$ rpki-client -vvf rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft File: CmH1ryEJpoNhH7ogbyCM7-NImCE.mft (raw, json) Hash identifier: 31KQjqCa5RjpHCLS0ZQq0Wp4S8zuXiLVE6Ct7A7cBos= Subject key identifier: 0C:A0:C9:93:E9:77:9F:04:E5:E1:98:64:72:CE:71:EB:AE:85:B3:F9 Authority key identifier: 0A:61:F5:AF:21:09:A6:83:61:1F:BA:20:6F:20:8C:EF:E3:48:98:21 Certificate issuer: /CN=A91559AC/serialNumber=0A61F5AF2109A683611FBA206F208CEFE3489821 Certificate serial: 0A80 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmH1ryEJpoNhH7ogbyCM7-NImCE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft Manifest number: 0A8C Signing time: Mon 12 May 2025 19:29:10 +0000 Manifest this update: Mon 12 May 2025 19:29:10 +0000 Manifest next update: Mon 19 May 2025 19:29:10 +0000 Files and hashes: 1: CmH1ryEJpoNhH7ogbyCM7-NImCE.crl (hash: +YWQ686pjgyjs/HzLHEGw60Y3XsTSke3EaT18KTDWs0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.crl rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmH1ryEJpoNhH7ogbyCM7-NImCE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 19:29:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2688 (0xa80) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91559AC, serialNumber=0A61F5AF2109A683611FBA206F208CEFE3489821 Validity Not Before: May 12 19:29:10 2025 GMT Not After : May 19 19:29:10 2025 GMT Subject: CN=68224c06-f8c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:1b:5f:7d:99:e6:55:39:20:5d:52:0e:1d:3a: fe:c7:ff:5e:73:19:db:e8:e5:b6:24:62:46:12:05: 73:e0:ca:2a:57:1f:7d:06:fb:46:f4:20:04:91:0c: ab:f4:73:13:bb:03:a0:8c:cf:5f:8c:90:d9:6a:40: f7:01:93:87:ec:9c:eb:b5:8c:72:15:e1:8b:98:02: 57:fe:32:00:a7:da:8c:9f:9d:cd:f2:a7:83:7e:e7: 54:ae:78:c6:35:9f:0c:ff:3f:7a:ec:6d:e5:f2:04: 33:67:01:25:9a:a6:7d:e4:8b:aa:ba:87:2a:c6:13: 05:1a:72:3a:47:4e:06:a9:f6:75:8f:79:77:8c:87: 3b:7e:a5:7a:29:9c:9c:be:17:aa:4a:6b:b1:48:81: ea:81:ae:87:3d:b4:7b:69:85:94:b1:55:87:71:c8: e7:ff:89:ad:05:a3:ec:4f:25:c9:82:76:11:57:87: 06:80:a5:89:dd:0e:87:81:8a:d1:56:68:9a:26:9e: df:52:bc:d2:86:8d:2c:6a:45:e5:8e:82:fa:00:1f: 92:52:4c:f3:ef:b1:61:bd:48:83:6b:81:75:fe:71: f2:86:54:65:c1:53:9f:9d:67:f7:9e:c1:9f:14:81: a9:29:df:1e:91:00:b7:77:75:ae:a4:72:aa:c6:6a: cd:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:A0:C9:93:E9:77:9F:04:E5:E1:98:64:72:CE:71:EB:AE:85:B3:F9 X509v3 Authority Key Identifier: keyid:0A:61:F5:AF:21:09:A6:83:61:1F:BA:20:6F:20:8C:EF:E3:48:98:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmH1ryEJpoNhH7ogbyCM7-NImCE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:c2:9d:6f:d7:3c:6b:35:fb:41:10:3c:da:1a:61:28:5f:7d: 