$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft File: 2QDd8konYiv5ZDdX7byv-u4yHDc.mft (raw, json) Hash identifier: +1Mf+5xcm4LvM+78mVVmkvsZWHtK+BPHMTrP0ARGcyw= Subject key identifier: A9:E5:52:E7:83:AB:3F:41:49:7F:89:CB:A8:40:BE:03:8D:03:59:5A Authority key identifier: D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37 Certificate issuer: /CN=A91C7773/serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37 Certificate serial: 0E59 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft Manifest number: 0E40 Signing time: Mon 12 May 2025 17:41:15 +0000 Manifest this update: Mon 12 May 2025 17:41:14 +0000 Manifest next update: Mon 19 May 2025 17:41:14 +0000 Files and hashes: 1: 2QDd8konYiv5ZDdX7byv-u4yHDc.crl (hash: 9kDifwtZyivX7SwNTFoJ/clpukJaI/h4Wu2+fX9xzvU=) 2: A47D2EC84C1E11EEBA8CDB4BC4F9AE02.roa (hash: xJh5HRbn741snUCbMX+RHgdNum29ocH1QT8bD3kB9Uw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 17:41:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3673 (0xe59) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7773, serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37 Validity Not Before: May 12 17:41:14 2025 GMT Not After : May 19 17:41:14 2025 GMT Subject: CN=682232bb-af35 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:32:1b:f8:0e:88:23:e7:64:96:40:3c:ed:b1: 60:b2:0e:3b:e6:08:e4:a5:2c:04:4f:9a:08:33:5c: a1:99:91:f5:22:e5:8e:16:29:24:9f:64:e5:c3:9e: eb:7e:38:e2:bf:c1:00:53:f7:ca:e5:24:50:d6:d4: cd:0e:23:b0:00:ab:db:ec:0b:0e:d7:ec:68:79:10: b4:c5:2b:cf:0b:96:ad:69:ee:fc:a5:22:b2:50:0d: a8:3b:04:77:0a:89:1d:f2:87:6f:38:bc:c9:77:f4: a5:b2:72:54:d3:75:01:b5:39:f4:ab:17:b0:91:b9: 05:4d:c9:d9:ff:3d:60:fa:a3:dc:cd:19:43:8f:53: a3:8a:89:3c:ab:3e:a6:bd:0c:34:71:11:3b:9b:ed: 9b:82:54:60:c7:65:a7:6b:bb:ed:86:90:24:5b:fd: 89:a4:aa:9f:c9:a8:b8:f2:10:71:78:f7:0a:c0:e1: 84:71:e3:98:a2:17:ba:bf:8d:f4:67:24:42:55:57: df:b7:7f:bc:7b:31:bd:89:6e:50:fd:19:ae:f9:bd: 9c:e2:81:5d:bd:e7:9e:d3:79:28:3d:2a:bd:70:ab: 7c:de:1f:05:be:92:58:c4:d4:c3:6c:a2:7a:61:2b: 25:80:2c:a2:b6:62:d6:20:97:89:35:2a:b2:2d:48: a4:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:E5:52:E7:83:AB:3F:41:49:7F:89:CB:A8:40:BE:03:8D:03:59:5A X509v3 Authority Key Identifier: keyid:D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:a7:c5:35:93:ad:6e:d5:3a:9e:b9:5f:3c:a4:c2:1a:d6:38: 86:97:3e:eb:89:fd:01:72:06:c1:81:02:3e:fb:f2:57:f8:b4: 69:f2:0f:fb:e6:96:4b:f6:d6:17:88:65:92:ed:2c:22:ed:bb: e8:d6:3e:7d:82:7e:7a:21:7f:7a:14:cb:97:33:b7:a3:a2:4a: 94:15:a0:01:c1:c6:5f:b8:2c:08:2d:58:fe:56:ff:8c:88:19: 43:2a:17:f7:41:4d:d3:25:58:f3:23:ad:c7:40:95:a6:42:89: 91:b4:35:29:40:49:d9:ae:4f:04:cb:9d:fe:4b:7a:57:b8:e6: 55:07:bb:44:8b:a7:67:5a:a7:9a:18:5c:58:8f:1e:e9:ef:f2: 26:b2:93:19:18:0e:59:78:d5:e6:cd:65:7c:4e:7b:70:5e:12: 9c:46:a3:5d:c8:24:45:36:5f:5c:01:2c:f2:cb:8f:aa:29:1e: e3:d9:af:ba:0e:00:6a:12:5e:d5:f4:7e:2d:ff:f6:24:19:21: e5:6f:45:cf:4b:10:36:4e:98:e4:63:62:a6:01:7e:73:b3:5d: 03:7e:66:d9:c6:ee:43:4a:0a:4b:48:f2:f4:1c:f4:8d:39:33: 7e:20:6d:8a:f2:3a:0c:8f:fd:08:86:2c:5e:8a:ae:66:a0:6e: bb:1a:28:d1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDlkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzc3NzMxMTAvBgNVBAUTKEQ5MDBEREYyNEEyNzYyMkJGOTY0Mzc1N0VEQkNBRkZB RUUzMjFDMzcwHhcNMjUwNTEyMTc0MTE0WhcNMjUwNTE5MTc0MTE0WjAYMRYwFAYD VQQDEw02ODIyMzJiYi1hZjM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxzIb+A6II+dklkA87bFgsg475gjkpSwET5oIM1yhmZH1IuWOFikkn2Tlw57r fjjiv8EAU/fK5SRQ1tTNDiOwAKvb7AsO1+xoeRC0xSvPC5atae78pSKyUA2oOwR3 Cokd8odvOLzJd/SlsnJU03UBtTn0qxewkbkFTcnZ/z1g+qPczRlDj1Ojiok8qz6m vQw0cRE7m+2bglRgx2Wna7vthpAkW/2JpKqfyai48hBxePcKwOGEceOYohe6v430 ZyRCVVfft3+8ezG9iW5Q/Rmu+b2c4oFdveee03koPSq9cKt83h8FvpJYxNTDbKJ6 YSslgCyitmLWIJeJNSqyLUikAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKnlUueD qz9BSX+Jy6hAvgONA1laMB8GA1UdIwQYMBaAFNkA3fJKJ2Ir+WQ3V+28r/ruMhw3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzc3My9BRDMyMjM3Q0Ey RTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllpdjVaRGRYN2J5di11NHlI RGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJRRGQ4a29uWWl2NVpEZFg3Ynl2LXU0eUhEYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD Nzc3My9BRDMyMjM3Q0EyRTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllp djVaRGRYN2J5di11NHlIRGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAKp8U1k61u1TqeuV88pMIa1jiGlz7rif0BcgbBgQI++/JX+LRp8g/7 5pZL9tYXiGWS7Swi7bvo1j59gn56IX96FMuXM7ejokqUFaABwcZfuCwILVj+Vv+M iBlDKhf3QU3TJVjzI63HQJWmQomRtDUpQEnZrk8Ey53+S3pXuOZVB7tEi6dnWqea GFxYjx7p7/ImspMZGA5ZeNXmzWV8TntwXhKcRqNdyCRFNl9cASzyy4+qKR7j2a+6 DgBqEl7V9H4t//YkGSHlb0XPSxA2TpjkY2KmAX5zs10DfmbZxu5DSgpLSPL0HPSN OTN+IG2K8joMj/0Ihixeiq5moG67GijR -----END CERTIFICATE-----Generated at Wed May 14 11:40:38 2025 by rpki-client