$ rpki-client -vvf rpki.apnic.net/member_repository/A918F8B1/7D54A0CAB58611E9AA5F4D65C4F9AE02/tbP8PnYId-9PjY6EO91ozg9AVTA.mft File: tbP8PnYId-9PjY6EO91ozg9AVTA.mft (raw, json) Hash identifier: nhYdlS3K4Hci9mC6Kw5I81cV6GuN716nNLGCc2jEeX4= Subject key identifier: FA:20:1B:01:6C:E3:1D:BF:7A:FF:F0:A6:EB:1D:A1:B7:AD:3C:E0:62 Authority key identifier: B5:B3:FC:3E:76:08:77:EF:4F:8D:8E:84:3B:DD:68:CE:0F:40:55:30 Certificate issuer: /CN=A918F8B1/serialNumber=B5B3FC3E760877EF4F8D8E843BDD68CE0F405530 Certificate serial: 0DEF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tbP8PnYId-9PjY6EO91ozg9AVTA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918F8B1/7D54A0CAB58611E9AA5F4D65C4F9AE02/tbP8PnYId-9PjY6EO91ozg9AVTA.mft Manifest number: 0DDA Signing time: Mon 28 Apr 2025 18:07:28 +0000 Manifest this update: Mon 28 Apr 2025 18:07:27 +0000 Manifest next update: Mon 05 May 2025 18:07:27 +0000 Files and hashes: 1: tbP8PnYId-9PjY6EO91ozg9AVTA.crl (hash: HGne40fpMoMT3uuL3naI90C69NQ/Yo079ut+0KBtA/o=) 2: FAAC7098424911EFABBC7D78C4F9AE02.roa (hash: 4v+rsnRLFBgrun/uIoRgYYIQkVKTxUpRVf++DCzZXn4=) 3: B2A2CFCEF56C11EE90E38718C4F9AE02.roa (hash: kkPAtmDoelVoYFE7Hbje8wUj2mrPDtwi5yj75S4iHxc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918F8B1/7D54A0CAB58611E9AA5F4D65C4F9AE02/tbP8PnYId-9PjY6EO91ozg9AVTA.crl rsync://rpki.apnic.net/member_repository/A918F8B1/7D54A0CAB58611E9AA5F4D65C4F9AE02/tbP8PnYId-9PjY6EO91ozg9AVTA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tbP8PnYId-9PjY6EO91ozg9AVTA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 18:07:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3567 (0xdef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918F8B1, serialNumber=B5B3FC3E760877EF4F8D8E843BDD68CE0F405530 Validity Not Before: Apr 28 18:07:27 2025 GMT Not After : May 5 18:07:27 2025 GMT Subject: CN=680fc3df-2b82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:c9:2d:60:3d:4f:6c:36:ac:5f:f3:d0:6a:48: 10:2b:2b:80:63:61:7e:24:e0:70:a2:56:d1:ff:ba: 9a:e2:2f:c6:68:ea:ff:c8:a6:9b:70:d9:76:1f:4f: 87:29:df:76:a6:92:4b:f5:ef:e2:d1:fb:6c:29:c2: f3:0e:7e:ad:43:23:ae:2d:18:e8:3c:5f:a7:b1:86: cc:21:16:e8:0b:c8:e5:f1:3d:09:25:e7:cc:bf:ec: de:9e:51:e0:0f:4d:f3:33:25:fe:a7:cd:44:99:4e: 24:4d:4e:15:f3:c2:6f:6c:3d:bd:b2:97:7f:98:bf: ab:64:f1:ed:12:b1:66:44:d9:f3:dd:ae:8c:28:9a: a4:9c:bc:65:26:79:22:9a:75:0e:3f:12:84:bb:de: 97:0e:e0:bc:f8:59:d9:e2:ba:92:4b:17:2b:43:91: 36:e4:94:2d:d2:6c:6a:8d:25:dd:ab:f1:ee:02:84: 42:b4:06:4e:49:88:42:f0:68:6a:ec:00:f6:1b:52: 17:4a:b3:dd:df:b3:3b:22:08:38:ed:cd:22:12:b7: 5a:a6:d7:4f:a5:9a:6f:f0:2f:aa:de:d3:9d:90:30: 06:df:be:4f:c1:e3:47:a6:5e:ae:c1:7b:c7:a4:92: a1:90:8a:3d:70:09:89:ac:2a:31:15:ed:6a:63:09: 22:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:20:1B:01:6C:E3:1D:BF:7A:FF:F0:A6:EB:1D:A1:B7:AD:3C:E0:62 X509v3 Authority Key Identifier: keyid:B5:B3:FC:3E:76:08:77:EF:4F:8D:8E:84:3B:DD:68:CE:0F:40:55:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918F8B1/7D54A0CAB58611E9AA5F4D65C4F9AE02/tbP8PnYId-9PjY6EO91ozg9AVTA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tbP8PnYId-9PjY6EO91ozg9AVTA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F8B1/7D54A0CAB58611E9AA5F4D65C4F9AE02/tbP8PnYId-9PjY6EO91ozg9AVTA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:94:16:6e:0e:6e:e6:31:e3:0c:64:85:3f:6e:87:c8:e6:70: bc:6d:12:17:2a:44:92:04:81:2f:97:7a:75:bc:8d:c1:f5:e7: 99:52:5c:58:82:02:f3:7e:a7:ac:a6:d8:b1:93:45:48:97:ad: 28:3b:67:fd:2f:02:aa:46:9d:78:f0:b4:da:d7:62:e1:4b:42: e3:09:53:0d:21:16:c5:4e:34:ff:ea:b3:29:90:01:8d:78:5a: 66:b1:2f:9a:b9:dc:63:f2:43:1e:a8:c3:1b:1c:57:5c:7f:5f: 36:0c:0a:26:09:e4:8c:61:0c:2d:4d:ee:4d:e9:67:aa:1a:bb: 3d:74:e0:e4:38:b8:f1:46:fa:3c:e0:be:51:09:58:e9:72:b4: df:54:4c:e4:f7:37:c7:be:1a:7f:98:78:f8:a5:9c:d6:1c:20: e7:18:9c:79:dc:bd:da:60:bb:a4:e5:e1:4d:08:51:8b:10:f9: 49:ca:52:9d:e6:cb:1e:6d:5b:84:e5:3b:61:6c:89:84:be:cf: 0a:6a:7c:79:a6:65:01:73:32:91:a4:59:79:81:ef:10:d4:a4: 21:1a:8d:72:bd:4b:af:32:41:cc:96:ea:e9:be:9e:f2:ad:ab: 14:9b:c4:2f:17:87:86:ce:4e:99:6c:42:d5:cc:b2:62:a9:f9: 60:01:5c:3e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDe8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEY4QjExMTAvBgNVBAUTKEI1QjNGQzNFNzYwODc3RUY0RjhEOEU4NDNCREQ2OENF MEY0MDU1MzAwHhcNMjUwNDI4MTgwNzI3WhcNMjUwNTA1MTgwNzI3WjAYMRYwFAYD VQQDEw02ODBmYzNkZi0yYjgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0sktYD1PbDasX/PQakgQKyuAY2F+JOBwolbR/7qa4i/GaOr/yKabcNl2H0+H Kd92ppJL9e/i0ftsKcLzDn6tQyOuLRjoPF+nsYbMIRboC8jl8T0JJefMv+zenlHg D03zMyX+p81EmU4kTU4V88JvbD29spd/mL+rZPHtErFmRNnz3a6MKJqknLxlJnki mnUOPxKEu96XDuC8+FnZ4rqSSxcrQ5E25JQt0mxqjSXdq/HuAoRCtAZOSYhC8Ghq 7AD2G1IXSrPd37M7Igg47c0iErdaptdPpZpv8C+q3tOdkDAG375PweNHpl6uwXvH pJKhkIo9cAmJrCoxFe1qYwkibwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPogGwFs 4x2/ev/wpusdobetPOBiMB8GA1UdIwQYMBaAFLWz/D52CHfvT42OhDvdaM4PQFUw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RjhCMS83RDU0QTBDQUI1 ODYxMUU5QUE1RjRENjVDNEY5QUUwMi90YlA4UG5ZSWQtOVBqWTZFTzkxb3pnOUFW VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RiUDhQbllJZC05UGpZNkVPOTFvemc5QVZUQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RjhCMS83RDU0QTBDQUI1ODYxMUU5QUE1RjRENjVDNEY5QUUwMi90YlA4UG5ZSWQt OVBqWTZFTzkxb3pnOUFWVEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCflBZuDm7mMeMMZIU/bofI5nC8bRIXKkSSBIEvl3p1vI3B9eeZUlxY ggLzfqesptixk0VIl60oO2f9LwKqRp148LTa12LhS0LjCVMNIRbFTjT/6rMpkAGN eFpmsS+audxj8kMeqMMbHFdcf182DAomCeSMYQwtTe5N6WeqGrs9dODkOLjxRvo8 4L5RCVjpcrTfVEzk9zfHvhp/mHj4pZzWHCDnGJx53L3aYLuk5eFNCFGLEPlJylKd 5ssebVuE5TthbImEvs8Kanx5pmUBczKRpFl5ge8Q1KQhGo1yvUuvMkHMlurpvp7y rasUm8QvF4eGzk6ZbELVzLJiqflgAVw+ -----END CERTIFICATE-----Generated at Mon Apr 28 20:10:47 2025 by rpki-client on console.sobornost.net