$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB574/F07EBA26E74111EE93E8FC6DC4F9AE02/7loKCg1eD1xijRpwW1rGj-8gxG8.mft File: 7loKCg1eD1xijRpwW1rGj-8gxG8.mft (raw, json) Hash identifier: AvBzBMIctMEFCZAkRTQZdO6xE0W5lgRPPxo6dmIqMm0= Subject key identifier: AA:8E:5B:BA:60:C9:A5:4D:DE:F1:3A:4F:CB:52:B0:48:62:D7:58:19 Authority key identifier: EE:5A:0A:0A:0D:5E:0F:5C:62:8D:1A:70:5B:5A:C6:8F:EF:20:C4:6F Certificate issuer: /CN=A91AB574/serialNumber=EE5A0A0A0D5E0F5C628D1A705B5AC68FEF20C46F Certificate serial: DA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7loKCg1eD1xijRpwW1rGj-8gxG8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB574/F07EBA26E74111EE93E8FC6DC4F9AE02/7loKCg1eD1xijRpwW1rGj-8gxG8.mft Manifest number: D7 Signing time: Sun 11 May 2025 04:25:29 +0000 Manifest this update: Sun 11 May 2025 04:25:29 +0000 Manifest next update: Sun 18 May 2025 04:25:29 +0000 Files and hashes: 1: 7loKCg1eD1xijRpwW1rGj-8gxG8.crl (hash: KKgOBR6cCSRUMJvgoLuKdSRndYvev+eM1zcG0HbcGZk=) 2: 521FC3D8E74211EE9A78EC6EC4F9AE02.roa (hash: Evu2uB2GkC2WPAp+Ym3GMN1P169UzI1o+wjhgoORlbU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB574/F07EBA26E74111EE93E8FC6DC4F9AE02/7loKCg1eD1xijRpwW1rGj-8gxG8.crl rsync://rpki.apnic.net/member_repository/A91AB574/F07EBA26E74111EE93E8FC6DC4F9AE02/7loKCg1eD1xijRpwW1rGj-8gxG8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7loKCg1eD1xijRpwW1rGj-8gxG8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 04:25:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 218 (0xda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB574, serialNumber=EE5A0A0A0D5E0F5C628D1A705B5AC68FEF20C46F Validity Not Before: May 11 04:25:29 2025 GMT Not After : May 18 04:25:29 2025 GMT Subject: CN=682026b9-eb37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:42:0b:4a:07:0c:ae:d1:cc:91:7a:60:81:73: 4c:cc:95:e0:ed:5f:82:8c:ae:98:5a:14:f5:c0:6d: b9:0c:11:3c:20:f1:0f:0c:d1:84:2d:0d:9d:db:87: 30:3d:42:06:84:11:7e:2a:dc:0d:62:b6:b9:54:27: e4:00:e0:f4:f6:b4:a0:06:75:14:c9:0a:72:36:13: b8:26:02:36:41:75:c4:65:04:77:24:88:50:f9:cb: d0:10:0b:31:27:7d:2c:f6:a0:ef:65:ac:5e:b4:62: 90:56:70:23:26:b2:68:f4:f1:f7:4f:94:75:c5:1f: e7:fb:a0:81:63:31:fe:c5:92:92:af:a6:1b:3f:e0: 0a:c6:f3:48:5c:e7:f7:ca:7b:4b:c9:18:c3:dd:8e: 4f:a5:70:d5:28:38:e3:75:17:f8:51:24:68:76:db: df:46:15:22:1a:20:5b:20:1c:93:6b:fb:2e:b5:70: c3:13:4d:2c:52:f1:1d:eb:be:c9:3d:f8:3a:2c:a0: ea:d2:ea:74:e8:dd:80:b8:bc:2f:c1:39:95:d5:a4: 7c:43:b2:33:b6:19:88:63:ec:c2:db:d2:85:43:07: 07:31:ca:e1:44:d2:1b:23:03:ea:9d:fa:ac:13:1e: 20:4f:96:6f:fb:36:d5:73:38:41:c1:4e:f7:64:fb: 4b:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:8E:5B:BA:60:C9:A5:4D:DE:F1:3A:4F:CB:52:B0:48:62:D7:58:19 X509v3 Authority Key Identifier: keyid:EE:5A:0A:0A:0D:5E:0F:5C:62:8D:1A:70:5B:5A:C6:8F:EF:20:C4:6F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB574/F07EBA26E74111EE93E8FC6DC4F9AE02/7loKCg1eD1xijRpwW1rGj-8gxG8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7loKCg1eD1xijRpwW1rGj-8gxG8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB574/F07EBA26E74111EE93E8FC6DC4F9AE02/7loKCg1eD1xijRpwW1rGj-8gxG8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a8:f3:0f:fe:6d:a1:b9:dc:f8:d6:30:a4:40:e1:c1:9d:b4:34: 8c:b1:d6:c1:a7:f7:72:2e:6a:c3:46:fc:99:e5:fa:2a:1e:d6: b8:53:36:c3:fa:4c:62:d5:47:d4:99:e8:eb:3c:53:26:1f:cb: ce:1b:a8:e8:81:1f:f9:04:ed:f6:d4:e0:7e:95:ce:57:6f:ea: d0:37:57:67:30:a1:2a:de:92:9a:f5:b1:2f:ab:67:c6:b2:e6: 59:9c:b1:47:4c:45:77:35:72:d5:77:82:a4:28:f8:0f:34:b6: b6:75:92:36:40:9a:ed:06:4a:92:5a:f7:a3:12:1e:1a:9b:50: 64:50:cb:c9:48:03:e7:8f:4f:1d:8a:56:84:02:7e:64:7a:76: a9:b4:cf:08:df:0a:55:cf:32:20:82:c3:27:73:da:d7:18:34: 2a:6d:37:30:3a:74:d5:f8:c4:b7:47:20:81:27:8f:d9:05:78: 58:15:d2:2b:a8:cb:3f:d9:eb:ca:b5:dc:ce:c0:00:c5:00:3a: cd:de:88:9f:8a:fe:d0:c3:4e:2e:4d:23:b2:af:51:5f:50:fe: 55:71:53:6d:52:e4:87:16:3f:05:0f:49:94:fe:ef:7e:9e:84: d5:f3:32:16:a1:f5:47:fd:a8:dc:a3:8c:9f:96:d4:0c:49:0a: 8f:7e:ba:b2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUI1NzQxMTAvBgNVBAUTKEVFNUEwQTBBMEQ1RTBGNUM2MjhEMUE3MDVCNUFDNjhG RUYyMEM0NkYwHhcNMjUwNTExMDQyNTI5WhcNMjUwNTE4MDQyNTI5WjAYMRYwFAYD VQQDEw02ODIwMjZiOS1lYjM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwkILSgcMrtHMkXpggXNMzJXg7V+CjK6YWhT1wG25DBE8IPEPDNGELQ2d24cw PUIGhBF+KtwNYra5VCfkAOD09rSgBnUUyQpyNhO4JgI2QXXEZQR3JIhQ+cvQEAsx J30s9qDvZaxetGKQVnAjJrJo9PH3T5R1xR/n+6CBYzH+xZKSr6YbP+AKxvNIXOf3 yntLyRjD3Y5PpXDVKDjjdRf4USRodtvfRhUiGiBbIByTa/sutXDDE00sUvEd677J Pfg6LKDq0up06N2AuLwvwTmV1aR8Q7IzthmIY+zC29KFQwcHMcrhRNIbIwPqnfqs Ex4gT5Zv+zbVczhBwU73ZPtLawIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKqOW7pg yaVN3vE6T8tSsEhi11gZMB8GA1UdIwQYMBaAFO5aCgoNXg9cYo0acFtaxo/vIMRv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjU3NC9GMDdFQkEyNkU3 NDExMUVFOTNFOEZDNkRDNEY5QUUwMi83bG9LQ2cxZUQxeGlqUnB3VzFyR2otOGd4 RzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdsb0tDZzFlRDF4aWpScHdXMXJHai04Z3hHOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjU3NC9GMDdFQkEyNkU3NDExMUVFOTNFOEZDNkRDNEY5QUUwMi83bG9LQ2cxZUQx eGlqUnB3VzFyR2otOGd4RzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCo8w/+baG53PjWMKRA4cGdtDSMsdbBp/dyLmrDRvyZ5foqHta4UzbD +kxi1UfUmejrPFMmH8vOG6jogR/5BO321OB+lc5Xb+rQN1dnMKEq3pKa9bEvq2fG suZZnLFHTEV3NXLVd4KkKPgPNLa2dZI2QJrtBkqSWvejEh4am1BkUMvJSAPnj08d ilaEAn5kenaptM8I3wpVzzIggsMnc9rXGDQqbTcwOnTV+MS3RyCBJ4/ZBXhYFdIr qMs/2evKtdzOwADFADrN3oifiv7Qw04uTSOyr1FfUP5VcVNtUuSHFj8FD0mU/u9+ noTV8zIWofVH/ajco4yfltQMSQqPfrqy -----END CERTIFICATE-----Generated at Sun May 11 22:13:58 2025 by rpki-client