$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft File: cx5XsN_ep5G6TV1xly2oEF3JPos.mft (raw, json) Hash identifier: cnbsg117plvq9gZGdMNeJVxyYvPftZXtdcyfDqQedS0= Subject key identifier: 0B:D2:AE:8C:4C:17:39:82:A1:69:F1:20:3B:50:E6:FE:98:D4:0D:08 Authority key identifier: 73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B Certificate issuer: /CN=A91AA444/serialNumber=731E57B0DFDEA791BA4D5D71972DA8105DC93E8B Certificate serial: FF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft Manifest number: FD Signing time: Tue 13 May 2025 04:21:20 +0000 Manifest this update: Tue 13 May 2025 04:21:19 +0000 Manifest next update: Tue 20 May 2025 04:21:19 +0000 Files and hashes: 1: cx5XsN_ep5G6TV1xly2oEF3JPos.crl (hash: lBhAELs4+cDx9Zqlh0jx/cLeRooX5iFljOyESQaWgdE=) 2: 24DD519CEEA311EFA5EDDD76C4F9AE02.roa (hash: +mEj5z+agEcnRzWZMjR0oYobGLfQGCXmi+n1VzU085s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.crl rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 04:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 255 (0xff) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA444, serialNumber=731E57B0DFDEA791BA4D5D71972DA8105DC93E8B Validity Not Before: May 13 04:21:19 2025 GMT Not After : May 20 04:21:19 2025 GMT Subject: CN=6822c8bf-9cef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:10:d1:f1:e3:ed:4a:44:42:b1:cb:66:44:d4: e2:55:7d:40:c5:d7:1c:7c:5e:8f:8f:aa:b5:0c:e9: 7f:d5:a6:4c:1a:59:c9:fc:75:7c:e9:d5:f8:de:c2: 90:c2:3f:52:a8:d9:8b:0e:c6:d3:9c:6b:f9:bd:e7: 52:1f:0c:0d:52:61:53:9d:26:19:c6:17:b0:40:21: b9:f0:60:4d:c7:b7:ab:a7:f8:22:59:5f:24:58:86: 1e:c5:95:61:0a:b0:86:59:f4:14:b7:cf:9e:bc:6b: 0c:5c:8d:80:03:9e:a6:bd:14:46:02:64:85:89:5e: f8:cd:b3:cb:55:bc:3d:8b:c7:83:66:f5:d8:81:06: c3:83:a6:a3:fd:86:c3:70:26:0c:79:a5:51:51:fa: bc:86:0b:55:6d:4f:72:f2:e1:b8:44:0a:44:2c:f0: d0:23:58:21:fe:4c:d0:e4:02:9f:4c:16:43:1a:59: 5d:fb:84:47:2b:55:68:eb:9c:fb:ad:f3:86:4b:75: 62:02:0a:30:29:12:90:5e:2d:c4:e7:80:5b:ad:4c: 23:43:08:69:1b:f5:d5:1d:d1:a6:19:80:16:03:c1: a6:99:1e:a0:01:e7:dc:74:5d:f0:b2:a3:ea:e5:2b: 63:8b:90:e9:ec:d2:b1:f1:5e:07:c7:11:08:f6:61: ac:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:D2:AE:8C:4C:17:39:82:A1:69:F1:20:3B:50:E6:FE:98:D4:0D:08 X509v3 Authority Key Identifier: keyid:73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ca:48:a0:7c:8d:87:95:09:4d:4a:76:b4:72:79:52:0b:cb:b5: 