$ rpki-client -vvf rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.mft File: 8VAZIKVfOnwnEDkUn_oop8HMOPE.mft (raw, json) Hash identifier: bl54Odn9RVYxH4KMlQILYCh64F9DHKjFxE0DKMqhsdY= Subject key identifier: DA:24:AD:54:03:26:A9:4E:09:35:BB:79:37:1D:75:3E:61:09:38:D4 Authority key identifier: F1:50:19:20:A5:5F:3A:7C:27:10:39:14:9F:FA:28:A7:C1:CC:38:F1 Certificate issuer: /CN=A91B49C0/serialNumber=F1501920A55F3A7C271039149FFA28A7C1CC38F1 Certificate serial: 0356 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8VAZIKVfOnwnEDkUn_oop8HMOPE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.mft Manifest number: 0352 Signing time: Fri 09 May 2025 00:46:48 +0000 Manifest this update: Fri 09 May 2025 00:46:47 +0000 Manifest next update: Fri 16 May 2025 00:46:47 +0000 Files and hashes: 1: 8VAZIKVfOnwnEDkUn_oop8HMOPE.crl (hash: Hsq8dsCvSQS5GcPQCXy/ZHUshmncrsAHnbh6axKyyO8=) 2: 8304B142B34711EC90A6DA67C4F9AE02.roa (hash: WXC/B6Dbe8kPnOwbgfCf/9me935cYsiOJufkenUuGQo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.crl rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8VAZIKVfOnwnEDkUn_oop8HMOPE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 00:46:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 854 (0x356) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B49C0, serialNumber=F1501920A55F3A7C271039149FFA28A7C1CC38F1 Validity Not Before: May 9 00:46:47 2025 GMT Not After : May 16 00:46:47 2025 GMT Subject: CN=681d5078-be9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:b4:4c:ee:83:5b:f8:ce:a9:0a:5f:e2:d4:74: 75:1d:ae:44:fc:34:3e:a2:35:48:92:ea:42:37:4f: f8:92:a6:7d:5b:2a:b8:97:01:44:9d:5e:7a:b3:bc: 1b:47:10:78:d8:26:3e:d4:c4:a3:f7:04:67:d9:da: 58:8a:ee:52:93:da:13:07:7b:37:c1:e5:1b:da:eb: 2b:44:1f:90:a0:32:2e:c1:a7:3d:2d:24:a6:55:07: c5:12:b3:36:84:53:6a:50:b4:c4:f1:12:8c:2f:48: 7a:1c:df:e6:f0:bd:74:d4:90:0f:3d:a0:ea:ee:cf: bb:27:08:20:e6:b4:9f:a8:f6:a3:a3:3a:20:b8:0e: dd:9a:48:17:57:c1:76:af:88:1d:75:bd:27:62:d9: 8d:5e:73:74:d2:55:f1:54:9d:78:94:f8:99:97:dc: ad:f8:d0:66:48:28:f8:e7:e3:b6:4a:b0:b1:3b:9d: ad:19:c8:76:5d:68:3e:8b:59:d3:1b:15:91:d4:bc: f1:45:c7:2b:23:75:1a:3a:2c:7b:4d:71:60:67:00: 3a:65:78:fe:9f:bf:86:e8:df:2e:f5:b3:9c:a5:bd: 2b:ce:b3:38:22:ab:b8:4f:d0:05:80:32:f4:b9:8b: 04:15:07:e8:50:54:6c:48:91:20:fe:64:69:b0:22: bf:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:24:AD:54:03:26:A9:4E:09:35:BB:79:37:1D:75:3E:61:09:38:D4 X509v3 Authority Key Identifier: keyid:F1:50:19:20:A5:5F:3A:7C:27:10:39:14:9F:FA:28:A7:C1:CC:38:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8VAZIKVfOnwnEDkUn_oop8HMOPE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B49C0/6CB38358B34411ECABCE2A62C4F9AE02/8VAZIKVfOnwnEDkUn_oop8HMOPE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:9a:9b:0e:44:76:d0:b7:0d:65:b5:da:12:ac:a0:8f:8d:f3: f2:05:5e:d3:af:e4:16:3a:50:d3:8b:ce:2b:09:7b:f9:74:9c: 7a:4a:b1:9d:62:ef:15:4c:79:56:69:47:ff:76:82:8c:75:c5: 30:af:1f:79:34:a2:90:80:d6:03:37:a5:9b:8c:9b:df:d4:a7: 10:27:ae:03:f6:cb:02:a5:58:53:a4:35:88:80:e2:69:86:cd: e6:5c:10:cf:d3:9d:ab:bd:77:f9:b3:f9:97:2b:dd:3d:23:65: 72:92:92:3a:31:04:00:a0:9c:0d:da:f8:6e:98:65:cc:04:97: da:99:c2:78:c3:a8:44:3c:1b:86:f0:cd:23:42:e4:7d:15:59: 2d:b8:88:b6:25:91:9b:ea:31:06:ab:1c:78:ac:bc:b2:21:42: 5f:fe:e5:b6:e6:50:fa:87:04:04:e1:ae:ed:b5:7e:95:b8:3d: e9:a6:fc:02:6c:cb:22:e1:76:77:e2:8d:04:96:7b:1f:9d:9a: 99:4b:cc:c5:0a:d8:d2:43:d9:2c:3e:19:3e:74:ed:a1:f2:c0: bd:71:18:b4:04:ae:03:04:a6:76:63:31:5c:9a:f4:88:58:05: 4c:fc:9d:26:85:1f:91:57:24:12:0d:d3:f9:b2:01:c5:35:ea: 1a:4d:c5:63 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA1YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQ5QzAxMTAvBgNVBAUTKEYxNTAxOTIwQTU1RjNBN0MyNzEwMzkxNDlGRkEyOEE3 QzFDQzM4RjEwHhcNMjUwNTA5MDA0NjQ3WhcNMjUwNTE2MDA0NjQ3WjAYMRYwFAYD VQQDEw02ODFkNTA3OC1iZTljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqbRM7oNb+M6pCl/i1HR1Ha5E/DQ+ojVIkupCN0/4kqZ9Wyq4lwFEnV56s7wb RxB42CY+1MSj9wRn2dpYiu5Sk9oTB3s3weUb2usrRB+QoDIuwac9LSSmVQfFErM2 hFNqULTE8RKML0h6HN/m8L101JAPPaDq7s+7Jwgg5rSfqPajozoguA7dmkgXV8F2 r4gddb0nYtmNXnN00lXxVJ14lPiZl9yt+NBmSCj45+O2SrCxO52tGch2XWg+i1nT GxWR1LzxRccrI3UaOix7TXFgZwA6ZXj+n7+G6N8u9bOcpb0rzrM4Iqu4T9AFgDL0 uYsEFQfoUFRsSJEg/mRpsCK/hQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNokrVQD JqlOCTW7eTcddT5hCTjUMB8GA1UdIwQYMBaAFPFQGSClXzp8JxA5FJ/6KKfBzDjx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDlDMC82Q0IzODM1OEIz NDQxMUVDQUJDRTJBNjJDNEY5QUUwMi84VkFaSUtWZk9ud25FRGtVbl9vb3A4SE1P UEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhWQVpJS1ZmT253bkVEa1VuX29vcDhITU9QRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDlDMC82Q0IzODM1OEIzNDQxMUVDQUJDRTJBNjJDNEY5QUUwMi84VkFaSUtWZk9u d25FRGtVbl9vb3A4SE1PUEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQATmpsORHbQtw1ltdoSrKCPjfPyBV7Tr+QWOlDTi84rCXv5dJx6SrGd Yu8VTHlWaUf/doKMdcUwrx95NKKQgNYDN6WbjJvf1KcQJ64D9ssCpVhTpDWIgOJp hs3mXBDP052rvXf5s/mXK909I2VykpI6MQQAoJwN2vhumGXMBJfamcJ4w6hEPBuG 8M0jQuR9FVktuIi2JZGb6jEGqxx4rLyyIUJf/uW25lD6hwQE4a7ttX6VuD3ppvwC bMsi4XZ34o0ElnsfnZqZS8zFCtjSQ9ksPhk+dO2h8sC9cRi0BK4DBKZ2YzFcmvSI WAVM/J0mhR+RVyQSDdP5sgHFNeoaTcVj -----END CERTIFICATE-----Generated at Sat May 10 10:08:38 2025 by rpki-client