$ rpki-client -vvf rpki.apnic.net/member_repository/A91BEE1D/9ADADADEC70E11EF8067C466C4F9AE02/itYQrIti8qb8qCWJVdXxJJJ7OgA.mft File: itYQrIti8qb8qCWJVdXxJJJ7OgA.mft (raw, json) Hash identifier: pNvS5AlIuQ5WI1Q2ZKy3pj5/82F7u5Y6DBNt5YitBtU= Subject key identifier: F0:E4:86:1B:6C:FB:F2:2E:61:BD:1D:98:3C:9C:9F:17:E7:B1:7B:16 Authority key identifier: 8A:D6:10:AC:8B:62:F2:A6:FC:A8:25:89:55:D5:F1:24:92:7B:3A:00 Certificate issuer: /CN=A91BEE1D/serialNumber=8AD610AC8B62F2A6FCA8258955D5F124927B3A00 Certificate serial: 3E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/itYQrIti8qb8qCWJVdXxJJJ7OgA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BEE1D/9ADADADEC70E11EF8067C466C4F9AE02/itYQrIti8qb8qCWJVdXxJJJ7OgA.mft Manifest number: 3E Signing time: Sun 27 Apr 2025 06:17:51 +0000 Manifest this update: Sun 27 Apr 2025 06:17:51 +0000 Manifest next update: Sun 04 May 2025 06:17:51 +0000 Files and hashes: 1: itYQrIti8qb8qCWJVdXxJJJ7OgA.crl (hash: 2c1BfdYWs3tgCXQr7UQnJ1j+H0uQKVTu2JDaiKGCfQM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BEE1D/9ADADADEC70E11EF8067C466C4F9AE02/itYQrIti8qb8qCWJVdXxJJJ7OgA.crl rsync://rpki.apnic.net/member_repository/A91BEE1D/9ADADADEC70E11EF8067C466C4F9AE02/itYQrIti8qb8qCWJVdXxJJJ7OgA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/itYQrIti8qb8qCWJVdXxJJJ7OgA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62 (0x3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BEE1D, serialNumber=8AD610AC8B62F2A6FCA8258955D5F124927B3A00 Validity Not Before: Apr 27 06:17:51 2025 GMT Not After : May 4 06:17:51 2025 GMT Subject: CN=680dcc0f-c75c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:e7:c9:34:5b:0f:29:a1:e5:ed:71:8b:80:42: e1:49:93:03:20:12:9c:f6:73:7e:2e:65:f1:c3:0d: 99:03:a5:29:34:4d:91:0a:ec:04:98:c0:34:5a:7b: d9:e8:67:c9:02:1c:02:f9:66:a5:9f:e6:bd:d1:2b: ac:bf:9d:80:f1:23:0b:51:98:1f:3d:60:35:a0:cd: 6a:c2:79:f1:52:dd:a9:13:e0:70:a5:d9:a2:41:ac: 85:76:3f:6f:65:e8:25:37:e9:eb:02:68:6d:ea:7a: e7:58:09:28:cd:6d:27:82:7a:c0:49:e7:9b:63:4d: 0b:02:e2:3b:23:e4:b7:62:14:f4:a5:16:1c:fe:11: 1e:3b:9e:d9:87:50:2d:dd:e1:8e:7d:28:4a:5a:fa: 4e:5b:e9:91:39:f7:34:7b:df:f9:03:77:98:7f:5f: 3d:5a:cd:97:c2:3a:47:c2:2a:1b:e3:bc:22:05:67: c3:db:e5:43:1a:e2:6c:54:9d:ca:4e:55:69:75:98: b3:66:38:03:aa:a5:fb:da:09:b6:46:33:7d:e7:6a: a8:90:ff:f8:5c:c4:9c:cc:cc:be:6f:76:ca:77:78: f8:a6:3a:e6:e9:a3:50:cc:5f:8f:ba:83:07:80:38: 8e:e2:a8:73:69:2f:13:28:f7:0e:89:80:3d:2c:b5: a6:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:E4:86:1B:6C:FB:F2:2E:61:BD:1D:98:3C:9C:9F:17:E7:B1:7B:16 X509v3 Authority Key Identifier: keyid:8A:D6:10:AC:8B:62:F2:A6:FC:A8:25:89:55:D5:F1:24:92:7B:3A:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BEE1D/9ADADADEC70E11EF8067C466C4F9AE02/itYQrIti8qb8qCWJVdXxJJJ7OgA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/itYQrIti8qb8qCWJVdXxJJJ7OgA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BEE1D/9ADADADEC70E11EF8067C466C4F9AE02/itYQrIti8qb8qCWJVdXxJJJ7OgA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6f:07:b2:1f:3b:e0:c3:e5:95:f5:f9:9e:fe:07:b5:38:37:ce: c1:0a:b3:59:3b:16:89:e1:e0:d2:1d:98:1d:43:46:57:9a:b8: 92:30:5b:53:08:7c:d2:a4:33:23:f3:75:85:21:dd:78:01:92: da:ac:33:d5:76:c7:db:77:3c:39:3a:f7:98:58:1d:2e:c3:37: f9:ce:59:c1:5b:fd:06:a5:e4:f7:05:fd:2a:0b:75:8c:2a:ef: a6:0c:52:78:0e:f1:28:ab:09:44:18:87:dd:bb:55:91:46:14: f4:0c:46:f8:7c:08:4d:8d:50:43:df:7e:47:f0:41:f8:52:a8: 16:91:7d:de:79:5d:2d:c6:4a:04:14:c6:b9:37:59:80:d7:65: ee:a8:b2:13:d0:82:61:2e:fa:60:d1:42:45:c5:5b:ba:04:89: 88:93:56:8f:10:09:60:a1:93:3f:2e:c5:74:20:d1:56:b7:a7: 17:ec:6e:7a:07:7e:e8:fe:da:65:32:33:81:f6:59:a8:e2:5a: 56:ed:b6:15:66:33:1c:9c:8c:0f:f2:7e:f9:82:b0:fd:ba:81: c8:d7:39:48:14:76:f1:cb:ac:b5:fa:62:66:b1:4a:d1:9f:0f: fa:73:4c:3a:b3:ee:aa:05:72:43:e2:16:d8:d7:73:f3:8c:6c: a1:aa:dc:01 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC RUUxRDExMC8GA1UEBRMoOEFENjEwQUM4QjYyRjJBNkZDQTgyNTg5NTVENUYxMjQ5 MjdCM0EwMDAeFw0yNTA0MjcwNjE3NTFaFw0yNTA1MDQwNjE3NTFaMBgxFjAUBgNV BAMTDTY4MGRjYzBmLWM3NWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDO58k0Ww8poeXtcYuAQuFJkwMgEpz2c34uZfHDDZkDpSk0TZEK7ASYwDRae9no Z8kCHAL5ZqWf5r3RK6y/nYDxIwtRmB89YDWgzWrCefFS3akT4HCl2aJBrIV2P29l 6CU36esCaG3qeudYCSjNbSeCesBJ55tjTQsC4jsj5LdiFPSlFhz+ER47ntmHUC3d 4Y59KEpa+k5b6ZE59zR73/kDd5h/Xz1azZfCOkfCKhvjvCIFZ8Pb5UMa4mxUncpO VWl1mLNmOAOqpfvaCbZGM33naqiQ//hcxJzMzL5vdsp3ePimOubpo1DMX4+6gweA OI7iqHNpLxMo9w6JgD0staZpAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU8OSGG2z7 8i5hvR2YPJyfF+exexYwHwYDVR0jBBgwFoAUitYQrIti8qb8qCWJVdXxJJJ7OgAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJFRTFELzlBREFEQURFQzcw RTExRUY4MDY3QzQ2NkM0RjlBRTAyL2l0WVFySXRpOHFiOHFDV0pWZFh4SkpKN09n QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaXRZUXJJdGk4cWI4cUNXSlZkWHhKSko3T2dBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJF RTFELzlBREFEQURFQzcwRTExRUY4MDY3QzQ2NkM0RjlBRTAyL2l0WVFySXRpOHFi OHFDV0pWZFh4SkpKN09nQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAG8Hsh874MPllfX5nv4HtTg3zsEKs1k7Fonh4NIdmB1DRleauJIwW1MI fNKkMyPzdYUh3XgBktqsM9V2x9t3PDk695hYHS7DN/nOWcFb/Qal5PcF/SoLdYwq 76YMUngO8SirCUQYh927VZFGFPQMRvh8CE2NUEPffkfwQfhSqBaRfd55XS3GSgQU xrk3WYDXZe6oshPQgmEu+mDRQkXFW7oEiYiTVo8QCWChkz8uxXQg0Va3pxfsbnoH fuj+2mUyM4H2WajiWlbtthVmMxycjA/yfvmCsP26gcjXOUgUdvHLrLX6YmaxStGf D/pzTDqz7qoFckPiFtjXc/OMbKGq3AE= -----END CERTIFICATE-----Generated at Sun Apr 27 08:07:55 2025 by rpki-client on console.sobornost.net