki-client on console.sobornost.net