$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft File: kBUoySF5F9lWch0caFZlNFvrVv0.mft (raw, json) Hash identifier: 3vd+qmfI6QqfZT+gJcvlr4aggKWtOqUjLIkaSVsuy4U= Subject key identifier: 0E:41:6F:AE:66:67:A2:51:4B:61:50:22:97:AA:1B:A2:EB:2B:B0:B2 Authority key identifier: 90:15:28:C9:21:79:17:D9:56:72:1D:1C:68:56:65:34:5B:EB:56:FD Certificate issuer: /CN=A91CFAB9/serialNumber=901528C9217917D956721D1C685665345BEB56FD Certificate serial: 031E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft Manifest number: 031A Signing time: Fri 25 Apr 2025 00:37:56 +0000 Manifest this update: Fri 25 Apr 2025 00:37:56 +0000 Manifest next update: Fri 02 May 2025 00:37:56 +0000 Files and hashes: 1: kBUoySF5F9lWch0caFZlNFvrVv0.crl (hash: D/barEqT4fifwzNHK2kKoY82OudoaSWUrpmtSG7IbNg=) 2: 39A335D6CB3F11ECBEBC9A1DC4F9AE02.roa (hash: NmvW/sg0pEXjTHBegEg6TihBwGGc4JodMMQnzVosHvc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.crl rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 00:37:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 798 (0x31e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFAB9, serialNumber=901528C9217917D956721D1C685665345BEB56FD Validity Not Before: Apr 25 00:37:56 2025 GMT Not After : May 2 00:37:56 2025 GMT Subject: CN=680ad964-c0d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:86:b9:f0:15:95:b5:73:38:4f:4b:b0:d5:c6: 4e:23:75:44:98:25:7f:08:75:03:cf:c7:43:77:4d: 86:5e:be:fd:b8:a8:be:7a:da:32:9b:53:24:39:6a: 35:68:05:1b:81:03:f4:fe:69:9a:8a:50:6c:f6:87: 23:37:18:b2:e6:3e:75:14:19:1c:56:bb:76:45:aa: 23:8c:b5:2a:42:24:34:d3:1c:d5:13:c1:aa:f1:49: 3e:a6:ab:9d:fc:1a:6c:60:99:b9:6c:2d:c7:97:a5: c8:5f:b5:51:22:b3:27:a8:99:a7:d2:72:cf:f8:c1: 0d:86:8c:c9:46:69:ac:b4:c5:86:3f:e8:00:d1:19: 4a:e1:28:7e:bf:fa:3d:43:dc:7e:9c:83:6e:fe:3f: e3:6c:5a:cb:8b:92:5d:57:04:17:dd:89:8e:03:07: 78:cc:2f:82:d1:13:fd:21:62:d2:f0:86:eb:57:b8: 81:2f:c8:85:6d:32:89:d9:8a:36:2f:e0:fa:be:2b: 1a:82:f3:c7:06:83:73:ac:c2:16:29:09:b3:51:7e: f9:8a:38:b4:13:e8:44:81:2f:fe:08:24:c5:b1:a8: ba:56:95:e6:c1:b4:ed:16:b6:6b:a7:61:50:26:fa: a2:55:25:3a:8f:d2:f6:53:05:43:f5:29:b2:e9:e7: 24:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:41:6F:AE:66:67:A2:51:4B:61:50:22:97:AA:1B:A2:EB:2B:B0:B2 X509v3 Authority Key Identifier: keyid:90:15:28:C9:21:79:17:D9:56:72:1D:1C:68:56:65:34:5B:EB:56:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:04:e2:74:5f:df:64:0d:19:bd:68:2f:73:f4:ea:91:98:96: dd:74:a2:1b:aa:b3:7b:d6:79:73:9a:a0:14:f2:a7:7e:64:da: 91:ed:43:3c:62:52:12:cb:0e:0f:22:3b:23:7a:90:b8:6c:cd: 31:4e:d6:82:51:b2:6b:46:ae:e7:98:eb:86:d6:69:d8:78:10: d2:79:85:b2:7f:e2:ba:6b:4f:24:dd:15:3d:df:39:82:bc:a2: 8f:12:ab:82:86:55:af:14:0d:70:5d:6d:82:48:44:eb:63:e6: 88:f6:b5:57:3c:17:b6:9a:37:c0:ef:2d:bb:38:63:4a:9f:2f: 4f:ae:5b:fd:7f:c6:8b:91:a1:a9:07:a0:61:77:fa:78:14:e0: 5d:57:44:ad:fa:4b:96:a1:33:e7:11:43:f5:28:d5:f5:60:3f: f8:49:53:75:3f:45:93:46:cb:7b:d6:62:d1:69:4d:be:87:d3: d4:64:d4:ba:1b:4b:fe:3d:c3:d5:0c:33:76:48:4d:a9:fe:69: 30:8b:6f:7d:27:f4:c6:cd:4b:dd:56:d3:1d:46:4f:53:20:e0: f8:e8:6c:bd:b2:42:4a:b4:56:e4:02:f9:15:62:23:86:66:ea: 58:a8:ae:71:47:67:ba:07:55:78:93:51:1c:e8:d2:6c:c3:5e: af:0d:7d:bf -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAx4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZBQjkxMTAvBgNVBAUTKDkwMTUyOEM5MjE3OTE3RDk1NjcyMUQxQzY4NTY2NTM0 NUJFQjU2RkQwHhcNMjUwNDI1MDAzNzU2WhcNMjUwNTAyMDAzNzU2WjAYMRYwFAYD VQQDEw02ODBhZDk2NC1jMGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtoa58BWVtXM4T0uw1cZOI3VEmCV/CHUDz8dDd02GXr79uKi+etoym1MkOWo1 aAUbgQP0/mmailBs9ocjNxiy5j51FBkcVrt2RaojjLUqQiQ00xzVE8Gq8Uk+pqud /BpsYJm5bC3Hl6XIX7VRIrMnqJmn0nLP+MENhozJRmmstMWGP+gA0RlK4Sh+v/o9 Q9x+nINu/j/jbFrLi5JdVwQX3YmOAwd4zC+C0RP9IWLS8IbrV7iBL8iFbTKJ2Yo2 L+D6visagvPHBoNzrMIWKQmzUX75iji0E+hEgS/+CCTFsai6VpXmwbTtFrZrp2FQ JvqiVSU6j9L2UwVD9Smy6eckDwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA5Bb65m Z6JRS2FQIpeqG6LrK7CyMB8GA1UdIwQYMBaAFJAVKMkheRfZVnIdHGhWZTRb61b9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkFCOS8xQ0Q0NEY5RUM3 N0ExMUVDQjk0MzRDMkNDNEY5QUUwMi9rQlVveVNGNUY5bFdjaDBjYUZabE5GdnJW djAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tCVW95U0Y1RjlsV2NoMGNhRlpsTkZ2clZ2MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkFCOS8xQ0Q0NEY5RUM3N0ExMUVDQjk0MzRDMkNDNEY5QUUwMi9rQlVveVNGNUY5 bFdjaDBjYUZabE5GdnJWdjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCmBOJ0X99kDRm9aC9z9OqRmJbddKIbqrN71nlzmqAU8qd+ZNqR7UM8 YlISyw4PIjsjepC4bM0xTtaCUbJrRq7nmOuG1mnYeBDSeYWyf+K6a08k3RU93zmC vKKPEquChlWvFA1wXW2CSETrY+aI9rVXPBe2mjfA7y27OGNKny9Prlv9f8aLkaGp B6Bhd/p4FOBdV0St+kuWoTPnEUP1KNX1YD/4SVN1P0WTRst71mLRaU2+h9PUZNS6 G0v+PcPVDDN2SE2p/mkwi299J/TGzUvdVtMdRk9TIOD46Gy9skJKtFbkAvkVYiOG ZupYqK5xR2e6B1V4k1Ec6NJsw16vDX2/ -----END CERTIFICATE-----Generated at Fri Apr 25 08:25:11 2025 by rpki-client on console.sobornost.net