$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB457/5AF661021C9811EAB4743F0FC4F9AE02/BQ5HmwmNZLazhlsr5GiFdeotTVE.mft File: BQ5HmwmNZLazhlsr5GiFdeotTVE.mft (raw, json) Hash identifier: /kEtvfk9P9aqcEbrzT7ZfvOijXz90zEtDbACcuIMmYU= Subject key identifier: F7:ED:85:E1:28:AA:25:F5:BB:02:17:52:BA:98:84:81:F8:44:90:53 Authority key identifier: 05:0E:47:9B:09:8D:64:B6:B3:86:5B:2B:E4:68:85:75:EA:2D:4D:51 Certificate issuer: /CN=A91AB457/serialNumber=050E479B098D64B6B3865B2BE4688575EA2D4D51 Certificate serial: 0BB9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQ5HmwmNZLazhlsr5GiFdeotTVE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB457/5AF661021C9811EAB4743F0FC4F9AE02/BQ5HmwmNZLazhlsr5GiFdeotTVE.mft Manifest number: 0BB9 Signing time: Sat 10 May 2025 18:40:51 +0000 Manifest this update: Sat 10 May 2025 18:40:51 +0000 Manifest next update: Sat 17 May 2025 18:40:51 +0000 Files and hashes: 1: BQ5HmwmNZLazhlsr5GiFdeotTVE.crl (hash: uXBRF4pYsDKj5wc6Qzs4Fj8o0gxQApYw41MaAai1wuY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB457/5AF661021C9811EAB4743F0FC4F9AE02/BQ5HmwmNZLazhlsr5GiFdeotTVE.crl rsync://rpki.apnic.net/member_repository/A91AB457/5AF661021C9811EAB4743F0FC4F9AE02/BQ5HmwmNZLazhlsr5GiFdeotTVE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQ5HmwmNZLazhlsr5GiFdeotTVE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 18:40:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3001 (0xbb9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB457, serialNumber=050E479B098D64B6B3865B2BE4688575EA2D4D51 Validity Not Before: May 10 18:40:51 2025 GMT Not After : May 17 18:40:51 2025 GMT Subject: CN=681f9db3-9086 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:2d:ef:b3:51:52:c2:b7:77:7b:bf:86:b8:38: e2:d0:3d:62:f4:3a:41:ea:5d:27:60:3e:d0:eb:4c: ae:29:3e:8d:7d:ec:a9:5d:fe:02:91:27:3f:95:53: 1a:ef:56:29:aa:e2:86:b2:4b:98:e5:cf:1f:26:b0: d2:05:ef:ad:6d:85:7b:d0:46:2d:a9:7d:93:88:e3: 1c:bb:58:7a:84:ab:7f:b8:fb:9d:b0:98:fd:b8:9c: 7e:10:77:d0:ec:55:0c:5f:09:73:95:dd:96:28:00: 6a:2a:f2:1c:b3:b7:25:84:e1:d1:8c:a4:d5:c3:83: fd:6a:9f:92:e0:ae:37:c0:7a:bb:76:c1:fd:67:34: b6:a4:bb:e2:19:68:0c:98:39:8e:df:df:41:d5:4b: 6f:ce:ee:01:bf:0e:7f:95:70:65:33:43:bb:f0:50: 99:13:05:01:ce:25:cd:5c:c3:d7:0a:dc:0a:a0:a2: af:6c:af:bf:1c:0d:cb:ff:b2:6a:65:d3:65:b1:9f: 8f:81:50:01:8b:49:6a:df:91:d2:b1:60:7b:3f:a0: c8:55:80:f2:1f:5a:4b:d8:0c:f9:20:72:5c:ef:76: ed:db:c0:1b:ae:a6:48:38:89:03:90:88:dd:a0:16: d3:eb:d6:f2:cf:b5:94:9e:07:e4:2a:7b:1e:a2:df: 54:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:ED:85:E1:28:AA:25:F5:BB:02:17:52:BA:98:84:81:F8:44:90:53 X509v3 Authority Key Identifier: