$ rpki-client -vvf rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft File: IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft (raw, json) Hash identifier: SP4ArFtJnNlklPxjOVVnQXy2Kjyae0EpKIEaQLiFzVc= Subject key identifier: 48:00:CF:BC:6B:78:40:24:EC:4F:B5:BF:05:70:63:26:A0:10:0E:0C Authority key identifier: 21:93:41:98:E8:33:10:61:D2:75:B8:CF:C7:94:58:D3:2F:AB:D6:C9 Certificate issuer: /CN=A91C53FD/serialNumber=21934198E8331061D275B8CFC79458D32FABD6C9 Certificate serial: CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft Manifest number: C8 Signing time: Thu 15 May 2025 05:04:54 +0000 Manifest this update: Thu 15 May 2025 05:04:54 +0000 Manifest next update: Thu 22 May 2025 05:04:54 +0000 Files and hashes: 1: IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl (hash: PrZkH+3RnZ2QelyT4Mm1P8TAIrtGWwb9lFW7oIemo9E=) 2: B15E8BECFF3211EEA8607454C4F9AE02.roa (hash: M9Q8RXEiuL/wyMNZhN9zbPG+N0QQluDkDpfmSIoYCRg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 05:04:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 202 (0xca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C53FD, serialNumber=21934198E8331061D275B8CFC79458D32FABD6C9 Validity Not Before: May 15 05:04:54 2025 GMT Not After : May 22 05:04:54 2025 GMT Subject: CN=682575f6-fc05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a0:22:07:17:57:02:8b:c6:ed:cf:0b:84:f4: 5f:90:af:53:f5:b4:e4:2b:ee:37:d5:95:34:3a:37: c6:fc:5d:46:13:38:97:c9:8a:26:ca:f9:0b:5e:a1: 8a:57:1e:02:7b:8f:78:6b:ed:51:a2:9c:69:73:56: 18:58:24:cb:af:d2:4a:28:6c:4d:00:31:34:d5:c1: d4:12:59:51:41:93:ab:45:3f:5d:be:fa:fa:c3:c7: 7a:7d:bb:dc:fa:d0:8d:2d:12:ed:7c:86:95:6e:1a: 5d:76:48:40:dd:d3:44:64:9e:21:42:50:91:d5:2b: 24:b8:e9:8f:7d:35:ad:d9:60:c5:cb:46:40:9d:b9: 2b:22:9b:78:cc:7d:c0:88:8b:c3:c9:12:56:c3:0f: 79:80:13:db:95:1c:ca:a2:25:5d:3a:b1:22:8e:ec: c5:6a:db:7e:99:f1:29:a8:78:d8:75:ba:3f:26:1c: ae:5a:50:01:1a:e2:96:0f:1e:ee:aa:04:78:35:9c: b4:8e:a5:d3:de:d1:f1:b6:a9:5e:4c:e8:dc:3d:75: 30:0e:53:3e:88:bd:2f:05:ba:86:f0:ba:e4:c9:78: 33:22:ac:c8:15:65:92:fb:89:85:34:18:cf:7c:65: 59:3d:4c:c9:59:11:e3:92:c8:0c:4c:a9:84:70:42: 61:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:00:CF:BC:6B:78:40:24:EC:4F:B5:BF:05:70:63:26:A0:10:0E:0C X509v3 Authority Key Identifier: keyid:21:93:41:98:E8:33:10:61:D2:75:B8:CF:C7:94:58:D3:2F:AB:D6:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:d0:f5:91:58:7c:f0:02:48:fe:3f:2f:63:5c:2a:97:7b:15: bc:e0:50:ce:34:9a:e5:7a:12:eb:2c:a9:8f:74:ec:a7:48:22: 94:39:9e:fb:02:b0:e8:03:6b:e4:d3:5b:fc:80:fe:1b:17:24: ff:28:7b:0f:7b:dc:a2:a8:25:aa:c1:2a:c4:49:d9:7c:9c:0b: d2:be:05:f8:f0:8a:d1:7c:e8:ca:44:66:81:c4:50:32:85:5a: 41:6d:38:f0:5e:3b:84:00:4c:73:6a:51:92:ce:61:82:b0:38: 9a:a5:c1:31:2d:cb:8d:03:03:e4:51:07:a3:dd:6c:03:8b:b6: 6c:80:4b:8e:47:64:fa:a9:71:3a:0f:23:a1:a2:01:24:33:a6: 24:9d:44:de:4e:83:da:80:92:79:13:d4:0d:0a:88:10:bd:df: 72:e1:15:94:32:61:47:e2:c3:81:f9:e4:42:9d:d0:a8:83:97: db:8a:9c:aa:96:0f:71:03:92:c6:aa:f7:1a:cd:28:ba:53:dd: 4b:e4:1a:9a:9b:57:91:18:e5:cc:b2:eb:3e:67:b9:0a:87:91: 3c:53:3f:07:66:ae:a0:40:de:9a:b2:2e:eb:3b:2c:5b:2c:d0: 52:3e:98:c8:76:c9:c8:57:39:94:85:16:7d:fd:c9:83:21:39: af:1d:8b:ca -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzUzRkQxMTAvBgNVBAUTKDIxOTM0MTk4RTgzMzEwNjFEMjc1QjhDRkM3OTQ1OEQz MkZBQkQ2QzkwHhcNMjUwNTE1MDUwNDU0WhcNMjUwNTIyMDUwNDU0WjAYMRYwFAYD VQQDEw02ODI1NzVmNi1mYzA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwaAiBxdXAovG7c8LhPRfkK9T9bTkK+431ZU0OjfG/F1GEziXyYomyvkLXqGK Vx4Ce494a+1Ropxpc1YYWCTLr9JKKGxNADE01cHUEllRQZOrRT9dvvr6w8d6fbvc +tCNLRLtfIaVbhpddkhA3dNEZJ4hQlCR1SskuOmPfTWt2WDFy0ZAnbkrIpt4zH3A iIvDyRJWww95gBPblRzKoiVdOrEijuzFatt+mfEpqHjYdbo/JhyuWlABGuKWDx7u qgR4NZy0jqXT3tHxtqleTOjcPXUwDlM+iL0vBbqG8LrkyXgzIqzIFWWS+4mFNBjP fGVZPUzJWRHjksgMTKmEcEJhdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEgAz7xr eEAk7E+1vwVwYyagEA4MMB8GA1UdIwQYMBaAFCGTQZjoMxBh0nW4z8eUWNMvq9bJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTNGRC82ODhFNTdFRUZG MzIxMUVFQTU1RDhFNTNDNEY5QUUwMi9JWk5CbU9nekVHSFNkYmpQeDVSWTB5LXIx c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0laTkJtT2d6RUdIU2RialB4NVJZMHktcjFzay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NTNGRC82ODhFNTdFRUZGMzIxMUVFQTU1RDhFNTNDNEY5QUUwMi9JWk5CbU9nekVH SFNkYmpQeDVSWTB5LXIxc2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAt0PWRWHzwAkj+Py9jXCqXexW84FDONJrlehLrLKmPdOynSCKUOZ77 ArDoA2vk01v8gP4bFyT/KHsPe9yiqCWqwSrESdl8nAvSvgX48IrRfOjKRGaBxFAy hVpBbTjwXjuEAExzalGSzmGCsDiapcExLcuNAwPkUQej3WwDi7ZsgEuOR2T6qXE6 DyOhogEkM6YknUTeToPagJJ5E9QNCogQvd9y4RWUMmFH4sOB+eRCndCog5fbipyq lg9xA5LGqvcazSi6U91L5Bqam1eRGOXMsus+Z7kKh5E8Uz8HZq6gQN6asi7rOyxb LNBSPpjIdsnIVzmUhRZ9/cmDITmvHYvK -----END CERTIFICATE-----Generated at Fri May 16 09:22:17 2025 by rpki-client