$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft File: 33HZn0zTs4Mms-1HyOSl35ieQvI.mft (raw, json) Hash identifier: tNiU53jLG/tkbptxCfYSSbZ7Hyp6b/94npThcLBnCCQ= Subject key identifier: 38:B4:D7:0E:55:38:9A:4D:DB:CB:17:D9:87:D6:FF:22:64:72:65:19 Authority key identifier: DF:71:D9:9F:4C:D3:B3:83:26:B3:ED:47:C8:E4:A5:DF:98:9E:42:F2 Certificate issuer: /CN=A915A0EE/serialNumber=DF71D99F4CD3B38326B3ED47C8E4A5DF989E42F2 Certificate serial: 0173 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/33HZn0zTs4Mms-1HyOSl35ieQvI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft Manifest number: 016E Signing time: Tue 13 May 2025 03:08:17 +0000 Manifest this update: Tue 13 May 2025 03:08:16 +0000 Manifest next update: Tue 20 May 2025 03:08:16 +0000 Files and hashes: 1: 33HZn0zTs4Mms-1HyOSl35ieQvI.crl (hash: pwfFvbkBE3mDpXMoawL7hlMxIZApI/8+xGsDVb1pjn4=) 2: 1BDBCE5013A011EE91039C41C4F9AE02.roa (hash: 22aaI99D5AWtJSeJ++1PDVBO7upMl84FHbNH+yIrm8U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.crl rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/33HZn0zTs4Mms-1HyOSl35ieQvI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 03:08:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 371 (0x173) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915A0EE, serialNumber=DF71D99F4CD3B38326B3ED47C8E4A5DF989E42F2 Validity Not Before: May 13 03:08:16 2025 GMT Not After : May 20 03:08:16 2025 GMT Subject: CN=6822b7a0-67a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:49:91:82:43:f1:d5:fd:8a:52:d9:58:60:07: 2a:99:d4:87:33:91:a1:f2:22:db:95:ac:a3:60:9c: d9:5a:a6:08:a8:fd:06:aa:75:24:dd:0c:05:56:89: 4a:cd:c5:d8:70:47:19:90:e1:a0:fa:f1:bf:6a:a1: b6:2f:a8:94:ba:b0:21:4f:e0:ea:38:c2:7d:78:d7: 5a:ec:b7:fc:61:3c:5a:d4:38:b0:e9:3b:85:96:be: c9:15:05:b0:c2:25:b4:b5:94:47:e6:11:57:a3:4b: 1f:b7:9e:57:05:cf:22:14:86:9b:1b:c7:4a:2e:ae: ed:b8:79:b5:cd:37:70:25:c1:75:16:4a:aa:ff:d9: d0:b0:ce:b8:e5:fd:cc:ed:9b:99:fd:45:67:d4:80: f1:65:d7:70:f6:51:fc:3a:96:b0:39:6d:13:4d:01: 70:db:fc:cf:9c:04:ef:15:da:90:da:0d:5b:eb:6f: c1:70:ce:74:44:39:4f:6b:18:7a:3b:a7:11:82:ca: 45:db:02:66:74:fb:70:09:1e:cc:75:d3:b7:45:37: 8a:0f:d8:7e:14:6a:90:e5:83:bd:f2:94:11:5e:b5: 03:23:05:4e:e5:b7:fb:2a:f7:c0:ba:6f:99:92:7f: 0a:a8:3e:7f:44:36:92:33:60:fa:35:e3:e1:99:82: 54:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:B4:D7:0E:55:38:9A:4D:DB:CB:17:D9:87:D6:FF:22:64:72:65:19 X509v3 Authority Key Identifier: keyid:DF:71:D9:9F:4C:D3:B3:83:26:B3:ED:47:C8:E4:A5:DF:98:9E:42:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/33HZn0zTs4Mms-1HyOSl35ieQvI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6b:6f:5b:62:be:35:01:16:0a:76:e0:58:a7:c7:14:c4:97:3c: 03:75:36:fa:71:fe:c6:c2:d9:66:c3:eb:9f:2b:59:23:09:94: 06:1e:c9:f3:da:dc:8d:61:46:06:f9:d1:fe:29:be:c4:f0:34: 67:67:63:30:30:4b:85:62:aa:8b:9d:8f:2e:ef:1d:66:b0:25: 69:a4:5b:23:97:b4:06:c4:4e:90:c9:fa:1f:70:80:c8:14:82: ad:07:b9:e0:12:26:6d:5f:73:bd:9b:16:ea:eb:87:c5:28:2f: 26:28:a1:bc:a5:f6:5b:04:6a:94:c9:e7:df:4a:63:c1:f7:f5: 69:94:6b:f9:54:86:f4:14:a7:ac:a1:bc:d8:e6:43:9c:af:a7: 08:94:15:c0:d3:d1:21:6d:c6:8b:68:2c:16:ab:59:81:cf:2b: 2a:18:ef:a6:9b:90:35:21:dc:84:d3:89:61:8f:68:83:78:a1: 07:02:0c:21:4b:62:53:1b:65:4f:82:8c:0a:f3:e8:3f:d3:f1: f0:41:c5:6d:aa:aa:3c:cb:73:fd:b7:7a:c2:cb:d1:ee:46:5a: 4b:b2:60:22:89:15:08:8b:98:38:11:55:9f:54:82:6e:cc:83: a5:27:62:c5:96:03:41:ac:cb:5f:e9:5e:c7:08:a4:b6:2e:52: 5a:44:f9:f7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUEwRUUxMTAvBgNVBAUTKERGNzFEOTlGNENEM0IzODMyNkIzRUQ0N0M4RTRBNURG OTg5RTQyRjIwHhcNMjUwNTEzMDMwODE2WhcNMjUwNTIwMDMwODE2WjAYMRYwFAYD VQQDEw02ODIyYjdhMC02N2EzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA70mRgkPx1f2KUtlYYAcqmdSHM5Gh8iLblayjYJzZWqYIqP0GqnUk3QwFVolK zcXYcEcZkOGg+vG/aqG2L6iUurAhT+DqOMJ9eNda7Lf8YTxa1Diw6TuFlr7JFQWw wiW0tZRH5hFXo0sft55XBc8iFIabG8dKLq7tuHm1zTdwJcF1Fkqq/9nQsM645f3M 7ZuZ/UVn1IDxZddw9lH8OpawOW0TTQFw2/zPnATvFdqQ2g1b62/BcM50RDlPaxh6 O6cRgspF2wJmdPtwCR7MddO3RTeKD9h+FGqQ5YO98pQRXrUDIwVO5bf7KvfAum+Z kn8KqD5/RDaSM2D6NePhmYJUVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDi01w5V OJpN28sX2YfW/yJkcmUZMB8GA1UdIwQYMBaAFN9x2Z9M07ODJrPtR8jkpd+YnkLy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBFRS81NUM4MDNDQTA5 QzAxMUVFQkUxMjU4M0FDNEY5QUUwMi8zM0habjB6VHM0TW1zLTFIeU9TbDM1aWVR dkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMzSFpuMHpUczRNbXMtMUh5T1NsMzVpZVF2SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 QTBFRS81NUM4MDNDQTA5QzAxMUVFQkUxMjU4M0FDNEY5QUUwMi8zM0habjB6VHM0 TW1zLTFIeU9TbDM1aWVRdkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBrb1tivjUBFgp24FinxxTElzwDdTb6cf7Gwtlmw+ufK1kjCZQGHsnz 2tyNYUYG+dH+Kb7E8DRnZ2MwMEuFYqqLnY8u7x1msCVppFsjl7QGxE6QyfofcIDI FIKtB7ngEiZtX3O9mxbq64fFKC8mKKG8pfZbBGqUyeffSmPB9/VplGv5VIb0FKes obzY5kOcr6cIlBXA09EhbcaLaCwWq1mBzysqGO+mm5A1IdyE04lhj2iDeKEHAgwh S2JTG2VPgowK8+g/0/HwQcVtqqo8y3P9t3rCy9HuRlpLsmAiiRUIi5g4EVWfVIJu zIOlJ2LFlgNBrMtf6V7HCKS2LlJaRPn3 -----END CERTIFICATE-----Generated at Wed May 14 16:22:19 2025 by rpki-client