$ rpki-client -vvf rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/aq89m8Pfo6ElCCll2P8zuBKPKR8.mft File: aq89m8Pfo6ElCCll2P8zuBKPKR8.mft (raw, json) Hash identifier: RkLL9amql2Tztj2fF4rK3vXeVe3Fux/+fjr8G88CS8s= Subject key identifier: BF:DA:4D:82:03:1B:16:21:29:B8:50:72:3F:79:ED:0D:9D:CC:FE:47 Authority key identifier: 6A:AF:3D:9B:C3:DF:A3:A1:25:08:29:65:D8:FF:33:B8:12:8F:29:1F Certificate issuer: /CN=A91476E2/serialNumber=6AAF3D9BC3DFA3A125082965D8FF33B8128F291F Certificate serial: 4E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aq89m8Pfo6ElCCll2P8zuBKPKR8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/aq89m8Pfo6ElCCll2P8zuBKPKR8.mft Manifest number: 49 Signing time: Tue 13 May 2025 06:36:49 +0000 Manifest this update: Tue 13 May 2025 06:36:49 +0000 Manifest next update: Tue 20 May 2025 06:36:49 +0000 Files and hashes: 1: aq89m8Pfo6ElCCll2P8zuBKPKR8.crl (hash: gO3xnsE252yF3z+x/LLJ9XC2ui9dEqvlCq6Z8ebsoiM=) 2: 79E40530CB5A11EFA1C64B62C4F9AE02.roa (hash: mbcELb6wZjeLG0BTxotv3DMO41EhI/vPgN4q1POwi8s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/aq89m8Pfo6ElCCll2P8zuBKPKR8.crl rsync://rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/aq89m8Pfo6ElCCll2P8zuBKPKR8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aq89m8Pfo6ElCCll2P8zuBKPKR8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 06:36:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78 (0x4e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91476E2, serialNumber=6AAF3D9BC3DFA3A125082965D8FF33B8128F291F Validity Not Before: May 13 06:36:49 2025 GMT Not After : May 20 06:36:49 2025 GMT Subject: CN=6822e881-a93e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:49:38:18:d2:53:cc:51:57:16:d5:ac:16:36: dc:2e:b6:26:5b:cf:41:fc:98:d4:cc:d6:89:4f:cd: 7c:5a:3a:e1:60:d7:6b:60:47:39:b1:d7:5a:0f:49: 76:ca:25:36:70:ea:29:a8:05:7a:03:d3:b6:ac:cd: 20:73:53:af:9b:11:00:b3:05:dd:35:4a:06:5a:04: 6e:70:81:9e:0a:47:dd:1c:6b:d0:6e:88:91:39:20: 2c:10:cb:8c:92:f8:f9:af:fb:a0:ed:d6:ec:a8:ec: dc:1c:f5:77:b5:08:60:2e:50:b2:8a:79:bc:be:93: 1a:0b:1e:03:e2:28:93:58:74:dc:e8:0e:9c:23:af: e4:61:01:e0:8a:a7:20:80:3f:f5:7a:ee:d0:11:f3: 4d:d8:01:6b:d6:75:59:2b:39:3c:c2:bf:79:ed:21: 42:3c:95:e5:65:8f:07:12:0b:38:86:a4:d2:51:4c: af:3a:86:ba:86:10:7a:5c:bf:3e:d1:09:e1:61:c2: 23:f6:44:5c:72:0f:90:d4:81:2d:23:df:d6:0f:9a: 7b:23:fc:02:f8:8e:01:00:f9:49:d0:00:1a:f0:30: 2f:25:74:62:88:72:bd:8c:19:24:8e:20:f5:8e:65: 9f:d7:24:95:1a:e8:ee:1a:a6:ed:b9:44:fb:93:5c: 22:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:DA:4D:82:03:1B:16:21:29:B8:50:72:3F:79:ED:0D:9D:CC:FE:47 X509v3 Authority Key Identifier: