$ rpki-client -vvf rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft File: 68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft (raw, json) Hash identifier: bXq/gmvVtS8x2Mrh8vU5Sx6Mn4cXpzGUFsaazdGizXo= Subject key identifier: 2D:5C:D7:6F:8E:B8:71:EC:A3:93:06:93:CA:C4:99:EA:C0:2E:28:48 Authority key identifier: EB:C3:D7:FC:FB:13:4F:53:8F:C1:9F:98:AD:89:8C:0F:3F:07:4F:20 Certificate issuer: /CN=A91525A9/serialNumber=EBC3D7FCFB134F538FC19F98AD898C0F3F074F20 Certificate serial: 01B6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/68PX_PsTT1OPwZ-YrYmMDz8HTyA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft Manifest number: 01AB Signing time: Thu 15 May 2025 02:44:46 +0000 Manifest this update: Thu 15 May 2025 02:44:46 +0000 Manifest next update: Thu 22 May 2025 02:44:46 +0000 Files and hashes: 1: 68PX_PsTT1OPwZ-YrYmMDz8HTyA.crl (hash: cg3xSnTb99vuPj7UCO7ZSWIB6kG1pxPq8kULTd2oJRo=) 2: 98152E6C480111EFB2976238C4F9AE02.roa (hash: gp0c0TAvNcGzlWuq4DB/NpWsaDumiulUkd34eH+poTQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.crl rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/68PX_PsTT1OPwZ-YrYmMDz8HTyA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 02:44:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 438 (0x1b6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91525A9, serialNumber=EBC3D7FCFB134F538FC19F98AD898C0F3F074F20 Validity Not Before: May 15 02:44:46 2025 GMT Not After : May 22 02:44:46 2025 GMT Subject: CN=6825551e-416b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:d1:55:53:99:7b:be:75:67:44:7b:5d:8a:84: 4d:82:60:a3:83:a5:21:da:13:4c:d4:7a:d4:fd:7b: 83:fd:17:06:02:3f:fe:3a:7e:e8:5c:9c:32:99:dd: 63:b5:77:4b:22:a7:64:e2:2b:98:40:ef:8a:b2:4f: 35:25:5b:50:ad:3d:78:a1:f8:d9:56:b7:d5:49:06: 26:cc:2e:b7:5a:0d:94:0e:c0:b9:7f:45:8c:93:f8: 78:b3:3c:06:4a:d9:6e:d3:6e:87:d5:ba:6e:1b:bf: e9:45:e0:dc:2a:77:2f:32:e5:35:3d:33:02:43:d8: 6d:af:a2:89:13:66:d2:a4:41:09:15:30:60:b1:4e: 22:68:56:a3:11:3b:a2:82:71:fe:da:93:98:c1:29: e7:9e:90:54:3e:88:c3:da:66:82:c0:2b:b4:e4:99: 0f:a4:19:d5:8b:b5:b3:20:de:c1:5a:b2:8e:d2:12: 65:83:07:c0:1e:43:c8:4b:7b:39:96:89:7a:6a:f0: 30:b4:1f:85:b1:a2:91:8a:0e:e4:97:1c:76:4e:cb: 01:1b:23:fb:d9:b1:e2:fc:92:00:73:48:1c:6d:15: c3:9e:53:97:1e:27:f3:19:ce:e8:c5:61:45:83:9b: d2:43:bb:7e:b1:de:b0:86:b4:36:69:49:a9:25:b2: d3:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:5C:D7:6F:8E:B8:71:EC:A3:93:06:93:CA:C4:99:EA:C0:2E:28:48 X509v3 Authority Key Identifier: