$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft File: cJdlx9TTMfTDasa-NH-mah8CNJA.mft (raw, json) Hash identifier: 1HjH7ntLbZTRuELolG7c9R2B4Iq2/AksC5lWNF6dSA8= Subject key identifier: 5F:04:71:AC:FF:6F:1B:60:17:0C:1A:8B:4E:C3:0B:56:AC:A0:D6:0B Authority key identifier: 70:97:65:C7:D4:D3:31:F4:C3:6A:C6:BE:34:7F:A6:6A:1F:02:34:90 Certificate issuer: /CN=A91AE85E/serialNumber=709765C7D4D331F4C36AC6BE347FA66A1F023490 Certificate serial: 34DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft Manifest number: 34AA Signing time: Mon 12 May 2025 14:18:10 +0000 Manifest this update: Mon 12 May 2025 14:18:10 +0000 Manifest next update: Mon 19 May 2025 14:18:10 +0000 Files and hashes: 1: cJdlx9TTMfTDasa-NH-mah8CNJA.crl (hash: wEu6Tjb68aGKbvt6YaalvEjpsU6h4TyzreLVZTPYVnM=) 2: 392987D254F611E79DF7E643C4F9AE02.roa (hash: E8L7EMY++G+/jL4fto/6X8FIxPH0nU/qyOAGKr50fbg=) 3: 09E2DC32B12B11E59337F35AC4F9AE02.roa (hash: cZP7pPe4Y/msfUjF/3Xl+aRlpqp1LPFsqoN3iYA504I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.crl rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 14:18:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13533 (0x34dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE85E, serialNumber=709765C7D4D331F4C36AC6BE347FA66A1F023490 Validity Not Before: May 12 14:18:10 2025 GMT Not After : May 19 14:18:10 2025 GMT Subject: CN=68220322-871a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:76:28:fa:e6:dc:41:9d:54:c0:5b:0f:d0:05: 7b:90:a1:c8:5a:83:34:b8:7e:2f:51:2d:21:ef:08: 73:08:6e:ae:b6:4c:4d:69:ab:53:d2:89:b7:19:0d: 0b:d7:bb:21:9f:4e:8b:1a:0c:e7:ac:e4:2d:d9:c1: 34:de:d8:2b:4f:73:1c:18:06:fb:df:f2:22:55:58: 5e:f2:19:14:c7:19:87:f8:90:10:01:f1:91:bb:bc: 29:1d:4a:81:12:fc:59:06:c1:e8:f2:5c:64:05:ce: 1f:95:49:06:6b:43:e0:bb:6b:e5:6c:93:40:d2:84: 0f:85:a0:d5:2f:14:9c:34:48:38:15:ae:e1:74:de: 0d:50:3f:2f:dc:6d:46:e3:fb:1c:73:37:44:78:45: a3:c9:16:8d:4d:98:2c:47:06:48:1d:c7:67:b9:cc: ba:f0:91:19:19:b3:71:d4:0f:93:f2:a5:4c:a6:8f: d4:13:f0:ad:36:6f:35:9b:00:cf:3a:04:ea:6c:91: 0a:64:33:66:bb:c6:52:12:96:be:cb:98:4f:3b:bd: 03:62:7d:39:4f:0c:71:69:e8:0c:7b:6e:59:08:bb: 93:5a:0f:41:27:96:1d:c7:f9:8c:3f:4b:42:13:e9: 77:50:43:1b:a8:00:17:b4:0c:8f:b2:3f:c3:5b:e8: 76:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:04:71:AC:FF:6F:1B:60:17:0C:1A:8B:4E:C3:0B:56:AC:A0:D6:0B X509v3 Authority Key Identifier: keyid:70:97:65:C7:D4:D3:31:F4:C3:6A:C6:BE:34:7F:A6:6A:1F:02:34:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:24:c6:11:24:f5:0f:0e:dc:40:52:23:a2:e9:52:38:e5:1e: 92:de:b3:f3:f2:7c:97:91:cb:4e:21:a9:7a:4b:1b:03:ff:fa: 77:68:0f:5d:56:f8:3d:01:a5:60:b4:7c:ab:b2:dd:4c:b9:74: 66:40:53:84:3b:14:ea:77:72:14:93:df:7c:a7:69:37:f7:b8: da:94:ba:15:86:58:25:66:99:1a:9d:93:bc:ff:49:78:93:b9: d0:45:84:3b:f0:63:58:98:18:d5:cd:03:40:b8:1d:b3:91:c2: 89:f6:5b:bc:04:f7:0c:aa:94:ae:e6:e9:5c:41:e2:2f:08:6a: be:82:b8:f2:94:dd:a2:0f:d6:48:9d:99:99:d8:6e:59:eb:05: 46:51:49:1e:79:8b:34:75:de:87:2e:89:f8:3f:f9:45:20:3e: da:81:2a:56:a6:a2:03:0a:ba:5b:a9:40:72:64:37:92:a1:9c: fa:f5:31:b4:9f:e6:5e:12:79:54:35:90:d0:c0:5c:55:18:90: 50:5f:df:c0:bb:d4:e0:ae:ba:cb:69:9c:bf:74:21:b4:4b:37: 31:04:e0:7b:96:53:6a:a9:7f:fa:ac:e1:5e:ef:24:27:06:3f: 00:57:8a:6d:b4:38:08:d7:d5:f3:f0:ef:c1:bc:6b:e9:b3:a7: 45:71:36:78 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUU4NUUxMTAvBgNVBAUTKDcwOTc2NUM3RDREMzMxRjRDMzZBQzZCRTM0N0ZBNjZB MUYwMjM0OTAwHhcNMjUwNTEyMTQxODEwWhcNMjUwNTE5MTQxODEwWjAYMRYwFAYD VQQDEw02ODIyMDMyMi04NzFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsXYo+ubcQZ1UwFsP0AV7kKHIWoM0uH4vUS0h7whzCG6utkxNaatT0om3GQ0L 17shn06LGgznrOQt2cE03tgrT3McGAb73/IiVVhe8hkUxxmH+JAQAfGRu7wpHUqB EvxZBsHo8lxkBc4flUkGa0Pgu2vlbJNA0oQPhaDVLxScNEg4Fa7hdN4NUD8v3G1G 4/scczdEeEWjyRaNTZgsRwZIHcdnucy68JEZGbNx1A+T8qVMpo/UE/CtNm81mwDP OgTqbJEKZDNmu8ZSEpa+y5hPO70DYn05TwxxaegMe25ZCLuTWg9BJ5Ydx/mMP0tC E+l3UEMbqAAXtAyPsj/DW+h2SwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF8Ecaz/ bxtgFwwai07DC1asoNYLMB8GA1UdIwQYMBaAFHCXZcfU0zH0w2rGvjR/pmofAjSQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTg1RS8wQkVEMzUyNjFE NkUxMUUyQjA0QTYxQUYwOEIwMkNEMi9jSmRseDlUVE1mVERhc2EtTkgtbWFoOENO SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NKZGx4OVRUTWZURGFzYS1OSC1tYWg4Q05KQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RTg1RS8wQkVEMzUyNjFENkUxMUUyQjA0QTYxQUYwOEIwMkNEMi9jSmRseDlUVE1m VERhc2EtTkgtbWFoOENOSkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/JMYRJPUPDtxAUiOi6VI45R6S3rPz8nyXkctOIal6SxsD//p3aA9d Vvg9AaVgtHyrst1MuXRmQFOEOxTqd3IUk998p2k397jalLoVhlglZpkanZO8/0l4 k7nQRYQ78GNYmBjVzQNAuB2zkcKJ9lu8BPcMqpSu5ulcQeIvCGq+grjylN2iD9ZI nZmZ2G5Z6wVGUUkeeYs0dd6HLon4P/lFID7agSpWpqIDCrpbqUByZDeSoZz69TG0 n+ZeEnlUNZDQwFxVGJBQX9/Au9TgrrrLaZy/dCG0SzcxBOB7llNqqX/6rOFe7yQn Bj8AV4pttDgI19Xz8O/BvGvps6dFcTZ4 -----END CERTIFICATE-----Generated at Tue May 13 11:17:01 2025 by rpki-client