5e:d0:ab:ca:7a:d7:94:6a:97:82:40:bb:cb:4e:77:39:ef:dd: 5f:06:1e:5c:97:5c:82:2d:ff:96:39:ac:5b:38:3d:3f:e3:48: 9b:68:24:d8:86:35:83:e4:fc:2d:ce:ae:95:a3:17:42:fa:1b: 9d:e8:a7:0c:dc:55:16:fc:05:1f:66:72:fa:54:f6:bc:02:ac: a5:0e:1e:23:95:38:6d:34:9d:3e:44:33:a6:08:2a:28:2c:aa: a5:36:e3:bd:43:a5:f3:f7:83:59:0f:9d:06:26:c7:c9:1e:91: 1f:53:4d:32:54:c7:84:94:87:fc:a8:bf:48:66:1f:ef:18:ff: 58:8b:72:62:86:98:a7:3c:d4:38:81:0a:04:d1:6c:e2:88:ab: 0b:20:7d:36:ef:cb:a1:08:9b:3a:e9:39:9e:93:c9:65:88:a5: 09:cd:0f:17:85:c3:8f:29:1d:d5:39:aa:9f:91:43:aa:76:d3: 86:04:a2:15:5d:16:65:d9:8d:bd:51:c2:07:33:a7:b3:91:d5: 6e:1a:d1:68:c5:49:ba:07:e2:8f:5b:17:64:2e:73:57:ec:7c: c2:00:9b:b5:6e:51:9c:3c:43:b3:a1:79:41:92:4a:a1:f5:5d: 0b:9a:94:d6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAP8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUE0NDQxMTAvBgNVBAUTKDczMUU1N0IwREZERUE3OTFCQTRENUQ3MTk3MkRBODEw NURDOTNFOEIwHhcNMjUwNTEzMDQyMTE5WhcNMjUwNTIwMDQyMTE5WjAYMRYwFAYD VQQDEw02ODIyYzhiZi05Y2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzRDR8ePtSkRCsctmRNTiVX1AxdccfF6Pj6q1DOl/1aZMGlnJ/HV86dX43sKQ wj9SqNmLDsbTnGv5vedSHwwNUmFTnSYZxhewQCG58GBNx7erp/giWV8kWIYexZVh CrCGWfQUt8+evGsMXI2AA56mvRRGAmSFiV74zbPLVbw9i8eDZvXYgQbDg6aj/YbD cCYMeaVRUfq8hgtVbU9y8uG4RApELPDQI1gh/kzQ5AKfTBZDGlld+4RHK1Vo65z7 rfOGS3ViAgowKRKQXi3E54BbrUwjQwhpG/XVHdGmGYAWA8GmmR6gAefcdF3wsqPq 5Stji5Dp7NKx8V4HxxEI9mGs5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAvSroxM FzmCoWnxIDtQ5v6Y1A0IMB8GA1UdIwQYMBaAFHMeV7Df3qeRuk1dcZctqBBdyT6L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ0NC84RENFMjc0QUIx MUQxMUVFQTMzNjMzMTlDNEY5QUUwMi9jeDVYc05fZXA1RzZUVjF4bHkyb0VGM0pQ b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2N4NVhzTl9lcDVHNlRWMXhseTJvRUYzSlBvcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QTQ0NC84RENFMjc0QUIxMUQxMUVFQTMzNjMzMTlDNEY5QUUwMi9jeDVYc05fZXA1 RzZUVjF4bHkyb0VGM0pQb3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDKSKB8jYeVCU1KdrRyeVILy7Ve0KvKeteUapeCQLvLTnc5791fBh5c l1yCLf+WOaxbOD0/40ibaCTYhjWD5Pwtzq6VoxdC+hud6KcM3FUW/AUfZnL6VPa8 AqylDh4jlThtNJ0+RDOmCCooLKqlNuO9Q6Xz94NZD50GJsfJHpEfU00yVMeElIf8 qL9IZh/vGP9Yi3JihpinPNQ4gQoE0WziiKsLIH0278uhCJs66Tmek8lliKUJzQ8X hcOPKR3VOaqfkUOqdtOGBKIVXRZl2Y29UcIHM6ezkdVuGtFoxUm6B+KPWxdkLnNX 7HzCAJu1blGcPEOzoXlBkkqh9V0LmpTW -----END CERTIFICATE-----Generated at Wed May 14 06:24:39 2025 by rpki-client