$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8357/1DA5CC56DF8A11EF87472B74C4F9AE02/GAo1IuIFDF8eCHNTmxLW0jEqIBo.mft File: GAo1IuIFDF8eCHNTmxLW0jEqIBo.mft (raw, json) Hash identifier: mL0gj8sG23VvGaMIXLnVdGBISiKJgPnbG+RkFNlJLTM= Subject key identifier: 25:D7:80:75:6D:6B:41:73:9A:F0:DF:C2:BF:F0:96:1C:77:C5:95:99 Authority key identifier: 18:0A:35:22:E2:05:0C:5F:1E:08:73:53:9B:12:D6:D2:31:2A:20:1A Certificate issuer: /CN=A91F8357/serialNumber=180A3522E2050C5F1E0873539B12D6D2312A201A Certificate serial: 2E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GAo1IuIFDF8eCHNTmxLW0jEqIBo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8357/1DA5CC56DF8A11EF87472B74C4F9AE02/GAo1IuIFDF8eCHNTmxLW0jEqIBo.mft Manifest number: 2E Signing time: Sun 27 Apr 2025 06:30:01 +0000 Manifest this update: Sun 27 Apr 2025 06:30:00 +0000 Manifest next update: Sun 04 May 2025 06:30:00 +0000 Files and hashes: 1: GAo1IuIFDF8eCHNTmxLW0jEqIBo.crl (hash: Yli8H8OJLYKkfk9WVUuSS67dijoLNPvYabJAeCmTq7k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8357/1DA5CC56DF8A11EF87472B74C4F9AE02/GAo1IuIFDF8eCHNTmxLW0jEqIBo.crl rsync://rpki.apnic.net/member_repository/A91F8357/1DA5CC56DF8A11EF87472B74C4F9AE02/GAo1IuIFDF8eCHNTmxLW0jEqIBo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GAo1IuIFDF8eCHNTmxLW0jEqIBo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 04 May 2025 02:50:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46 (0x2e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8357, serialNumber=180A3522E2050C5F1E0873539B12D6D2312A201A Validity Not Before: Apr 27 06:30:00 2025 GMT Not After : May 4 06:30:00 2025 GMT Subject: CN=680dcee9-f7d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:1d:27:7a:10:b2:3b:92:8e:c8:51:b9:f7:63: cb:4e:0b:57:99:bb:eb:be:26:d7:5f:45:0f:cf:b5: 0b:58:86:7b:ca:32:08:c3:fd:7a:a9:0c:b7:10:5c: 2d:9b:4f:25:d0:7d:bf:fd:d5:76:d5:ff:98:4a:c4: 0a:12:c3:0d:d6:e3:7d:60:d5:1c:0b:f4:f2:8d:79: 26:f5:73:7d:1e:35:30:b5:35:ac:ad:8d:70:db:14: 48:d1:90:a0:ad:e1:b2:b9:5b:61:7a:12:f4:44:62: 1c:5c:b9:29:b2:2a:36:eb:d7:cb:7e:b6:df:ab:ee: 5e:43:c2:ce:0a:2a:66:4e:5b:c0:f0:44:95:5a:54: 21:97:12:a0:f9:99:43:76:d3:25:e7:84:14:00:0e: 76:f1:ef:2d:75:ca:ef:61:e0:6e:64:78:28:f6:a8: 36:8b:04:20:e8:6b:ae:8e:a8:27:80:7b:97:99:a8: c4:60:fd:ab:c0:3f:73:a0:4f:6c:61:5d:59:04:97: 57:80:a2:90:ac:5c:03:82:53:8d:98:62:fe:63:3c: 78:df:54:9c:82:6c:88:e1:92:7a:b2:a7:ab:61:5d: 27:e3:80:f3:55:c0:78:50:91:87:d5:39:92:2e:16: 19:8c:ea:2c:17:09:c5:96:55:32:d5:c7:13:02:95: 8d:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:D7:80:75:6D:6B:41:73:9A:F0:DF:C2:BF:F0:96:1C:77:C5:95:99 X509v3 Authority Key Identifier: keyid:18:0A:35:22:E2:05:0C:5F:1E:08:73:53:9B:12:D6:D2:31:2A:20:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8357/1DA5CC56DF8A11EF87472B74C4F9AE02/GAo1IuIFDF8eCHNTmxLW0jEqIBo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GAo1IuIFDF8eCHNTmxLW0jEqIBo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8357/1DA5CC56DF8A11EF87472B74C4F9AE02/GAo1IuIFDF8eCHNTmxLW0jEqIBo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d4:fc:a6:c6:ae:a1:cd:b2:15:d8:07:97:5b:ae:d1:c8:58:7b: f4:be:60:f2:c3:03:61:85:6e:f9:ab:60:0e:02:db:0a:8a:b1: 9c:36:ab:0e:41:ec:0a:0c:83:51:97:55:f8:8a:9b:b8:bf:1d: 2c:be:13:e9:1e:fb:77:d3:f6:a8:f3:bb:91:10:e2:2a:21:f1: 88:26:4b:6f:b1:ef:38:61:c8:b3:29:27:ad:c7:d3:69:42:18: a1:e6:b4:00:8a:c0:16:23:8c:35:b2:5a:a3:3d:96:e4:c1:3f: cd:11:8b:37:1d:1c:fe:5a:f1:dc:3d:90:c2:eb:e7:a4:04:3f: 56:8a:1e:dd:80:2f:6d:73:68:d2:d6:88:6a:99:f0:49:93:c4: f7:a6:2a:cb:dc:cb:f1:f2:6e:15:ee:78:1b:a4:9a:47:17:a5: 57:33:5e:13:f7:95:20:bf:2f:ab:b7:07:a7:ec:59:24:85:f1: b8:72:3d:74:ed:d6:84:a8:b4:33:1a:63:8d:4c:42:40:2f:d3: fa:bb:2b:f6:9a:e7:6e:62:44:79:93:78:ba:7d:84:02:45:5a: 80:bd:54:6e:bd:75:04:ee:7b:15:4b:4e:09:aa:14:ca:a1:00: a1:69:5f:08:d7:20:04:2e:a1:53:d0:da:d8:df:ff:9b:dc:f0: 29:4b:55:71 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBLjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG ODM1NzExMC8GA1UEBRMoMTgwQTM1MjJFMjA1MEM1RjFFMDg3MzUzOUIxMkQ2RDIz MTJBMjAxQTAeFw0yNTA0MjcwNjMwMDBaFw0yNTA1MDQwNjMwMDBaMBgxFjAUBgNV BAMTDTY4MGRjZWU5LWY3ZDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC7HSd6ELI7ko7IUbn3Y8tOC1eZu+u+JtdfRQ/PtQtYhnvKMgjD/XqpDLcQXC2b TyXQfb/91XbV/5hKxAoSww3W431g1RwL9PKNeSb1c30eNTC1NaytjXDbFEjRkKCt 4bK5W2F6EvREYhxcuSmyKjbr18t+tt+r7l5Dws4KKmZOW8DwRJVaVCGXEqD5mUN2 0yXnhBQADnbx7y11yu9h4G5keCj2qDaLBCDoa66OqCeAe5eZqMRg/avAP3OgT2xh XVkEl1eAopCsXAOCU42YYv5jPHjfVJyCbIjhknqyp6thXSfjgPNVwHhQkYfVOZIu FhmM6iwXCcWWVTLVxxMClY3pAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUJdeAdW1r QXOa8N/Cv/CWHHfFlZkwHwYDVR0jBBgwFoAUGAo1IuIFDF8eCHNTmxLW0jEqIBow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4MzU3LzFEQTVDQzU2REY4 QTExRUY4NzQ3MkI3NEM0RjlBRTAyL0dBbzFJdUlGREY4ZUNITlRteExXMGpFcUlC by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvR0FvMUl1SUZERjhlQ0hOVG14TFcwakVxSUJvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4 MzU3LzFEQTVDQzU2REY4QTExRUY4NzQ3MkI3NEM0RjlBRTAyL0dBbzFJdUlGREY4 ZUNITlRteExXMGpFcUlCby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBANT8psauoc2yFdgHl1uu0chYe/S+YPLDA2GFbvmrYA4C2wqKsZw2qw5B 7AoMg1GXVfiKm7i/HSy+E+ke+3fT9qjzu5EQ4ioh8YgmS2+x7zhhyLMpJ63H02lC GKHmtACKwBYjjDWyWqM9luTBP80RizcdHP5a8dw9kMLr56QEP1aKHt2AL21zaNLW iGqZ8EmTxPemKsvcy/HybhXueBukmkcXpVczXhP3lSC/L6u3B6fsWSSF8bhyPXTt 1oSotDMaY41MQkAv0/q7K/aa525iRHmTeLp9hAJFWoC9VG69dQTuexVLTgmqFMqh AKFpXwjXIAQuoVPQ2tjf/5vc8ClLVXE= -----END CERTIFICATE-----Generated at Sun Apr 27 08:07:59 2025 by rpki-client on console.sobornost.net