$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0C73/215E5D3A365A11EDAD10BA7AC4F9AE02/45Npup3YgJmHsja0d6144Vx1qxw.mft File: 45Npup3YgJmHsja0d6144Vx1qxw.mft (raw, json) Hash identifier: 1ldqjgDFKkJRMopSplZhRGX/O5kN5KVueRiKSyTRyIA= Subject key identifier: 97:8B:8B:72:37:A0:D0:97:27:C7:A1:55:88:7E:6D:38:3A:E0:9E:12 Authority key identifier: E3:93:69:BA:9D:D8:80:99:87:B2:36:B4:77:AD:78:E1:5C:75:AB:1C Certificate issuer: /CN=A91C0C73/serialNumber=E39369BA9DD8809987B236B477AD78E15C75AB1C Certificate serial: 021B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45Npup3YgJmHsja0d6144Vx1qxw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C0C73/215E5D3A365A11EDAD10BA7AC4F9AE02/45Npup3YgJmHsja0d6144Vx1qxw.mft Manifest number: 0213 Signing time: Tue 13 May 2025 01:49:18 +0000 Manifest this update: Tue 13 May 2025 01:49:17 +0000 Manifest next update: Tue 20 May 2025 01:49:17 +0000 Files and hashes: 1: 45Npup3YgJmHsja0d6144Vx1qxw.crl (hash: 5wd0jvQ3gqZdBbBc06nQhW9r6qI1FEWv8WstP0Vw8UM=) 2: 3728DA229A8611EFA824F73BC4F9AE02.roa (hash: AAAVj2EMvSyDPVucy4o+cELW9sLjgfDByGDLTaDK5pQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C0C73/215E5D3A365A11EDAD10BA7AC4F9AE02/45Npup3YgJmHsja0d6144Vx1qxw.crl rsync://rpki.apnic.net/member_repository/A91C0C73/215E5D3A365A11EDAD10BA7AC4F9AE02/45Npup3YgJmHsja0d6144Vx1qxw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45Npup3YgJmHsja0d6144Vx1qxw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 01:49:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 539 (0x21b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C0C73, serialNumber=E39369BA9DD8809987B236B477AD78E15C75AB1C Validity Not Before: May 13 01:49:17 2025 GMT Not After : May 20 01:49:17 2025 GMT Subject: CN=6822a51d-53ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:4c:83:13:93:21:00:91:b5:09:b7:73:5e:2a: f9:01:b9:c8:b4:33:6d:79:be:97:9a:62:14:b2:36: 97:83:dd:08:31:15:57:1f:2e:52:dd:6e:b5:59:8e: 64:8b:60:26:22:86:08:2a:77:11:14:de:fe:c7:de: 5b:28:2f:4e:9c:93:b5:09:8f:76:87:3d:16:e0:6c: 61:12:0d:ae:ef:ff:6d:9e:e5:4d:3d:46:65:2e:7f: 52:f0:5e:ef:8f:b3:5c:49:bf:e0:30:3d:df:17:52: 2f:88:9d:a2:06:4a:37:b8:d7:2a:2e:11:e5:f1:ba: 0d:45:18:ab:c9:43:21:84:b9:e1:3e:c0:61:1a:ad: 39:07:84:f8:37:89:86:27:30:05:d4:ef:a2:12:45: 8d:51:d3:ba:fd:ea:90:1c:e2:1b:68:9b:64:5f:d1: 01:21:85:29:8f:a6:17:ed:08:4e:d1:e8:05:11:e4: 20:0a:83:f9:7a:83:4e:09:2a:6a:7e:fb:7f:5f:43: 0b:ef:ef:a7:8f:2e:14:e7:82:27:38:ce:6d:4e:8b: 46:8e:b6:c0:a3:12:f5:0d:b9:1a:cc:27:6e:92:56: 85:07:5a:69:07:86:b6:f6:64:26:f7:81:4a:49:b0: 69:aa:75:f0:4e:81:9d:74:37:8a:cf:46:01:08:9d: d5:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:8B:8B:72:37:A0:D0:97:27:C7:A1:55:88:7E:6D:38:3A:E0:9E:12 X509v3 Authority Key Identifier: keyid:E3:93:69:BA:9D:D8:80:99:87:B2:36:B4:77:AD:78:E1:5C:75:AB:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C0C73/215E5D3A365A11EDAD10BA7AC4F9AE02/45Npup3YgJmHsja0d6144Vx1qxw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/45Npup3YgJmHsja0d6144Vx1qxw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0C73/215E5D3A365A11EDAD10BA7AC4F9AE02/45Npup3YgJmHsja0d6144Vx1qxw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:cf:00:36:e1:51:fb:fd:0f:16:04:15:eb:d6:c9:4a:66:7e: 8c:c7:66:0b:24:73:dd:67:a7:b8:62:1b:08:18:0b:33:8b:c2: 87:be:5a:e3:09:15:66:e7:c0:88:08:62:44:ad:a9:ab:7e:9c: f8:6c:34:ff:18:65:a6:5e:ff:1d:8b:68:9b:96:54:da:45:4a: a5:8c:68:23:cd:cc:73:70:84:db:81:a9:c2:46:75:bd:22:e7: 1d:42:b8:52:ed:90:c8:80:58:c4:21:2f:ce:d8:6f:19:b7:ca: 89:47:43:89:9f:85:4d:26:4f:07:aa:16:85:65:6d:28:64:1e: 98:44:19:2a:42:a2:26:bc:28:98:13:96:ab:7f:07:fe:9e:18: 70:71:29:d1:4e:f0:52:6c:b6:fe:82:4e:0d:16:66:a7:1d:fd: d3:40:96:82:e7:56:e3:b3:f5:41:ee:a9:5b:7f:c4:5e:ba:f2: e4:bc:a2:bc:9a:da:a4:6c:c3:b0:09:73:cc:73:7f:69:98:02: 00:bb:48:2c:e3:fd:4e:c3:90:a7:f6:01:2b:6f:d9:94:1f:c4: 3c:0b:38:14:63:09:58:cf:47:37:50:06:c8:ab:73:ab:ce:7c: bc:36:ec:1e:3f:b8:ff:f5:86:67:3c:28:e6:56:ab:a4:26:a2: 66:42:28:ef -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAhswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzBDNzMxMTAvBgNVBAUTKEUzOTM2OUJBOUREODgwOTk4N0IyMzZCNDc3QUQ3OEUx NUM3NUFCMUMwHhcNMjUwNTEzMDE0OTE3WhcNMjUwNTIwMDE0OTE3WjAYMRYwFAYD VQQDEw02ODIyYTUxZC01M2FkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAukyDE5MhAJG1CbdzXir5AbnItDNteb6XmmIUsjaXg90IMRVXHy5S3W61WY5k i2AmIoYIKncRFN7+x95bKC9OnJO1CY92hz0W4GxhEg2u7/9tnuVNPUZlLn9S8F7v j7NcSb/gMD3fF1IviJ2iBko3uNcqLhHl8boNRRiryUMhhLnhPsBhGq05B4T4N4mG JzAF1O+iEkWNUdO6/eqQHOIbaJtkX9EBIYUpj6YX7QhO0egFEeQgCoP5eoNOCSpq fvt/X0ML7++njy4U54InOM5tTotGjrbAoxL1DbkazCduklaFB1ppB4a29mQm94FK SbBpqnXwToGddDeKz0YBCJ3VdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJeLi3I3 oNCXJ8ehVYh+bTg64J4SMB8GA1UdIwQYMBaAFOOTabqd2ICZh7I2tHeteOFcdasc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEM3My8yMTVFNUQzQTM2 NUExMUVEQUQxMEJBN0FDNEY5QUUwMi80NU5wdXAzWWdKbUhzamEwZDYxNDRWeDFx eHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzQ1TnB1cDNZZ0ptSHNqYTBkNjE0NFZ4MXF4dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MEM3My8yMTVFNUQzQTM2NUExMUVEQUQxMEJBN0FDNEY5QUUwMi80NU5wdXAzWWdK bUhzamEwZDYxNDRWeDFxeHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCzzwA24VH7/Q8WBBXr1slKZn6Mx2YLJHPdZ6e4YhsIGAszi8KHvlrj CRVm58CICGJEramrfpz4bDT/GGWmXv8di2ibllTaRUqljGgjzcxzcITbganCRnW9 IucdQrhS7ZDIgFjEIS/O2G8Zt8qJR0OJn4VNJk8HqhaFZW0oZB6YRBkqQqImvCiY E5arfwf+nhhwcSnRTvBSbLb+gk4NFmanHf3TQJaC51bjs/VB7qlbf8ReuvLkvKK8 mtqkbMOwCXPMc39pmAIAu0gs4/1Ow5Cn9gErb9mUH8Q8CzgUYwlYz0c3UAbIq3Or zny8NuweP7j/9YZnPCjmVqukJqJmQijv -----END CERTIFICATE-----Generated at Tue May 13 19:16:40 2025 by rpki-client