$ rpki-client -vvf rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/RkGQf-X0c_GJBtRqogMH7e2hnJ0.mft File: RkGQf-X0c_GJBtRqogMH7e2hnJ0.mft (raw, json) Hash identifier: dChPtI3IIfOxyPo3NRX3UgI6r14nYn9BgGPqPPSDqQg= Subject key identifier: DD:A4:54:63:17:9B:06:CA:61:DE:94:41:6F:97:82:58:4F:4A:0D:6A Authority key identifier: 46:41:90:7F:E5:F4:73:F1:89:06:D4:6A:A2:03:07:ED:ED:A1:9C:9D Certificate issuer: /CN=A913647F/serialNumber=4641907FE5F473F18906D46AA20307EDEDA19C9D Certificate serial: 71 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RkGQf-X0c_GJBtRqogMH7e2hnJ0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/RkGQf-X0c_GJBtRqogMH7e2hnJ0.mft Manifest number: 70 Signing time: Sun 11 May 2025 05:36:36 +0000 Manifest this update: Sun 11 May 2025 05:36:35 +0000 Manifest next update: Sun 18 May 2025 05:36:35 +0000 Files and hashes: 1: RkGQf-X0c_GJBtRqogMH7e2hnJ0.crl (hash: 3CSLuSFP/2j5H8VxG3QfDq1jp1cRqRFxq3vrAYoMins=) 2: 88A6DB9086E211EF82ACA725C4F9AE02.roa (hash: Yh+9ZtLGM0yeId0yqsUGDk1PUuIX4Mo5I7LLnDotARk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/RkGQf-X0c_GJBtRqogMH7e2hnJ0.crl rsync://rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/RkGQf-X0c_GJBtRqogMH7e2hnJ0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RkGQf-X0c_GJBtRqogMH7e2hnJ0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 05:36:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 113 (0x71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913647F, serialNumber=4641907FE5F473F18906D46AA20307EDEDA19C9D Validity Not Before: May 11 05:36:35 2025 GMT Not After : May 18 05:36:35 2025 GMT Subject: CN=68203764-a58e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:93:e5:5d:39:db:0c:52:9d:32:22:06:69:94: 8e:1d:46:57:5d:57:a9:97:52:f9:a3:7e:1d:11:25: dd:87:de:c8:d1:e8:fb:4b:0a:c3:33:d4:38:7d:68: 34:dd:cb:16:b7:3e:fc:4a:88:12:78:16:dc:a1:55: c9:5a:31:bd:43:db:e7:32:e2:9b:d0:04:b9:fc:79: d3:71:98:b5:af:db:9d:4f:0e:5f:d1:02:d6:72:a4: a5:12:eb:af:bc:29:ee:f3:ba:65:70:fb:42:b7:7c: 58:3b:3d:27:ea:60:00:08:36:50:87:ad:7b:85:85: 57:f8:bc:e6:1e:ba:f6:3a:0b:13:ca:7b:18:88:68: 70:80:bf:a4:38:53:bd:11:71:b4:d4:03:aa:85:aa: f4:95:37:8b:6f:e4:ad:4e:ac:58:2d:7a:70:3d:ed: ce:e1:fd:8a:ed:9d:ae:d5:4b:3a:f4:60:9d:8d:49: 45:de:37:e3:71:c1:38:8d:9b:e1:d6:4f:73:11:4e: b4:2d:b9:8e:d0:3b:4c:98:e4:ec:1c:a4:a1:9f:92: 51:85:96:03:85:01:5d:ca:92:11:c1:b6:cf:f4:7b: a0:4a:33:06:0d:dd:c7:0f:bf:c1:c4:d4:40:9a:ba: 55:67:2c:19:0c:da:37:48:15:95:7f:31:40:50:ab: 9b:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:A4:54:63:17:9B:06:CA:61:DE:94:41:6F:97:82:58:4F:4A:0D:6A X509v3 Authority Key Identifier: keyid:46:41:90:7F:E5:F4:73:F1:89:06:D4:6A:A2:03:07:ED:ED:A1:9C:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/RkGQf-X0c_GJBtRqogMH7e2hnJ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RkGQf-X0c_GJBtRqogMH7e2hnJ0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913647F/B91AAA7486DB11EFBA4D5F26C4F9AE02/RkGQf-X0c_GJBtRqogMH7e2hnJ0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6b:ba:dd:b7:45:d6:9e:51:73:48:7a:bf:34:3a:97:40:c4:e7: 7c:15:3a:cf:44:e1:d0:0f:e1:0e:c0:ae:22:55:bb:44:ac:02: d2:89:40:6b:7b:d2:90:63:5e:37:41:c9:77:b6:42:00:83:1c: 04:5a:a0:28:cc:27:15:7d:6f:bb:7c:f7:22:5e:0c:bf:45:6d: 3d:6d:23:98:02:d6:bc:b5:83:85:e8:e2:29:46:a0:3e:5a:ed: 71:89:c4:a4:08:8e:21:9a:dc:f6:d8:49:0b:a1:f3:e9:af:27: 27:6f:24:dc:26:90:05:e1:9b:63:d3:b4:a8:73:3b:cc:f0:9f: bb:88:3b:ab:b6:79:6e:ba:48:ef:ea:76:d1:c5:b9:64:f7:f5: 05:e3:40:a1:dc:c5:a9:3d:c6:48:e2:6d:52:81:51:e6:26:ed: 25:a6:74:90:65:67:fe:28:19:95:60:8e:32:53:d1:6c:e2:b7: ed:fb:1e:3c:68:0a:8e:0b:de:b2:f7:da:a3:5c:08:b3:44:d8: 3c:af:be:7b:6b:33:91:88:9b:ca:e9:91:c0:b5:e9:3c:a4:1b: a1:d5:33:e6:35:9b:65:a4:9e:63:0d:df:c6:53:d7:e7:e6:07: 69:70:de:c7:df:b3:4e:c3:80:1d:d6:12:54:97:c5:0e:1b:b0: 8a:61:58:91 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBcTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz NjQ3RjExMC8GA1UEBRMoNDY0MTkwN0ZFNUY0NzNGMTg5MDZENDZBQTIwMzA3RURF REExOUM5RDAeFw0yNTA1MTEwNTM2MzVaFw0yNTA1MTgwNTM2MzVaMBgxFjAUBgNV BAMTDTY4MjAzNzY0LWE1OGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC8k+VdOdsMUp0yIgZplI4dRlddV6mXUvmjfh0RJd2H3sjR6PtLCsMz1Dh9aDTd yxa3PvxKiBJ4FtyhVclaMb1D2+cy4pvQBLn8edNxmLWv251PDl/RAtZypKUS66+8 Ke7zumVw+0K3fFg7PSfqYAAINlCHrXuFhVf4vOYeuvY6CxPKexiIaHCAv6Q4U70R cbTUA6qFqvSVN4tv5K1OrFgtenA97c7h/Yrtna7VSzr0YJ2NSUXeN+NxwTiNm+HW T3MRTrQtuY7QO0yY5OwcpKGfklGFlgOFAV3KkhHBts/0e6BKMwYN3ccPv8HE1ECa ulVnLBkM2jdIFZV/MUBQq5szAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU3aRUYxeb Bsph3pRBb5eCWE9KDWowHwYDVR0jBBgwFoAURkGQf+X0c/GJBtRqogMH7e2hnJ0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM2NDdGL0I5MUFBQTc0ODZE QjExRUZCQTRENUYyNkM0RjlBRTAyL1JrR1FmLVgwY19HSkJ0UnFvZ01IN2UyaG5K MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUmtHUWYtWDBjX0dKQnRScW9nTUg3ZTJobkowLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTM2 NDdGL0I5MUFBQTc0ODZEQjExRUZCQTRENUYyNkM0RjlBRTAyL1JrR1FmLVgwY19H SkJ0UnFvZ01IN2UyaG5KMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGu63bdF1p5Rc0h6vzQ6l0DE53wVOs9E4dAP4Q7AriJVu0SsAtKJQGt7 0pBjXjdByXe2QgCDHARaoCjMJxV9b7t89yJeDL9FbT1tI5gC1ry1g4Xo4ilGoD5a 7XGJxKQIjiGa3PbYSQuh8+mvJydvJNwmkAXhm2PTtKhzO8zwn7uIO6u2eW66SO/q dtHFuWT39QXjQKHcxak9xkjibVKBUeYm7SWmdJBlZ/4oGZVgjjJT0Wzit+37Hjxo Co4L3rL32qNcCLNE2DyvvntrM5GIm8rpkcC16TykG6HVM+Y1m2WknmMN38ZT1+fm B2lw3sffs07DgB3WElSXxQ4bsIphWJE= -----END CERTIFICATE-----Generated at Mon May 12 15:53:21 2025 by rpki-client