42:a3:d9:5f:97:05:94:26:f7:ef:d4:72:5e:aa:91:1e:11:df: 26:06:0a:af:ab:67:24:ab:2e:7b:8e:5d:be:fa:d9:d1:eb:86: 34:3f:ae:3b:b1:a4:42:1b:92:23:a1:7d:e9:0f:4f:56:90:eb: 78:89:73:94:e4:f3:e1:d8:9e:0f:6b:c6:9a:65:a4:78:62:c1: 74:2e:4a:c8:12:4a:fa:de:52:1d:30:f2:22:da:29:62:93:4b: 68:55:71:6f:aa:5c:8d:95:43:65:14:0c:89:e4:e9:a5:6d:53: 21:2c:c5:1c:89:48:77:eb:57:1d:dc:60:82:4c:c1:38:fb:3c: f0:8a:33:6b:52:85:2c:88:74:11:b9:8e:5b:a5:8b:40:6d:74: 92:63:ff:f2:8c:26:84:b1:ca:76:85:8c:73:2f:e4:a1:83:0b: fa:4d:af:9d:90:83:fb:a0:2a:7e:9a:9d:ab:ce:3a:55:91:86: 25:a8:21:dd:61:c7:1d:b2:1f:b8:21:72:02:9a:11:fd:16:f3: 72:89:79:d2:a1:16:b0:62:1e:ca:b1:f2:bf:9e:95:12:85:b6: 81:24:fa:c8:30:e5:66:78:cd:65:b8:f8:42:fa:30:1a:30:2c: 7e:32:e6:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCoAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTU5QUMxMTAvBgNVBAUTKDBBNjFGNUFGMjEwOUE2ODM2MTFGQkEyMDZGMjA4Q0VG RTM0ODk4MjEwHhcNMjUwNTEyMTkyOTEwWhcNMjUwNTE5MTkyOTEwWjAYMRYwFAYD VQQDEw02ODIyNGMwNi1mOGMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqRtffZnmVTkgXVIOHTr+x/9ecxnb6OW2JGJGEgVz4MoqVx99BvtG9CAEkQyr 9HMTuwOgjM9fjJDZakD3AZOH7JzrtYxyFeGLmAJX/jIAp9qMn53N8qeDfudUrnjG NZ8M/z967G3l8gQzZwElmqZ95IuquocqxhMFGnI6R04GqfZ1j3l3jIc7fqV6KZyc vheqSmuxSIHqga6HPbR7aYWUsVWHccjn/4mtBaPsTyXJgnYRV4cGgKWJ3Q6HgYrR VmiaJp7fUrzSho0sakXljoL6AB+SUkzz77FhvUiDa4F1/nHyhlRlwVOfnWf3nsGf FIGpKd8ekQC3d3WupHKqxmrNgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAygyZPp d58E5eGYZHLOceuuhbP5MB8GA1UdIwQYMBaAFAph9a8hCaaDYR+6IG8gjO/jSJgh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTlBQy9DMDYxMzUxNjVG OEQxMUVBQjUwMEJENjRDNEY5QUUwMi9DbUgxcnlFSnBvTmhIN29nYnlDTTctTklt Q0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NtSDFyeUVKcG9OaEg3b2dieUNNNy1OSW1DRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NTlBQy9DMDYxMzUxNjVGOEQxMUVBQjUwMEJENjRDNEY5QUUwMi9DbUgxcnlFSnBv TmhIN29nYnlDTTctTkltQ0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCPwp1v1zxrNftBEDzaGmEoX31Co9lflwWUJvfv1HJeqpEeEd8mBgqv q2ckqy57jl2++tnR64Y0P647saRCG5IjoX3pD09WkOt4iXOU5PPh2J4Pa8aaZaR4 YsF0LkrIEkr63lIdMPIi2ilik0toVXFvqlyNlUNlFAyJ5OmlbVMhLMUciUh361cd 3GCCTME4+zzwijNrUoUsiHQRuY5bpYtAbXSSY//yjCaEscp2hYxzL+Shgwv6Ta+d kIP7oCp+mp2rzjpVkYYlqCHdYccdsh+4IXICmhH9FvNyiXnSoRawYh7KsfK/npUS hbaBJPrIMOVmeM1luPhC+jAaMCx+MuZG -----END CERTIFICATE-----Generated at Tue May 13 11:41:30 2025 by rpki-client