$ rpki-client -vvf rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/x40eWVkb4MdSTTa9-FyKxuoZD44.mft File: x40eWVkb4MdSTTa9-FyKxuoZD44.mft (raw, json) Hash identifier: 6oO04Kj7tow7Iz6uItFs1ib8PqINAgQZK8+ISNxATnA= Subject key identifier: 32:DC:2D:C6:43:39:73:C8:F5:7E:77:08:59:B7:89:34:30:4E:43:00 Authority key identifier: C7:8D:1E:59:59:1B:E0:C7:52:4D:36:BD:F8:5C:8A:C6:EA:19:0F:8E Certificate issuer: /CN=A91554E6/serialNumber=C78D1E59591BE0C7524D36BDF85C8AC6EA190F8E Certificate serial: 0128 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x40eWVkb4MdSTTa9-FyKxuoZD44.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/x40eWVkb4MdSTTa9-FyKxuoZD44.mft Manifest number: 03EA Signing time: Sun 11 May 2025 00:57:53 +0000 Manifest this update: Sun 11 May 2025 00:57:53 +0000 Manifest next update: Sun 18 May 2025 00:57:53 +0000 Files and hashes: 1: x40eWVkb4MdSTTa9-FyKxuoZD44.crl (hash: v+wXk+FUxmxeWvv0AO5gRMcc3MpwjYK8KTEv1iUTNhQ=) 2: 2F9887306F0D11EE9B369C60C4F9AE02.roa (hash: 1zvSdpAHw0fs7lwNzlneLRJlvrtEo2uuRtlcQwqc+2Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/x40eWVkb4MdSTTa9-FyKxuoZD44.crl rsync://rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/x40eWVkb4MdSTTa9-FyKxuoZD44.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x40eWVkb4MdSTTa9-FyKxuoZD44.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 00:57:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 296 (0x128) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91554E6, serialNumber=C78D1E59591BE0C7524D36BDF85C8AC6EA190F8E Validity Not Before: May 11 00:57:53 2025 GMT Not After : May 18 00:57:53 2025 GMT Subject: CN=681ff611-386e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:aa:dc:6a:64:5e:7c:de:15:c8:72:e3:31:28: 77:31:61:3f:16:a1:98:a8:86:61:e6:7c:d0:86:fe: 02:58:c4:b8:bd:d2:ee:1b:62:eb:57:a3:b4:93:dc: 2d:e3:96:fa:b0:ed:66:c0:96:00:99:21:8e:4a:91: 7c:55:90:e5:1e:3a:64:7d:93:0f:2d:6c:ec:55:b0: 35:fa:4f:9e:ff:37:96:f5:09:e1:5b:06:2b:07:59: 47:4a:5e:d1:b4:c5:6b:03:5c:82:c6:b8:18:6e:97: f8:fe:69:86:34:6d:be:0d:f1:fc:21:64:ef:0d:e7: fe:15:ac:6f:75:61:97:c7:8d:c0:bf:06:75:68:1b: 95:94:8d:de:f3:7b:bd:a9:74:18:15:cb:57:96:05: 3c:06:bc:2e:ff:0f:5b:a4:1d:a0:85:79:37:79:49: ec:73:7f:9e:06:f0:1c:71:97:ba:23:d0:6e:e0:d4: c4:3b:f3:5a:55:ce:37:72:53:4b:89:29:05:e1:7b: bb:51:1c:d7:b8:72:61:01:21:58:bd:66:83:fb:83: 38:67:c3:74:f4:41:f4:20:0d:7c:93:9e:ab:72:62: 9d:54:5b:6c:1d:5c:41:a7:5b:e2:5d:09:6e:e6:07: 06:b5:fa:c4:68:bf:25:7e:2c:e5:3b:61:fb:0e:eb: 98:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:DC:2D:C6:43:39:73:C8:F5:7E:77:08:59:B7:89:34:30:4E:43:00 X509v3 Authority Key Identifier: keyid:C7:8D:1E:59:59:1B:E0:C7:52:4D:36:BD:F8:5C:8A:C6:EA:19:0F:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/x40eWVkb4MdSTTa9-FyKxuoZD44.