$ rpki-client -vvf rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/B4tKgNHf5sBSUzqtsZU0rFmjlUs.mft File: B4tKgNHf5sBSUzqtsZU0rFmjlUs.mft (raw, json) Hash identifier: IUFrK80SgpKlGFwygZTSN1itb6g2Dz+ktsTGs8HYEyo= Subject key identifier: 44:39:DB:43:FC:25:03:C2:33:ED:F4:2C:25:CB:A0:33:7F:2A:15:86 Authority key identifier: 07:8B:4A:80:D1:DF:E6:C0:52:53:3A:AD:B1:95:34:AC:59:A3:95:4B Certificate issuer: /CN=A917C5E0/serialNumber=078B4A80D1DFE6C052533AADB19534AC59A3954B Certificate serial: 92 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B4tKgNHf5sBSUzqtsZU0rFmjlUs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/B4tKgNHf5sBSUzqtsZU0rFmjlUs.mft Manifest number: 90 Signing time: Thu 15 May 2025 05:42:22 +0000 Manifest this update: Thu 15 May 2025 05:42:22 +0000 Manifest next update: Thu 22 May 2025 05:42:22 +0000 Files and hashes: 1: B4tKgNHf5sBSUzqtsZU0rFmjlUs.crl (hash: kWCI0NVH7eLDpu9+z2vAXTTtj5qa60yfeBRYpBekRFk=) 2: 335E880A5A1811EFB08E4F38C4F9AE02.roa (hash: uB7Em80PKGY4uO2oMYJtskRF61M8oMXLAmFb1PjEp7E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/B4tKgNHf5sBSUzqtsZU0rFmjlUs.crl rsync://rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/B4tKgNHf5sBSUzqtsZU0rFmjlUs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B4tKgNHf5sBSUzqtsZU0rFmjlUs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 05:42:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 146 (0x92) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C5E0, serialNumber=078B4A80D1DFE6C052533AADB19534AC59A3954B Validity Not Before: May 15 05:42:22 2025 GMT Not After : May 22 05:42:22 2025 GMT Subject: CN=68257ebe-a0df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:5a:92:b1:10:ff:21:50:95:bb:4f:f9:9c:d7: a6:ee:0b:27:41:91:5c:4d:9a:25:51:f9:87:1e:7b: 99:cf:58:19:93:12:3e:aa:ac:ea:d1:4a:a6:77:8b: 6f:c7:ac:2a:b2:25:87:e1:17:bd:06:36:f3:05:98: 8b:e3:18:b5:f6:20:dc:77:e5:77:03:a3:38:95:66: cb:ae:25:fc:06:c3:c2:ee:da:12:04:6e:63:ba:6f: e1:af:b4:7c:a1:80:4a:ee:81:b4:17:c3:73:1d:9d: 4e:2e:d2:a6:71:b1:c9:75:00:c2:c5:7f:ee:70:2d: 18:60:31:7b:e5:9b:b1:2b:ac:3d:2e:be:14:b8:a8: 27:a4:91:52:b9:71:64:79:d6:3a:ec:f2:7c:c6:32: 57:d8:f7:39:57:c0:d1:28:ed:36:58:79:e1:08:03: 25:65:9a:c3:b0:16:aa:c1:88:21:97:36:7e:6f:ab: 85:5d:ad:46:3c:a3:ef:b5:43:e7:98:ef:cc:5b:c0: 74:fa:9a:f3:35:00:8a:17:78:7a:50:ea:0e:bc:e4: 63:06:45:f1:32:4f:f1:19:89:da:1d:d6:4e:4b:52: 3b:27:01:21:0c:36:04:17:b2:10:04:4d:75:e2:90: 40:bf:72:e2:79:06:63:53:c3:54:30:34:2a:5a:6a: 43:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:39:DB:43:FC:25:03:C2:33:ED:F4:2C:25:CB:A0:33:7F:2A:15:86 X509v3 Authority Key Identifier: