$ rpki-client -vvf rpki.apnic.net/member_repository/A91C3174/B131F89CEECD11EC8CF4471EC4F9AE02/5CK_AmFA0gPv1r_eruJoqosEZtU.mft File: 5CK_AmFA0gPv1r_eruJoqosEZtU.mft (raw, json) Hash identifier: SMZakddqd/Kqydsb2rRZ7Xs+wByvlBzlPVO7aXXEZl0= Subject key identifier: 4C:0B:87:ED:E0:35:3D:2A:E4:B9:BC:BE:A4:B2:96:E4:B7:7E:09:BF Authority key identifier: E4:22:BF:02:61:40:D2:03:EF:D6:BF:DE:AE:E2:68:AA:8B:04:66:D5 Certificate issuer: /CN=A91C3174/serialNumber=E422BF026140D203EFD6BFDEAEE268AA8B0466D5 Certificate serial: 02C2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CK_AmFA0gPv1r_eruJoqosEZtU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C3174/B131F89CEECD11EC8CF4471EC4F9AE02/5CK_AmFA0gPv1r_eruJoqosEZtU.mft Manifest number: 02BE Signing time: Sun 11 May 2025 00:58:50 +0000 Manifest this update: Sun 11 May 2025 00:58:50 +0000 Manifest next update: Sun 18 May 2025 00:58:50 +0000 Files and hashes: 1: 5CK_AmFA0gPv1r_eruJoqosEZtU.crl (hash: B46WL10DatRemac9myPHLBpJDS37IluEJ8OrAGpULQA=) 2: 9A4B6146EED111EC9BDD4C49C4F9AE02.roa (hash: 5l/0i4Mj7CkFahUXGxLru5zWwX7qpr1hA77tgI5t7fk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C3174/B131F89CEECD11EC8CF4471EC4F9AE02/5CK_AmFA0gPv1r_eruJoqosEZtU.crl rsync://rpki.apnic.net/member_repository/A91C3174/B131F89CEECD11EC8CF4471EC4F9AE02/5CK_AmFA0gPv1r_eruJoqosEZtU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CK_AmFA0gPv1r_eruJoqosEZtU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 00:58:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 706 (0x2c2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C3174, serialNumber=E422BF026140D203EFD6BFDEAEE268AA8B0466D5 Validity Not Before: May 11 00:58:50 2025 GMT Not After : May 18 00:58:50 2025 GMT Subject: CN=681ff64a-2529 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:75:39:bf:66:97:fc:93:c9:ea:8e:05:1b:df: 35:40:75:dc:70:24:e9:77:7c:a5:7d:47:41:55:48: 0d:32:68:19:a8:9f:dd:25:43:c1:b6:b8:56:cd:e2: 0d:66:c8:96:8b:15:df:e9:54:e3:5d:fc:73:f6:8a: 5a:a8:53:73:31:c5:83:f7:ce:8b:30:91:ea:9e:89: 4b:71:4e:28:9e:07:e2:84:25:f9:b5:47:a3:b6:a2: e0:09:85:33:0d:62:5e:af:5e:e0:73:f1:b9:a1:62: a9:c8:ad:a5:b3:8d:f7:3b:5b:fc:b7:87:aa:5a:73: de:16:37:60:97:7e:6d:4b:91:2a:bf:41:cf:80:3c: 09:54:17:f3:7d:7e:6a:59:8c:b6:f5:ef:cf:96:08: 20:bc:e6:81:7e:af:a9:ed:d9:1a:0c:62:84:79:44: 90:fd:6a:0a:10:8b:e4:c1:c1:fb:6c:63:e8:be:4c: 31:ac:b4:3f:16:d1:f6:52:a6:4e:68:07:f5:89:2e: fb:8e:46:b2:e4:43:9f:ad:f3:b8:f2:72:0f:1d:c1: aa:2a:64:cd:be:d2:d6:88:69:3b:ed:8f:f3:32:85: e9:62:bd:ce:3b:88:aa:9d:1e:8b:77:96:cc:dd:0c: 28:4a:a8:59:24:91:3a:69:c8:4b:2d:0a:72:ed:fe: 0b:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:0B:87:ED:E0:35:3D:2A:E4:B9:BC:BE:A4:B2:96:E4:B7:7E:09:BF X509v3 Authority Key Identifier: keyid:E4:22:BF:02:61:40:D2:03:EF:D6:BF:DE:AE:E2:68:AA:8B:04:66:D5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C3174/B131F89CEECD11EC8CF4471EC4F9AE02/5CK_AmFA0gPv1r_eruJoqosEZtU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5CK_AmFA0gPv1r_eruJoqosEZtU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C3174/B131F89CEECD11EC8CF4471EC4F9AE02/5CK_AmFA0gPv1r_eruJoqosEZtU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:2f:d8:12:79:3c:d7:9e:37:b7:05:f1:fc:85:c8:a5:ab:7c: 89:8d:d2:52:18:52:a3:19:ff:3f:e7:38:8f:05:fa:5d:ab:a9: 37:0d:3c:5d:df:b3:fc:e1:ce:4c:1b:d0:8c:f0:9d:33:a2:25: 98:43:1c:ca:0a:02:c6:2f:f5:63:ec:27:7d:b4:62:5a:f1:a8: 1b:c7:1a:8d:20:82:9f:9c:15:ca:c3:9e:7e:e9:15:ff:ca:3e: e3:82:c2:70:c5:b6:40:31:51:8d:c2:08:56:79:b0:ff:36:60: 36:18:8b:20:89:62:85:2c:de:53:e8:40:84:e1:92:e7:f2:07: 35:fa:72:ec:4f:56:0e:01:79:34:68:e7:7b:de:f6:28:c7:1f: 86:43:18:56:00:07:2f:21:2e:54:d2:0d:49:94:c2:17:a1:a2: e3:31:ed:a8:b7:48:f3:c6:38:a3:c8:7f:2a:bf:c4:81:35:6a: 10:12:e5:11:b5:55:0d:c6:43:ca:c6:63:a5:8d:84:e8:81:81: 76:d6:b8:93:ad:87:13:52:6f:e5:8e:c0:fc:bf:1a:f1:68:22: 41:7a:3a:b6:c8:ca:da:e8:d1:6f:c9:f9:74:2d:2d:2b:eb:0c: a3:bb:5a:44:f3:ea:43:f4:30:0f:99:34:46:6c:2a:82:fb:68: 21:7b:60:d1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAsIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzMxNzQxMTAvBgNVBAUTKEU0MjJCRjAyNjE0MEQyMDNFRkQ2QkZERUFFRTI2OEFB OEIwNDY2RDUwHhcNMjUwNTExMDA1ODUwWhcNMjUwNTE4MDA1ODUwWjAYMRYwFAYD VQQDEw02ODFmZjY0YS0yNTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtXU5v2aX/JPJ6o4FG981QHXccCTpd3ylfUdBVUgNMmgZqJ/dJUPBtrhWzeIN ZsiWixXf6VTjXfxz9opaqFNzMcWD986LMJHqnolLcU4ongfihCX5tUejtqLgCYUz DWJer17gc/G5oWKpyK2ls433O1v8t4eqWnPeFjdgl35tS5Eqv0HPgDwJVBfzfX5q WYy29e/PlgggvOaBfq+p7dkaDGKEeUSQ/WoKEIvkwcH7bGPovkwxrLQ/FtH2UqZO aAf1iS77jkay5EOfrfO48nIPHcGqKmTNvtLWiGk77Y/zMoXpYr3OO4iqnR6Ld5bM 3QwoSqhZJJE6achLLQpy7f4L5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEwLh+3g NT0q5Lm8vqSyluS3fgm/MB8GA1UdIwQYMBaAFOQivwJhQNID79a/3q7iaKqLBGbV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMzE3NC9CMTMxRjg5Q0VF Q0QxMUVDOENGNDQ3MUVDNEY5QUUwMi81Q0tfQW1GQTBnUHYxcl9lcnVKb3Fvc0Va dFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVDS19BbUZBMGdQdjFyX2VydUpvcW9zRVp0VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MzE3NC9CMTMxRjg5Q0VFQ0QxMUVDOENGNDQ3MUVDNEY5QUUwMi81Q0tfQW1GQTBn UHYxcl9lcnVKb3Fvc0VadFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAKL9gSeTzXnje3BfH8hcilq3yJjdJSGFKjGf8/5ziPBfpdq6k3DTxd 37P84c5MG9CM8J0zoiWYQxzKCgLGL/Vj7Cd9tGJa8agbxxqNIIKfnBXKw55+6RX/ yj7jgsJwxbZAMVGNwghWebD/NmA2GIsgiWKFLN5T6ECE4ZLn8gc1+nLsT1YOAXk0 aOd73vYoxx+GQxhWAAcvIS5U0g1JlMIXoaLjMe2ot0jzxjijyH8qv8SBNWoQEuUR tVUNxkPKxmOljYTogYF21riTrYcTUm/ljsD8vxrxaCJBejq2yMra6NFvyfl0LS0r 6wyju1pE8+pD9DAPmTRGbCqC+2ghe2DR -----END CERTIFICATE-----Generated at Sun May 11 07:38:25 2025 by rpki-client