$ rpki-client -vvf rpki.apnic.net/member_repository/A91867F1/809D715C591A11EA9692AA3CC4F9AE02/s5MbVo8uudLtLKTWS-vAhvuduJo.mft File: s5MbVo8uudLtLKTWS-vAhvuduJo.mft (raw, json) Hash identifier: 2At4ZRXldarsGQkPn92W7gmTybeipN8d55J4UGSQauw= Subject key identifier: 60:0A:89:05:A1:08:85:B4:3C:FC:FF:52:7D:EF:F9:F3:06:6F:49:36 Authority key identifier: B3:93:1B:56:8F:2E:B9:D2:ED:2C:A4:D6:4B:EB:C0:86:FB:9D:B8:9A Certificate issuer: /CN=A91867F1/serialNumber=B3931B568F2EB9D2ED2CA4D64BEBC086FB9DB89A Certificate serial: 0A8F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5MbVo8uudLtLKTWS-vAhvuduJo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91867F1/809D715C591A11EA9692AA3CC4F9AE02/s5MbVo8uudLtLKTWS-vAhvuduJo.mft Manifest number: 0A88 Signing time: Mon 12 May 2025 19:26:20 +0000 Manifest this update: Mon 12 May 2025 19:26:20 +0000 Manifest next update: Mon 19 May 2025 19:26:20 +0000 Files and hashes: 1: s5MbVo8uudLtLKTWS-vAhvuduJo.crl (hash: S8M1/2fh/4yR35Ehjrx5SeGqa8dtPld9/nFsGbijPfw=) 2: 6FEF33E05C2B11EAAE63403FC4F9AE02.roa (hash: OjmKjbirK1HOaPuAuxNpB1VjEustiEgzLqIxeeZ+0sM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91867F1/809D715C591A11EA9692AA3CC4F9AE02/s5MbVo8uudLtLKTWS-vAhvuduJo.crl rsync://rpki.apnic.net/member_repository/A91867F1/809D715C591A11EA9692AA3CC4F9AE02/s5MbVo8uudLtLKTWS-vAhvuduJo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5MbVo8uudLtLKTWS-vAhvuduJo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 19:26:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2703 (0xa8f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91867F1, serialNumber=B3931B568F2EB9D2ED2CA4D64BEBC086FB9DB89A Validity Not Before: May 12 19:26:20 2025 GMT Not After : May 19 19:26:20 2025 GMT Subject: CN=68224b5c-fdab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:6a:68:58:3d:bb:8f:91:c9:21:94:69:13:c3: dd:c0:cf:28:2c:02:16:32:9e:15:db:de:44:56:c2: bc:73:b4:40:71:44:15:e2:9f:49:b2:fe:18:db:d1: 8a:77:d3:91:05:56:c6:89:c1:87:70:a7:a7:a3:f5: f1:4a:6d:ee:58:85:96:58:f9:19:77:fd:5f:51:0d: 8b:57:e2:6e:dd:de:8b:34:a2:0d:1a:9e:79:1e:4a: 45:49:0c:b2:56:e4:68:75:7e:09:4b:e8:e7:ae:36: f9:af:89:93:e0:03:4d:bf:f6:c1:f1:ac:2d:85:52: 1f:2d:8c:5f:d9:8a:f0:2c:22:9a:26:4c:a5:56:58: 70:b4:0d:78:fc:f4:98:cb:39:ea:fe:67:3f:43:53: 16:0f:6b:ce:40:f3:2a:8b:fb:30:16:33:8d:d9:f2: f3:ff:95:bf:c9:d9:00:ac:d7:e0:3a:88:23:c0:86: 06:ae:05:39:67:9f:f0:a1:ee:25:31:51:2d:5f:a0: 67:06:d3:d8:4d:79:06:b0:b5:bb:dd:cb:f6:f0:66: 88:99:30:79:7d:82:b7:e8:bc:56:fa:e4:6d:47:ba: 2d:50:12:e8:d3:df:88:e5:5a:3a:71:56:18:ef:a6: b4:12:d8:22:74:dc:07:57:70:1c:44:cb:1d:02:50: 33:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:0A:89:05:A1:08:85:B4:3C:FC:FF:52:7D:EF:F9:F3:06:6F:49:36 X509v3 Authority Key Identifier: keyid:B3:93:1B:56:8F:2E:B9:D2:ED:2C:A4:D6:4B:EB:C0:86:FB:9D:B8:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91867F1/809D715C591A11EA9692AA3CC4F9AE02/s5MbVo8uudLtLKTWS-vAhvuduJo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5MbVo8uudLtLKTWS-vAhvuduJo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91867F1/809D715C591A11EA9692AA3CC4F9AE02/s5MbVo8uudLtLKTWS-vAhvuduJo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6e:0a:ab:79:0d:95:42:11:8e:2f:7c:19:72:20:37:b6:70:95: 08:78:7d:08:cf:b3:e5:53:3d:ed:9b:9a:2d:03:5c:a6:84:2a: c3:67:a3:aa:29:e3:d3:47:fa:55:2d:68:f0:ba:dd:da:b8:be: 24:1d:d7:a7:8e:c0:d2:5d:c3:76:90:6d:15:97:e5:44:08:2a: da:08:f8:67:d9:ca:d5:5e:dd:91:47:f5:c0:71:85:f8:f7:d3: 05:16:11:c6:8e:ad:a0:0d:7e:04:75:09:1a:7a:dd:08:33:fa: 55:ee:f1:b5:d9:e7:62:37:1c:ae:57:2c:c0:40:b1:f2:2e:65: 06:9f:cc:05:e7:75:fa:11:14:3c:e3:b4:86:e2:ae:83:ac:c4: 0b:4e:b8:74:c6:d5:38:52:69:b7:bc:19:6c:c7:ed:ef:82:d7: fc:de:87:2e:2f:eb:37:33:ec:e9:a4:a2:f8:8b:04:fc:9d:c1: ea:32:6b:67:64:18:5e:fb:f5:d0:e8:52:8c:43:d5:fe:09:9b: 7b:8e:ef:56:14:45:d6:1e:11:dc:32:53:e6:66:78:e1:1b:d5: e7:45:44:e4:2b:0e:b6:df:5a:22:67:15:ff:0a:2f:72:6a:a7: 74:78:61:2e:f8:f8:e4:d2:a0:d7:0a:30:47:83:c0:c7:e4:4b: 2a:87:f8:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODY3RjExMTAvBgNVBAUTKEIzOTMxQjU2OEYyRUI5RDJFRDJDQTRENjRCRUJDMDg2 RkI5REI4OUEwHhcNMjUwNTEyMTkyNjIwWhcNMjUwNTE5MTkyNjIwWjAYMRYwFAYD VQQDEw02ODIyNGI1Yy1mZGFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw2poWD27j5HJIZRpE8PdwM8oLAIWMp4V295EVsK8c7RAcUQV4p9Jsv4Y29GK d9ORBVbGicGHcKeno/XxSm3uWIWWWPkZd/1fUQ2LV+Ju3d6LNKINGp55HkpFSQyy VuRodX4JS+jnrjb5r4mT4ANNv/bB8awthVIfLYxf2YrwLCKaJkylVlhwtA14/PSY yznq/mc/Q1MWD2vOQPMqi/swFjON2fLz/5W/ydkArNfgOogjwIYGrgU5Z5/woe4l MVEtX6BnBtPYTXkGsLW73cv28GaImTB5fYK36LxW+uRtR7otUBLo09+I5Vo6cVYY 76a0EtgidNwHV3AcRMsdAlAziwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGAKiQWh CIW0PPz/Un3v+fMGb0k2MB8GA1UdIwQYMBaAFLOTG1aPLrnS7Syk1kvrwIb7nbia MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NjdGMS84MDlENzE1QzU5 MUExMUVBOTY5MkFBM0NDNEY5QUUwMi9zNU1iVm84dXVkTHRMS1RXUy12QWh2dWR1 Sm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3M1TWJWbzh1dWRMdExLVFdTLXZBaHZ1ZHVKby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NjdGMS84MDlENzE1QzU5MUExMUVBOTY5MkFBM0NDNEY5QUUwMi9zNU1iVm84dXVk THRMS1RXUy12QWh2dWR1Sm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBuCqt5DZVCEY4vfBlyIDe2cJUIeH0Iz7PlUz3tm5otA1ymhCrDZ6Oq KePTR/pVLWjwut3auL4kHdenjsDSXcN2kG0Vl+VECCraCPhn2crVXt2RR/XAcYX4 99MFFhHGjq2gDX4EdQkaet0IM/pV7vG12ediNxyuVyzAQLHyLmUGn8wF53X6ERQ8 47SG4q6DrMQLTrh0xtU4Umm3vBlsx+3vgtf83ocuL+s3M+zppKL4iwT8ncHqMmtn ZBhe+/XQ6FKMQ9X+CZt7ju9WFEXWHhHcMlPmZnjhG9XnRUTkKw6231oiZxX/Ci9y aqd0eGEu+Pjk0qDXCjBHg8DH5Esqh/iT -----END CERTIFICATE-----Generated at Wed May 14 10:44:53 2025 by rpki-client