keyid:07:8B:4A:80:D1:DF:E6:C0:52:53:3A:AD:B1:95:34:AC:59:A3:95:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/B4tKgNHf5sBSUzqtsZU0rFmjlUs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B4tKgNHf5sBSUzqtsZU0rFmjlUs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C5E0/8720AB185A1711EFAA22A729C4F9AE02/B4tKgNHf5sBSUzqtsZU0rFmjlUs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:9e:c8:b6:00:f4:ff:e5:00:03:79:66:13:e9:07:79:9f:d0: 29:97:09:75:62:f3:1f:bc:d2:55:55:3e:78:96:90:ce:91:01: 64:42:ce:64:11:2a:a5:0e:79:f9:94:ab:bb:10:44:fd:9e:a4: 7a:0d:d7:9c:ac:6b:9e:dd:ae:d9:1b:a6:e6:32:92:fb:5a:9d: 59:39:b1:96:7a:31:fd:d3:82:ac:03:ef:cd:95:e7:65:55:17: 7e:80:00:6e:21:6e:6d:11:b5:3a:3b:44:a3:be:61:20:77:bf: 5e:f9:40:ea:44:43:e9:8a:6c:76:37:2f:14:20:61:4e:98:93: be:35:39:88:d9:ed:57:04:d0:19:27:aa:d4:f5:a8:3c:9a:9f: 6d:e7:fc:3c:e8:86:fb:7e:10:6f:59:40:d7:fb:dc:1b:fb:5d: e1:c5:35:fb:f6:39:ca:4e:7f:2c:eb:a9:f1:55:1a:13:14:88: b7:61:16:1a:b4:ca:06:c2:a6:6a:6e:8c:c4:9d:cc:57:bb:4b: 30:90:fc:19:4b:02:ad:0d:a4:6a:09:b8:7a:02:df:89:89:7b: 91:02:01:fb:a2:3d:c0:b9:7e:af:4b:4e:b5:f9:96:f0:7e:cd: 49:aa:41:c1:cf:8f:46:5e:e7:dc:a2:15:52:b8:5c:75:ce:4f: b0:06:4d:3c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0M1RTAxMTAvBgNVBAUTKDA3OEI0QTgwRDFERkU2QzA1MjUzM0FBREIxOTUzNEFD NTlBMzk1NEIwHhcNMjUwNTE1MDU0MjIyWhcNMjUwNTIyMDU0MjIyWjAYMRYwFAYD VQQDEw02ODI1N2ViZS1hMGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzFqSsRD/IVCVu0/5nNem7gsnQZFcTZolUfmHHnuZz1gZkxI+qqzq0Uqmd4tv x6wqsiWH4Re9BjbzBZiL4xi19iDcd+V3A6M4lWbLriX8BsPC7toSBG5jum/hr7R8 oYBK7oG0F8NzHZ1OLtKmcbHJdQDCxX/ucC0YYDF75ZuxK6w9Lr4UuKgnpJFSuXFk edY67PJ8xjJX2Pc5V8DRKO02WHnhCAMlZZrDsBaqwYghlzZ+b6uFXa1GPKPvtUPn mO/MW8B0+przNQCKF3h6UOoOvORjBkXxMk/xGYnaHdZOS1I7JwEhDDYEF7IQBE11 4pBAv3LieQZjU8NUMDQqWmpD/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEQ520P8 JQPCM+30LCXLoDN/KhWGMB8GA1UdIwQYMBaAFAeLSoDR3+bAUlM6rbGVNKxZo5VL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzVFMC84NzIwQUIxODVB MTcxMUVGQUEyMkE3MjlDNEY5QUUwMi9CNHRLZ05IZjVzQlNVenF0c1pVMHJGbWps VXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0I0dEtnTkhmNXNCU1V6cXRzWlUwckZtamxVcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzVFMC84NzIwQUIxODVBMTcxMUVGQUEyMkE3MjlDNEY5QUUwMi9CNHRLZ05IZjVz QlNVenF0c1pVMHJGbWpsVXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBYnsi2APT/5QADeWYT6Qd5n9Aplwl1YvMfvNJVVT54lpDOkQFkQs5k ESqlDnn5lKu7EET9nqR6DdecrGue3a7ZG6bmMpL7Wp1ZObGWejH904KsA+/Nledl VRd+gABuIW5tEbU6O0SjvmEgd79e+UDqREPpimx2Ny8UIGFOmJO+NTmI2e1XBNAZ J6rU9ag8mp9t5/w86Ib7fhBvWUDX+9wb+13hxTX79jnKTn8s66nxVRoTFIi3YRYa tMoGwqZqbozEncxXu0swkPwZSwKtDaRqCbh6At+JiXuRAgH7oj3AuX6vS061+Zbw fs1JqkHBz49GXufcohVSuFx1zk+wBk08 -----END CERTIFICATE-----Generated at Sat May 17 06:09:49 2025 by rpki-client