keyid:05:0E:47:9B:09:8D:64:B6:B3:86:5B:2B:E4:68:85:75:EA:2D:4D:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB457/5AF661021C9811EAB4743F0FC4F9AE02/BQ5HmwmNZLazhlsr5GiFdeotTVE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BQ5HmwmNZLazhlsr5GiFdeotTVE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB457/5AF661021C9811EAB4743F0FC4F9AE02/BQ5HmwmNZLazhlsr5GiFdeotTVE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:4a:8f:53:28:0e:27:d8:aa:6e:21:c2:15:b8:d7:4d:8a:cb: 78:aa:e9:d1:3d:24:37:64:ea:0f:28:08:e2:73:19:0f:eb:35: b1:84:68:51:47:af:da:1f:90:47:0e:bb:a5:e5:9c:7a:a0:33: a8:d6:16:73:65:70:16:a5:1a:51:42:9f:f7:25:bd:3f:14:81: fe:99:03:81:57:d7:f1:d4:27:77:5e:d3:f7:f9:94:af:f5:86: 76:d5:20:bc:dc:68:b2:c8:37:fe:7a:41:a5:31:48:6c:11:d1: 6b:63:38:e0:6e:11:7d:d9:70:97:68:7d:6e:59:3e:77:dd:d0: c2:71:81:00:5b:7f:0a:92:7d:15:ce:1f:5f:c9:bf:0a:83:7c: 46:0a:a0:25:a8:57:b2:80:0e:f6:e5:ca:7e:23:3d:f0:ba:dd: a7:e9:1f:96:d6:61:3e:b3:1b:dc:9d:02:e9:f6:1a:01:0c:72: cb:09:87:bb:95:2c:87:e8:df:5a:dc:96:0a:91:1d:46:47:ec: db:9c:d5:b4:d1:5e:d9:30:bb:a8:f2:a9:1f:62:76:67:11:ba: fd:b1:99:94:33:9e:51:57:cb:ec:46:87:fe:82:83:99:96:96: f8:74:cf:81:4f:1d:0f:06:1f:b5:e1:55:26:99:25:ab:38:7e: ae:34:8e:c1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC7kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUI0NTcxMTAvBgNVBAUTKDA1MEU0NzlCMDk4RDY0QjZCMzg2NUIyQkU0Njg4NTc1 RUEyRDRENTEwHhcNMjUwNTEwMTg0MDUxWhcNMjUwNTE3MTg0MDUxWjAYMRYwFAYD VQQDEw02ODFmOWRiMy05MDg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqC3vs1FSwrd3e7+GuDji0D1i9DpB6l0nYD7Q60yuKT6NfeypXf4CkSc/lVMa 71YpquKGskuY5c8fJrDSBe+tbYV70EYtqX2TiOMcu1h6hKt/uPudsJj9uJx+EHfQ 7FUMXwlzld2WKABqKvIcs7clhOHRjKTVw4P9ap+S4K43wHq7dsH9ZzS2pLviGWgM mDmO399B1Utvzu4Bvw5/lXBlM0O78FCZEwUBziXNXMPXCtwKoKKvbK+/HA3L/7Jq ZdNlsZ+PgVABi0lq35HSsWB7P6DIVYDyH1pL2Az5IHJc73bt28AbrqZIOIkDkIjd oBbT69byz7WUngfkKnseot9UOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPftheEo qiX1uwIXUrqYhIH4RJBTMB8GA1UdIwQYMBaAFAUOR5sJjWS2s4ZbK+RohXXqLU1R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjQ1Ny81QUY2NjEwMjFD OTgxMUVBQjQ3NDNGMEZDNEY5QUUwMi9CUTVIbXdtTlpMYXpobHNyNUdpRmRlb3RU VkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JRNUhtd21OWkxhemhsc3I1R2lGZGVvdFRWRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjQ1Ny81QUY2NjEwMjFDOTgxMUVBQjQ3NDNGMEZDNEY5QUUwMi9CUTVIbXdtTlpM YXpobHNyNUdpRmRlb3RUVkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkSo9TKA4n2KpuIcIVuNdNist4qunRPSQ3ZOoPKAjicxkP6zWxhGhR R6/aH5BHDrul5Zx6oDOo1hZzZXAWpRpRQp/3Jb0/FIH+mQOBV9fx1Cd3XtP3+ZSv 9YZ21SC83GiyyDf+ekGlMUhsEdFrYzjgbhF92XCXaH1uWT533dDCcYEAW38Kkn0V zh9fyb8Kg3xGCqAlqFeygA725cp+Iz3wut2n6R+W1mE+sxvcnQLp9hoBDHLLCYe7 lSyH6N9a3JYKkR1GR+zbnNW00V7ZMLuo8qkfYnZnEbr9sZmUM55RV8vsRof+goOZ lpb4dM+BTx0PBh+14VUmmSWrOH6uNI7B -----END CERTIFICATE-----Generated at Sun May 11 10:33:08 2025 by rpki-client