$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft File: 9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft (raw, json) Hash identifier: HDhJM0ZuGs7mn+iqX6A69M5kP9hYSa98caIZQgfAOro= Subject key identifier: D2:D2:53:23:3A:6E:1F:9B:3E:2D:61:9C:70:A3:DF:C5:7C:BB:97:72 Authority key identifier: F7:26:7E:80:BE:81:7F:04:3D:28:FB:7E:73:05:F4:C4:88:A8:39:1A Certificate issuer: /CN=A91C7AA5/serialNumber=F7267E80BE817F043D28FB7E7305F4C488A8391A Certificate serial: 13 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft Manifest number: 10 Signing time: Sun 27 Apr 2025 06:57:01 +0000 Manifest this update: Sun 27 Apr 2025 06:57:01 +0000 Manifest next update: Sun 04 May 2025 06:57:01 +0000 Files and hashes: 1: 9yZ-gL6BfwQ9KPt-cwX0xIioORo.crl (hash: zW0n9/gU3LXxAwmDn90OUArJ6hnksFowF/+YzZ6akkQ=) 2: 4BDF403A1A7B11F0A104ED51C4F9AE02.roa (hash: XA24y6Bmnh9zhYcZE0f+nzYkNFXplMfx6oKN/T97TM8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.crl rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19 (0x13) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7AA5, serialNumber=F7267E80BE817F043D28FB7E7305F4C488A8391A Validity Not Before: Apr 27 06:57:01 2025 GMT Not After : May 4 06:57:01 2025 GMT Subject: CN=680dd53d-7667 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:4a:d3:ab:e4:d6:8c:76:eb:65:72:71:35:f2: 47:fa:7f:09:80:1d:5c:90:e2:51:df:bb:6f:0b:7f: 34:bf:ee:e0:83:f7:b4:2c:06:a4:9e:aa:b4:83:10: 35:c8:b9:ef:e2:61:5f:79:30:8c:61:75:5b:7d:de: b5:c0:6e:2b:44:86:5a:dd:4a:12:ff:0b:93:29:ce: 5b:7d:3a:03:c0:28:57:1f:40:b0:cb:07:0a:ff:3f: 17:fa:fe:02:6e:27:c3:9b:be:61:58:e5:68:fa:69: 73:ae:66:65:e5:69:d1:64:35:51:e0:6e:7f:b7:55: 21:62:85:85:f7:17:0c:9f:e8:60:21:ea:e4:cd:a2: 25:cd:11:a4:55:76:42:13:99:c9:b2:68:28:49:ae: f2:15:2e:2d:d7:72:e5:de:ae:4b:04:ad:16:cb:24: 6e:10:ae:18:68:73:e7:77:b5:6c:00:4e:8d:dd:7f: 2c:f3:01:90:1d:0e:53:58:b0:b9:ca:77:a7:aa:41: 64:d1:2d:3d:97:81:97:01:8a:9d:ce:72:71:75:bb: 77:cc:ff:44:ef:dd:05:91:ff:46:93:fd:a9:ea:da: ae:97:29:8c:10:ca:b4:75:c3:0c:ed:22:2b:01:6f: 41:a8:77:4a:92:8e:cb:45:ea:2c:cf:05:62:3a:2a: e7:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:D2:53:23:3A:6E:1F:9B:3E:2D:61:9C:70:A3:DF:C5:7C:BB:97:72 X509v3 Authority Key Identifier: keyid:F7:26:7E:80:BE:81:7F:04:3D:28:FB:7E:73:05:F4:C4:88:A8:39:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption dd:54:13:55:4e:ee:1b:28:d0:91:ae:1b:6d:9e:bf:3a:10:e0: fe:59:74:54:c4:fd:01:d3:7a:91:f9:3b:87:17:74:6e:b3:ca: ce:54:47:06:9f:7e:dd:79:02:93:39:6f:32:dd:c8:e7:b8:0c: e9:e0:12:dd:5a:f7:83:60:92:95:70:ea:6a:53:d2:3f:7f:04: f3:81:ab:98:5b:aa:fa:a9:b9:52:25:2f:59:9b:5f:74:fd:59: ea:24:d9:1b:4c:96:6e:eb:dc:9d:0b:f9:4a:9a:01:92:66:12: 72:5d:ed:12:a5:2c:1e:6b:d5:5f:19:7f:64:21:1a:3b:6c:d9: 73:e0:46:e8:de:7d:95:ba:98:53:95:83:bf:ca:31:ea:78:b3: 07:5f:05:1b:59:98:0b:73:dd:61:5f:eb:93:2a:2f:09:52:6c: ba:60:f2:3c:c3:d8:0a:70:04:a4:20:2a:3c:7c:d5:86:c6:c3: 4b:3b:16:f3:3b:d6:e0:c8:c0:01:87:f8:b4:6e:40:09:7c:a4: 34:fb:b3:84:1d:4c:40:1d:47:79:18:cb:1b:e9:13:18:bb:02: ea:9f:20:d5:7e:05:4f:3e:4e:8e:f9:26:0f:aa:f5:94:c9:d8: f1:9f:eb:ed:ba:16:92:30:7e:29:b0:96:97:e6:d6:c5:26:3e: b3:72:1f:51 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBEzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD N0FBNTExMC8GA1UEBRMoRjcyNjdFODBCRTgxN0YwNDNEMjhGQjdFNzMwNUY0QzQ4 OEE4MzkxQTAeFw0yNTA0MjcwNjU3MDFaFw0yNTA1MDQwNjU3MDFaMBgxFjAUBgNV BAMTDTY4MGRkNTNkLTc2NjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC5StOr5NaMdutlcnE18kf6fwmAHVyQ4lHfu28LfzS/7uCD97QsBqSeqrSDEDXI ue/iYV95MIxhdVt93rXAbitEhlrdShL/C5Mpzlt9OgPAKFcfQLDLBwr/Pxf6/gJu J8ObvmFY5Wj6aXOuZmXladFkNVHgbn+3VSFihYX3Fwyf6GAh6uTNoiXNEaRVdkIT mcmyaChJrvIVLi3XcuXerksErRbLJG4Qrhhoc+d3tWwATo3dfyzzAZAdDlNYsLnK d6eqQWTRLT2XgZcBip3OcnF1u3fM/0Tv3QWR/0aT/anq2q6XKYwQyrR1wwztIisB b0God0qSjstF6izPBWI6KudbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU0tJTIzpu H5s+LWGccKPfxXy7l3IwHwYDVR0jBBgwFoAU9yZ+gL6BfwQ9KPt+cwX0xIioORow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3QUE1L0JBRkIzNTc0MTVC QjExRjBCRkQ1NDg4MUM0RjlBRTAyLzl5Wi1nTDZCZndROUtQdC1jd1gweElpb09S by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvOXlaLWdMNkJmd1E5S1B0LWN3WDB4SWlvT1JvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3 QUE1L0JBRkIzNTc0MTVCQjExRjBCRkQ1NDg4MUM0RjlBRTAyLzl5Wi1nTDZCZndR OUtQdC1jd1gweElpb09Sby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAN1UE1VO7hso0JGuG22evzoQ4P5ZdFTE/QHTepH5O4cXdG6zys5URwaf ft15ApM5bzLdyOe4DOngEt1a94NgkpVw6mpT0j9/BPOBq5hbqvqpuVIlL1mbX3T9 Weok2RtMlm7r3J0L+UqaAZJmEnJd7RKlLB5r1V8Zf2QhGjts2XPgRujefZW6mFOV g7/KMep4swdfBRtZmAtz3WFf65MqLwlSbLpg8jzD2ApwBKQgKjx81YbGw0s7FvM7 1uDIwAGH+LRuQAl8pDT7s4QdTEAdR3kYyxvpExi7AuqfINV+BU8+To75Jg+q9ZTJ 2PGf6+26FpIwfimwlpfm1sUmPrNyH1E= -----END CERTIFICATE-----Generated at Sun Apr 27 10:27:19 2025 by rpki-client on console.sobornost.net