$ rpki-client -vvf rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft File: H8Tf0A2sNKjrhGPTlRwio0WDesk.mft (raw, json) Hash identifier: uS4iFMyQmXBMpO/SqOkH8iGxnoUIlXqosjQPeI1ZeX8= Subject key identifier: CA:CB:28:FB:67:5B:B0:61:D4:8A:B7:F4:70:ED:9B:8D:20:49:5A:E7 Authority key identifier: 1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9 Certificate issuer: /CN=A91B477B/serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9 Certificate serial: 0690 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft Manifest number: 0683 Signing time: Sat 26 Apr 2025 21:58:24 +0000 Manifest this update: Sat 26 Apr 2025 21:58:24 +0000 Manifest next update: Sat 03 May 2025 21:58:24 +0000 Files and hashes: 1: H8Tf0A2sNKjrhGPTlRwio0WDesk.crl (hash: NAOCu8sbad7f6D4Mvk8SNdKchtMVvLQlvtLZU66g9BU=) 2: 22F72E28725311EBA9C51756C4F9AE02.roa (hash: jYjWFz3EGxandnR9opo8f6aMMLeOf+7OXo3+jH6tu9c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 21:58:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1680 (0x690) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B477B, serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9 Validity Not Before: Apr 26 21:58:24 2025 GMT Not After : May 3 21:58:24 2025 GMT Subject: CN=680d5700-e780 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:8c:03:bd:fe:71:08:47:6b:14:32:51:97:56: 19:c7:7a:c1:43:30:cd:d4:fc:9b:58:7c:75:62:9f: 39:75:14:75:ce:e4:04:1f:17:63:91:dc:cd:aa:30: 6e:b7:cc:aa:a2:cc:d1:88:e1:d1:83:29:ae:0e:e4: d8:cc:a3:9a:44:a4:21:95:3d:ab:06:df:cf:eb:a8: 8c:a7:c9:df:24:51:ca:24:c1:85:80:25:6f:63:4f: f0:f5:3c:f5:12:56:a0:74:a5:9a:9d:9e:a1:75:f5: a1:30:7c:70:fd:6d:17:a2:1b:3d:49:91:89:af:1e: 37:75:f9:84:68:d1:57:53:5e:c2:ad:ff:5d:8b:a1: a8:d5:49:10:93:5c:db:b8:83:a8:9a:fc:a4:75:51: 33:9c:28:06:c6:62:6e:15:7c:50:bb:ff:9c:db:ba: 30:c9:08:cf:42:78:d2:3d:3b:5f:28:8b:bb:f0:f9: 12:f7:ec:e0:26:3e:84:38:75:c1:92:39:5d:fa:01: 47:1c:62:8e:58:da:42:f7:d5:04:27:c9:53:a5:5c: 8e:55:ba:e2:7d:08:2c:e1:b3:18:11:5e:a6:20:01: e4:20:2e:6d:68:cd:1f:6f:2f:96:ac:5f:10:80:86: 4c:8e:cd:6b:46:e8:d4:3d:d9:0a:27:e5:15:0e:c1: f5:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:CB:28:FB:67:5B:B0:61:D4:8A:B7:F4:70:ED:9B:8D:20:49:5A:E7 X509v3 Authority Key Identifier: keyid:1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 67:b4:f7:99:66:d6:aa:76:c9:8e:0f:60:d8:8c:54:ec:fd:7e: b3:c3:30:4b:2d:01:19:e1:4f:66:15:49:a6:29:2a:3d:aa:4a: f2:9e:94:21:f5:62:3d:33:e2:9c:7a:a1:3f:3e:a9:df:96:e5: 6c:b0:4d:83:b0:87:2c:f7:ad:2c:12:95:98:f2:2d:4e:dc:a2: 29:55:bb:ec:46:8c:d9:be:0b:7d:56:4b:79:58:fd:6d:0e:3f: 1d:29:1b:ad:53:c6:c5:66:fd:33:3a:9e:fe:af:8c:bd:c7:d0: 50:07:51:84:f3:e6:5a:a1:e8:e3:10:f0:17:ef:e2:64:6b:e8: da:ac:8a:3d:b2:cf:d7:f5:a1:83:8a:3d:0d:63:40:ce:2d:90: b3:82:c9:71:cc:fa:f3:98:da:c9:0b:9f:03:5c:c5:f7:fb:30: f9:6b:aa:13:a8:60:0f:78:0f:69:cf:72:25:d9:a3:cf:2b:db: 73:dc:d4:2b:be:db:a5:c9:85:65:83:ee:28:16:f3:24:54:b4: c4:b0:71:d2:63:8c:44:42:ec:26:84:5b:4b:73:c4:f4:93:16: 94:38:ef:2f:6c:21:91:e5:39:00:f0:bf:f7:1e:07:f3:8d:7e: cc:a6:19:90:50:25:98:6a:a3:b6:7d:ec:1b:66:f8:4d:ce:c1: 71:93:16:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBpAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQ3N0IxMTAvBgNVBAUTKDFGQzRERkQwMERBQzM0QThFQjg0NjNEMzk1MUMyMkEz NDU4MzdBQzkwHhcNMjUwNDI2MjE1ODI0WhcNMjUwNTAzMjE1ODI0WjAYMRYwFAYD VQQDEw02ODBkNTcwMC1lNzgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxYwDvf5xCEdrFDJRl1YZx3rBQzDN1PybWHx1Yp85dRR1zuQEHxdjkdzNqjBu t8yqoszRiOHRgymuDuTYzKOaRKQhlT2rBt/P66iMp8nfJFHKJMGFgCVvY0/w9Tz1 ElagdKWanZ6hdfWhMHxw/W0Xohs9SZGJrx43dfmEaNFXU17Crf9di6Go1UkQk1zb uIOomvykdVEznCgGxmJuFXxQu/+c27owyQjPQnjSPTtfKIu78PkS9+zgJj6EOHXB kjld+gFHHGKOWNpC99UEJ8lTpVyOVbrifQgs4bMYEV6mIAHkIC5taM0fby+WrF8Q gIZMjs1rRujUPdkKJ+UVDsH1RQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMrLKPtn W7Bh1Iq39HDtm40gSVrnMB8GA1UdIwQYMBaAFB/E39ANrDSo64Rj05UcIqNFg3rJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDc3Qi8xQzI1NjI3MDcy NTAxMUVCQjY0OEY4NEVDNEY5QUUwMi9IOFRmMEEyc05LanJoR1BUbFJ3aW8wV0Rl c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0g4VGYwQTJzTktqcmhHUFRsUndpbzBXRGVzay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDc3Qi8xQzI1NjI3MDcyNTAxMUVCQjY0OEY4NEVDNEY5QUUwMi9IOFRmMEEyc05L anJoR1BUbFJ3aW8wV0Rlc2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBntPeZZtaqdsmOD2DYjFTs/X6zwzBLLQEZ4U9mFUmmKSo9qkrynpQh 9WI9M+KceqE/PqnfluVssE2DsIcs960sEpWY8i1O3KIpVbvsRozZvgt9Vkt5WP1t Dj8dKRutU8bFZv0zOp7+r4y9x9BQB1GE8+ZaoejjEPAX7+Jka+jarIo9ss/X9aGD ij0NY0DOLZCzgslxzPrzmNrJC58DXMX3+zD5a6oTqGAPeA9pz3Il2aPPK9tz3NQr vtulyYVlg+4oFvMkVLTEsHHSY4xEQuwmhFtLc8T0kxaUOO8vbCGR5TkA8L/3Hgfz jX7MphmQUCWYaqO2fewbZvhNzsFxkxYk -----END CERTIFICATE-----Generated at Sun Apr 27 05:43:08 2025 by rpki-client on console.sobornost.net