keyid:EB:C3:D7:FC:FB:13:4F:53:8F:C1:9F:98:AD:89:8C:0F:3F:07:4F:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/68PX_PsTT1OPwZ-YrYmMDz8HTyA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:ed:8c:5f:1a:72:63:fa:86:50:32:59:69:82:01:c2:7c:10: bb:cc:f7:d3:42:40:4d:b1:4e:ee:42:b9:43:f0:7d:83:6e:31: bd:71:b5:c6:d2:47:fd:e4:b8:2a:d4:bd:8b:ab:70:b1:3f:da: 44:6b:4e:f1:e0:50:f2:e2:de:87:dc:9c:97:65:18:d9:e0:ec: 63:c0:82:4a:da:41:1b:70:46:47:30:b1:8c:5b:e7:2b:8d:b6: 37:e8:1a:ac:3c:eb:0a:1b:82:b0:6b:bc:24:8e:3d:da:3a:f4: 5f:7b:d7:6b:1b:a6:27:9c:fa:a1:4e:1f:8d:86:d4:c0:b4:53: 8e:11:92:8f:69:4e:d1:01:7a:c3:fc:bf:5a:ee:05:47:ac:17: 21:6e:11:40:f1:ac:e0:13:59:8d:3f:7b:aa:2b:28:e2:af:85: 8c:04:ca:ff:6b:31:09:52:54:98:c2:ac:4b:6a:dd:bd:91:2b: 73:74:b4:34:c7:ec:6c:c5:81:76:71:15:cd:e9:60:68:aa:ea: bb:8f:68:7e:15:f0:3a:1b:8b:3e:ee:77:04:2c:96:41:ce:1c: 0e:72:70:93:8f:10:c9:37:3b:a3:a1:e5:12:f7:e1:52:b7:b8: ce:f1:5f:65:b6:9e:60:69:be:6f:20:3a:7c:12:ae:11:6d:a6: f5:70:96:c3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTI1QTkxMTAvBgNVBAUTKEVCQzNEN0ZDRkIxMzRGNTM4RkMxOUY5OEFEODk4QzBG M0YwNzRGMjAwHhcNMjUwNTE1MDI0NDQ2WhcNMjUwNTIyMDI0NDQ2WjAYMRYwFAYD VQQDEw02ODI1NTUxZS00MTZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4dFVU5l7vnVnRHtdioRNgmCjg6Uh2hNM1HrU/XuD/RcGAj/+On7oXJwymd1j tXdLIqdk4iuYQO+Ksk81JVtQrT14ofjZVrfVSQYmzC63Wg2UDsC5f0WMk/h4szwG Stlu026H1bpuG7/pReDcKncvMuU1PTMCQ9htr6KJE2bSpEEJFTBgsU4iaFajETui gnH+2pOYwSnnnpBUPojD2maCwCu05JkPpBnVi7WzIN7BWrKO0hJlgwfAHkPIS3s5 lol6avAwtB+FsaKRig7klxx2TssBGyP72bHi/JIAc0gcbRXDnlOXHifzGc7oxWFF g5vSQ7t+sd6whrQ2aUmpJbLT9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC1c12+O uHHso5MGk8rEmerALihIMB8GA1UdIwQYMBaAFOvD1/z7E09Tj8GfmK2JjA8/B08g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjVBOS8yNjE4ODQwRUIx NDMxMUVEODdEMDc2NzhDNEY5QUUwMi82OFBYX1BzVFQxT1B3Wi1ZclltTUR6OEhU eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzY4UFhfUHNUVDFPUHdaLVlyWW1NRHo4SFR5QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MjVBOS8yNjE4ODQwRUIxNDMxMUVEODdEMDc2NzhDNEY5QUUwMi82OFBYX1BzVFQx T1B3Wi1ZclltTUR6OEhUeUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAH7YxfGnJj+oZQMllpggHCfBC7zPfTQkBNsU7uQrlD8H2DbjG9cbXG 0kf95Lgq1L2Lq3CxP9pEa07x4FDy4t6H3JyXZRjZ4OxjwIJK2kEbcEZHMLGMW+cr jbY36BqsPOsKG4Kwa7wkjj3aOvRfe9drG6YnnPqhTh+NhtTAtFOOEZKPaU7RAXrD /L9a7gVHrBchbhFA8azgE1mNP3uqKyjir4WMBMr/azEJUlSYwqxLat29kStzdLQ0 x+xsxYF2cRXN6WBoquq7j2h+FfA6G4s+7ncELJZBzhwOcnCTjxDJNzujoeUS9+FS t7jO8V9ltp5gab5vIDp8Eq4Rbab1cJbD -----END CERTIFICATE-----Generated at Fri May 16 09:58:20 2025 by rpki-client