$ rpki-client -vvf rpki.apnic.net/member_repository/A917B633/D0AB93E486D911EF8B8BEB1FC4F9AE02/E9ehO0I7tuh6GnW3ST8LwZ0M6qM.mft File: E9ehO0I7tuh6GnW3ST8LwZ0M6qM.mft (raw, json) Hash identifier: tsvD5VPmv6o3R2auzf42DHlArLdaxDzYGhTqdSXD00I= Subject key identifier: 9E:C1:B5:22:34:E6:1B:08:7D:1A:06:77:2F:68:46:6C:95:FD:8A:15 Authority key identifier: 13:D7:A1:3B:42:3B:B6:E8:7A:1A:75:B7:49:3F:0B:C1:9D:0C:EA:A3 Certificate issuer: /CN=A917B633/serialNumber=13D7A13B423BB6E87A1A75B7493F0BC19D0CEAA3 Certificate serial: 72 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/E9ehO0I7tuh6GnW3ST8LwZ0M6qM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917B633/D0AB93E486D911EF8B8BEB1FC4F9AE02/E9ehO0I7tuh6GnW3ST8LwZ0M6qM.mft Manifest number: 71 Signing time: Thu 15 May 2025 06:06:57 +0000 Manifest this update: Thu 15 May 2025 06:06:56 +0000 Manifest next update: Thu 22 May 2025 06:06:56 +0000 Files and hashes: 1: E9ehO0I7tuh6GnW3ST8LwZ0M6qM.crl (hash: cjt0TdXPXXDlSe85ToYV1oV5Ohdx1eHtLAwsfH0k914=) 2: 3E4867CC86DC11EFA6022627C4F9AE02.roa (hash: kBrZwIHTbaSnaE7XdLULllQIjEnMuSEphHZrV4DhNKM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917B633/D0AB93E486D911EF8B8BEB1FC4F9AE02/E9ehO0I7tuh6GnW3ST8LwZ0M6qM.crl rsync://rpki.apnic.net/member_repository/A917B633/D0AB93E486D911EF8B8BEB1FC4F9AE02/E9ehO0I7tuh6GnW3ST8LwZ0M6qM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/E9ehO0I7tuh6GnW3ST8LwZ0M6qM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 06:06:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 114 (0x72) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917B633, serialNumber=13D7A13B423BB6E87A1A75B7493F0BC19D0CEAA3 Validity Not Before: May 15 06:06:56 2025 GMT Not After : May 22 06:06:56 2025 GMT Subject: CN=68258480-a2ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:cd:77:0d:ae:be:50:53:c5:06:12:36:f5:f8: d5:80:01:ba:a1:c7:59:a1:57:3c:89:48:ca:0f:7c: 36:ba:10:b3:2d:b6:3f:29:38:39:66:40:b9:ee:ee: 0e:62:de:25:64:f1:cb:a3:3f:e5:47:54:be:1b:30: 06:64:7a:e6:57:ee:86:28:ee:69:94:88:d6:23:a1: e0:79:b6:e5:c3:ad:4d:15:7a:50:65:70:aa:03:ba: 84:ea:8b:7e:1f:61:3b:27:07:9e:8a:1f:10:f3:de: ca:da:b9:f4:a6:de:01:0b:2b:e5:6c:01:83:aa:84: 97:36:2f:44:9f:24:72:d9:46:b0:5b:df:0d:c2:68: c9:90:30:4c:79:5d:20:ab:3d:d6:80:cb:25:c1:b1: d3:14:46:5b:5d:ac:84:1d:4e:2b:43:2d:db:e0:3e: 39:0c:88:18:99:7f:eb:ff:3a:15:20:f2:2b:86:ce: 58:f5:3d:98:15:7b:4f:5d:e9:4b:91:1c:c3:6a:7c: 65:5e:3c:22:a3:34:b9:ae:9a:45:ba:96:97:eb:be: 2a:20:0f:32:ba:4c:eb:35:3b:87:40:be:24:c0:ea: a8:4c:1f:ea:1d:bf:95:92:84:9c:52:57:f9:5b:d3: 4d:7d:b2:41:5b:ca:34:91:16:33:0c:72:20:b9:1b: af:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:C1:B5:22:34:E6:1B:08:7D:1A:06:77:2F:68:46:6C:95:FD:8A:15 X509v3 Authority Key Identifier: keyid:13:D7:A1:3B:42:3B:B6:E8:7A:1A:75:B7:49:3F:0B:C1:9D:0C:EA:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917B633/D0AB93E486D911EF8B8BEB1FC4F9AE02/E9ehO0I7tuh6GnW3ST8LwZ0M6qM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/E9ehO0I7tuh6GnW3ST8LwZ0M6qM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917B633/D0AB93E486D911EF8B8BEB1FC4F9AE02/E9ehO0I7tuh6GnW3ST8LwZ0M6qM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:0a:b8:3f:44:10:37:6a:86:81:37:7b:fb:81:bc:3d:c0:89: f6:fc:50:aa:bb:b4:62:9e:4d:7c:8f:9a:b9:ea:bc:3a:6d:04: 17:d3:50:63:d2:e5:5d:14:88:65:e9:34:45:c4:c6:08:c4:d2: 9d:99:67:bc:65:aa:76:89:89:d8:d3:4a:5d:cc:9e:af:f4:11: 8b:15:c3:b9:53:7a:ce:0e:6a:75:bb:e6:33:f2:8a:03:fa:02: eb:8d:11:11:1a:21:53:04:6f:db:c2:83:e4:84:b1:db:86:30: 15:85:d0:71:ee:2a:d5:b9:54:e2:2e:b1:cc:c5:c5:32:9c:3b: 88:41:3d:64:3a:eb:54:25:57:38:7c:66:e3:a7:74:24:10:3c: 1f:8f:32:13:3f:e5:61:6f:97:a6:e2:58:90:e1:ac:65:98:28: 14:e0:2e:88:40:58:cf:d9:25:4e:a2:cb:f1:e0:fc:a9:1c:33: 59:f0:86:82:40:34:d1:b1:3a:7e:b4:4e:52:1b:4d:04:9c:3b: ab:0e:f6:87:2d:87:72:c7:5f:cc:0d:96:63:34:5d:e1:e1:b2: 03:6c:27:d4:1b:75:ac:9a:f3:3a:dc:21:da:64:9e:e1:64:da: 2f:81:f2:eb:5b:05:e7:93:7c:5d:2c:98:5e:9e:6b:76:ef:12: fa:5a:dd:e3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBcjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 QjYzMzExMC8GA1UEBRMoMTNEN0ExM0I0MjNCQjZFODdBMUE3NUI3NDkzRjBCQzE5 RDBDRUFBMzAeFw0yNTA1MTUwNjA2NTZaFw0yNTA1MjIwNjA2NTZaMBgxFjAUBgNV BAMTDTY4MjU4NDgwLWEyY2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDUzXcNrr5QU8UGEjb1+NWAAbqhx1mhVzyJSMoPfDa6ELMttj8pODlmQLnu7g5i 3iVk8cujP+VHVL4bMAZkeuZX7oYo7mmUiNYjoeB5tuXDrU0VelBlcKoDuoTqi34f YTsnB56KHxDz3sraufSm3gELK+VsAYOqhJc2L0SfJHLZRrBb3w3CaMmQMEx5XSCr PdaAyyXBsdMURltdrIQdTitDLdvgPjkMiBiZf+v/OhUg8iuGzlj1PZgVe09d6UuR HMNqfGVePCKjNLmumkW6lpfrviogDzK6TOs1O4dAviTA6qhMH+odv5WShJxSV/lb 0019skFbyjSRFjMMciC5G68JAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUnsG1IjTm Gwh9GgZ3L2hGbJX9ihUwHwYDVR0jBBgwFoAUE9ehO0I7tuh6GnW3ST8LwZ0M6qMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdCNjMzL0QwQUI5M0U0ODZE OTExRUY4QjhCRUIxRkM0RjlBRTAyL0U5ZWhPMEk3dHVoNkduVzNTVDhMd1owTTZx TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvRTllaE8wSTd0dWg2R25XM1NUOEx3WjBNNnFNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdC NjMzL0QwQUI5M0U0ODZEOTExRUY4QjhCRUIxRkM0RjlBRTAyL0U5ZWhPMEk3dHVo NkduVzNTVDhMd1owTTZxTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAcKuD9EEDdqhoE3e/uBvD3Aifb8UKq7tGKeTXyPmrnqvDptBBfTUGPS 5V0UiGXpNEXExgjE0p2ZZ7xlqnaJidjTSl3Mnq/0EYsVw7lTes4OanW75jPyigP6 AuuNEREaIVMEb9vCg+SEsduGMBWF0HHuKtW5VOIusczFxTKcO4hBPWQ661QlVzh8 ZuOndCQQPB+PMhM/5WFvl6biWJDhrGWYKBTgLohAWM/ZJU6iy/Hg/KkcM1nwhoJA NNGxOn60TlIbTQScO6sO9octh3LHX8wNlmM0XeHhsgNsJ9Qbdaya8zrcIdpknuFk 2i+B8utbBeeTfF0smF6ea3bvEvpa3eM= -----END CERTIFICATE-----Generated at Thu May 15 22:34:16 2025 by rpki-client