$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4B86/8933148AF7E311EF8ADA8A41C4F9AE02/pcmHAk0KjqwJZAn9mewy7JBHC6M.mft File: pcmHAk0KjqwJZAn9mewy7JBHC6M.mft (raw, json) Hash identifier: EwZUdvnDhegjhmfPQ3dfrwl8xwiM79W6/jh2+jGwzko= Subject key identifier: B5:BB:2E:D7:18:54:AF:22:69:AC:89:0E:BF:15:35:96:7C:C8:97:55 Authority key identifier: A5:C9:87:02:4D:0A:8E:AC:09:64:09:FD:99:EC:32:EC:90:47:0B:A3 Certificate issuer: /CN=A91E4B86/serialNumber=A5C987024D0A8EAC096409FD99EC32EC90470BA3 Certificate serial: 23 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pcmHAk0KjqwJZAn9mewy7JBHC6M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4B86/8933148AF7E311EF8ADA8A41C4F9AE02/pcmHAk0KjqwJZAn9mewy7JBHC6M.mft Manifest number: 20 Signing time: Fri 25 Apr 2025 06:51:59 +0000 Manifest this update: Fri 25 Apr 2025 06:51:58 +0000 Manifest next update: Fri 02 May 2025 06:51:58 +0000 Files and hashes: 1: pcmHAk0KjqwJZAn9mewy7JBHC6M.crl (hash: YpvOW/GbzrVSJrH4ywfm2QSrhZ6aWvzJcH4hpmUziBo=) 2: 4C51E1D4F7E511EF9A28D363C4F9AE02.roa (hash: EWVCVV5zCZB19LClSuWFTWXQU193NPHqHKJqFm4wMOE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4B86/8933148AF7E311EF8ADA8A41C4F9AE02/pcmHAk0KjqwJZAn9mewy7JBHC6M.crl rsync://rpki.apnic.net/member_repository/A91E4B86/8933148AF7E311EF8ADA8A41C4F9AE02/pcmHAk0KjqwJZAn9mewy7JBHC6M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pcmHAk0KjqwJZAn9mewy7JBHC6M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35 (0x23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4B86, serialNumber=A5C987024D0A8EAC096409FD99EC32EC90470BA3 Validity Not Before: Apr 25 06:51:58 2025 GMT Not After : May 2 06:51:58 2025 GMT Subject: CN=680b310f-2cc1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:e6:9e:55:30:1f:e3:91:4a:05:1c:41:77:49: 7e:e1:45:be:69:f4:8f:d9:7c:79:14:09:26:78:7e: d3:b8:67:14:9d:f2:40:24:ff:93:91:a3:b3:6a:6e: 1b:d5:75:62:b6:88:7e:34:7c:fa:d5:8c:9d:34:0f: f8:cb:bf:26:e0:41:f9:e6:db:f0:0d:2a:a0:42:e0: 63:51:f7:5a:45:18:44:ae:5f:86:45:cd:2e:a4:c2: be:bc:f4:13:00:e7:82:73:72:5e:7f:c3:77:0f:2a: 81:17:c9:ec:8e:14:d4:15:85:55:94:80:9a:f8:26: 59:e1:4d:0a:ec:79:54:fe:29:ea:a0:45:d4:15:af: 74:f3:cf:79:14:ff:a4:59:7b:08:24:d3:57:e1:bf: 52:a1:64:b9:57:32:0e:7f:9d:12:a8:2f:ef:08:44: 55:68:6c:1a:16:0b:ad:a2:6e:d8:eb:2e:98:4f:47: 22:11:e5:95:47:60:bb:a7:e8:ca:b8:a5:40:d7:e8: c7:70:0c:e5:28:93:d1:62:b6:19:3a:07:47:c7:d4: f3:30:cb:5c:66:ae:f2:59:e2:4b:e6:6f:c9:70:a1: 65:2f:0b:5e:61:f3:b1:cf:af:be:88:08:bb:83:15: 00:71:c0:72:16:58:e5:86:3e:57:84:24:39:3d:0a: 76:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:BB:2E:D7:18:54:AF:22:69:AC:89:0E:BF:15:35:96:7C:C8:97:55 X509v3 Authority Key Identifier: