$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/mx6BiM5kOX6LQkHmdY1CnaD_LnA.mft File: mx6BiM5kOX6LQkHmdY1CnaD_LnA.mft (raw, json) Hash identifier: bZraISKT+mf2pIv9gf5FEKvLeteVTx5uYrNTMt+ZPQ0= Subject key identifier: C3:DA:81:0B:E0:65:87:88:D8:CF:1A:09:DC:49:34:86:2D:A4:49:AB Authority key identifier: 9B:1E:81:88:CE:64:39:7E:8B:42:41:E6:75:8D:42:9D:A0:FF:2E:70 Certificate issuer: /CN=A91CB21D/serialNumber=9B1E8188CE64397E8B4241E6758D429DA0FF2E70 Certificate serial: 01A9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mx6BiM5kOX6LQkHmdY1CnaD_LnA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/mx6BiM5kOX6LQkHmdY1CnaD_LnA.mft Manifest number: 01A5 Signing time: Sun 11 May 2025 02:13:19 +0000 Manifest this update: Sun 11 May 2025 02:13:18 +0000 Manifest next update: Sun 18 May 2025 02:13:18 +0000 Files and hashes: 1: mx6BiM5kOX6LQkHmdY1CnaD_LnA.crl (hash: E/wgIvfpZiPHxGTBaUp1enVAXGXcnbvt7aWwjalOdBk=) 2: 11F911FAA8D811ED90192E3CC4F9AE02.roa (hash: 1slDbS6OMsVzRicTRklA2Gp5/wmmSnjZBoyP9DPcUVQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/mx6BiM5kOX6LQkHmdY1CnaD_LnA.crl rsync://rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/mx6BiM5kOX6LQkHmdY1CnaD_LnA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mx6BiM5kOX6LQkHmdY1CnaD_LnA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 02:13:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 425 (0x1a9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB21D, serialNumber=9B1E8188CE64397E8B4241E6758D429DA0FF2E70 Validity Not Before: May 11 02:13:18 2025 GMT Not After : May 18 02:13:18 2025 GMT Subject: CN=682007bf-72ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:a2:2a:3b:62:48:76:5b:31:33:d2:d2:3c:e0: d5:85:2e:e1:87:92:4b:1e:1b:37:23:a8:b4:b0:3b: 9d:17:33:c6:10:49:d0:cd:a5:27:49:ec:0e:a0:cf: 60:85:e7:fd:45:92:f3:3c:6c:ec:b2:fb:a5:a6:27: 18:14:9b:8a:e6:04:f4:76:f9:28:b4:05:ee:a0:1d: 73:2c:0e:25:ab:8a:da:ba:9d:48:d4:d5:ec:fe:7c: 93:7b:26:88:63:dd:8e:06:6e:32:72:e7:70:d5:47: fd:fc:82:2b:bb:df:5f:d6:e1:e2:fd:13:7f:7d:59: 5a:63:74:04:6e:09:e6:0b:ec:b3:ad:ae:70:3d:ea: 22:01:53:ed:6a:b3:71:44:ae:39:e8:f7:49:a2:b3: 5e:af:82:fa:c0:58:e5:77:3d:bd:75:fd:e2:b6:3c: e3:0f:76:37:7e:1c:50:d1:09:74:7f:57:18:26:c5: 43:d2:ac:0c:f4:7a:5a:63:19:97:37:f5:8f:03:bd: ff:db:06:a0:4b:bb:9c:6d:d8:54:39:30:c8:bb:d4: 4c:05:e2:5f:01:09:a7:36:4c:4f:70:49:e7:2f:cc: 07:c7:8e:89:98:84:51:bc:34:6f:38:e7:b7:58:2c: 8a:76:aa:e0:22:8c:94:d6:76:dd:a4:ba:99:6d:db: 3c:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:DA:81:0B:E0:65:87:88:D8:CF:1A:09:DC:49:34:86:2D:A4:49:AB X509v3 Authority Key Identifier: keyid:9B:1E:81:88:CE:64:39:7E:8B:42:41:E6:75:8D:42:9D:A0:FF:2E:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/mx6BiM5kOX6LQkHmdY1CnaD_LnA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mx6BiM5kOX6LQkHmdY1CnaD_LnA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB21D/632CD3E6A7F611EDB9D60C43C4F9AE02/mx6BiM5kOX6LQkHmdY1CnaD_LnA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c4:2b:ae:f4:4f:39:42:bc:f0:b7:d8:da:65:88:af:27:3f:82: 1d:82:d3:fe:63:bd:f0:1d:eb:24:de:18:7d:be:ab:23:f6:01: 1a:2d:2a:9b:f3:02:f1:e7:21:78:81:31:f0:c2:90:f8:af:50: 5d:75:9c:9b:11:48:29:32:29:78:72:69:94:2a:ea:24:22:6b: d5:c3:35:d4:5e:6f:c5:4c:8b:fa:3c:1d:af:c6:79:2c:91:0c: 3e:ab:42:ea:7e:f2:c4:bf:bb:c1:6a:42:70:e1:46:5f:e8:ad: 20:9d:3e:bc:65:24:dc:be:e0:21:46:62:1a:80:09:af:12:15: a1:89:66:22:9f:11:fc:e8:10:46:39:4d:0f:2c:ba:2c:0a:e2: eb:d6:3f:ce:39:64:65:e5:09:fd:38:0a:36:67:13:41:e8:9f: f2:57:3f:50:0e:01:97:2c:5f:a5:39:6b:c4:60:5a:c9:97:af: 0c:f6:e0:23:c3:23:66:bb:47:4d:83:a9:c5:63:6a:a7:6b:85: 6e:a8:90:fb:ab:de:c7:ec:a0:36:6b:66:49:c4:10:e3:93:78: f1:63:78:29:19:0f:9d:46:0a:c7:91:7e:50:af:a8:5d:6c:6a: 44:41:87:3d:e0:c5:24:f0:b1:94:ed:04:a3:c7:43:05:4d:cf: 47:1a:a6:a3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAakwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0IyMUQxMTAvBgNVBAUTKDlCMUU4MTg4Q0U2NDM5N0U4QjQyNDFFNjc1OEQ0MjlE QTBGRjJFNzAwHhcNMjUwNTExMDIxMzE4WhcNMjUwNTE4MDIxMzE4WjAYMRYwFAYD VQQDEw02ODIwMDdiZi03MmJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3aIqO2JIdlsxM9LSPODVhS7hh5JLHhs3I6i0sDudFzPGEEnQzaUnSewOoM9g hef9RZLzPGzssvulpicYFJuK5gT0dvkotAXuoB1zLA4lq4raup1I1NXs/nyTeyaI Y92OBm4ycudw1Uf9/IIru99f1uHi/RN/fVlaY3QEbgnmC+yzra5wPeoiAVPtarNx RK456PdJorNer4L6wFjldz29df3itjzjD3Y3fhxQ0Ql0f1cYJsVD0qwM9HpaYxmX N/WPA73/2wagS7ucbdhUOTDIu9RMBeJfAQmnNkxPcEnnL8wHx46JmIRRvDRvOOe3 WCyKdqrgIoyU1nbdpLqZbds8cwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMPagQvg ZYeI2M8aCdxJNIYtpEmrMB8GA1UdIwQYMBaAFJsegYjOZDl+i0JB5nWNQp2g/y5w MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjIxRC82MzJDRDNFNkE3 RjYxMUVEQjlENjBDNDNDNEY5QUUwMi9teDZCaU01a09YNkxRa0htZFkxQ25hRF9M bkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL214NkJpTTVrT1g2TFFrSG1kWTFDbmFEX0xuQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QjIxRC82MzJDRDNFNkE3RjYxMUVEQjlENjBDNDNDNEY5QUUwMi9teDZCaU01a09Y NkxRa0htZFkxQ25hRF9MbkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDEK670TzlCvPC32NpliK8nP4IdgtP+Y73wHesk3hh9vqsj9gEaLSqb 8wLx5yF4gTHwwpD4r1BddZybEUgpMil4cmmUKuokImvVwzXUXm/FTIv6PB2vxnks kQw+q0LqfvLEv7vBakJw4UZf6K0gnT68ZSTcvuAhRmIagAmvEhWhiWYinxH86BBG OU0PLLosCuLr1j/OOWRl5Qn9OAo2ZxNB6J/yVz9QDgGXLF+lOWvEYFrJl68M9uAj wyNmu0dNg6nFY2qna4VuqJD7q97H7KA2a2ZJxBDjk3jxY3gpGQ+dRgrHkX5Qr6hd bGpEQYc94MUk8LGU7QSjx0MFTc9HGqaj -----END CERTIFICATE-----Generated at Sun May 11 23:01:34 2025 by rpki-client