$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft File: httX5pD30wkpOii6fFX7ivN9Xb0.mft (raw, json) Hash identifier: Kw/RypVQglai7Hy0VZ7e54ChDyKfCOAS0eoc/fEKqew= Subject key identifier: 9A:7F:8A:2A:CA:4F:96:A7:8D:09:16:5B:BA:3A:E2:E2:59:14:B3:10 Authority key identifier: 86:DB:57:E6:90:F7:D3:09:29:3A:28:BA:7C:55:FB:8A:F3:7D:5D:BD Certificate issuer: /CN=A91A560A/serialNumber=86DB57E690F7D309293A28BA7C55FB8AF37D5DBD Certificate serial: 3668 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft Manifest number: 3667 Signing time: Mon 28 Apr 2025 14:36:58 +0000 Manifest this update: Mon 28 Apr 2025 14:36:57 +0000 Manifest next update: Mon 05 May 2025 14:36:57 +0000 Files and hashes: 1: httX5pD30wkpOii6fFX7ivN9Xb0.crl (hash: XxuUhPT7O9mxw5i035gFEulQdi9iFMbbJswguuZ6uJw=) 2: 3B8DEC18F67C11EFA12FD55AC4F9AE02.roa (hash: nh94eTTHYj6LF33H1WS71VdzV0Cak2sfzem+EZwjKa8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.crl rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 05 May 2025 14:36:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13928 (0x3668) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=86DB57E690F7D309293A28BA7C55FB8AF37D5DBD Validity Not Before: Apr 28 14:36:57 2025 GMT Not After : May 5 14:36:57 2025 GMT Subject: CN=680f928a-ff4a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:38:e0:dc:00:b4:ca:fe:3f:22:32:4c:a8:15: 27:2b:1e:f8:88:8f:d2:c4:92:8d:53:0b:ca:10:3a: 06:d3:18:ed:9b:84:22:3c:45:7e:e9:58:ba:9e:36: 3d:6e:57:a0:ff:2c:59:16:a2:fc:70:c8:64:c6:0e: 0e:dd:db:c4:be:5e:5d:9c:47:d9:c8:49:1b:10:d5: 33:27:8c:90:16:88:b5:63:c4:28:87:97:e2:8f:ff: f7:1b:a0:e0:7e:f8:2e:7c:8a:b7:24:fd:46:e6:d1: a1:06:eb:dc:13:7d:cc:49:66:77:cb:41:c5:c1:7b: 2d:f4:7f:c5:2a:4d:e5:51:19:e9:63:f8:f2:53:4c: a1:38:e3:62:c6:73:c7:2b:ff:a7:f8:f4:ee:12:91: 74:dc:6b:ba:09:c8:ae:1f:4b:f9:17:14:50:aa:72: 17:fd:c6:85:ad:1c:2c:24:d3:aa:4d:32:a4:90:0a: f2:5d:02:42:08:e3:42:b7:03:71:f4:3e:c3:01:4c: 9a:e7:60:4a:de:84:dd:92:41:60:a8:69:cd:99:f0: 13:05:27:b3:90:fc:92:b5:86:52:01:4d:50:14:e0: f0:55:07:2b:e4:1e:a4:9b:0a:a4:a4:8d:f9:7a:bc: 14:3c:16:7e:b8:de:a9:15:27:ee:f4:ab:5b:e3:ce: 97:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:7F:8A:2A:CA:4F:96:A7:8D:09:16:5B:BA:3A:E2:E2:59:14:B3:10 X509v3 Authority Key Identifier: keyid:86:DB:57:E6:90:F7:D3:09:29:3A:28:BA:7C:55:FB:8A:F3:7D:5D:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:58:f0:1c:9f:3c:e8:ae:18:8a:62:c4:3b:90:6a:57:d5:02: ca:11:6f:b3:9a:c5:da:4f:38:89:66:43:d6:0a:a5:98:19:1c: ea:ab:f3:b4:c3:d9:e7:c0:b1:e9:5f:13:46:bf:42:a8:56:ae: 68:62:c6:7e:49:2f:f3:0d:f2:4c:c9:3c:ea:81:76:33:2e:e3: af:76:54:e1:b6:90:44:ca:fd:af:df:1f:e0:d6:ed:a8:17:a3: b6:08:c2:3a:fe:5e:9d:6d:e3:58:be:7a:8d:1e:1a:b0:6a:73: 00:ef:fd:44:c9:65:77:73:16:20:39:b3:bf:a7:3d:fb:bb:0a: 65:e7:ba:d4:7f:70:0c:d6:8c:d5:57:73:26:9f:fc:03:9d:db: a5:b3:89:38:5f:c2:1e:32:15:91:af:5a:e3:e8:62:9a:2a:87: d3:c3:5e:79:f0:5c:5c:d8:cc:bb:33:a1:03:35:db:27:b1:09: 13:ca:fc:94:21:be:35:4f:b5:a7:ee:c9:ae:c5:39:b7:a3:24: 68:82:97:c3:25:cb:4f:eb:c8:be:17:08:c1:30:21:df:04:ff: a1:d0:f9:37:6f:96:73:4a:97:c3:41:1a:50:92:14:02:cd:94: 89:f1:9f:dc:f4:de:61:33:dd:e8:3d:25:a7:40:1b:4a:9a:a0: 03:31:c5:bc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNmgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDg2REI1N0U2OTBGN0QzMDkyOTNBMjhCQTdDNTVGQjhB RjM3RDVEQkQwHhcNMjUwNDI4MTQzNjU3WhcNMjUwNTA1MTQzNjU3WjAYMRYwFAYD VQQDEw02ODBmOTI4YS1mZjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwzjg3AC0yv4/IjJMqBUnKx74iI/SxJKNUwvKEDoG0xjtm4QiPEV+6Vi6njY9 bleg/yxZFqL8cMhkxg4O3dvEvl5dnEfZyEkbENUzJ4yQFoi1Y8Qoh5fij//3G6Dg fvgufIq3JP1G5tGhBuvcE33MSWZ3y0HFwXst9H/FKk3lURnpY/jyU0yhOONixnPH K/+n+PTuEpF03Gu6CciuH0v5FxRQqnIX/caFrRwsJNOqTTKkkAryXQJCCONCtwNx 9D7DAUya52BK3oTdkkFgqGnNmfATBSezkPyStYZSAU1QFODwVQcr5B6kmwqkpI35 erwUPBZ+uN6pFSfu9Ktb486XuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJp/iirK T5anjQkWW7o64uJZFLMQMB8GA1UdIwQYMBaAFIbbV+aQ99MJKToounxV+4rzfV29 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9COTk1M0RCQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9odHRYNXBEMzB3a3BPaWk2ZkZYN2l2TjlY YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2h0dFg1cEQzMHdrcE9paTZmRlg3aXZOOVhiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTYwQS9COTk1M0RCQTFEOEExMUUyQTM4N0QwRTQwOEIwMkNEMi9odHRYNXBEMzB3 a3BPaWk2ZkZYN2l2TjlYYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCSWPAcnzzorhiKYsQ7kGpX1QLKEW+zmsXaTziJZkPWCqWYGRzqq/O0 w9nnwLHpXxNGv0KoVq5oYsZ+SS/zDfJMyTzqgXYzLuOvdlThtpBEyv2v3x/g1u2o F6O2CMI6/l6dbeNYvnqNHhqwanMA7/1EyWV3cxYgObO/pz37uwpl57rUf3AM1ozV V3Mmn/wDnduls4k4X8IeMhWRr1rj6GKaKofTw1558Fxc2My7M6EDNdsnsQkTyvyU Ib41T7Wn7smuxTm3oyRogpfDJctP68i+FwjBMCHfBP+h0Pk3b5ZzSpfDQRpQkhQC zZSJ8Z/c9N5hM93oPSWnQBtKmqADMcW8 -----END CERTIFICATE-----Generated at Mon Apr 28 17:46:01 2025 by rpki-client on console.sobornost.net