$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft File: RITQfaaNUwUM3PaxPAwFReZFfOU.mft (raw, json) Hash identifier: W0FbWICh2uajgVWIGml40/oUMAyhf4OAdDoCWq14EBA= Subject key identifier: FE:2B:ED:68:59:CF:3E:4D:70:2D:9A:AC:4D:5A:52:17:A9:9E:A5:06 Authority key identifier: 44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 Certificate issuer: /CN=A91B5CEA/serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Certificate serial: 01D4 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft Manifest number: 01D1 Signing time: Wed 07 May 2025 02:06:43 +0000 Manifest this update: Wed 07 May 2025 02:06:43 +0000 Manifest next update: Wed 14 May 2025 02:06:43 +0000 Files and hashes: 1: RITQfaaNUwUM3PaxPAwFReZFfOU.crl (hash: XxYNOicC+IOCSHvpJW7CUooI+9st760Xx34aTUp8OX4=) 2: B3795CBC64F211ED9AEC046FC4F9AE02.roa (hash: EdWi73Mh5xQLy3TivA4ubB2nlEznz8QrqPnUKcwGaiM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 14 May 2025 02:06:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 468 (0x1d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5CEA, serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Validity Not Before: May 7 02:06:43 2025 GMT Not After : May 14 02:06:43 2025 GMT Subject: CN=681ac033-2163 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:51:4b:b8:00:45:b1:ff:2f:08:e0:40:8f:7d: de:6f:83:f1:15:17:86:be:95:16:8c:1e:6a:61:25: f3:33:5f:c1:a5:b9:ae:f6:49:97:8b:81:29:10:9b: d0:9d:4a:99:b3:8f:a6:09:d0:d0:35:2a:b6:78:9a: ee:27:18:45:3a:0d:04:85:83:30:e6:54:f2:e4:ec: aa:a0:93:9c:38:d7:79:db:03:5e:a5:5d:33:09:bf: 17:95:05:68:68:23:e6:ab:6b:ee:c9:0d:93:5b:95: b4:98:86:50:61:07:fc:ef:e2:07:8f:f7:96:e0:56: 41:75:dc:c8:f6:b3:67:19:fb:ca:25:71:74:bc:9e: a4:b9:e4:f9:3b:66:a9:7a:2b:db:49:fc:93:5b:af: 13:55:e5:37:6d:2e:b1:94:b9:63:14:f5:58:0e:14: 42:e3:b0:99:3c:8e:87:23:85:57:54:f0:68:4a:4d: 7e:30:33:1d:23:a3:e6:b2:f6:db:f4:95:61:60:4a: 8f:12:63:8c:da:ca:d3:88:43:4f:04:2e:ba:c5:f8: 79:50:bb:35:62:2c:10:56:ff:d8:4b:75:ce:f8:24: b7:bc:73:28:09:d6:81:52:f6:bf:4e:0c:e6:97:49: 6d:85:41:bd:fc:bf:b5:83:46:5c:db:d9:9b:d8:ae: 37:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:2B:ED:68:59:CF:3E:4D:70:2D:9A:AC:4D:5A:52:17:A9:9E:A5:06 X509v3 Authority Key Identifier: keyid:44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 67:11:9d:a3:db:3d:ff:f1:47:1e:e8:9e:a4:e3:07:85:bc:37: 30:55:f7:5a:cd:48:92:60:00:08:77:18:15:3c:88:a7:a8:2d: 5c:db:9f:e9:b6:31:1a:f8:3b:4a:9d:11:8b:96:b5:72:45:eb: 68:06:37:67:c1:42:bd:7c:60:b4:7d:22:1a:01:a2:4b:37:9a: 28:6b:ac:c3:55:f3:68:cb:8f:3c:f1:9c:3b:9e:f8:39:13:ee: 21:4b:a1:61:73:c6:65:c4:6a:3b:a4:f7:30:54:18:5a:ff:fa: be:ba:a6:49:56:a1:f8:4d:af:57:bc:68:c1:ff:71:90:24:d2: 67:b5:98:6d:25:91:e1:f5:13:1a:d6:d8:40:a5:f5:52:25:d6: 2d:76:2d:e9:12:7a:9a:c0:0b:d3:20:31:22:c8:76:08:8c:ee: ef:4d:5c:d8:93:87:a1:e8:a8:ff:59:e2:bc:a5:a5:f7:1b:16: 35:68:31:3c:f4:eb:7e:07:12:b1:4e:ad:3f:2b:64:4d:d9:14: 79:87:24:d9:bf:b6:53:f4:65:a4:26:6a:46:e2:6f:e1:e4:6c: e9:51:21:2c:31:5e:f9:ea:f2:d0:ad:3a:f1:64:61:e2:56:8d: 7b:4c:47:60:fe:f9:e1:01:fa:3e:52:60:ac:1a:5d:fa:7f:73: 3d:70:80:7e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjVDRUExMTAvBgNVBAUTKDQ0ODREMDdEQTY4RDUzMDUwQ0RDRjZCMTNDMEMwNTQ1 RTY0NTdDRTUwHhcNMjUwNTA3MDIwNjQzWhcNMjUwNTE0MDIwNjQzWjAYMRYwFAYD VQQDEw02ODFhYzAzMy0yMTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApVFLuABFsf8vCOBAj33eb4PxFReGvpUWjB5qYSXzM1/Bpbmu9kmXi4EpEJvQ nUqZs4+mCdDQNSq2eJruJxhFOg0EhYMw5lTy5OyqoJOcONd52wNepV0zCb8XlQVo aCPmq2vuyQ2TW5W0mIZQYQf87+IHj/eW4FZBddzI9rNnGfvKJXF0vJ6kueT5O2ap eivbSfyTW68TVeU3bS6xlLljFPVYDhRC47CZPI6HI4VXVPBoSk1+MDMdI6Pmsvbb 9JVhYEqPEmOM2srTiENPBC66xfh5ULs1YiwQVv/YS3XO+CS3vHMoCdaBUva/Tgzm l0lthUG9/L+1g0Zc29mb2K43KQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP4r7WhZ zz5NcC2arE1aUhepnqUGMB8GA1UdIwQYMBaAFESE0H2mjVMFDNz2sTwMBUXmRXzl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUNFQS8xRjYzQTU2ODY0 RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3VU0zUGF4UEF3RlJlWkZm T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL1JJVFFmYWFOVXdVTTNQYXhQQXdGUmVaRmZPVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NUNFQS8xRjYzQTU2ODY0RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3 VU0zUGF4UEF3RlJlWkZmT1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBnEZ2j2z3/8Uce6J6k4weFvDcwVfdazUiSYAAIdxgVPIinqC1c25/p tjEa+DtKnRGLlrVyRetoBjdnwUK9fGC0fSIaAaJLN5ooa6zDVfNoy4888Zw7nvg5 E+4hS6Fhc8ZlxGo7pPcwVBha//q+uqZJVqH4Ta9XvGjB/3GQJNJntZhtJZHh9RMa 1thApfVSJdYtdi3pEnqawAvTIDEiyHYIjO7vTVzYk4eh6Kj/WeK8paX3GxY1aDE8 9Ot+BxKxTq0/K2RN2RR5hyTZv7ZT9GWkJmpG4m/h5GzpUSEsMV756vLQrTrxZGHi Vo17TEdg/vnhAfo+UmCsGl36f3M9cIB+ -----END CERTIFICATE-----Generated at Thu May 8 21:49:54 2025 by rpki-client