$ rpki-client -vvf rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft File: iOe1QfQimNbptRZdllJGzBzB9aI.mft (raw, json) Hash identifier: f0i6fJArzEip6e6N5vkryzNuolDJWqQH/FAtpbsCGjo= Subject key identifier: D3:5A:3A:71:B0:08:CD:EF:3C:DC:B2:D7:AE:7A:D9:E8:64:BB:37:2B Authority key identifier: 88:E7:B5:41:F4:22:98:D6:E9:B5:16:5D:96:52:46:CC:1C:C1:F5:A2 Certificate issuer: /CN=A91A9D0F/serialNumber=88E7B541F42298D6E9B5165D965246CC1CC1F5A2 Certificate serial: 0F59 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iOe1QfQimNbptRZdllJGzBzB9aI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft Manifest number: 0F1E Signing time: Mon 12 May 2025 17:34:25 +0000 Manifest this update: Mon 12 May 2025 17:34:24 +0000 Manifest next update: Mon 19 May 2025 17:34:24 +0000 Files and hashes: 1: iOe1QfQimNbptRZdllJGzBzB9aI.crl (hash: xSUzOkd23wFdUmRzKi1qVZbiHv8M2r2p0ejWTa+49jc=) 2: 13C1EDA8767911EE9A957930C4F9AE02.roa (hash: rMgdKojSnMQn5zP9ArOeE344pCaixcohoQsewhOoy54=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.crl rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iOe1QfQimNbptRZdllJGzBzB9aI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 17:34:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3929 (0xf59) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A9D0F, serialNumber=88E7B541F42298D6E9B5165D965246CC1CC1F5A2 Validity Not Before: May 12 17:34:24 2025 GMT Not After : May 19 17:34:24 2025 GMT Subject: CN=68223121-9790 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:ea:e6:cb:a2:e1:de:9d:ae:de:04:6c:81:ee: c5:81:a3:dc:f0:91:69:53:76:9e:40:7c:b0:53:c0: ff:64:75:0a:53:23:65:c4:d3:85:3f:3a:8a:be:0d: 7b:1c:0f:f1:bc:1d:7a:77:83:35:7b:da:27:fb:fc: d8:0a:82:98:b1:93:4e:8b:08:dc:16:2f:3f:10:e8: 1c:ab:53:b5:2f:4c:84:a3:a4:45:a5:00:73:8a:e7: 79:14:a8:4f:8a:db:b5:79:93:af:a5:db:48:fd:03: 0a:19:f8:5b:c0:97:42:85:50:7a:a8:a9:59:c5:73: cb:dc:cb:79:f5:85:72:21:f3:eb:cf:4a:29:d9:be: 06:e4:6e:67:c7:09:28:c0:01:c8:84:51:26:6d:97: 73:6c:ad:bb:fb:c9:c1:33:72:a3:55:aa:d4:b1:77: 76:ee:d4:93:20:5f:e8:c1:67:4a:2f:54:17:43:d5: 3f:56:59:08:18:b9:3d:7f:62:f1:c2:dc:5b:b7:b6: 5a:64:a1:71:d0:14:77:9d:f6:2f:43:8f:e2:61:8b: 18:4a:9f:b1:42:f6:54:02:e9:e4:b2:ef:54:df:3e: 9f:5b:1f:ae:9a:86:a4:7f:b5:10:1b:77:14:86:8c: c0:26:bd:a7:92:8d:9c:3e:91:ab:31:43:7a:45:c1: 14:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:5A:3A:71:B0:08:CD:EF:3C:DC:B2:D7:AE:7A:D9:E8:64:BB:37:2B X509v3 Authority Key Identifier: keyid:88:E7:B5:41:F4:22:98:D6:E9:B5:16:5D:96:52:46:CC:1C:C1:F5:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iOe1QfQimNbptRZdllJGzBzB9aI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:7e:98:4c:23:ab:b2:2d:c1:06:ff:55:03:c9:57:ed:70:4f: 95:fb:d2:76:9d:4c:29:1e:de:3c:ba:43:68:64:1e:f8:e2:f0: b6:0f:a1:f3:4e:5d:b8:01:97:e4:8e:70:6f:fa:a7:08:a9:5e: 77:be:0a:4f:f3:23:85:f3:d9:d6:e4:88:01:71:74:d1:e5:b1: 88:c6:b8:3f:33:c5:01:d4:95:36:92:2e:89:b6:bf:79:e0:66: ee:89:20:4a:7c:8d:e1:fa:ac:2f:f7:c2:5b:bb:78:b1:dc:4d: 79:98:43:dd:26:b8:f9:5c:01:14:4e:8a:0f:0b:28:53:ea:8d: ad:ec:c6:de:1c:05:d2:07:ea:f9:4c:5b:55:16:ed:27:eb:b2: e4:80:b3:41:35:b8:21:03:f6:71:df:4b:e3:bd:d3:fa:3c:04: 98:9d:92:b3:2f:2b:b8:3f:aa:26:2f:8e:5b:6f:b3:2b:4a:76: 84:85:c5:e3:cf:51:14:73:af:b8:03:d7:15:76:dc:26:ea:bd: 1a:e8:27:c1:8c:cb:ca:8d:e2:7a:2c:41:af:33:1e:04:bc:b5: e7:d0:4e:4e:79:c9:24:88:e6:ea:3c:4a:17:d0:e5:1c:13:fa: 77:59:3a:b9:6b:4e:11:bd:ed:74:32:aa:83:28:1a:69:dc:83: 1f:cd:d0:16 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD1kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTlEMEYxMTAvBgNVBAUTKDg4RTdCNTQxRjQyMjk4RDZFOUI1MTY1RDk2NTI0NkND MUNDMUY1QTIwHhcNMjUwNTEyMTczNDI0WhcNMjUwNTE5MTczNDI0WjAYMRYwFAYD VQQDEw02ODIyMzEyMS05NzkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzermy6Lh3p2u3gRsge7FgaPc8JFpU3aeQHywU8D/ZHUKUyNlxNOFPzqKvg17 HA/xvB16d4M1e9on+/zYCoKYsZNOiwjcFi8/EOgcq1O1L0yEo6RFpQBziud5FKhP itu1eZOvpdtI/QMKGfhbwJdChVB6qKlZxXPL3Mt59YVyIfPrz0op2b4G5G5nxwko wAHIhFEmbZdzbK27+8nBM3KjVarUsXd27tSTIF/owWdKL1QXQ9U/VlkIGLk9f2Lx wtxbt7ZaZKFx0BR3nfYvQ4/iYYsYSp+xQvZUAunksu9U3z6fWx+umoakf7UQG3cU hozAJr2nko2cPpGrMUN6RcEUVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNNaOnGw CM3vPNyy16562ehkuzcrMB8GA1UdIwQYMBaAFIjntUH0IpjW6bUWXZZSRswcwfWi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOUQwRi83NEJFMzhENjgw Q0YxMUU5QUNENzFCNTBDNEY5QUUwMi9pT2UxUWZRaW1OYnB0UlpkbGxKR3pCekI5 YUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lPZTFRZlFpbU5icHRSWmRsbEpHekJ6QjlhSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB OUQwRi83NEJFMzhENjgwQ0YxMUU5QUNENzFCNTBDNEY5QUUwMi9pT2UxUWZRaW1O YnB0UlpkbGxKR3pCekI5YUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKfphMI6uyLcEG/1UDyVftcE+V+9J2nUwpHt48ukNoZB744vC2D6Hz Tl24AZfkjnBv+qcIqV53vgpP8yOF89nW5IgBcXTR5bGIxrg/M8UB1JU2ki6Jtr95 4GbuiSBKfI3h+qwv98Jbu3ix3E15mEPdJrj5XAEUTooPCyhT6o2t7MbeHAXSB+r5 TFtVFu0n67LkgLNBNbghA/Zx30vjvdP6PASYnZKzLyu4P6omL45bb7MrSnaEhcXj z1EUc6+4A9cVdtwm6r0a6CfBjMvKjeJ6LEGvMx4EvLXn0E5OeckkiObqPEoX0OUc E/p3WTq5a04Rve10MqqDKBpp3IMfzdAW -----END CERTIFICATE-----Generated at Wed May 14 05:00:43 2025 by rpki-client