$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft File: iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft (raw, json) Hash identifier: hw7uO3d7UdNqvTrnTGBSAxnatSRSfopatqfc5mxet6I= Subject key identifier: 89:25:26:6F:C7:CA:4D:33:01:85:EA:BC:96:21:AA:F6:2B:C5:C0:87 Authority key identifier: 88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 Certificate issuer: /CN=A9157DA0/serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Certificate serial: 3498 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft Manifest number: 3488 Signing time: Mon 12 May 2025 14:35:07 +0000 Manifest this update: Mon 12 May 2025 14:35:07 +0000 Manifest next update: Mon 19 May 2025 14:35:07 +0000 Files and hashes: 1: iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl (hash: QTeMzhnmiBMdXSo5R7CbF7Pd5jYryGahyJtVstxW/mE=) 2: E5A47506DFCE11EFBC4CD631C4F9AE02.roa (hash: c4SXQlCG+2MPlFiFY6VkhLPxbsV0onAe5fUK8o5OyyY=) 3: E52708AADFCE11EFBC4CD631C4F9AE02.roa (hash: /pC0o36JZbc/+sMAFn6ZasM1rRw+KC7uxqzujpRX3bY=) 4: E4BA3CE8DFCE11EFBC4CD631C4F9AE02.roa (hash: MbcvEjB6bBsz71diYW6luEzJdUqDQqlK0r5oh/a4AKQ=) 5: E7CA9A12F28F11EF94898048C4F9AE02.roa (hash: 81pcSGnQVVs4NUfFkM30moatmNOjQUrd7XABbRORB0M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 14:35:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13464 (0x3498) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DA0, serialNumber=8887CF6CF5102F0FB713F4C4A1BDE389481F1C44 Validity Not Before: May 12 14:35:07 2025 GMT Not After : May 19 14:35:07 2025 GMT Subject: CN=6822071b-6c5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:b4:02:57:d5:d3:14:50:a2:d2:ee:4a:62:22: 91:11:c2:e5:ac:bf:11:a4:ec:2c:fe:8a:d1:f5:ab: 9a:cc:89:e7:24:1c:62:59:91:18:10:e7:ea:20:fc: 71:c2:01:bd:d5:5b:0e:44:9b:d8:6c:37:5b:fd:25: c7:eb:07:e1:7f:fe:28:87:1f:3e:0d:26:8c:2a:51: 36:1a:a1:a8:2e:72:2b:f0:34:29:af:42:e8:81:69: 7c:d0:b5:70:43:57:c9:f0:21:81:c2:14:6e:f1:6b: d3:cf:be:4d:99:1e:6b:7c:39:8c:46:0e:cd:a8:05: ae:2e:09:b4:60:b1:d4:50:73:ac:77:e9:a0:b0:de: f1:ed:26:40:19:3e:24:0d:13:f8:3e:be:21:72:5a: f4:58:f6:13:a8:a3:05:10:cb:7c:3b:8e:51:1a:ff: 58:fc:13:ab:6a:24:40:fe:c5:64:55:b4:a4:27:e5: 22:1b:71:8d:0b:76:1b:9a:45:91:25:c8:cc:bc:48: 0d:c8:2c:ee:06:c2:04:69:0c:02:05:62:f9:33:80: f8:c9:be:8c:80:94:e8:e7:52:2e:ae:67:6a:be:93: ec:7d:7f:b2:06:4d:d7:86:c2:ff:1f:64:a2:67:92: 76:7f:26:99:20:71:7c:f7:7d:35:50:4e:95:7f:66: b0:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:25:26:6F:C7:CA:4D:33:01:85:EA:BC:96:21:AA:F6:2B:C5:C0:87 X509v3 Authority Key Identifier: keyid:88:87:CF:6C:F5:10:2F:0F:B7:13:F4:C4:A1:BD:E3:89:48:1F:1C:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA0/3A0D93101D8C11E28EFF57E708B02CD2/iIfPbPUQLw-3E_TEob3jiUgfHEQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 50:dd:1c:d4:0a:90:52:a2:ad:69:5b:8d:fc:b4:7b:e9:ce:71: 6b:44:c4:54:d6:b6:b1:a4:04:91:84:3b:35:28:42:01:c7:d4: d0:7b:72:52:29:76:f7:73:dc:72:07:46:87:6d:6c:8f:d2:21: e3:bb:76:42:e4:5d:32:80:25:82:ee:7f:72:03:b0:40:d8:d9: c2:79:29:c6:a1:f0:b0:58:0c:e2:4d:ee:2c:c4:6a:74:3c:d1: 62:76:ab:53:32:ef:fa:48:6a:ac:71:67:80:25:21:57:b4:2e: 43:c6:a7:62:00:f3:b7:d6:fb:b6:fb:8b:30:8b:f3:92:c5:d9: f4:6c:03:bc:aa:f2:0f:fa:bc:51:dd:a2:50:de:a7:70:b1:1e: fc:d2:fd:a6:b3:7e:79:1d:6e:28:2e:a2:6a:d2:a2:1b:7a:25: 07:0d:3c:02:6b:d2:33:fb:fc:21:2d:a1:9f:2a:b7:3e:64:52: c1:b8:c8:92:66:6f:e4:91:37:29:3d:1a:2f:7d:5f:ea:36:fc: d7:9a:9a:fc:87:2b:12:e8:c8:22:56:50:a1:61:8d:e4:b5:92: c2:d9:f4:e1:5e:2d:b4:31:1c:08:2a:d2:5e:7e:79:51:56:af: f9:75:05:df:07:1c:7c:c9:f6:97:7d:46:fa:d8:05:12:e5:4b: d1:39:16:72 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQTAxMTAvBgNVBAUTKDg4ODdDRjZDRjUxMDJGMEZCNzEzRjRDNEExQkRFMzg5 NDgxRjFDNDQwHhcNMjUwNTEyMTQzNTA3WhcNMjUwNTE5MTQzNTA3WjAYMRYwFAYD VQQDEw02ODIyMDcxYi02YzVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1bQCV9XTFFCi0u5KYiKREcLlrL8RpOws/orR9auazInnJBxiWZEYEOfqIPxx wgG91VsORJvYbDdb/SXH6wfhf/4ohx8+DSaMKlE2GqGoLnIr8DQpr0LogWl80LVw Q1fJ8CGBwhRu8WvTz75NmR5rfDmMRg7NqAWuLgm0YLHUUHOsd+mgsN7x7SZAGT4k DRP4Pr4hclr0WPYTqKMFEMt8O45RGv9Y/BOraiRA/sVkVbSkJ+UiG3GNC3YbmkWR JcjMvEgNyCzuBsIEaQwCBWL5M4D4yb6MgJTo51IurmdqvpPsfX+yBk3XhsL/H2Si Z5J2fyaZIHF89301UE6Vf2awbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIklJm/H yk0zAYXqvJYhqvYrxcCHMB8GA1UdIwQYMBaAFIiHz2z1EC8PtxP0xKG944lIHxxE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBMC8zQTBEOTMxMDFE OEMxMUUyOEVGRjU3RTcwOEIwMkNEMi9pSWZQYlBVUUx3LTNFX1RFb2IzamlVZ2ZI RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lJZlBiUFVRTHctM0VfVEVvYjNqaVVnZkhFUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0RBMC8zQTBEOTMxMDFEOEMxMUUyOEVGRjU3RTcwOEIwMkNEMi9pSWZQYlBVUUx3 LTNFX1RFb2IzamlVZ2ZIRVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBQ3RzUCpBSoq1pW438tHvpznFrRMRU1raxpASRhDs1KEIBx9TQe3JS KXb3c9xyB0aHbWyP0iHju3ZC5F0ygCWC7n9yA7BA2NnCeSnGofCwWAziTe4sxGp0 PNFidqtTMu/6SGqscWeAJSFXtC5DxqdiAPO31vu2+4swi/OSxdn0bAO8qvIP+rxR 3aJQ3qdwsR780v2ms355HW4oLqJq0qIbeiUHDTwCa9Iz+/whLaGfKrc+ZFLBuMiS Zm/kkTcpPRovfV/qNvzXmpr8hysS6MgiVlChYY3ktZLC2fThXi20MRwIKtJefnlR Vq/5dQXfBxx8yfaXfUb62AUS5UvRORZy -----END CERTIFICATE-----Generated at Mon May 12 23:01:20 2025 by rpki-client