$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4B33/1ACE7D04221E11EF9344A309C4F9AE02/7w5JMvxot1LjQokiqT5mq-MfNDE.mft File: 7w5JMvxot1LjQokiqT5mq-MfNDE.mft (raw, json) Hash identifier: WWwzAd9x6f9KvEDjUZrO3K9VNbTou9oKWlBBfCtZSGI= Subject key identifier: 45:6C:B4:95:0F:33:48:F6:34:9E:B2:AC:51:C5:A6:C9:8A:F4:61:40 Authority key identifier: EF:0E:49:32:FC:68:B7:52:E3:42:89:22:A9:3E:66:AB:E3:1F:34:31 Certificate issuer: /CN=A91B4B33/serialNumber=EF0E4932FC68B752E3428922A93E66ABE31F3431 Certificate serial: B4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/7w5JMvxot1LjQokiqT5mq-MfNDE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4B33/1ACE7D04221E11EF9344A309C4F9AE02/7w5JMvxot1LjQokiqT5mq-MfNDE.mft Manifest number: B2 Signing time: Tue 13 May 2025 05:12:06 +0000 Manifest this update: Tue 13 May 2025 05:12:06 +0000 Manifest next update: Tue 20 May 2025 05:12:06 +0000 Files and hashes: 1: 7w5JMvxot1LjQokiqT5mq-MfNDE.crl (hash: hqbcZosWfWh/s5TPyDkfc9f0BnQuk+ItSy5bRp/v6cg=) 2: 80741B04221F11EF92A42E1AC4F9AE02.roa (hash: tCXmsiS2pZhfyBR2w7/CD7l4+Sf7uzGB1XazUIv4/b4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4B33/1ACE7D04221E11EF9344A309C4F9AE02/7w5JMvxot1LjQokiqT5mq-MfNDE.crl rsync://rpki.apnic.net/member_repository/A91B4B33/1ACE7D04221E11EF9344A309C4F9AE02/7w5JMvxot1LjQokiqT5mq-MfNDE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/7w5JMvxot1LjQokiqT5mq-MfNDE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 02:50:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 180 (0xb4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4B33, serialNumber=EF0E4932FC68B752E3428922A93E66ABE31F3431 Validity Not Before: May 13 05:12:06 2025 GMT Not After : May 20 05:12:06 2025 GMT Subject: CN=6822d4a6-5a21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:b5:28:6d:9a:25:ac:06:74:5d:7a:5d:9f:f8: 42:3d:b1:51:d7:ef:43:76:f2:46:02:98:e3:ce:6a: 65:7f:40:35:fc:8f:bf:4c:16:66:9b:dd:8a:de:8e: c7:da:dd:01:09:0a:88:80:31:68:4c:7c:d0:4e:ac: dd:07:66:bd:28:56:a9:3e:c1:53:e3:6c:6e:b6:fa: 85:e7:c1:b7:9c:46:78:24:84:bc:ad:12:0a:2e:ce: fa:21:0d:e4:31:d0:2b:ff:f2:5b:6f:cd:7a:b0:16: 64:a3:29:3b:87:e1:f5:6a:b4:b7:15:9a:7d:ea:f3: 36:e8:c5:f2:4d:13:0b:0f:72:99:b1:8d:41:4b:28: 27:a4:9d:0a:61:7a:96:e0:58:05:83:67:37:fc:9d: 19:2f:6e:98:da:67:bb:69:fd:e7:39:5b:af:db:4e: 6a:95:21:ac:38:74:ae:cc:96:b4:b1:f1:54:2f:e3: 1b:7a:c8:14:e4:20:81:8e:71:45:23:30:c4:0b:38: 00:78:58:25:0d:e4:4e:08:b7:2e:01:07:53:04:89: d1:31:b1:7b:66:cd:aa:73:db:87:43:78:97:a5:70: 2b:4e:24:14:7e:1c:a4:e2:94:59:42:ab:48:45:1d: 97:4d:36:8c:b2:6a:28:a3:75:1f:c4:47:3c:90:e1: 78:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:6C:B4:95:0F:33:48:F6:34:9E:B2:AC:51:C5:A6:C9:8A:F4:61:40 X509v3 Authority Key Identifier: keyid:EF:0E:49:32:FC:68:B7:52:E3:42:89:22:A9:3E:66:AB:E3:1F:34:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4B33/1ACE7D04221E11EF9344A309C4F9AE02/7w5JMvxot1LjQokiqT5mq-MfNDE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/7w5JMvxot1LjQokiqT5mq-MfNDE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4B33/1ACE7D04221E11EF9344A309C4F9AE02/7w5JMvxot1LjQokiqT5mq-MfNDE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6f:6f:7b:cb:8e:21:c3:af:58:09:7e:c2:fd:2a:d6:91:46:34: ac:6c:6b:81:c9:ca:37:90:d6:d0:3d:3e:95:66:03:6d:6c:82: 9f:a5:c1:2b:45:68:2e:48:03:dc:b4:a4:c4:2f:91:b8:d8:a0: fd:d0:7f:d0:e2:3b:a3:0c:22:70:98:30:b1:ba:77:ea:fc:e6: 05:c1:de:11:61:eb:57:71:7f:03:37:89:2c:2f:e9:98:3b:c4: 24:18:c0:28:da:2b:1d:d1:38:83:5d:1f:2f:7e:78:3a:77:db: 1a:e6:3c:b2:41:13:81:56:3c:a3:ee:96:b3:97:22:35:ef:d7: fc:31:d2:d0:52:b7:0d:fb:70:cc:6b:d8:22:11:67:5b:27:7d: 98:ab:b8:1e:e6:55:fe:5c:17:2a:a9:96:c9:e6:55:aa:45:d3: f4:6e:43:8c:15:b3:e6:67:47:71:90:9a:04:b8:71:db:55:4c: 3a:11:d0:6d:05:1d:fa:62:5f:bf:ca:d9:10:91:81:d5:47:94: d3:c3:e3:ab:00:f7:0a:4b:6b:34:7d:83:31:b2:8d:d1:1d:00: 84:6a:2a:99:ef:5c:04:2b:f3:de:04:0e:97:ca:b5:0f:29:c0: ac:cb:ed:4d:37:72:2d:d6:82:68:3f:64:ad:ae:3e:1b:32:cc: 4d:9f:89:9d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjRCMzMxMTAvBgNVBAUTKEVGMEU0OTMyRkM2OEI3NTJFMzQyODkyMkE5M0U2NkFC RTMxRjM0MzEwHhcNMjUwNTEzMDUxMjA2WhcNMjUwNTIwMDUxMjA2WjAYMRYwFAYD VQQDEw02ODIyZDRhNi01YTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwrUobZolrAZ0XXpdn/hCPbFR1+9DdvJGApjjzmplf0A1/I+/TBZmm92K3o7H 2t0BCQqIgDFoTHzQTqzdB2a9KFapPsFT42xutvqF58G3nEZ4JIS8rRIKLs76IQ3k MdAr//Jbb816sBZkoyk7h+H1arS3FZp96vM26MXyTRMLD3KZsY1BSygnpJ0KYXqW 4FgFg2c3/J0ZL26Y2me7af3nOVuv205qlSGsOHSuzJa0sfFUL+MbesgU5CCBjnFF IzDECzgAeFglDeROCLcuAQdTBInRMbF7Zs2qc9uHQ3iXpXArTiQUfhyk4pRZQqtI RR2XTTaMsmooo3UfxEc8kOF4bQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEVstJUP M0j2NJ6yrFHFpsmK9GFAMB8GA1UdIwQYMBaAFO8OSTL8aLdS40KJIqk+ZqvjHzQx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNEIzMy8xQUNFN0QwNDIy MUUxMUVGOTM0NEEzMDlDNEY5QUUwMi83dzVKTXZ4b3QxTGpRb2tpcVQ1bXEtTWZO REUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzd3NUpNdnhvdDFMalFva2lxVDVtcS1NZk5ERS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NEIzMy8xQUNFN0QwNDIyMUUxMUVGOTM0NEEzMDlDNEY5QUUwMi83dzVKTXZ4b3Qx TGpRb2tpcVQ1bXEtTWZOREUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBvb3vLjiHDr1gJfsL9KtaRRjSsbGuByco3kNbQPT6VZgNtbIKfpcEr RWguSAPctKTEL5G42KD90H/Q4jujDCJwmDCxunfq/OYFwd4RYetXcX8DN4ksL+mY O8QkGMAo2isd0TiDXR8vfng6d9sa5jyyQROBVjyj7pazlyI179f8MdLQUrcN+3DM a9giEWdbJ32Yq7ge5lX+XBcqqZbJ5lWqRdP0bkOMFbPmZ0dxkJoEuHHbVUw6EdBt BR36Yl+/ytkQkYHVR5TTw+OrAPcKS2s0fYMxso3RHQCEaiqZ71wEK/PeBA6XyrUP KcCsy+1NN3It1oJoP2Strj4bMsxNn4md -----END CERTIFICATE-----Generated at Tue May 13 16:08:25 2025 by rpki-client