keyid:A5:C9:87:02:4D:0A:8E:AC:09:64:09:FD:99:EC:32:EC:90:47:0B:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4B86/8933148AF7E311EF8ADA8A41C4F9AE02/pcmHAk0KjqwJZAn9mewy7JBHC6M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/pcmHAk0KjqwJZAn9mewy7JBHC6M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4B86/8933148AF7E311EF8ADA8A41C4F9AE02/pcmHAk0KjqwJZAn9mewy7JBHC6M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:d4:22:c9:0e:b7:b8:35:5c:35:38:46:7b:8d:de:87:4f:46: dd:18:73:e0:e0:6a:47:f1:b6:a7:dd:9c:35:f6:8d:21:fb:2b: 45:4c:8a:fa:ea:3d:e4:1d:68:2d:d4:b0:0e:4a:82:3d:ad:e6: 92:32:09:07:b1:46:df:e0:96:1a:f5:23:4e:3c:01:50:f0:0b: e8:75:7c:38:23:9f:a3:16:8e:0f:b8:96:18:b0:0c:42:41:1f: f2:f7:09:c2:3b:f1:a4:5e:cc:76:3d:30:0e:36:2b:79:4e:94: 4a:e4:e4:e4:56:c7:0e:f2:e9:aa:d4:20:7d:92:c5:ba:cc:04: e8:78:f3:22:bc:43:b9:87:d9:97:32:1c:dc:5f:ec:04:c6:16: b3:11:7d:3b:e2:ed:c2:27:db:44:da:58:04:78:d6:47:6b:2a: f7:b6:1b:01:1d:fe:b7:85:cd:cd:e2:d2:44:4c:62:30:65:d7: 86:66:b5:47:86:12:2e:8a:68:9c:60:da:e5:fc:fd:35:c5:4b: ca:72:9a:b9:0b:be:57:ca:9e:f2:e7:25:27:ee:60:15:8a:cc: 75:0a:41:28:ad:1a:2d:6a:06:5e:76:5c:32:44:30:d8:a2:a4: 2e:ee:5f:de:2e:b3:72:0d:2f:c5:df:9a:96:ad:98:df:a6:3d: 8a:13:2e:d5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF NEI4NjExMC8GA1UEBRMoQTVDOTg3MDI0RDBBOEVBQzA5NjQwOUZEOTlFQzMyRUM5 MDQ3MEJBMzAeFw0yNTA0MjUwNjUxNThaFw0yNTA1MDIwNjUxNThaMBgxFjAUBgNV BAMTDTY4MGIzMTBmLTJjYzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDC5p5VMB/jkUoFHEF3SX7hRb5p9I/ZfHkUCSZ4ftO4ZxSd8kAk/5ORo7NqbhvV dWK2iH40fPrVjJ00D/jLvybgQfnm2/ANKqBC4GNR91pFGESuX4ZFzS6kwr689BMA 54Jzcl5/w3cPKoEXyeyOFNQVhVWUgJr4JlnhTQrseVT+KeqgRdQVr3Tzz3kU/6RZ ewgk01fhv1KhZLlXMg5/nRKoL+8IRFVobBoWC62ibtjrLphPRyIR5ZVHYLun6Mq4 pUDX6MdwDOUok9Fithk6B0fH1PMwy1xmrvJZ4kvmb8lwoWUvC15h87HPr76ICLuD FQBxwHIWWOWGPleEJDk9CnbzAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUtbsu1xhU ryJprIkOvxU1lnzIl1UwHwYDVR0jBBgwFoAUpcmHAk0KjqwJZAn9mewy7JBHC6Mw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU0Qjg2Lzg5MzMxNDhBRjdF MzExRUY4QURBOEE0MUM0RjlBRTAyL3BjbUhBazBLanF3SlpBbjltZXd5N0pCSEM2 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvcGNtSEFrMEtqcXdKWkFuOW1ld3k3SkJIQzZNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU0 Qjg2Lzg5MzMxNDhBRjdFMzExRUY4QURBOEE0MUM0RjlBRTAyL3BjbUhBazBLanF3 SlpBbjltZXd5N0pCSEM2TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEvUIskOt7g1XDU4RnuN3odPRt0Yc+DgakfxtqfdnDX2jSH7K0VMivrq PeQdaC3UsA5Kgj2t5pIyCQexRt/glhr1I048AVDwC+h1fDgjn6MWjg+4lhiwDEJB H/L3CcI78aRezHY9MA42K3lOlErk5ORWxw7y6arUIH2SxbrMBOh48yK8Q7mH2Zcy HNxf7ATGFrMRfTvi7cIn20TaWAR41kdrKve2GwEd/reFzc3i0kRMYjBl14ZmtUeG Ei6KaJxg2uX8/TXFS8pymrkLvlfKnvLnJSfuYBWKzHUKQSitGi1qBl52XDJEMNii pC7uX94us3INL8XfmpatmN+mPYoTLtU= -----END CERTIFICATE-----Generated at Fri Apr 25 10:44:28 2025 by rpki-client on console.sobornost.net