$ rpki-client -vvf rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.mft File: 8lm4rJz0O9fFlFTlyD7PSPn7hxc.mft (raw, json) Hash identifier: vGPalCYcrunhC1BnsB2B9CIAr+8NnhQXrDVTLK4TfKU= Subject key identifier: 6B:CB:A1:EC:4C:80:11:C0:AE:6A:0F:D0:B7:60:23:1A:98:4B:16:4D Authority key identifier: F2:59:B8:AC:9C:F4:3B:D7:C5:94:54:E5:C8:3E:CF:48:F9:FB:87:17 Certificate issuer: /CN=A91329C1/serialNumber=F259B8AC9CF43BD7C59454E5C83ECF48F9FB8717 Certificate serial: 028C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8lm4rJz0O9fFlFTlyD7PSPn7hxc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.mft Manifest number: 0288 Signing time: Tue 13 May 2025 01:24:51 +0000 Manifest this update: Tue 13 May 2025 01:24:50 +0000 Manifest next update: Tue 20 May 2025 01:24:50 +0000 Files and hashes: 1: 8lm4rJz0O9fFlFTlyD7PSPn7hxc.crl (hash: Vvj/S6O1bN6uiISZodS6bGxBAKoJTRcDw76l3gFjEC0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.crl rsync://rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8lm4rJz0O9fFlFTlyD7PSPn7hxc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 01:24:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 652 (0x28c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91329C1, serialNumber=F259B8AC9CF43BD7C59454E5C83ECF48F9FB8717 Validity Not Before: May 13 01:24:50 2025 GMT Not After : May 20 01:24:50 2025 GMT Subject: CN=68229f62-3185 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:2d:44:60:d0:a1:32:54:4b:e5:6b:82:e9:67: 7b:d1:0f:40:72:fe:79:77:07:eb:1e:8c:33:49:b9: 2e:8a:a5:22:d3:7b:03:6f:54:be:ad:6e:0f:5d:ef: 68:b8:fd:fa:75:c7:1a:b5:53:2a:31:3c:fd:b1:0d: 34:11:8f:51:b4:fe:6e:a8:b3:fd:b3:43:27:a7:17: 87:eb:4f:43:ad:78:94:10:43:95:20:c6:c6:5a:8d: d6:3a:85:c8:e5:03:cf:32:dc:df:ca:8f:f9:bc:7c: 4b:00:67:bc:87:41:d6:a0:a6:be:f2:3b:88:e4:03: 9e:15:0b:d2:b8:c4:7c:a4:be:b4:2b:c0:48:db:d3: ad:e3:c4:a5:29:b0:19:98:cd:f4:0f:6d:ec:c0:a9: f7:bb:c5:49:25:6c:29:d8:31:97:5c:17:c0:88:38: 28:cd:f1:32:05:8e:84:be:93:10:c0:79:0b:72:fc: b4:4c:e3:86:95:f1:2d:07:62:ab:5a:8f:b3:3b:17: bf:58:42:eb:ca:6c:91:1b:d5:32:f6:12:a4:12:9a: c5:47:e4:cb:93:c2:2b:b6:d8:e5:d8:73:54:d8:9e: c6:d1:a2:03:81:34:07:4d:b7:f8:3e:d2:96:93:27: 73:3f:99:ff:e4:bf:5e:cb:ea:16:f8:44:d9:c8:f0: b0:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:CB:A1:EC:4C:80:11:C0:AE:6A:0F:D0:B7:60:23:1A:98:4B:16:4D X509v3 Authority Key Identifier: