$ rpki-client -vvf rpki.apnic.net/member_repository/A91B777C/62D03E8CB2DA11EB8B384A60C4F9AE02/sJELB8hrD_owClKsfDH8tSwFMtc.mft File: sJELB8hrD_owClKsfDH8tSwFMtc.mft (raw, json) Hash identifier: 3XvHhtoxnq/IlZfPVgk6r0pOt6i4ng5ZRnWB/prP0CU= Subject key identifier: 1B:8A:BB:52:3A:04:D7:F8:A7:D3:E7:FD:4E:DF:9B:9F:73:E2:B4:22 Authority key identifier: B0:91:0B:07:C8:6B:0F:FA:30:0A:52:AC:7C:31:FC:B5:2C:05:32:D7 Certificate issuer: /CN=A91B777C/serialNumber=B0910B07C86B0FFA300A52AC7C31FCB52C0532D7 Certificate serial: 05E7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sJELB8hrD_owClKsfDH8tSwFMtc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B777C/62D03E8CB2DA11EB8B384A60C4F9AE02/sJELB8hrD_owClKsfDH8tSwFMtc.mft Manifest number: 05E1 Signing time: Sat 10 May 2025 22:35:26 +0000 Manifest this update: Sat 10 May 2025 22:35:25 +0000 Manifest next update: Sat 17 May 2025 22:35:25 +0000 Files and hashes: 1: sJELB8hrD_owClKsfDH8tSwFMtc.crl (hash: GpDifcILngZy0yTj9GCCa6L/WjX4UoyJFibdA6NDj5k=) 2: 9095FC2CB2E811EBADBB3753C4F9AE02.roa (hash: h5dvfa3FRBYPtcjjdPkOqAVQA/qeLJ42SQi+kECAh1M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B777C/62D03E8CB2DA11EB8B384A60C4F9AE02/sJELB8hrD_owClKsfDH8tSwFMtc.crl rsync://rpki.apnic.net/member_repository/A91B777C/62D03E8CB2DA11EB8B384A60C4F9AE02/sJELB8hrD_owClKsfDH8tSwFMtc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sJELB8hrD_owClKsfDH8tSwFMtc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 22:35:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1511 (0x5e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B777C, serialNumber=B0910B07C86B0FFA300A52AC7C31FCB52C0532D7 Validity Not Before: May 10 22:35:25 2025 GMT Not After : May 17 22:35:25 2025 GMT Subject: CN=681fd4ad-dcad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:bf:f0:07:96:96:3d:8f:02:b9:07:49:0b:28: 57:31:6c:93:87:62:fc:3a:d9:9f:b7:54:b9:66:88: 9b:0d:d5:88:1b:b2:36:13:ff:ac:ed:41:3c:2b:3f: ee:a2:b8:bf:e9:b2:58:d0:5c:f5:d0:ba:d6:0e:e4: cc:b2:70:66:a1:ff:2a:23:9a:f5:9b:78:c3:f0:8e: 19:34:5d:04:10:48:c3:e1:8a:2a:3f:c3:d1:a9:0f: 2a:9c:40:52:fe:fd:7e:b3:fc:f6:4c:59:7d:72:4d: e6:1e:b9:12:7d:6a:cb:9d:44:07:a4:9b:ba:c5:23: 0d:26:92:8b:0f:ae:36:1a:49:09:93:b4:75:63:79: 7c:90:ad:f8:a7:01:07:9c:64:53:d6:a1:3a:f2:9b: 00:af:9c:55:43:ba:35:4c:3c:d7:57:a3:5f:db:38: a7:b6:44:03:43:0f:76:8c:b0:21:22:82:2b:00:4f: 88:9d:70:30:bf:ad:5e:32:3a:ea:a6:c9:db:dd:6f: 5e:2d:f0:c0:2c:c8:cc:37:33:5d:dd:da:d8:30:c3: 0b:f4:b5:b7:e7:70:26:4d:d8:a7:ab:e5:fc:1e:fd: d3:6a:00:81:35:52:55:cc:ed:e5:f1:3b:1f:42:2e: 69:7c:db:87:eb:fc:57:95:21:65:e5:f5:ea:17:36: 22:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:8A:BB:52:3A:04:D7:F8:A7:D3:E7:FD:4E:DF:9B:9F:73:E2:B4:22 X509v3 Authority Key Identifier: keyid:B0:91:0B:07:C8:6B:0F:FA:30:0A:52:AC:7C:31:FC:B5:2C:05:32:D7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B777C/62D03E8CB2DA11EB8B384A60C4F9AE02/sJELB8hrD_owClKsfDH8tSwFMtc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/sJELB8hrD_owClKsfDH8tSwFMtc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B777C/62D03E8CB2DA11EB8B384A60C4F9AE02/sJELB8hrD_owClKsfDH8tSwFMtc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:97:fc:c6:97:62:38:50:64:c0:2e:b5:85:22:cb:ed:21:f1: b5:b6:1b:13:47:d1:0e:a6:eb:87:9f:b3:6b:e3:d1:93:e9:ca: 3d:43:40:2f:ad:70:51:b5:7d:1a:9d:8a:75:be:be:f0:22:e2: 9f:ea:31:f8:0e:91:de:ab:42:aa:ee:c0:c8:a1:2d:62:33:99: 1b:4d:a0:99:8e:3d:82:38:e4:5e:11:31:c3:81:77:1e:02:cb: 5c:69:60:1f:14:a7:98:a3:49:bc:a2:39:70:3d:45:65:85:c6: 4d:ff:b1:c9:e0:65:5b:43:65:1f:61:f3:36:cc:70:15:a2:c4: 8c:3a:b3:a8:37:88:da:20:1e:e0:0d:46:f5:af:95:9b:57:5d: be:00:4c:fd:69:32:c4:83:7d:02:88:32:5e:6f:d1:28:1d:88: ef:22:ff:b1:3e:91:cf:c8:bb:97:06:a8:1c:ee:1c:7c:2f:60: 33:e5:40:56:95:25:ec:82:a3:4b:fa:b9:dc:e3:2f:a0:0a:25: d6:c9:46:79:9f:f4:d9:f2:67:bc:52:80:5c:de:89:66:b5:22: 17:74:b4:30:db:fd:08:a8:5d:06:32:a8:ce:ee:e1:cd:31:08: e4:ab:d0:ae:3e:bf:93:37:4d:81:1c:36:7f:a9:71:17:db:2e: a6:fb:78:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBecwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjc3N0MxMTAvBgNVBAUTKEIwOTEwQjA3Qzg2QjBGRkEzMDBBNTJBQzdDMzFGQ0I1 MkMwNTMyRDcwHhcNMjUwNTEwMjIzNTI1WhcNMjUwNTE3MjIzNTI1WjAYMRYwFAYD VQQDEw02ODFmZDRhZC1kY2FkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmL/wB5aWPY8CuQdJCyhXMWyTh2L8Otmft1S5ZoibDdWIG7I2E/+s7UE8Kz/u ori/6bJY0Fz10LrWDuTMsnBmof8qI5r1m3jD8I4ZNF0EEEjD4YoqP8PRqQ8qnEBS /v1+s/z2TFl9ck3mHrkSfWrLnUQHpJu6xSMNJpKLD642GkkJk7R1Y3l8kK34pwEH nGRT1qE68psAr5xVQ7o1TDzXV6Nf2zintkQDQw92jLAhIoIrAE+InXAwv61eMjrq psnb3W9eLfDALMjMNzNd3drYMMML9LW353AmTdinq+X8Hv3TagCBNVJVzO3l8Tsf Qi5pfNuH6/xXlSFl5fXqFzYi+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBuKu1I6 BNf4p9Pn/U7fm59z4rQiMB8GA1UdIwQYMBaAFLCRCwfIaw/6MApSrHwx/LUsBTLX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzc3Qy82MkQwM0U4Q0Iy REExMUVCOEIzODRBNjBDNEY5QUUwMi9zSkVMQjhockRfb3dDbEtzZkRIOHRTd0ZN dGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3NKRUxCOGhyRF9vd0NsS3NmREg4dFN3Rk10Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC Nzc3Qy82MkQwM0U4Q0IyREExMUVCOEIzODRBNjBDNEY5QUUwMi9zSkVMQjhockRf b3dDbEtzZkRIOHRTd0ZNdGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBxl/zGl2I4UGTALrWFIsvtIfG1thsTR9EOpuuHn7Nr49GT6co9Q0Av rXBRtX0anYp1vr7wIuKf6jH4DpHeq0Kq7sDIoS1iM5kbTaCZjj2COOReETHDgXce AstcaWAfFKeYo0m8ojlwPUVlhcZN/7HJ4GVbQ2UfYfM2zHAVosSMOrOoN4jaIB7g DUb1r5WbV12+AEz9aTLEg30CiDJeb9EoHYjvIv+xPpHPyLuXBqgc7hx8L2Az5UBW lSXsgqNL+rnc4y+gCiXWyUZ5n/TZ8me8UoBc3olmtSIXdLQw2/0IqF0GMqjO7uHN MQjkq9CuPr+TN02BHDZ/qXEX2y6m+3jE -----END CERTIFICATE-----Generated at Mon May 12 19:03:38 2025 by rpki-client