$ rpki-client -vvf rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft File: H8Tf0A2sNKjrhGPTlRwio0WDesk.mft (raw, json) Hash identifier: fHE3bv7NhBdq5pL6vShkGEqOwKZUkzMjA4NbvwzbToo= Subject key identifier: D3:E9:D0:ED:CC:45:03:08:DE:1C:EA:B1:F4:A4:11:CA:65:8D:B8:07 Authority key identifier: 1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9 Certificate issuer: /CN=A91B477B/serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9 Certificate serial: 0697 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft Manifest number: 068A Signing time: Sat 10 May 2025 21:54:15 +0000 Manifest this update: Sat 10 May 2025 21:54:14 +0000 Manifest next update: Sat 17 May 2025 21:54:14 +0000 Files and hashes: 1: H8Tf0A2sNKjrhGPTlRwio0WDesk.crl (hash: dMmUsXvuOMR3SoHgzX8gQ4bCIw504gsJ0oYgQ86JetE=) 2: 22F72E28725311EBA9C51756C4F9AE02.roa (hash: jYjWFz3EGxandnR9opo8f6aMMLeOf+7OXo3+jH6tu9c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 21:54:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1687 (0x697) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B477B, serialNumber=1FC4DFD00DAC34A8EB8463D3951C22A345837AC9 Validity Not Before: May 10 21:54:14 2025 GMT Not After : May 17 21:54:14 2025 GMT Subject: CN=681fcb07-02cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:f7:ce:3a:58:67:84:60:32:56:0e:67:36:27: 1e:63:bf:a8:b3:1c:a4:f3:89:ae:fd:27:c2:d8:a0: 3e:28:00:a0:0e:7e:ae:4f:5a:0b:e6:c4:a2:38:19: 3c:92:c1:ce:f6:84:3d:90:87:a6:79:4e:f9:5d:bc: 52:72:0e:76:73:26:cb:ac:03:79:87:8b:2e:41:c8: 79:18:4b:2a:04:fd:b6:9f:2b:da:50:cb:9a:5a:9d: 66:fa:99:a7:e4:a5:21:dd:0f:5d:74:d3:2b:eb:f1: cc:b2:93:c1:bb:84:51:4a:90:60:12:f6:a9:4b:8f: 3a:47:c3:e6:81:f5:50:3b:1b:0b:e4:dd:20:4a:a2: 7f:f6:12:c5:4a:2b:4e:03:f2:37:00:04:58:42:e8: 42:88:0d:dd:e2:1b:09:40:a8:98:8c:df:cc:ee:3c: 85:f5:55:8c:fa:ba:3c:bd:2c:00:92:dd:80:89:0b: 9a:00:94:d7:1c:d9:10:d1:e1:c1:6d:d7:05:36:79: 54:1d:de:84:73:53:60:e9:55:b3:d7:85:a6:1a:02: e9:2e:49:4c:96:79:30:0f:7b:ff:f2:fa:4d:f8:b7: 22:33:f7:9a:3f:47:80:7e:b1:a0:b9:25:57:ae:9c: c3:7f:27:39:dd:0a:29:33:4a:8e:9b:e0:11:4f:22: 1b:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:E9:D0:ED:CC:45:03:08:DE:1C:EA:B1:F4:A4:11:CA:65:8D:B8:07 X509v3 Authority Key Identifier: keyid:1F:C4:DF:D0:0D:AC:34:A8:EB:84:63:D3:95:1C:22:A3:45:83:7A:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/H8Tf0A2sNKjrhGPTlRwio0WDesk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B477B/1C256270725011EBB648F84EC4F9AE02/H8Tf0A2sNKjrhGPTlRwio0WDesk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:f2:54:7e:cb:0d:43:5f:2c:b3:ab:9e:d5:f9:90:07:2a:dd: de:7d:c9:74:85:3e:e0:a2:c3:2f:fb:04:71:b9:99:56:f7:d0: 17:01:f7:c4:f4:32:6b:a3:b0:2f:42:c6:11:f2:4a:9f:d6:2e: fa:4d:fc:d4:c7:c4:e9:0f:70:b5:43:66:e7:46:c8:c9:95:41: e4:5f:60:6a:f0:9e:e4:5b:96:f9:ea:f3:d2:28:09:2c:81:5e: 57:5a:3f:b6:da:cc:d5:86:d1:da:15:91:a5:73:68:9c:3a:be: a8:d7:72:45:2f:ef:4b:90:e4:56:7c:0e:1d:f0:3a:b7:4b:8c: 08:db:2b:94:65:30:b2:d6:49:08:e8:fc:62:4e:8c:b2:68:3b: a0:ac:ab:86:67:08:da:90:2c:b8:d6:0f:4c:1e:2a:22:d4:c1: 23:c0:39:46:df:96:a1:03:a4:38:7f:5b:43:07:aa:5a:53:c7: 43:ca:03:f8:3e:5e:31:4a:91:62:dd:83:b3:50:15:93:94:56: 18:9d:29:2c:7e:9d:53:3e:3e:58:d9:5a:4f:f4:21:90:43:98: 93:6f:13:42:1b:1f:63:67:d3:f6:56:f4:05:44:ed:b8:34:98: 88:0b:78:57:af:6e:a5:ad:9b:67:cc:36:19:f8:85:9e:47:20: 52:aa:92:fc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBpcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQ3N0IxMTAvBgNVBAUTKDFGQzRERkQwMERBQzM0QThFQjg0NjNEMzk1MUMyMkEz NDU4MzdBQzkwHhcNMjUwNTEwMjE1NDE0WhcNMjUwNTE3MjE1NDE0WjAYMRYwFAYD VQQDEw02ODFmY2IwNy0wMmNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3/fOOlhnhGAyVg5nNiceY7+osxyk84mu/SfC2KA+KACgDn6uT1oL5sSiOBk8 ksHO9oQ9kIemeU75XbxScg52cybLrAN5h4suQch5GEsqBP22nyvaUMuaWp1m+pmn 5KUh3Q9ddNMr6/HMspPBu4RRSpBgEvapS486R8PmgfVQOxsL5N0gSqJ/9hLFSitO A/I3AARYQuhCiA3d4hsJQKiYjN/M7jyF9VWM+ro8vSwAkt2AiQuaAJTXHNkQ0eHB bdcFNnlUHd6Ec1Ng6VWz14WmGgLpLklMlnkwD3v/8vpN+LciM/eaP0eAfrGguSVX rpzDfyc53QopM0qOm+ARTyIbEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNPp0O3M RQMI3hzqsfSkEcpljbgHMB8GA1UdIwQYMBaAFB/E39ANrDSo64Rj05UcIqNFg3rJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDc3Qi8xQzI1NjI3MDcy NTAxMUVCQjY0OEY4NEVDNEY5QUUwMi9IOFRmMEEyc05LanJoR1BUbFJ3aW8wV0Rl c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0g4VGYwQTJzTktqcmhHUFRsUndpbzBXRGVzay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDc3Qi8xQzI1NjI3MDcyNTAxMUVCQjY0OEY4NEVDNEY5QUUwMi9IOFRmMEEyc05L anJoR1BUbFJ3aW8wV0Rlc2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBe8lR+yw1DXyyzq57V+ZAHKt3efcl0hT7gosMv+wRxuZlW99AXAffE 9DJro7AvQsYR8kqf1i76TfzUx8TpD3C1Q2bnRsjJlUHkX2Bq8J7kW5b56vPSKAks gV5XWj+22szVhtHaFZGlc2icOr6o13JFL+9LkORWfA4d8Dq3S4wI2yuUZTCy1kkI 6PxiToyyaDugrKuGZwjakCy41g9MHioi1MEjwDlG35ahA6Q4f1tDB6paU8dDygP4 Pl4xSpFi3YOzUBWTlFYYnSksfp1TPj5Y2VpP9CGQQ5iTbxNCGx9jZ9P2VvQFRO24 NJiIC3hXr26lrZtnzDYZ+IWeRyBSqpL8 -----END CERTIFICATE-----Generated at Mon May 12 04:14:54 2025 by rpki-client