$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft File: 5bRMaejecz32GWYFbn5BXsfHDSo.mft (raw, json) Hash identifier: zVvLFVvsvEwuaBCZsslTNkRu+R9zumEBKLks7wZNjHo= Subject key identifier: BA:00:26:E6:2D:F5:FE:12:23:0B:BD:0D:B8:53:6E:2D:C2:0C:69:AD Authority key identifier: E5:B4:4C:69:E8:DE:73:3D:F6:19:66:05:6E:7E:41:5E:C7:C7:0D:2A Certificate issuer: /CN=A91B4873/serialNumber=E5B44C69E8DE733DF61966056E7E415EC7C70D2A Certificate serial: A3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft Manifest number: A2 Signing time: Thu 15 May 2025 05:28:58 +0000 Manifest this update: Thu 15 May 2025 05:28:57 +0000 Manifest next update: Thu 22 May 2025 05:28:57 +0000 Files and hashes: 1: 5bRMaejecz32GWYFbn5BXsfHDSo.crl (hash: L5uRXR4vdBLbYcF/fPKlcaUYekyM8zs2KmcJbYbD6oc=) 2: 01F62A6438F011EF9A82662BC4F9AE02.roa (hash: 6ibBV+FsUpvviGFZhtbUaWu715IOaDD6qWu96emn7VA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.crl rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 05:28:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 163 (0xa3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4873, serialNumber=E5B44C69E8DE733DF61966056E7E415EC7C70D2A Validity Not Before: May 15 05:28:57 2025 GMT Not After : May 22 05:28:57 2025 GMT Subject: CN=68257b9a-e5d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:b0:1d:de:c6:c6:e4:78:97:d3:c6:e2:8d:fb: 12:db:04:9e:bc:8c:af:67:66:e0:0b:a8:48:9b:d5: b4:d8:60:24:b6:65:70:30:bd:e6:32:6d:8f:24:0f: 99:1c:0f:00:e5:92:a3:a1:95:1e:7e:21:59:12:ad: c3:cb:40:fd:25:60:bf:76:b7:89:e4:06:56:47:e6: 5c:85:ab:56:38:3c:31:f8:f0:1b:c9:f9:f4:07:8b: 3f:c3:06:c8:98:9f:30:37:15:4c:13:3c:77:c9:03: e7:86:ca:38:c8:d0:d7:47:50:3a:e8:70:59:57:c0: 7a:e1:07:bf:a0:2d:73:e1:b5:14:01:2b:80:60:57: 9c:41:45:7b:f5:88:e6:af:59:e4:f4:ce:7e:d9:8e: 58:db:15:fd:db:d7:95:a8:41:cd:88:b8:4a:32:b5: ad:f4:97:25:77:84:9c:e7:c6:9f:1c:ae:16:cd:e0: 27:bd:56:db:8d:00:e6:f8:42:33:d2:ce:1f:c7:74: 64:c7:76:ad:e3:cb:a3:b4:39:40:06:33:21:18:f8: 6f:6e:ee:a5:e4:33:77:38:17:10:c0:67:4a:51:1b: 9e:24:ad:42:af:8d:b4:0d:f5:9a:81:dd:16:cf:65: d5:ca:84:4d:62:9c:38:ed:27:af:ef:c4:10:be:cd: eb:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:00:26:E6:2D:F5:FE:12:23:0B:BD:0D:B8:53:6E:2D:C2:0C:69:AD X509v3 Authority Key Identifier: keyid:E5:B4:4C:69:E8:DE:73:3D:F6:19:66:05:6E:7E:41:5E:C7:C7:0D:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption be:8e:01:0d:27:3f:3d:37:cc:6b:53:2a:51:2d:9c:bf:63:e4: 0e:0b:bf:b4:5e:a3:09:c7:3e:83:8f:0e:b1:2e:aa:ed:e2:74: 32:b7:c7:9f:93:ca:e2:2d:e7:11:89:3e:16:b8:83:78:b2:ae: 00:42:8d:d9:d1:e1:81:56:cb:ac:3a:3a:34:3c:27:d8:ac:e4: 4e:71:67:bf:dd:66:db:e8:39:d9:a3:78:82:8a:0e:dc:3c:ec: 43:d0:97:b0:d8:d6:54:16:2c:7d:a7:4b:22:89:9e:a8:1a:9a: 50:db:14:e7:1f:97:a0:15:bf:6f:f3:4c:91:37:dd:fc:30:a4: 8d:5e:2f:38:4b:09:8b:ec:2d:16:a6:21:2b:68:09:d3:0d:7a: e3:41:e9:5f:97:ee:0d:fd:e4:68:6c:bd:0e:25:37:52:32:68: 08:9a:69:47:b8:f1:d2:32:07:53:7a:3e:ab:18:83:2d:80:cc: 63:e4:46:d2:de:c7:b4:6f:2f:b4:7d:98:ca:bc:16:7d:e8:0d: b9:45:37:31:e0:62:57:9c:4f:e8:b2:56:84:55:f6:03:73:cc: 1a:9c:cb:d5:99:47:05:21:55:c3:1d:d2:cf:ca:93:ed:23:91: f0:d8:d3:49:b4:d6:e5:91:11:e0:06:c6:71:24:0b:8f:0d:46: de:34:f7:1d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQ4NzMxMTAvBgNVBAUTKEU1QjQ0QzY5RThERTczM0RGNjE5NjYwNTZFN0U0MTVF QzdDNzBEMkEwHhcNMjUwNTE1MDUyODU3WhcNMjUwNTIyMDUyODU3WjAYMRYwFAYD VQQDEw02ODI1N2I5YS1lNWQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1bAd3sbG5HiX08bijfsS2wSevIyvZ2bgC6hIm9W02GAktmVwML3mMm2PJA+Z HA8A5ZKjoZUefiFZEq3Dy0D9JWC/dreJ5AZWR+ZchatWODwx+PAbyfn0B4s/wwbI mJ8wNxVMEzx3yQPnhso4yNDXR1A66HBZV8B64Qe/oC1z4bUUASuAYFecQUV79Yjm r1nk9M5+2Y5Y2xX929eVqEHNiLhKMrWt9Jcld4Sc58afHK4WzeAnvVbbjQDm+EIz 0s4fx3Rkx3at48ujtDlABjMhGPhvbu6l5DN3OBcQwGdKURueJK1Cr420DfWagd0W z2XVyoRNYpw47Sev78QQvs3rTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLoAJuYt 9f4SIwu9DbhTbi3CDGmtMB8GA1UdIwQYMBaAFOW0TGno3nM99hlmBW5+QV7Hxw0q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDg3My80RTI1QzhCQzM4 RTcxMUVGODQ0QjRGNjVDNEY5QUUwMi81YlJNYWVqZWN6MzJHV1lGYm41QlhzZkhE U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzViUk1hZWplY3ozMkdXWUZibjVCWHNmSERTby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDg3My80RTI1QzhCQzM4RTcxMUVGODQ0QjRGNjVDNEY5QUUwMi81YlJNYWVqZWN6 MzJHV1lGYm41QlhzZkhEU28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC+jgENJz89N8xrUypRLZy/Y+QOC7+0XqMJxz6Djw6xLqrt4nQyt8ef k8riLecRiT4WuIN4sq4AQo3Z0eGBVsusOjo0PCfYrOROcWe/3Wbb6DnZo3iCig7c POxD0Jew2NZUFix9p0siiZ6oGppQ2xTnH5egFb9v80yRN938MKSNXi84SwmL7C0W piEraAnTDXrjQelfl+4N/eRobL0OJTdSMmgImmlHuPHSMgdTej6rGIMtgMxj5EbS 3se0by+0fZjKvBZ96A25RTcx4GJXnE/oslaEVfYDc8wanMvVmUcFIVXDHdLPypPt I5Hw2NNJtNblkRHgBsZxJAuPDUbeNPcd -----END CERTIFICATE-----Generated at Fri May 16 03:06:06 2025 by rpki-client