$ rpki-client -vvf rpki.apnic.net/member_repository/A91AADAF/87159C968CF311EF9F3EA40FC4F9AE02/aMK1iNFoWlh0LYouGIhl2zEQPPc.mft File: aMK1iNFoWlh0LYouGIhl2zEQPPc.mft (raw, json) Hash identifier: Wjhr1NBgXr3IfzFeNj8fyZ4KLvIkOQve6/Zy6lNPB1k= Subject key identifier: F6:2F:B6:CA:0D:2A:E9:4E:FB:92:4B:28:C9:48:0C:F5:FE:CE:B5:EA Authority key identifier: 68:C2:B5:88:D1:68:5A:58:74:2D:8A:2E:18:88:65:DB:31:10:3C:F7 Certificate issuer: /CN=A91AADAF/serialNumber=68C2B588D1685A58742D8A2E188865DB31103CF7 Certificate serial: 68 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aMK1iNFoWlh0LYouGIhl2zEQPPc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AADAF/87159C968CF311EF9F3EA40FC4F9AE02/aMK1iNFoWlh0LYouGIhl2zEQPPc.mft Manifest number: 66 Signing time: Sun 27 Apr 2025 05:51:01 +0000 Manifest this update: Sun 27 Apr 2025 05:51:00 +0000 Manifest next update: Sun 04 May 2025 05:51:00 +0000 Files and hashes: 1: aMK1iNFoWlh0LYouGIhl2zEQPPc.crl (hash: FBAgZmlQzpXXhrZF4O6m+dvgPtiSkoh9AdZsiN40AJI=) 2: 01BA52A28CF411EFAE6F7F10C4F9AE02.roa (hash: EDXTUfDV5y3+rKMOJtb6JOA7sYGQ4kz4K9vrUd4nHN0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AADAF/87159C968CF311EF9F3EA40FC4F9AE02/aMK1iNFoWlh0LYouGIhl2zEQPPc.crl rsync://rpki.apnic.net/member_repository/A91AADAF/87159C968CF311EF9F3EA40FC4F9AE02/aMK1iNFoWlh0LYouGIhl2zEQPPc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aMK1iNFoWlh0LYouGIhl2zEQPPc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 104 (0x68) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AADAF, serialNumber=68C2B588D1685A58742D8A2E188865DB31103CF7 Validity Not Before: Apr 27 05:51:00 2025 GMT Not After : May 4 05:51:00 2025 GMT Subject: CN=680dc5c4-0a46 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:33:3a:e8:56:26:53:c0:5e:4a:11:6e:87:5f: 00:17:28:d3:c6:95:60:0f:48:ae:cb:33:dd:ac:28: bb:ed:3a:44:f6:09:37:d3:1c:ff:af:13:fb:23:6a: aa:75:85:00:d7:8b:80:f5:85:96:14:b5:5e:3f:14: 62:2b:f5:98:c0:c6:db:b5:41:29:77:e8:c0:27:45: 4f:c4:08:f6:85:18:d9:1d:23:0f:d5:e7:52:ae:23: 23:36:cd:93:98:84:1b:be:c9:37:6a:42:d3:a7:7f: 4a:21:98:71:f6:e7:cf:0e:d7:97:ea:8c:8a:ce:3d: 97:23:7a:6c:8a:1e:43:03:9d:08:6f:8b:e8:d2:c6: 42:36:b4:59:c1:79:af:42:b2:0c:9b:f1:5a:0f:fb: df:c7:26:df:e3:9c:1b:64:9a:11:40:3e:80:66:e5: f8:f7:38:57:13:6c:b3:43:1e:20:9f:1a:06:cb:be: f9:72:bd:a9:47:68:6a:64:a5:16:96:d4:48:2b:6f: e6:4b:58:13:4b:ee:0e:b0:51:05:69:bf:1f:8a:d0: f0:a1:a7:d9:a4:1e:24:ea:26:57:92:01:73:99:f8: ae:e9:82:36:ad:58:09:d2:7b:36:2a:31:dd:56:66: 98:c7:c1:4b:83:ff:4a:7f:75:2c:94:e0:55:28:9e: f1:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:2F:B6:CA:0D:2A:E9:4E:FB:92:4B:28:C9:48:0C:F5:FE:CE:B5:EA X509v3 Authority Key Identifier: keyid:68:C2:B5:88:D1:68:5A:58:74:2D:8A:2E:18:88:65:DB:31:10:3C:F7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AADAF/87159C968CF311EF9F3EA40FC4F9AE02/aMK1iNFoWlh0LYouGIhl2zEQPPc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aMK1iNFoWlh0LYouGIhl2zEQPPc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AADAF/87159C968CF311EF9F3EA40FC4F9AE02/aMK1iNFoWlh0LYouGIhl2zEQPPc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:37:3f:ea:c0:b0:57:70:a8:9f:80:5d:b2:e6:68:91:94:4c: 44:3e:36:8d:ee:11:c3:a6:45:03:d2:ad:bd:21:63:51:70:57: d2:9c:6e:d5:8a:12:7a:ba:f1:9c:bf:62:7a:9b:cc:11:64:eb: 67:3e:bf:fa:86:9a:af:00:27:af:9d:e1:47:09:c5:24:de:e2: 6f:6a:7e:80:4a:0c:8c:33:3c:cf:c0:b6:c8:2b:ab:e6:29:3f: fa:d9:9a:86:b2:cc:a9:9d:c9:79:c1:86:ef:33:cd:e5:4d:38: 2a:15:0e:4d:28:e5:53:15:02:75:4d:b9:87:e5:58:52:f2:7e: ec:4c:99:29:15:50:ef:48:fa:3e:d3:2f:12:17:a8:19:6f:40: 4b:7c:67:cf:f3:d3:4c:80:16:3d:f1:8e:9a:f4:ba:58:e8:e1: 57:8a:bd:cc:f7:3b:c8:d8:f5:fc:aa:4e:06:e7:41:c6:8e:d2: 8a:35:c0:96:01:78:0a:c4:a7:eb:1d:79:2e:86:bc:aa:f5:55: 44:ca:1d:21:96:97:95:f3:c3:9f:29:84:47:5b:a5:0c:b3:01: d9:1e:31:39:ad:94:86:9a:75:81:d7:87:1d:f4:bf:8f:48:ff: 12:a5:a3:a4:06:1c:18:c2:4e:52:46:af:bd:17:a6:2a:f4:ca: 7e:8d:b9:57 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBaDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB QURBRjExMC8GA1UEBRMoNjhDMkI1ODhEMTY4NUE1ODc0MkQ4QTJFMTg4ODY1REIz MTEwM0NGNzAeFw0yNTA0MjcwNTUxMDBaFw0yNTA1MDQwNTUxMDBaMBgxFjAUBgNV BAMTDTY4MGRjNWM0LTBhNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDnMzroViZTwF5KEW6HXwAXKNPGlWAPSK7LM92sKLvtOkT2CTfTHP+vE/sjaqp1 hQDXi4D1hZYUtV4/FGIr9ZjAxtu1QSl36MAnRU/ECPaFGNkdIw/V51KuIyM2zZOY hBu+yTdqQtOnf0ohmHH2588O15fqjIrOPZcjemyKHkMDnQhvi+jSxkI2tFnBea9C sgyb8VoP+9/HJt/jnBtkmhFAPoBm5fj3OFcTbLNDHiCfGgbLvvlyvalHaGpkpRaW 1Egrb+ZLWBNL7g6wUQVpvx+K0PChp9mkHiTqJleSAXOZ+K7pgjatWAnSezYqMd1W ZpjHwUuD/0p/dSyU4FUonvEvAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU9i+2yg0q 6U77kksoyUgM9f7OteowHwYDVR0jBBgwFoAUaMK1iNFoWlh0LYouGIhl2zEQPPcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFBREFGLzg3MTU5Qzk2OENG MzExRUY5RjNFQTQwRkM0RjlBRTAyL2FNSzFpTkZvV2xoMExZb3VHSWhsMnpFUVBQ Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvYU1LMWlORm9XbGgwTFlvdUdJaGwyekVRUFBjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUFB REFGLzg3MTU5Qzk2OENGMzExRUY5RjNFQTQwRkM0RjlBRTAyL2FNSzFpTkZvV2xo MExZb3VHSWhsMnpFUVBQYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAk3P+rAsFdwqJ+AXbLmaJGUTEQ+No3uEcOmRQPSrb0hY1FwV9KcbtWK Enq68Zy/YnqbzBFk62c+v/qGmq8AJ6+d4UcJxSTe4m9qfoBKDIwzPM/Atsgrq+Yp P/rZmoayzKmdyXnBhu8zzeVNOCoVDk0o5VMVAnVNuYflWFLyfuxMmSkVUO9I+j7T LxIXqBlvQEt8Z8/z00yAFj3xjpr0uljo4VeKvcz3O8jY9fyqTgbnQcaO0oo1wJYB eArEp+sdeS6GvKr1VUTKHSGWl5Xzw58phEdbpQyzAdkeMTmtlIaadYHXhx30v49I /xKlo6QGHBjCTlJGr70Xpir0yn6NuVc= -----END CERTIFICATE-----Generated at Sun Apr 27 08:07:53 2025 by rpki-client on console.sobornost.net