$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB74D/1D713D08A33C11EBB12CED1AC4F9AE02/2-mhAMSp66SyzRomcTKN73j-duE.mft File: 2-mhAMSp66SyzRomcTKN73j-duE.mft (raw, json) Hash identifier: 6KflgmQNCGiWZK9tee0PCqFVdnGziWFQWxritd5EYpQ= Subject key identifier: 3C:FE:77:08:93:7E:8D:73:F3:3E:47:7B:E8:DD:22:60:06:A3:9B:D2 Authority key identifier: DB:E9:A1:00:C4:A9:EB:A4:B2:CD:1A:26:71:32:8D:EF:78:FE:76:E1 Certificate issuer: /CN=A91AB74D/serialNumber=DBE9A100C4A9EBA4B2CD1A2671328DEF78FE76E1 Certificate serial: 060D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-mhAMSp66SyzRomcTKN73j-duE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB74D/1D713D08A33C11EBB12CED1AC4F9AE02/2-mhAMSp66SyzRomcTKN73j-duE.mft Manifest number: 0609 Signing time: Mon 12 May 2025 22:39:48 +0000 Manifest this update: Mon 12 May 2025 22:39:48 +0000 Manifest next update: Mon 19 May 2025 22:39:48 +0000 Files and hashes: 1: 2-mhAMSp66SyzRomcTKN73j-duE.crl (hash: NKPePLHZZ3MWVhVvd9KaXUatQlQpcL3m4aN1hEac4bQ=) 2: A0D57302A33D11EBA479491CC4F9AE02.roa (hash: 29wrV3aOIMAFp0GF5fJZDO6ldPmXnBQp+J/+s7gWVoM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB74D/1D713D08A33C11EBB12CED1AC4F9AE02/2-mhAMSp66SyzRomcTKN73j-duE.crl rsync://rpki.apnic.net/member_repository/A91AB74D/1D713D08A33C11EBB12CED1AC4F9AE02/2-mhAMSp66SyzRomcTKN73j-duE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-mhAMSp66SyzRomcTKN73j-duE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 22:39:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1549 (0x60d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB74D, serialNumber=DBE9A100C4A9EBA4B2CD1A2671328DEF78FE76E1 Validity Not Before: May 12 22:39:48 2025 GMT Not After : May 19 22:39:48 2025 GMT Subject: CN=682278b4-bb3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:a5:7c:23:68:3d:4f:09:8c:48:94:55:00:ff: c0:10:d9:d2:48:6c:c6:6a:f5:bc:11:ee:91:f9:f2: e0:93:53:43:2b:ad:c8:28:36:3c:d2:34:00:2f:f0: 76:2c:a9:91:bf:94:0d:ed:cd:78:ea:e1:35:8c:cf: 98:b0:2b:cb:a1:a2:c9:a0:f0:85:31:89:d7:02:11: 0e:9f:c6:d0:f3:3d:df:44:b6:31:f7:86:bd:aa:6c: 7c:03:93:07:bc:ac:69:98:bd:f2:82:88:fa:a1:47: 02:11:5c:00:dc:8a:1e:38:06:95:3e:76:15:f1:37: 15:eb:14:8f:b9:aa:7a:02:d8:60:d6:bf:74:aa:87: 6e:24:5a:8b:27:16:fb:e5:92:ba:50:57:19:1a:1b: 0b:21:b8:e4:ed:2f:cb:5d:12:4b:79:9e:26:df:89: 3c:89:d5:3b:1b:63:6e:ab:50:f1:08:0b:37:f1:18: ee:bf:4b:e8:54:76:30:d9:ff:7a:3e:58:27:43:f4: 18:35:41:1b:07:24:c3:64:b1:01:3c:02:11:f4:0e: 4a:d9:ca:1f:af:0f:39:5e:e5:c7:c1:4e:c6:b5:56: 0f:e7:04:dd:3a:ae:78:cb:73:d7:75:ab:3a:cd:e5: 2a:0a:d6:59:04:d3:60:d2:2e:a8:38:c1:aa:75:1c: 43:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:FE:77:08:93:7E:8D:73:F3:3E:47:7B:E8:DD:22:60:06:A3:9B:D2 X509v3 Authority Key Identifier: keyid:DB:E9:A1:00:C4:A9:EB:A4:B2:CD:1A:26:71:32:8D:EF:78:FE:76:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB74D/1D713D08A33C11EBB12CED1AC4F9AE02/2-mhAMSp66SyzRomcTKN73j-duE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-mhAMSp66SyzRomcTKN73j-duE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB74D/1D713D08A33C11EBB12CED1AC4F9AE02/2-mhAMSp66SyzRomcTKN73j-duE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c1:77:3b:1d:2b:69:38:0f:cd:53:ec:f6:f2:59:4a:c3:f6:e5: 35:2d:ce:f2:03:4a:04:79:0b:17:06:3c:a5:4c:c0:e2:fe:55: e4:80:b9:53:39:e9:e0:9f:65:d4:55:fc:75:26:2c:59:5e:55: 48:60:03:45:f0:ce:fc:14:ed:ac:a2:36:e2:4a:11:1f:51:70: 4d:0c:8b:f5:44:17:8a:b3:28:5f:60:d8:fc:3e:7d:1f:13:92: 44:eb:d3:c5:8a:36:ee:d2:17:ed:f4:82:89:be:1d:a3:16:b1: a7:0b:4e:84:4a:14:d4:c5:0b:95:5f:2e:d2:0b:57:e0:db:32: e7:15:63:0b:c9:93:2b:8d:ee:ee:60:96:e2:72:96:4e:52:28: 14:50:ca:0d:3c:d0:cc:b8:08:0e:0a:fc:58:67:99:36:30:c2: ff:56:94:4b:11:63:ea:88:ef:ae:6d:de:bc:35:9c:a7:5a:6c: cd:bc:71:d6:5b:e8:80:5f:9d:f8:59:5f:84:d8:9b:14:53:d2: ce:19:b6:a6:6f:fe:79:cc:da:6b:00:9a:ba:20:66:6f:47:34: 76:82:03:76:5c:34:73:55:c3:2b:fe:16:ed:52:5f:79:f6:64: cc:29:72:8b:b7:c9:68:25:01:4a:2e:0f:ad:72:22:92:c9:75: a6:b0:71:83 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBg0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUI3NEQxMTAvBgNVBAUTKERCRTlBMTAwQzRBOUVCQTRCMkNEMUEyNjcxMzI4REVG NzhGRTc2RTEwHhcNMjUwNTEyMjIzOTQ4WhcNMjUwNTE5MjIzOTQ4WjAYMRYwFAYD VQQDEw02ODIyNzhiNC1iYjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0qV8I2g9TwmMSJRVAP/AENnSSGzGavW8Ee6R+fLgk1NDK63IKDY80jQAL/B2 LKmRv5QN7c146uE1jM+YsCvLoaLJoPCFMYnXAhEOn8bQ8z3fRLYx94a9qmx8A5MH vKxpmL3ygoj6oUcCEVwA3IoeOAaVPnYV8TcV6xSPuap6Athg1r90qoduJFqLJxb7 5ZK6UFcZGhsLIbjk7S/LXRJLeZ4m34k8idU7G2Nuq1DxCAs38Rjuv0voVHYw2f96 PlgnQ/QYNUEbByTDZLEBPAIR9A5K2cofrw85XuXHwU7GtVYP5wTdOq54y3PXdas6 zeUqCtZZBNNg0i6oOMGqdRxDPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDz+dwiT fo1z8z5He+jdImAGo5vSMB8GA1UdIwQYMBaAFNvpoQDEqeukss0aJnEyje94/nbh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjc0RC8xRDcxM0QwOEEz M0MxMUVCQjEyQ0VEMUFDNEY5QUUwMi8yLW1oQU1TcDY2U3l6Um9tY1RLTjczai1k dUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzItbWhBTVNwNjZTeXpSb21jVEtONzNqLWR1RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Qjc0RC8xRDcxM0QwOEEzM0MxMUVCQjEyQ0VEMUFDNEY5QUUwMi8yLW1oQU1TcDY2 U3l6Um9tY1RLTjczai1kdUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDBdzsdK2k4D81T7PbyWUrD9uU1Lc7yA0oEeQsXBjylTMDi/lXkgLlT Oengn2XUVfx1JixZXlVIYANF8M78FO2sojbiShEfUXBNDIv1RBeKsyhfYNj8Pn0f E5JE69PFijbu0hft9IKJvh2jFrGnC06EShTUxQuVXy7SC1fg2zLnFWMLyZMrje7u YJbicpZOUigUUMoNPNDMuAgOCvxYZ5k2MML/VpRLEWPqiO+ubd68NZynWmzNvHHW W+iAX534WV+E2JsUU9LOGbamb/55zNprAJq6IGZvRzR2ggN2XDRzVcMr/hbtUl95 9mTMKXKLt8loJQFKLg+tciKSyXWmsHGD -----END CERTIFICATE-----Generated at Tue May 13 22:42:48 2025 by rpki-client