$ rpki-client -vvf rpki.apnic.net/member_repository/A9167B41/E790F9AADF3811ECBC8C9A7FC4F9AE02/fd08hfmnH2JfzMEMqDHld3CbTz8.mft File: fd08hfmnH2JfzMEMqDHld3CbTz8.mft (raw, json) Hash identifier: Tz0HaJH3XFxXlHPFfVaWcFKWfgUqVv3wE4PI0yetB+o= Subject key identifier: 98:13:1C:96:91:B3:03:23:36:9F:5A:6F:BA:82:16:75:42:2D:AC:FC Authority key identifier: 7D:DD:3C:85:F9:A7:1F:62:5F:CC:C1:0C:A8:31:E5:77:70:9B:4F:3F Certificate issuer: /CN=A9167B41/serialNumber=7DDD3C85F9A71F625FCCC10CA831E577709B4F3F Certificate serial: 02E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fd08hfmnH2JfzMEMqDHld3CbTz8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167B41/E790F9AADF3811ECBC8C9A7FC4F9AE02/fd08hfmnH2JfzMEMqDHld3CbTz8.mft Manifest number: 02E5 Signing time: Tue 13 May 2025 01:07:35 +0000 Manifest this update: Tue 13 May 2025 01:07:34 +0000 Manifest next update: Tue 20 May 2025 01:07:34 +0000 Files and hashes: 1: fd08hfmnH2JfzMEMqDHld3CbTz8.crl (hash: zP+i887Cwp0WN1w/+/ezMbYz3WoNMcYO8tT7zckJ8/U=) 2: D24B4D42DF3E11EC83CCFE1EC4F9AE02.roa (hash: kgM5o3dXNIi7eIMjv0bZ11gFzEgmzlkUXlFL5nbPJ3g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167B41/E790F9AADF3811ECBC8C9A7FC4F9AE02/fd08hfmnH2JfzMEMqDHld3CbTz8.crl rsync://rpki.apnic.net/member_repository/A9167B41/E790F9AADF3811ECBC8C9A7FC4F9AE02/fd08hfmnH2JfzMEMqDHld3CbTz8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fd08hfmnH2JfzMEMqDHld3CbTz8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 01:07:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 744 (0x2e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167B41, serialNumber=7DDD3C85F9A71F625FCCC10CA831E577709B4F3F Validity Not Before: May 13 01:07:34 2025 GMT Not After : May 20 01:07:34 2025 GMT Subject: CN=68229b56-83c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:48:6c:09:c9:12:16:63:68:c4:94:c0:ff:c5: 1c:84:91:8e:cf:f6:d1:1d:44:05:6d:e1:92:42:12: 64:74:74:32:c5:73:d1:8a:5a:7a:f4:0a:58:d8:50: 15:6c:77:8d:cc:2f:7d:5a:f1:85:bb:fe:ce:b3:09: ec:e1:e5:63:d3:d0:28:79:d2:7e:78:dc:22:2c:74: 46:80:93:7a:49:f2:59:90:6a:2d:eb:72:09:65:2a: b9:f2:da:93:b5:f4:f0:11:13:ef:b6:a7:95:1f:a6: ce:8c:fb:34:c2:b3:66:01:dd:45:cc:c6:af:9b:1a: d4:6e:da:87:7c:d4:44:71:cf:33:43:49:75:ae:ca: 1e:6e:4b:a5:48:98:6f:28:17:b3:a5:1c:d9:97:8b: 73:82:ff:3d:e7:9c:05:fa:91:06:8f:57:05:12:d9: 99:39:79:36:ca:52:3f:0f:88:40:ff:54:46:f2:f7: 00:dd:d9:16:da:99:08:fc:da:d4:be:06:9c:cb:18: b6:b2:b6:c6:32:d2:cd:0d:9d:0a:83:fb:14:d3:9a: 27:0b:da:a5:29:e8:c2:a1:f6:c3:1d:ec:39:31:06: c6:71:17:0d:b1:d6:f1:8d:8b:0e:b5:e5:6e:5d:5a: cb:b7:46:e6:4c:ef:d0:ea:1c:de:ca:c9:15:d0:db: 97:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:13:1C:96:91:B3:03:23:36:9F:5A:6F:BA:82:16:75:42:2D:AC:FC X509v3 Authority Key Identifier: keyid:7D:DD:3C:85:F9:A7:1F:62:5F:CC:C1:0C:A8:31:E5:77:70:9B:4F:3F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167B41/E790F9AADF3811ECBC8C9A7FC4F9AE02/fd08hfmnH2JfzMEMqDHld3CbTz8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fd08hfmnH2JfzMEMqDHld3CbTz8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167B41/E790F9AADF3811ECBC8C9A7FC4F9AE02/fd08hfmnH2JfzMEMqDHld3CbTz8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 83:41:d3:e1:e0:c7:eb:0f:09:4f:e9:e1:07:a8:36:5e:ff:7c: c4:6a:ea:c0:46:9e:2a:d3:5e:32:42:4e:88:9a:16:74:f0:5f: 7d:b1:e9:1d:57:d8:5f:64:0c:e8:e8:70:68:c8:62:14:6d:b3: f5:ae:1f:5a:a7:01:c5:bc:5e:22:02:5d:b1:f4:ff:e9:ca:a2: 51:a9:b4:34:46:6a:96:ce:aa:93:8b:b5:70:f2:17:e6:a2:b5: af:46:84:ea:9e:7c:b9:93:a3:9d:2a:b0:a2:17:6a:41:1f:5e: 72:d7:7e:ce:22:d7:7d:fb:4c:f5:12:a4:3d:e7:e5:85:99:32: 82:27:0f:47:e6:11:c9:ab:12:a3:79:02:f5:4f:54:cd:51:14: b4:b7:fb:f0:99:cd:55:d5:c4:a1:7f:11:3a:41:83:82:ff:34: 8b:00:cf:b7:73:34:b3:f7:3f:2f:8c:10:85:71:22:ee:de:0f: f9:cf:4b:65:0e:69:cd:74:d8:de:d0:ea:98:fc:fb:5d:aa:79: 5f:8f:28:37:ff:84:3c:76:6b:66:86:32:0e:04:d0:90:a9:ce: 95:3a:1b:bf:93:72:42:e9:eb:2d:2f:9a:8f:bd:97:51:41:74: ab:01:4d:d6:15:0f:b1:90:4e:10:80:54:26:b9:7c:f6:2d:ad: 39:5a:19:be -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAugwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjdCNDExMTAvBgNVBAUTKDdEREQzQzg1RjlBNzFGNjI1RkNDQzEwQ0E4MzFFNTc3 NzA5QjRGM0YwHhcNMjUwNTEzMDEwNzM0WhcNMjUwNTIwMDEwNzM0WjAYMRYwFAYD VQQDEw02ODIyOWI1Ni04M2M3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoUhsCckSFmNoxJTA/8UchJGOz/bRHUQFbeGSQhJkdHQyxXPRilp69ApY2FAV bHeNzC99WvGFu/7Oswns4eVj09AoedJ+eNwiLHRGgJN6SfJZkGot63IJZSq58tqT tfTwERPvtqeVH6bOjPs0wrNmAd1FzMavmxrUbtqHfNREcc8zQ0l1rsoebkulSJhv KBezpRzZl4tzgv8955wF+pEGj1cFEtmZOXk2ylI/D4hA/1RG8vcA3dkW2pkI/NrU vgacyxi2srbGMtLNDZ0Kg/sU05onC9qlKejCofbDHew5MQbGcRcNsdbxjYsOteVu XVrLt0bmTO/Q6hzeyskV0NuXEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJgTHJaR swMjNp9ab7qCFnVCLaz8MB8GA1UdIwQYMBaAFH3dPIX5px9iX8zBDKgx5Xdwm08/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0I0MS9FNzkwRjlBQURG MzgxMUVDQkM4QzlBN0ZDNEY5QUUwMi9mZDA4aGZtbkgySmZ6TUVNcURIbGQzQ2JU ejguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZkMDhoZm1uSDJKZnpNRU1xREhsZDNDYlR6OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 N0I0MS9FNzkwRjlBQURGMzgxMUVDQkM4QzlBN0ZDNEY5QUUwMi9mZDA4aGZtbkgy SmZ6TUVNcURIbGQzQ2JUejgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCDQdPh4MfrDwlP6eEHqDZe/3zEaurARp4q014yQk6ImhZ08F99sekd V9hfZAzo6HBoyGIUbbP1rh9apwHFvF4iAl2x9P/pyqJRqbQ0RmqWzqqTi7Vw8hfm orWvRoTqnny5k6OdKrCiF2pBH15y137OItd9+0z1EqQ95+WFmTKCJw9H5hHJqxKj eQL1T1TNURS0t/vwmc1V1cShfxE6QYOC/zSLAM+3czSz9z8vjBCFcSLu3g/5z0tl DmnNdNje0OqY/Ptdqnlfjyg3/4Q8dmtmhjIOBNCQqc6VOhu/k3JC6estL5qPvZdR QXSrAU3WFQ+xkE4QgFQmuXz2La05Whm+ -----END CERTIFICATE-----Generated at Tue May 13 03:56:51 2025 by rpki-client