$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.mft File: C33smHxhdR0-2h2_PnwipzoV3u0.mft (raw, json) Hash identifier: pDmYSj0CISSWKvU586WOBMPRxq6Ev0WcEOvVRVw1Qp4= Subject key identifier: E3:D9:16:85:FA:93:F7:9B:D9:D0:FE:E1:8B:42:EC:63:38:83:36:AA Authority key identifier: 0B:7D:EC:98:7C:61:75:1D:3E:DA:1D:BF:3E:7C:22:A7:3A:15:DE:ED Certificate issuer: /CN=A91C0E57/serialNumber=0B7DEC987C61751D3EDA1DBF3E7C22A73A15DEED Certificate serial: 04D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C33smHxhdR0-2h2_PnwipzoV3u0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.mft Manifest number: 04CC Signing time: Mon 12 May 2025 23:36:22 +0000 Manifest this update: Mon 12 May 2025 23:36:22 +0000 Manifest next update: Mon 19 May 2025 23:36:22 +0000 Files and hashes: 1: C33smHxhdR0-2h2_PnwipzoV3u0.crl (hash: lHEQjAwCqEJlMbJGSkQKlSUQO7m+pMsaGm2KPqc+pw8=) 2: 60A8F48A25D211ECB2CCF633C4F9AE02.roa (hash: +PbEWtYSfIT5V18KuiJqAnYLDPzBVBUjvZLUMUeffC4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.crl rsync://rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C33smHxhdR0-2h2_PnwipzoV3u0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 23:36:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1234 (0x4d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C0E57, serialNumber=0B7DEC987C61751D3EDA1DBF3E7C22A73A15DEED Validity Not Before: May 12 23:36:22 2025 GMT Not After : May 19 23:36:22 2025 GMT Subject: CN=682285f6-5620 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:3e:59:47:31:59:12:31:75:84:85:56:f4:df: 64:09:6d:68:32:3e:3d:36:8e:e6:55:9f:57:ad:e1: 02:68:1d:dd:49:ac:ac:8e:1b:d0:60:1d:11:40:ab: 47:68:2e:59:36:24:38:98:1f:41:ae:3a:88:4d:3d: df:1b:e9:0a:ac:9f:07:4d:ee:76:d9:7a:30:7d:38: f4:e7:d1:16:73:bc:fb:a4:35:79:35:3a:27:62:37: 27:b4:6c:19:56:b0:1d:73:a1:aa:04:18:a4:b4:13: d6:e2:81:f6:cf:49:89:64:ff:84:6c:4c:b2:4c:16: 84:f6:67:f8:b3:5c:6a:f4:90:86:d4:39:dd:ac:ce: 99:4d:72:0d:60:08:07:7d:72:42:50:76:d7:ae:ef: a1:c2:7c:51:7a:16:c5:eb:c2:18:33:37:aa:ff:f6: a5:5c:db:46:69:54:91:ab:59:1e:37:a8:b6:b7:8b: 2e:5b:ea:61:a7:16:27:ab:30:c4:78:06:a1:82:e5: 2e:24:05:e0:bb:da:ab:19:fa:4a:1c:e7:81:c0:de: c2:e2:38:e3:5a:4a:77:98:d3:47:24:a1:2e:1e:12: 76:a7:47:91:39:0d:da:b9:7f:fe:14:90:a1:1a:65: 78:ed:0f:e3:8a:91:3e:a6:4c:1e:78:56:6a:2c:d7: 1a:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:D9:16:85:FA:93:F7:9B:D9:D0:FE:E1:8B:42:EC:63:38:83:36:AA X509v3 Authority Key Identifier: keyid:0B:7D:EC:98:7C:61:75:1D:3E:DA:1D:BF:3E:7C:22:A7:3A:15:DE:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C33smHxhdR0-2h2_PnwipzoV3u0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:52:18:9d:fd:fa:a2:36:cd:57:86:d7:f0:3e:a4:51:53:6f: fa:0d:c7:eb:84:ac:e6:29:a7:94:4d:df:91:b5:21:f5:ec:8a: c4:8c:6a:70:ac:14:62:d0:c2:e0:ba:fe:6b:ce:36:bb:a5:20: 66:be:82:e9:15:90:cb:44:32:5a:c1:e3:4c:63:de:f2:a8:70: ff:72:04:0e:28:49:53:4d:ff:f3:55:e5:5f:a7:ef:70:6e:dd: 0c:31:4c:82:6e:64:fd:ac:a7:e5:87:f0:54:b8:c7:2f:97:61: ab:9e:36:ce:d8:a7:e2:5d:37:d1:4f:a3:cb:84:ee:d0:ae:b1: 3d:27:37:fe:19:1d:ee:23:98:09:4f:1a:94:e3:9d:0d:0d:1b: d8:ed:c5:04:dd:97:02:50:c0:a8:90:1d:03:8d:c4:a6:2b:c2: 42:cc:84:69:9e:dc:18:54:93:d4:fa:9e:1e:ec:3f:c0:6a:b6: 0c:71:16:30:9c:08:11:85:1f:71:69:76:e9:d6:47:a3:f2:39: 6e:6d:81:07:e0:a7:58:a9:7b:f2:b7:c1:b3:05:d3:87:ad:36: d6:21:4c:dd:bf:25:51:e3:0d:41:f5:70:38:4f:5e:c4:d5:e0: 1b:f2:67:c0:ae:44:00:3a:c0:3a:38:24:57:4a:d9:33:9e:52: 87:65:41:b4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBNIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzBFNTcxMTAvBgNVBAUTKDBCN0RFQzk4N0M2MTc1MUQzRURBMURCRjNFN0MyMkE3 M0ExNURFRUQwHhcNMjUwNTEyMjMzNjIyWhcNMjUwNTE5MjMzNjIyWjAYMRYwFAYD VQQDEw02ODIyODVmNi01NjIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzT5ZRzFZEjF1hIVW9N9kCW1oMj49No7mVZ9XreECaB3dSaysjhvQYB0RQKtH aC5ZNiQ4mB9BrjqITT3fG+kKrJ8HTe522XowfTj059EWc7z7pDV5NTonYjcntGwZ VrAdc6GqBBiktBPW4oH2z0mJZP+EbEyyTBaE9mf4s1xq9JCG1DndrM6ZTXINYAgH fXJCUHbXru+hwnxRehbF68IYMzeq//alXNtGaVSRq1keN6i2t4suW+phpxYnqzDE eAahguUuJAXgu9qrGfpKHOeBwN7C4jjjWkp3mNNHJKEuHhJ2p0eROQ3auX/+FJCh GmV47Q/jipE+pkweeFZqLNcaYwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOPZFoX6 k/eb2dD+4YtC7GM4gzaqMB8GA1UdIwQYMBaAFAt97Jh8YXUdPtodvz58Iqc6Fd7t MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEU1Ny9GQ0MxOEExNDIw NEUxMUVDQjEzRUUxN0FDNEY5QUUwMi9DMzNzbUh4aGRSMC0yaDJfUG53aXB6b1Yz dTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0MzM3NtSHhoZFIwLTJoMl9QbndpcHpvVjN1MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MEU1Ny9GQ0MxOEExNDIwNEUxMUVDQjEzRUUxN0FDNEY5QUUwMi9DMzNzbUh4aGRS MC0yaDJfUG53aXB6b1YzdTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKUhid/fqiNs1XhtfwPqRRU2/6DcfrhKzmKaeUTd+RtSH17IrEjGpw rBRi0MLguv5rzja7pSBmvoLpFZDLRDJaweNMY97yqHD/cgQOKElTTf/zVeVfp+9w bt0MMUyCbmT9rKflh/BUuMcvl2GrnjbO2KfiXTfRT6PLhO7QrrE9Jzf+GR3uI5gJ TxqU450NDRvY7cUE3ZcCUMCokB0DjcSmK8JCzIRpntwYVJPU+p4e7D/AarYMcRYw nAgRhR9xaXbp1kej8jlubYEH4KdYqXvyt8GzBdOHrTbWIUzdvyVR4w1B9XA4T17E 1eAb8mfArkQAOsA6OCRXStkznlKHZUG0 -----END CERTIFICATE-----Generated at Tue May 13 11:46:06 2025 by rpki-client