$ rpki-client -vvf rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft File: oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft (raw, json) Hash identifier: hz5NoU0EKK3gS1oGBmP6laGHRzvyI9lkfpHFNLCv83I= Subject key identifier: A6:5C:33:76:C5:76:45:48:18:EE:71:BE:26:4D:D1:C3:A7:9A:7A:7B Authority key identifier: A1:0F:57:83:C8:F9:A6:D9:4D:29:B4:AA:90:C5:6E:01:6B:B5:14:56 Certificate issuer: /CN=A91B65AC/serialNumber=A10F5783C8F9A6D94D29B4AA90C56E016BB51456 Certificate serial: DF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft Manifest number: DC Signing time: Tue 13 May 2025 04:43:53 +0000 Manifest this update: Tue 13 May 2025 04:43:52 +0000 Manifest next update: Tue 20 May 2025 04:43:52 +0000 Files and hashes: 1: oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl (hash: tqhybQkXC8qg7tCE7IJct4dG7Kctc/t4QzjrxGOdqMo=) 2: 48005D9EE5AE11EE9ECE4023C4F9AE02.roa (hash: WtIZQ/bC/mTF3o0eFavcTapTDeJCSmKxEjU8nMbUVMA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 04:43:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 223 (0xdf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B65AC, serialNumber=A10F5783C8F9A6D94D29B4AA90C56E016BB51456 Validity Not Before: May 13 04:43:52 2025 GMT Not After : May 20 04:43:52 2025 GMT Subject: CN=6822ce08-8997 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:e2:6c:01:0a:7c:13:3f:18:5c:e1:f1:00:d0: 1b:a1:56:29:bb:dd:74:82:1e:51:6a:e1:42:c9:fd: 0d:1b:f9:f8:c1:a3:e9:39:99:b4:42:31:c9:ac:30: 95:b3:bf:59:a4:59:b4:4c:ae:ad:03:ec:e9:bc:8b: 41:00:7d:b7:dc:98:53:e8:7f:34:6f:4f:7c:85:b9: 44:7f:37:20:22:27:a6:4b:52:3f:29:ef:43:1d:45: 90:03:b1:9d:e4:f5:72:0a:8b:ef:50:f0:b4:4d:4d: 33:76:de:cc:51:34:01:ff:76:63:7e:4d:96:00:a5: ef:09:b6:50:06:15:ad:a3:54:28:66:36:7a:ea:c7: c0:5f:3f:af:25:73:3e:ea:90:5d:4f:df:c6:57:62: a1:d2:23:4b:de:ae:e8:9a:e4:c1:9e:e8:69:2c:47: c7:3f:8d:a3:15:ce:53:5f:46:47:1e:9e:9b:14:fd: 06:37:dd:06:c9:38:a1:48:7f:37:23:72:5c:a6:23: c9:28:0a:74:fb:db:96:ef:44:df:45:2d:dc:6f:45: 5a:d0:34:1a:01:bc:bd:29:5a:50:06:8d:d5:f3:aa: 49:a8:a1:34:ff:c1:e6:00:50:5a:c3:1f:d2:2c:03: 3a:fd:c1:05:51:0d:4e:e1:e5:ed:fb:81:53:9d:6f: eb:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:5C:33:76:C5:76:45:48:18:EE:71:BE:26:4D:D1:C3:A7:9A:7A:7B X509v3 Authority Key Identifier: keyid:A1:0F:57:83:C8:F9:A6:D9:4D:29:B4:AA:90:C5:6E:01:6B:B5:14:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B65AC/CB74F8BEE1E011EEAF6E1E68C4F9AE02/oQ9Xg8j5ptlNKbSqkMVuAWu1FFY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4d:21:3e:0e:4e:b8:54:18:2c:28:e6:88:4e:c9:6e:f3:22:08: 