keyid:6A:AF:3D:9B:C3:DF:A3:A1:25:08:29:65:D8:FF:33:B8:12:8F:29:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/aq89m8Pfo6ElCCll2P8zuBKPKR8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aq89m8Pfo6ElCCll2P8zuBKPKR8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/aq89m8Pfo6ElCCll2P8zuBKPKR8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 99:51:1c:29:c0:8d:7e:52:95:f3:0f:ea:4e:2f:f1:cb:f4:4a: b8:bb:d2:03:46:c3:65:0f:43:68:e2:eb:9d:a2:b2:b3:01:84: 4b:c6:a2:b2:fc:d7:5f:39:c7:5c:48:cd:61:50:d5:1f:5d:60: fa:6e:ca:0c:b8:6f:ae:f0:7a:0d:f7:0c:12:3f:53:a3:26:54: 4c:ad:94:48:f8:ee:bf:4d:eb:87:9a:8a:2a:86:49:39:8a:d9: 27:27:fc:da:90:66:0e:8f:72:ea:e5:0a:02:6d:77:af:e6:7d: e5:15:e3:38:35:6c:34:da:f0:36:9f:cb:19:49:39:d2:f0:00: 76:ab:24:7a:40:bf:fc:40:c4:91:bb:3a:f6:7e:fa:c5:b3:b5: c7:be:bb:a7:27:19:d3:23:e7:77:53:0f:1b:d5:06:00:95:15: fa:13:de:fc:44:38:8c:79:18:a5:c6:5f:2f:92:80:1f:3a:7d: 43:bd:f1:3c:a9:d1:7c:f5:69:bd:94:c9:09:1d:5b:24:8c:a4: 00:92:30:53:34:f9:0e:c0:c5:30:74:7b:af:84:27:9b:04:e9: 2f:01:b7:ee:46:fd:85:4f:4b:6e:8c:69:aa:a5:b1:44:a7:43: 8b:63:e2:bf:3f:0f:d3:e8:c0:3f:19:32:79:92:d1:7a:36:62: 0a:d3:49:89 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBTjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NzZFMjExMC8GA1UEBRMoNkFBRjNEOUJDM0RGQTNBMTI1MDgyOTY1RDhGRjMzQjgx MjhGMjkxRjAeFw0yNTA1MTMwNjM2NDlaFw0yNTA1MjAwNjM2NDlaMBgxFjAUBgNV BAMTDTY4MjJlODgxLWE5M2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC2STgY0lPMUVcW1awWNtwutiZbz0H8mNTM1olPzXxaOuFg12tgRzmx11oPSXbK JTZw6imoBXoD07aszSBzU6+bEQCzBd01SgZaBG5wgZ4KR90ca9BuiJE5ICwQy4yS +Pmv+6Dt1uyo7Nwc9Xe1CGAuULKKeby+kxoLHgPiKJNYdNzoDpwjr+RhAeCKpyCA P/V67tAR803YAWvWdVkrOTzCv3ntIUI8leVljwcSCziGpNJRTK86hrqGEHpcvz7R CeFhwiP2RFxyD5DUgS0j39YPmnsj/AL4jgEA+UnQABrwMC8ldGKIcr2MGSSOIPWO ZZ/XJJUa6O4apu25RPuTXCKhAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUv9pNggMb FiEpuFByP3ntDZ3M/kcwHwYDVR0jBBgwFoAUaq89m8Pfo6ElCCll2P8zuBKPKR8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3NkUyLzNCNTQxRjIwQ0Iz RDExRUY4NzAzRjc1QUM0RjlBRTAyL2FxODltOFBmbzZFbENDbGwyUDh6dUJLUEtS OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvYXE4OW04UGZvNkVsQ0NsbDJQOHp1QktQS1I4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3 NkUyLzNCNTQxRjIwQ0IzRDExRUY4NzAzRjc1QUM0RjlBRTAyL2FxODltOFBmbzZF bENDbGwyUDh6dUJLUEtSOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJlRHCnAjX5SlfMP6k4v8cv0Sri70gNGw2UPQ2ji652isrMBhEvGorL8 1185x1xIzWFQ1R9dYPpuygy4b67weg33DBI/U6MmVEytlEj47r9N64eaiiqGSTmK 2Scn/NqQZg6PcurlCgJtd6/mfeUV4zg1bDTa8DafyxlJOdLwAHarJHpAv/xAxJG7 OvZ++sWztce+u6cnGdMj53dTDxvVBgCVFfoT3vxEOIx5GKXGXy+SgB86fUO98Typ 0Xz1ab2UyQkdWySMpACSMFM0+Q7AxTB0e6+EJ5sE6S8Bt+5G/YVPS26MaaqlsUSn Q4tj4r8/D9PowD8ZMnmS0Xo2YgrTSYk= -----END CERTIFICATE-----Generated at Wed May 14 15:13:53 2025 by rpki-client