keyid:F2:59:B8:AC:9C:F4:3B:D7:C5:94:54:E5:C8:3E:CF:48:F9:FB:87:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8lm4rJz0O9fFlFTlyD7PSPn7hxc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bf:1b:77:18:b5:d9:50:75:5e:be:7b:c6:52:c7:e2:00:c2:a6: c6:05:b9:f6:ac:5b:65:b1:5c:2f:db:bf:de:76:42:02:9d:ef: ca:9d:8a:02:96:80:3d:1d:ae:64:39:50:5d:89:c5:81:21:e5: 1a:4b:19:bd:d6:e3:4e:38:ae:ed:2b:a6:dd:31:ef:bb:c6:dd: 5b:22:e6:13:32:ab:7f:8f:3e:7b:42:02:d4:c9:73:50:ec:1a: 11:76:db:63:de:4f:8a:96:d6:a4:1a:93:04:19:0d:ec:d0:51: 8a:8e:4c:93:6e:27:74:8f:ea:54:5b:6a:bd:7b:0a:9a:25:d0: 75:ee:b3:9a:f6:53:58:82:21:7c:93:8f:93:d1:bc:49:fb:14: 41:9c:68:58:9f:ff:02:35:6c:2f:bd:5c:54:a8:83:37:b8:01: 9f:f8:6f:50:d5:5e:ff:2f:59:17:ae:f8:2c:c9:ad:5f:ef:28: 66:a2:fc:77:ac:11:55:fb:46:e2:60:c3:b6:3f:04:c9:f6:1e: ce:53:51:fa:2a:3b:0f:6a:31:d8:76:fe:4f:42:08:1d:d0:e4: ba:cc:e1:b2:5f:25:03:f5:8c:2d:04:45:9c:c2:39:50:a5:12: 86:62:a0:ad:b5:28:a1:57:33:c9:84:36:bf:c6:56:fa:91:d4: 51:68:4a:e0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAowwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzI5QzExMTAvBgNVBAUTKEYyNTlCOEFDOUNGNDNCRDdDNTk0NTRFNUM4M0VDRjQ4 RjlGQjg3MTcwHhcNMjUwNTEzMDEyNDUwWhcNMjUwNTIwMDEyNDUwWjAYMRYwFAYD VQQDEw02ODIyOWY2Mi0zMTg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzC1EYNChMlRL5WuC6Wd70Q9Acv55dwfrHowzSbkuiqUi03sDb1S+rW4PXe9o uP36dccatVMqMTz9sQ00EY9RtP5uqLP9s0MnpxeH609DrXiUEEOVIMbGWo3WOoXI 5QPPMtzfyo/5vHxLAGe8h0HWoKa+8juI5AOeFQvSuMR8pL60K8BI29Ot48SlKbAZ mM30D23swKn3u8VJJWwp2DGXXBfAiDgozfEyBY6EvpMQwHkLcvy0TOOGlfEtB2Kr Wo+zOxe/WELrymyRG9Uy9hKkEprFR+TLk8Irttjl2HNU2J7G0aIDgTQHTbf4PtKW kydzP5n/5L9ey+oW+ETZyPCw1wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGvLoexM gBHArmoP0LdgIxqYSxZNMB8GA1UdIwQYMBaAFPJZuKyc9DvXxZRU5cg+z0j5+4cX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjlDMS80NDIzNkYwNDA1 QkQxMUVEQTAwQTVGM0RDNEY5QUUwMi84bG00ckp6ME85ZkZsRlRseUQ3UFNQbjdo eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhsbTRySnowTzlmRmxGVGx5RDdQU1BuN2h4Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MjlDMS80NDIzNkYwNDA1QkQxMUVEQTAwQTVGM0RDNEY5QUUwMi84bG00ckp6ME85 ZkZsRlRseUQ3UFNQbjdoeGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC/G3cYtdlQdV6+e8ZSx+IAwqbGBbn2rFtlsVwv27/edkICne/KnYoC loA9Ha5kOVBdicWBIeUaSxm91uNOOK7tK6bdMe+7xt1bIuYTMqt/jz57QgLUyXNQ 7BoRdttj3k+KltakGpMEGQ3s0FGKjkyTbid0j+pUW2q9ewqaJdB17rOa9lNYgiF8 k4+T0bxJ+xRBnGhYn/8CNWwvvVxUqIM3uAGf+G9Q1V7/L1kXrvgsya1f7yhmovx3 rBFV+0biYMO2PwTJ9h7OU1H6KjsPajHYdv5PQggd0OS6zOGyXyUD9YwtBEWcwjlQ pRKGYqCttSihVzPJhDa/xlb6kdRRaErg -----END CERTIFICATE-----Generated at Wed May 14 15:02:29 2025 by rpki-client