87:ed:4a:24:e0:f5:ef:e5:57:36:43:22:fe:ce:32:df:80:4a: 46:ab:58:5f:6c:c7:6b:98:2a:70:ef:0e:15:86:7a:82:78:7b: c8:ba:20:07:38:45:89:11:a6:7e:e0:97:26:d0:39:7c:51:24: 9b:1a:76:a4:80:6d:37:2d:e1:e4:e6:64:5d:92:cf:81:eb:fb: 9b:30:f0:59:c6:82:c1:0a:35:84:2a:41:6b:53:6f:60:79:65: 96:36:73:9a:52:32:1a:fe:8a:3c:be:d7:ae:6f:55:4d:73:d4: f1:23:97:ad:1e:5d:4f:05:13:55:8a:18:f0:82:a0:1f:13:a6: 58:a6:ae:cb:a0:0c:bb:1b:73:21:0b:a6:3e:6b:a5:b7:4e:17: 4b:e5:56:96:9f:98:50:32:6c:e3:ae:b8:0c:63:b0:9b:96:a1: fc:47:23:5d:8f:a2:6e:95:b2:25:0d:e7:2f:ec:63:7c:e5:da: 04:e3:ea:7f:9c:16:83:e7:a9:bf:3e:50:37:46:a6:3e:59:0d: 74:09:89:2f:52:ba:72:51:5f:1b:a8:c7:0d:4a:a0:53:4a:03: e2:ec:34:39:a0:4c:50:4c:80:86:a8:e2:c7:56:2d:bd:54:5a: 91:e1:97:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAN8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjY1QUMxMTAvBgNVBAUTKEExMEY1NzgzQzhGOUE2RDk0RDI5QjRBQTkwQzU2RTAx NkJCNTE0NTYwHhcNMjUwNTEzMDQ0MzUyWhcNMjUwNTIwMDQ0MzUyWjAYMRYwFAYD VQQDEw02ODIyY2UwOC04OTk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxeJsAQp8Ez8YXOHxANAboVYpu910gh5RauFCyf0NG/n4waPpOZm0QjHJrDCV s79ZpFm0TK6tA+zpvItBAH233JhT6H80b098hblEfzcgIiemS1I/Ke9DHUWQA7Gd 5PVyCovvUPC0TU0zdt7MUTQB/3Zjfk2WAKXvCbZQBhWto1QoZjZ66sfAXz+vJXM+ 6pBdT9/GV2Kh0iNL3q7omuTBnuhpLEfHP42jFc5TX0ZHHp6bFP0GN90GyTihSH83 I3JcpiPJKAp0+9uW70TfRS3cb0Va0DQaAby9KVpQBo3V86pJqKE0/8HmAFBawx/S LAM6/cEFUQ1O4eXt+4FTnW/rywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKZcM3bF dkVIGO5xviZN0cOnmnp7MB8GA1UdIwQYMBaAFKEPV4PI+abZTSm0qpDFbgFrtRRW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNjVBQy9DQjc0RjhCRUUx RTAxMUVFQUY2RTFFNjhDNEY5QUUwMi9vUTlYZzhqNXB0bE5LYlNxa01WdUFXdTFG RlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL29ROVhnOGo1cHRsTktiU3FrTVZ1QVd1MUZGWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NjVBQy9DQjc0RjhCRUUxRTAxMUVFQUY2RTFFNjhDNEY5QUUwMi9vUTlYZzhqNXB0 bE5LYlNxa01WdUFXdTFGRlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBNIT4OTrhUGCwo5ohOyW7zIgiH7Uok4PXv5Vc2QyL+zjLfgEpGq1hf bMdrmCpw7w4VhnqCeHvIuiAHOEWJEaZ+4Jcm0Dl8USSbGnakgG03LeHk5mRdks+B 6/ubMPBZxoLBCjWEKkFrU29geWWWNnOaUjIa/oo8vteub1VNc9TxI5etHl1PBRNV ihjwgqAfE6ZYpq7LoAy7G3MhC6Y+a6W3ThdL5VaWn5hQMmzjrrgMY7CblqH8RyNd j6JulbIlDecv7GN85doE4+p/nBaD56m/PlA3RqY+WQ10CYkvUrpyUV8bqMcNSqBT SgPi7DQ5oExQTICGqOLHVi29VFqR4Zew -----END CERTIFICATE-----Generated at Wed May 14 14:56:21 2025 by rpki-client