$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE216/AF57B6FCFE2811EAA7350158C4F9AE02/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.mft File: aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.mft (raw, json) Hash identifier: HNPAeOB7zj/dbPBgqUxcV9YTZuyunIffImQON+pZzLc= Subject key identifier: 9B:60:7E:C1:54:F9:87:E0:6F:DB:1B:CF:BF:93:BA:00:0F:09:29:51 Authority key identifier: 68:A4:FC:81:2D:01:91:36:3E:1C:4A:13:09:9F:53:B0:27:37:65:79 Certificate issuer: /CN=A91CE216/serialNumber=68A4FC812D0191363E1C4A13099F53B027376579 Certificate serial: 07AE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE216/AF57B6FCFE2811EAA7350158C4F9AE02/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.mft Manifest number: 07A9 Signing time: Sat 10 May 2025 20:52:58 +0000 Manifest this update: Sat 10 May 2025 20:52:57 +0000 Manifest next update: Sat 17 May 2025 20:52:57 +0000 Files and hashes: 1: aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.crl (hash: mdD2/dHUJLmef8zUui/8vywTukT4q+ZlLiqsH52tTMw=) 2: 7F2355F2FE2A11EA8A51B85AC4F9AE02.roa (hash: IA44NsOrK26vTiCAA24OiQTy1Evi9ojQ75K61lOkBEo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE216/AF57B6FCFE2811EAA7350158C4F9AE02/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.crl rsync://rpki.apnic.net/member_repository/A91CE216/AF57B6FCFE2811EAA7350158C4F9AE02/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 20:52:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1966 (0x7ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE216, serialNumber=68A4FC812D0191363E1C4A13099F53B027376579 Validity Not Before: May 10 20:52:57 2025 GMT Not After : May 17 20:52:57 2025 GMT Subject: CN=681fbca9-ba8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:b5:1f:73:0a:c9:bb:a5:6d:96:ac:d3:96:05: 39:0c:34:c8:1e:56:64:b9:f9:f4:c8:df:84:00:ac: de:f4:dc:60:ef:ca:32:c0:ee:cb:6a:8a:09:1f:bb: 56:42:d9:5f:e8:1e:81:e2:81:82:d6:d7:4b:74:da: c6:0e:b3:12:e6:a1:c2:f5:51:f6:b5:bd:5e:36:1d: 36:2d:38:a9:52:7c:60:d0:3e:11:02:a7:6a:93:f1: 81:91:83:81:5f:39:10:66:64:1b:1c:ee:0d:93:bd: 94:e1:c4:8c:b5:98:e8:cb:7b:48:39:cb:09:cd:60: 88:ce:22:cf:a2:72:a1:59:7d:28:72:3f:b8:7c:30: 87:fd:b5:8a:3f:c7:f1:82:ee:4a:6b:5b:52:73:9d: 81:49:0c:5b:aa:04:ee:27:f3:2f:bd:0b:37:21:70: 30:f1:06:5d:0b:99:89:2a:10:de:13:96:6a:67:bc: da:cc:45:a0:05:d4:38:df:30:3c:16:90:24:39:5b: e5:10:5e:47:ef:2e:92:e1:f9:5b:01:a0:57:9f:a1: fb:bb:0f:ef:14:79:ad:b1:dd:bc:f1:11:b3:bc:c7: 8a:1b:0b:6e:29:01:65:3c:77:f1:3c:90:3f:a4:f2: ee:e2:6e:c4:46:70:91:c2:df:49:ae:1d:d6:86:c6: c3:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:60:7E:C1:54:F9:87:E0:6F:DB:1B:CF:BF:93:BA:00:0F:09:29:51 X509v3 Authority Key Identifier: keyid:68:A4:FC:81:2D:01:91:36:3E:1C:4A:13:09:9F:53:B0:27:37:65:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE216/AF57B6FCFE2811EAA7350158C4F9AE02/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE216/AF57B6FCFE2811EAA7350158C4F9AE02/aKT8gS0BkTY-HEoTCZ9TsCc3ZXk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:1a:3e:61:d5:ab:6f:12:b8:82:b9:ad:53:81:de:a1:d7:40: b0:08:00:b8:2e:a0:49:6a:3b:b0:6a:66:22:4b:ec:15:e2:1b: 72:fa:5d:ed:16:65:d5:a2:2c:ab:b3:b6:c1:72:84:82:b1:36: 60:87:a0:73:a4:83:28:7c:b1:ac:96:54:44:79:1c:81:34:bb: 74:c5:84:b9:e4:ac:d3:cb:a0:27:a8:d6:4e:45:a8:f6:6e:76: 51:32:bc:a1:6a:5c:93:0c:dc:67:98:44:c6:dd:31:ed:a6:5a: 03:be:26:ce:15:60:a4:10:c8:38:32:18:5a:09:86:16:28:0e: 42:59:ad:fc:bc:18:2b:e3:75:fd:a8:31:1b:a6:fd:17:42:cd: 70:8e:1e:7c:73:6c:14:4d:d5:97:30:76:71:f8:0c:31:10:14: fd:c0:a2:b1:98:7c:fd:af:78:ab:24:a4:5d:d3:9f:31:5f:7e: 22:7c:d2:f4:b3:a4:e5:7f:9f:cb:93:a5:99:af:04:8e:0b:58: 1e:be:e7:25:95:7a:6f:33:be:04:3d:2c:1a:14:39:b8:08:8a: f2:d5:84:0e:36:c4:a1:63:80:5c:16:60:ae:d5:7a:60:98:f0: f7:ad:a6:24:7a:91:18:91:5d:21:56:93:13:1a:9e:42:de:ff: 14:a6:a2:c7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB64wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0UyMTYxMTAvBgNVBAUTKDY4QTRGQzgxMkQwMTkxMzYzRTFDNEExMzA5OUY1M0Iw MjczNzY1NzkwHhcNMjUwNTEwMjA1MjU3WhcNMjUwNTE3MjA1MjU3WjAYMRYwFAYD VQQDEw02ODFmYmNhOS1iYThkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5bUfcwrJu6VtlqzTlgU5DDTIHlZkufn0yN+EAKze9Nxg78oywO7LaooJH7tW Qtlf6B6B4oGC1tdLdNrGDrMS5qHC9VH2tb1eNh02LTipUnxg0D4RAqdqk/GBkYOB XzkQZmQbHO4Nk72U4cSMtZjoy3tIOcsJzWCIziLPonKhWX0ocj+4fDCH/bWKP8fx gu5Ka1tSc52BSQxbqgTuJ/MvvQs3IXAw8QZdC5mJKhDeE5ZqZ7zazEWgBdQ43zA8 FpAkOVvlEF5H7y6S4flbAaBXn6H7uw/vFHmtsd288RGzvMeKGwtuKQFlPHfxPJA/ pPLu4m7ERnCRwt9Jrh3WhsbDUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJtgfsFU +Yfgb9sbz7+TugAPCSlRMB8GA1UdIwQYMBaAFGik/IEtAZE2PhxKEwmfU7AnN2V5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTIxNi9BRjU3QjZGQ0ZF MjgxMUVBQTczNTAxNThDNEY5QUUwMi9hS1Q4Z1MwQmtUWS1IRW9UQ1o5VHNDYzNa WGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FLVDhnUzBCa1RZLUhFb1RDWjlUc0NjM1pYay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTIxNi9BRjU3QjZGQ0ZFMjgxMUVBQTczNTAxNThDNEY5QUUwMi9hS1Q4Z1MwQmtU WS1IRW9UQ1o5VHNDYzNaWGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBfGj5h1atvEriCua1Tgd6h10CwCAC4LqBJajuwamYiS+wV4hty+l3t FmXVoiyrs7bBcoSCsTZgh6BzpIMofLGsllREeRyBNLt0xYS55KzTy6AnqNZORaj2 bnZRMryhalyTDNxnmETG3THtploDvibOFWCkEMg4MhhaCYYWKA5CWa38vBgr43X9 qDEbpv0XQs1wjh58c2wUTdWXMHZx+AwxEBT9wKKxmHz9r3irJKRd058xX34ifNL0 s6Tlf5/Lk6WZrwSOC1gevucllXpvM74EPSwaFDm4CIry1YQONsShY4BcFmCu1Xpg mPD3raYkepEYkV0hVpMTGp5C3v8UpqLH -----END CERTIFICATE-----Generated at Mon May 12 07:22:42 2025 by rpki-client