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x40eWVkb4MdSTTa9-FyKxuoZD44.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91554E6/9F067748ED4B11ECAB8FAA77C4F9AE02/x40eWVkb4MdSTTa9-FyKxuoZD44.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:11:7c:f4:d3:1f:46:e3:e9:e7:ca:eb:8f:f5:58:86:08:cc: 0e:c4:10:d4:e1:d7:d4:a3:41:e3:a2:ce:61:1f:7c:55:2d:cd: 07:89:cf:fb:34:a6:d9:28:9b:5a:b4:5b:45:ab:44:ea:35:50: f9:90:b6:a2:f7:7c:ad:7f:14:f5:08:00:d0:0a:3e:4a:21:f7: 49:d4:33:17:db:64:de:f4:53:e3:ad:46:c2:4e:a0:fb:77:90: 69:a0:df:53:83:3d:ee:4f:f7:75:1f:ff:b6:65:f5:66:bf:40: 82:81:de:fa:83:6f:60:2a:7b:c3:dd:a3:27:b2:79:65:5d:d9: a9:a0:48:3c:3e:af:96:c0:f6:b2:80:6f:1d:43:25:3b:2e:b9: d5:86:39:29:d1:f1:fb:99:f3:5b:21:af:34:47:9b:cb:0b:73: 22:1c:14:0a:66:b2:37:ca:77:f0:6b:71:4a:d0:92:1a:7d:c5: 0d:d7:bd:1f:a1:ba:8e:5b:61:ce:06:9b:2c:6e:70:a4:2b:ac: 3c:d9:4e:4b:ae:c3:f4:8e:67:91:e8:af:1b:65:e3:ed:80:0e: 66:4e:0b:a5:b3:3b:77:c4:73:4f:c3:ba:80:9a:f0:d5:7a:e7: 70:aa:6d:fe:71:b6:ec:b5:5e:c8:48:fa:53:ec:8c:f7:8e:68: ba:cc:d0:50 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTU0RTYxMTAvBgNVBAUTKEM3OEQxRTU5NTkxQkUwQzc1MjREMzZCREY4NUM4QUM2 RUExOTBGOEUwHhcNMjUwNTExMDA1NzUzWhcNMjUwNTE4MDA1NzUzWjAYMRYwFAYD VQQDEw02ODFmZjYxMS0zODZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4qrcamRefN4VyHLjMSh3MWE/FqGYqIZh5nzQhv4CWMS4vdLuG2LrV6O0k9wt 45b6sO1mwJYAmSGOSpF8VZDlHjpkfZMPLWzsVbA1+k+e/zeW9QnhWwYrB1lHSl7R tMVrA1yCxrgYbpf4/mmGNG2+DfH8IWTvDef+FaxvdWGXx43AvwZ1aBuVlI3e83u9 qXQYFctXlgU8Brwu/w9bpB2ghXk3eUnsc3+eBvAccZe6I9Bu4NTEO/NaVc43clNL iSkF4Xu7URzXuHJhASFYvWaD+4M4Z8N09EH0IA18k56rcmKdVFtsHVxBp1viXQlu 5gcGtfrEaL8lfizlO2H7DuuYjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDLcLcZD OXPI9X53CFm3iTQwTkMAMB8GA1UdIwQYMBaAFMeNHllZG+DHUk02vfhcisbqGQ+O MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTRFNi85RjA2Nzc0OEVE NEIxMUVDQUI4RkFBNzdDNEY5QUUwMi94NDBlV1ZrYjRNZFNUVGE5LUZ5S3h1b1pE NDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3g0MGVXVmtiNE1kU1RUYTktRnlLeHVvWkQ0NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NTRFNi85RjA2Nzc0OEVENEIxMUVDQUI4RkFBNzdDNEY5QUUwMi94NDBlV1ZrYjRN ZFNUVGE5LUZ5S3h1b1pENDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA2EXz00x9G4+nnyuuP9ViGCMwOxBDU4dfUo0Hjos5hH3xVLc0Hic/7 NKbZKJtatFtFq0TqNVD5kLai93ytfxT1CADQCj5KIfdJ1DMX22Te9FPjrUbCTqD7 d5BpoN9Tgz3uT/d1H/+2ZfVmv0CCgd76g29gKnvD3aMnsnllXdmpoEg8Pq+WwPay gG8dQyU7LrnVhjkp0fH7mfNbIa80R5vLC3MiHBQKZrI3ynfwa3FK0JIafcUN170f obqOW2HOBpssbnCkK6w82U5LrsP0jmeR6K8bZePtgA5mTgulszt3xHNPw7qAmvDV eudwqm3+cbbstV7ISPpT7Iz3jmi6zNBQ -----END CERTIFICATE-----Generated at Sun May 11 21:01:21 2025 by rpki-client