$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5AAA/8F5892941D9511E2A98A9A7D08B02CD2/7cH-eLyHvyWy4419cs2cozAibOk.mft File: 7cH-eLyHvyWy4419cs2cozAibOk.mft (raw, json) Hash identifier: zkOyokXuh1Iqo33ygahUVMGungarv3p+BtqN6wKW/pE= Subject key identifier: AF:EB:F7:58:3A:4B:0C:ED:93:3C:47:7F:46:A2:C0:D6:E0:ED:AE:38 Authority key identifier: ED:C1:FE:78:BC:87:BF:25:B2:E3:8D:7D:72:CD:9C:A3:30:22:6C:E9 Certificate issuer: /CN=A91B5AAA/serialNumber=EDC1FE78BC87BF25B2E38D7D72CD9CA330226CE9 Certificate serial: 3478 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cH-eLyHvyWy4419cs2cozAibOk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5AAA/8F5892941D9511E2A98A9A7D08B02CD2/7cH-eLyHvyWy4419cs2cozAibOk.mft Manifest number: 3FA9 Signing time: Sat 10 May 2025 14:47:45 +0000 Manifest this update: Sat 10 May 2025 14:47:45 +0000 Manifest next update: Sat 17 May 2025 14:47:45 +0000 Files and hashes: 1: 7cH-eLyHvyWy4419cs2cozAibOk.crl (hash: XvyrmbEr8nAdzNsBzhEaZnwx4+06mqNqkfRYmBuLluQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5AAA/8F5892941D9511E2A98A9A7D08B02CD2/7cH-eLyHvyWy4419cs2cozAibOk.crl rsync://rpki.apnic.net/member_repository/A91B5AAA/8F5892941D9511E2A98A9A7D08B02CD2/7cH-eLyHvyWy4419cs2cozAibOk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cH-eLyHvyWy4419cs2cozAibOk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 14:47:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13432 (0x3478) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5AAA, serialNumber=EDC1FE78BC87BF25B2E38D7D72CD9CA330226CE9 Validity Not Before: May 10 14:47:45 2025 GMT Not After : May 17 14:47:45 2025 GMT Subject: CN=681f6711-e89d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:34:31:82:16:14:e1:72:52:ea:77:0e:6e:86: 27:c1:2c:ad:7a:28:ee:34:a6:de:e8:10:dd:c4:9f: 2d:1e:7e:24:8a:30:2c:b3:38:71:d5:ab:e1:72:00: 75:d0:de:51:54:58:db:b8:ac:f7:ef:06:f6:da:f9: 86:70:34:df:86:4f:3e:32:b3:56:4f:6d:2c:0e:b6: 36:f6:c5:0d:2f:fd:89:33:6f:6c:87:5f:6c:7d:1c: b7:9f:4e:4c:ef:f3:68:ae:39:32:22:86:6f:cb:38: c7:c6:e6:e7:ee:01:10:e4:61:4a:c5:4e:27:5d:d3: 0a:69:a8:8b:de:4c:83:9e:cc:48:98:c8:11:57:50: bc:eb:f2:10:6d:19:48:b8:e2:a3:a2:33:a4:40:9b: 8d:73:12:ef:ff:17:77:65:2c:e2:56:0f:87:a2:d6: 8f:d7:58:c4:c0:54:70:93:29:3a:74:74:45:66:44: 48:2e:71:10:c7:c3:6e:86:c3:5d:e7:db:71:88:70: 13:08:bd:56:21:44:76:e6:26:11:2f:58:ef:69:7a: 5e:70:fa:22:6e:a7:c3:ba:5d:1f:4b:62:14:d1:70: 78:e1:1e:41:83:f5:e8:05:7e:9d:54:80:2f:d4:7c: 7e:94:cc:bd:13:47:b6:ce:c5:8a:96:70:71:2c:a5: 32:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:EB:F7:58:3A:4B:0C:ED:93:3C:47:7F:46:A2:C0:D6:E0:ED:AE:38 X509v3 Authority Key Identifier: keyid:ED:C1:FE:78:BC:87:BF:25:B2:E3:8D:7D:72:CD:9C:A3:30:22:6C:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5AAA/8F5892941D9511E2A98A9A7D08B02CD2/7cH-eLyHvyWy4419cs2cozAibOk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7cH-eLyHvyWy4419cs2cozAibOk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5AAA/8F5892941D9511E2A98A9A7D08B02CD2/7cH-eLyHvyWy4419cs2cozAibOk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:c1:3a:24:de:ce:fd:02:2b:0b:82:31:89:0f:c4:28:b8:5c: 9e:81:e4:5c:6d:c3:68:f2:95:a5:7e:16:01:5c:c0:a6:c6:bd: 88:f6:03:03:b3:4b:ab:5e:21:56:c6:70:6c:9f:3f:7e:97:2a: 2b:5d:bf:7a:32:97:76:a1:7a:b7:ad:16:20:b6:0f:4b:e4:8d: 21:6e:f4:d4:ae:07:36:0e:31:d7:10:85:48:b0:5c:14:ea:06: 71:33:32:7b:ce:89:3f:52:ba:18:54:84:10:87:f6:4f:35:20: f9:06:47:4e:31:00:b3:5b:2b:32:b9:17:2c:68:94:dc:59:37: ff:6d:58:5e:ba:f9:39:37:e8:19:05:3e:67:38:37:b5:a3:11: 8c:dd:32:d9:4d:f6:34:73:ed:0d:39:37:04:7c:8b:96:81:11: d1:54:ef:9a:5e:a2:65:57:b7:d1:b9:26:f9:8a:99:32:26:f0: 7c:4c:2a:64:5d:74:e7:12:08:e7:82:3c:99:97:23:65:c6:82: 8a:0e:a3:5b:49:e1:ee:20:63:55:f5:98:f2:d6:3f:6c:09:cb: 29:a1:55:84:67:10:ba:4a:1e:00:a4:5d:08:76:74:10:8a:4d: 5a:f4:5e:a6:24:97:0a:e6:ff:98:3c:d3:63:09:d4:bb:72:e4: 9b:4b:63:c8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjVBQUExMTAvBgNVBAUTKEVEQzFGRTc4QkM4N0JGMjVCMkUzOEQ3RDcyQ0Q5Q0Ez MzAyMjZDRTkwHhcNMjUwNTEwMTQ0NzQ1WhcNMjUwNTE3MTQ0NzQ1WjAYMRYwFAYD VQQDEw02ODFmNjcxMS1lODlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvTQxghYU4XJS6ncOboYnwSyteijuNKbe6BDdxJ8tHn4kijAsszhx1avhcgB1 0N5RVFjbuKz37wb22vmGcDTfhk8+MrNWT20sDrY29sUNL/2JM29sh19sfRy3n05M 7/NorjkyIoZvyzjHxubn7gEQ5GFKxU4nXdMKaaiL3kyDnsxImMgRV1C86/IQbRlI uOKjojOkQJuNcxLv/xd3ZSziVg+HotaP11jEwFRwkyk6dHRFZkRILnEQx8NuhsNd 59txiHATCL1WIUR25iYRL1jvaXpecPoibqfDul0fS2IU0XB44R5Bg/XoBX6dVIAv 1Hx+lMy9E0e2zsWKlnBxLKUyiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK/r91g6 SwztkzxHf0aiwNbg7a44MB8GA1UdIwQYMBaAFO3B/ni8h78lsuONfXLNnKMwImzp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUFBQS84RjU4OTI5NDFE OTUxMUUyQTk4QTlBN0QwOEIwMkNEMi83Y0gtZUx5SHZ5V3k0NDE5Y3MyY296QWli T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdjSC1lTHlIdnlXeTQ0MTljczJjb3pBaWJPay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NUFBQS84RjU4OTI5NDFEOTUxMUUyQTk4QTlBN0QwOEIwMkNEMi83Y0gtZUx5SHZ5 V3k0NDE5Y3MyY296QWliT2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAQwTok3s79AisLgjGJD8QouFyegeRcbcNo8pWlfhYBXMCmxr2I9gMD s0urXiFWxnBsnz9+lyorXb96Mpd2oXq3rRYgtg9L5I0hbvTUrgc2DjHXEIVIsFwU 6gZxMzJ7zok/UroYVIQQh/ZPNSD5BkdOMQCzWysyuRcsaJTcWTf/bVheuvk5N+gZ BT5nODe1oxGM3TLZTfY0c+0NOTcEfIuWgRHRVO+aXqJlV7fRuSb5ipkyJvB8TCpk XXTnEgjngjyZlyNlxoKKDqNbSeHuIGNV9Zjy1j9sCcspoVWEZxC6Sh4ApF0IdnQQ ik1a9F6mJJcK5v+YPNNjCdS7cuSbS2PI -----END CERTIFICATE-----Generated at Mon May 12 07:17:13 2025 by rpki-client