$ rpki-client -vvf rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.mft File: 2CVmixrBt_OBXwe82lfnSMSWSpo.mft (raw, json) Hash identifier: TJL3JOEKEijC9KQoPUaDNYEh6qU33w1jzf9TDSG8da0= Subject key identifier: DB:B0:49:23:E6:58:A6:2D:20:5F:37:1B:C1:34:65:78:6C:61:DC:67 Authority key identifier: D8:25:66:8B:1A:C1:B7:F3:81:5F:07:BC:DA:57:E7:48:C4:96:4A:9A Certificate issuer: /CN=A91756C3/serialNumber=D825668B1AC1B7F3815F07BCDA57E748C4964A9A Certificate serial: 35 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CVmixrBt_OBXwe82lfnSMSWSpo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.mft Manifest number: 34 Signing time: Sun 11 May 2025 06:20:27 +0000 Manifest this update: Sun 11 May 2025 06:20:26 +0000 Manifest next update: Sun 18 May 2025 06:20:26 +0000 Files and hashes: 1: 2CVmixrBt_OBXwe82lfnSMSWSpo.crl (hash: kjUr+EwxD+TjZ7Ji3B/lv9ej59kDWh1KlMgFrslzRfc=) 2: 00078764E06811EF8716401DC4F9AE02.roa (hash: xskJHyJy9wOT0np+Xdp4jl5Zejz4/7Uevmd8xiyRBK0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.crl rsync://rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CVmixrBt_OBXwe82lfnSMSWSpo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 06:20:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53 (0x35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91756C3, serialNumber=D825668B1AC1B7F3815F07BCDA57E748C4964A9A Validity Not Before: May 11 06:20:26 2025 GMT Not After : May 18 06:20:26 2025 GMT Subject: CN=682041aa-73b7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:8a:c4:a7:56:35:2b:fc:7f:c3:ad:b4:32:c9: 43:39:82:98:7c:7d:e7:97:55:58:88:1a:7b:7f:47: ee:98:2f:e7:51:91:f3:65:74:1c:d3:90:02:fb:b7: d9:16:7f:1a:ac:74:63:78:06:61:0e:c0:1f:91:04: 34:b0:f9:4c:4d:03:ea:45:86:74:65:e3:bf:79:6a: a1:c7:bb:42:09:86:e9:dd:8a:a0:46:13:74:dc:6d: f7:55:f9:82:28:25:1e:54:17:ae:26:45:33:6e:53: 91:30:ef:7d:b1:54:4f:fb:4e:22:84:e0:96:5a:a4: f6:8d:6a:17:e6:3e:88:7e:c1:b3:df:5a:f9:ed:b9: 0f:93:35:e7:f5:03:90:23:a7:ca:76:ba:d5:5a:b9: 2d:bd:85:0b:77:d8:d4:68:f8:32:d8:60:8c:9f:c6: 8a:2b:f6:60:4a:09:c2:90:6d:2e:d2:03:0c:04:2c: ac:d8:23:9f:17:2c:44:a0:4c:4b:3f:c1:96:e7:46: 5a:6b:d6:5e:36:72:53:65:2f:ae:6a:7b:30:d2:ec: 10:c4:d9:6d:54:32:46:41:42:be:8a:b8:8a:8e:fa: 8b:b4:bc:cc:fc:32:e8:32:0b:c6:f5:82:e6:30:8a: 2c:90:b8:74:17:6e:42:3f:7f:67:e4:33:f2:0d:52: e9:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:B0:49:23:E6:58:A6:2D:20:5F:37:1B:C1:34:65:78:6C:61:DC:67 X509v3 Authority Key Identifier: keyid:D8:25:66:8B:1A:C1:B7:F3:81:5F:07:BC:DA:57:E7:48:C4:96:4A:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CVmixrBt_OBXwe82lfnSMSWSpo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:bf:8f:20:2a:27:0d:65:a9:17:6f:2c:5f:44:f9:84:3e:f7: ae:9e:a5:cc:f1:63:04:1f:3f:0a:15:c6:d9:c0:fe:6a:1f:7b: 2d:f1:25:6c:3f:5f:d3:01:68:80:c4:26:24:8d:75:a6:95:8e: bf:5f:1e:15:d8:09:77:d4:32:47:3a:87:68:5c:cc:96:72:b8: 58:5f:b1:c4:fc:8f:ab:8f:be:e9:ff:7e:ec:65:51:72:76:a6: 6c:07:5c:24:f5:5b:5e:14:fb:8c:eb:bb:71:3f:65:4b:9b:c2: f2:6e:e0:db:5c:9a:2c:c7:b2:da:ec:c8:6c:25:70:48:61:6c: 3c:af:09:5b:b2:96:4c:52:5e:b3:f2:a5:1b:e1:df:c9:ea:a5: 32:d6:a9:9a:16:3f:91:03:b0:db:0c:78:3c:ad:a0:e0:ee:28: 26:82:f7:93:48:95:8a:a5:ee:45:11:7c:59:04:bb:46:74:a1: 46:93:e0:2a:64:9e:e0:48:34:05:56:ee:01:1a:dd:f3:79:ec: aa:75:63:a0:ac:ae:ca:ff:b5:b3:ac:61:4f:77:8a:57:87:82: 78:4b:10:6c:f4:de:69:ef:54:d0:f0:15:7c:e9:b8:e8:8a:a9: 7a:26:04:cf:10:fe:15:f3:82:61:2f:3f:07:ea:31:61:ff:5c: f2:3f:45:3a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 NTZDMzExMC8GA1UEBRMoRDgyNTY2OEIxQUMxQjdGMzgxNUYwN0JDREE1N0U3NDhD NDk2NEE5QTAeFw0yNTA1MTEwNjIwMjZaFw0yNTA1MTgwNjIwMjZaMBgxFjAUBgNV BAMTDTY4MjA0MWFhLTczYjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDBisSnVjUr/H/DrbQyyUM5gph8feeXVViIGnt/R+6YL+dRkfNldBzTkAL7t9kW fxqsdGN4BmEOwB+RBDSw+UxNA+pFhnRl4795aqHHu0IJhundiqBGE3TcbfdV+YIo JR5UF64mRTNuU5Ew732xVE/7TiKE4JZapPaNahfmPoh+wbPfWvntuQ+TNef1A5Aj p8p2utVauS29hQt32NRo+DLYYIyfxoor9mBKCcKQbS7SAwwELKzYI58XLESgTEs/ wZbnRlpr1l42clNlL65qezDS7BDE2W1UMkZBQr6KuIqO+ou0vMz8MugyC8b1guYw iiyQuHQXbkI/f2fkM/INUum1AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU27BJI+ZY pi0gXzcbwTRleGxh3GcwHwYDVR0jBBgwFoAU2CVmixrBt/OBXwe82lfnSMSWSpow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1NkMzLzVCRjUxOTJBRTA2 NzExRUZCQzNEMTcxQkM0RjlBRTAyLzJDVm1peHJCdF9PQlh3ZTgybGZuU01TV1Nw by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMkNWbWl4ckJ0X09CWHdlODJsZm5TTVNXU3BvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTc1 NkMzLzVCRjUxOTJBRTA2NzExRUZCQzNEMTcxQkM0RjlBRTAyLzJDVm1peHJCdF9P Qlh3ZTgybGZuU01TV1Nwby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIC/jyAqJw1lqRdvLF9E+YQ+966epczxYwQfPwoVxtnA/mofey3xJWw/ X9MBaIDEJiSNdaaVjr9fHhXYCXfUMkc6h2hczJZyuFhfscT8j6uPvun/fuxlUXJ2 pmwHXCT1W14U+4zru3E/ZUubwvJu4NtcmizHstrsyGwlcEhhbDyvCVuylkxSXrPy pRvh38nqpTLWqZoWP5EDsNsMeDytoODuKCaC95NIlYql7kURfFkEu0Z0oUaT4Cpk nuBINAVW7gEa3fN57Kp1Y6Csrsr/tbOsYU93ileHgnhLEGz03mnvVNDwFXzpuOiK qXomBM8Q/hXzgmEvPwfqMWH/XPI/RTo= -----END CERTIFICATE-----Generated at Mon May 12 18:19:00 2025 by rpki-client