$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft File: 09eD7kxpu1Bj-1z1smKLx77DdIo.mft (raw, json) Hash identifier: mRM5s5Vc5BSJa0Ct3iXoHdYPdoueMXg3nDGcFyrjcO8= Subject key identifier: 3C:84:C6:24:1B:DB:B3:FC:2C:75:69:55:1C:A3:52:0B:E9:C1:E8:83 Authority key identifier: D3:D7:83:EE:4C:69:BB:50:63:FB:5C:F5:B2:62:8B:C7:BE:C3:74:8A Certificate issuer: /CN=A91B9A77/serialNumber=D3D783EE4C69BB5063FB5CF5B2628BC7BEC3748A Certificate serial: 78 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/09eD7kxpu1Bj-1z1smKLx77DdIo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft Manifest number: 78 Signing time: Tue 13 May 2025 01:27:04 +0000 Manifest this update: Tue 13 May 2025 01:27:03 +0000 Manifest next update: Tue 20 May 2025 01:27:03 +0000 Files and hashes: 1: 09eD7kxpu1Bj-1z1smKLx77DdIo.crl (hash: vMnO75us4YJkBLaZG0aFK18yCgXguS6sNV5J4tuL2us=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.crl rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/09eD7kxpu1Bj-1z1smKLx77DdIo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 01:27:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 120 (0x78) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9A77, serialNumber=D3D783EE4C69BB5063FB5CF5B2628BC7BEC3748A Validity Not Before: May 13 01:27:03 2025 GMT Not After : May 20 01:27:03 2025 GMT Subject: CN=68229fe8-d597 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b1:3b:24:ef:c3:84:6a:e9:61:df:69:19:90: b0:6e:d3:d7:88:28:c8:45:ae:e1:a0:37:13:81:eb: 0a:25:55:86:0e:d2:14:7a:22:b0:5d:4f:08:d5:5f: 5a:96:63:e0:5a:ba:b7:80:cf:53:96:46:b3:3b:97: be:f5:4b:1f:40:1f:5f:10:17:26:3b:27:f9:7f:0e: a6:d6:31:01:56:21:68:0b:88:26:b5:8c:d3:0d:ed: 94:57:a0:f2:74:ab:b3:79:75:b7:3c:56:40:d8:84: 67:d8:fe:d9:92:bf:e4:e4:d6:d0:a0:81:d4:0a:f2: 79:68:07:26:a0:f8:6a:40:0a:72:16:c2:f3:52:92: a9:67:8f:08:bd:c3:a6:3d:6a:a3:38:3b:fb:6b:90: 22:2b:f7:06:c4:51:c6:80:62:f1:33:dd:4d:95:d6: 47:13:cf:16:58:21:d4:6c:a7:05:f9:f8:a9:3b:5a: c1:0f:ac:a1:07:f9:b9:80:87:6e:13:17:cb:05:b2: 6f:d3:bd:4d:52:ad:8c:94:83:8e:fe:a2:ac:88:bc: ce:85:90:d9:17:2c:4e:ed:56:be:21:31:90:2c:d7: 12:1d:de:c9:64:32:b8:61:05:2c:3b:ec:18:d5:86: 20:9d:35:7d:8d:2e:56:99:30:b5:66:58:ee:86:2f: dd:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:84:C6:24:1B:DB:B3:FC:2C:75:69:55:1C:A3:52:0B:E9:C1:E8:83 X509v3 Authority Key Identifier: keyid:D3:D7:83:EE:4C:69:BB:50:63:FB:5C:F5:B2:62:8B:C7:BE:C3:74:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/09eD7kxpu1Bj-1z1smKLx77DdIo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9A77/AB8534407A3F11EFA1C0E016C4F9AE02/09eD7kxpu1Bj-1z1smKLx77DdIo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:fc:08:b5:7f:4f:bf:a2:f6:23:9a:e4:83:44:ec:a7:5d:95: ec:ad:58:a4:c4:f7:1e:b7:d7:e9:55:4a:a7:99:85:40:10:5d: f3:69:c8:73:0b:47:c5:61:50:bc:f4:b7:d5:e6:eb:18:8e:c0: a1:fd:c6:4f:43:19:fe:3a:fc:4d:68:57:dd:6a:48:06:15:a2: 6f:56:c5:03:e2:6e:1e:33:b4:5c:66:e2:31:1a:2a:96:39:c5: ec:4e:d9:69:ee:d7:dd:44:21:74:d9:47:ae:e8:10:d1:53:01: 19:d8:6f:5a:7e:61:3a:3e:2e:46:9c:35:05:da:a9:da:fe:62: 13:ae:4f:43:96:34:c4:7a:e7:aa:ae:2a:2d:78:17:7a:87:66: cd:b1:ca:4c:0a:7b:a8:39:84:d0:d2:30:1a:7f:f6:01:54:30: ef:5e:06:98:c0:75:82:49:6c:56:d7:eb:f1:65:5d:51:4b:c3: a4:3c:a2:1d:7b:fc:c0:3e:dd:f1:86:8d:8a:86:51:6a:f1:75: 1d:46:d8:14:f6:ca:e6:85:58:3a:fd:ba:5e:80:ed:3f:52:58: 22:33:15:6d:28:51:74:4b:06:b0:d4:09:67:d7:c2:41:17:53: 97:f7:a9:2b:59:f8:5f:54:d3:87:95:ed:6f:28:c1:45:60:be: 22:be:17:d8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBeDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC OUE3NzExMC8GA1UEBRMoRDNENzgzRUU0QzY5QkI1MDYzRkI1Q0Y1QjI2MjhCQzdC RUMzNzQ4QTAeFw0yNTA1MTMwMTI3MDNaFw0yNTA1MjAwMTI3MDNaMBgxFjAUBgNV BAMTDTY4MjI5ZmU4LWQ1OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC8sTsk78OEaulh32kZkLBu09eIKMhFruGgNxOB6wolVYYO0hR6IrBdTwjVX1qW Y+BaureAz1OWRrM7l771Sx9AH18QFyY7J/l/DqbWMQFWIWgLiCa1jNMN7ZRXoPJ0 q7N5dbc8VkDYhGfY/tmSv+Tk1tCggdQK8nloByag+GpACnIWwvNSkqlnjwi9w6Y9 aqM4O/trkCIr9wbEUcaAYvEz3U2V1kcTzxZYIdRspwX5+Kk7WsEPrKEH+bmAh24T F8sFsm/TvU1SrYyUg47+oqyIvM6FkNkXLE7tVr4hMZAs1xId3slkMrhhBSw77BjV hiCdNX2NLlaZMLVmWO6GL93rAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUPITGJBvb s/wsdWlVHKNSC+nB6IMwHwYDVR0jBBgwFoAU09eD7kxpu1Bj+1z1smKLx77DdIow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI5QTc3L0FCODUzNDQwN0Ez RjExRUZBMUMwRTAxNkM0RjlBRTAyLzA5ZUQ3a3hwdTFCai0xejFzbUtMeDc3RGRJ by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMDllRDdreHB1MUJqLTF6MXNtS0x4NzdEZElvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI5 QTc3L0FCODUzNDQwN0EzRjExRUZBMUMwRTAxNkM0RjlBRTAyLzA5ZUQ3a3hwdTFC ai0xejFzbUtMeDc3RGRJby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAC38CLV/T7+i9iOa5INE7KddleytWKTE9x631+lVSqeZhUAQXfNpyHML R8VhULz0t9Xm6xiOwKH9xk9DGf46/E1oV91qSAYVom9WxQPibh4ztFxm4jEaKpY5 xexO2Wnu191EIXTZR67oENFTARnYb1p+YTo+LkacNQXaqdr+YhOuT0OWNMR656qu Ki14F3qHZs2xykwKe6g5hNDSMBp/9gFUMO9eBpjAdYJJbFbX6/FlXVFLw6Q8oh17 /MA+3fGGjYqGUWrxdR1G2BT2yuaFWDr9ul6A7T9SWCIzFW0oUXRLBrDUCWfXwkEX U5f3qStZ+F9U04eV7W8owUVgviK+F9g= -----END CERTIFICATE-----Generated at Tue May 13 23:10:10 2025 by rpki-client