$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft File: MGcPYbflDgsLiOclHeh4TAPJ5GI.mft (raw, json) Hash identifier: Ou0OsgiFrUH+JNkLp+UVlvgm3F8APZmwNbbIBYRZQLQ= Subject key identifier: DF:31:ED:69:62:EC:58:19:04:E5:A5:F6:98:51:D4:6F:33:44:F0:04 Authority key identifier: 30:67:0F:61:B7:E5:0E:0B:0B:88:E7:25:1D:E8:78:4C:03:C9:E4:62 Certificate issuer: /CN=A91CE6EC/serialNumber=30670F61B7E50E0B0B88E7251DE8784C03C9E462 Certificate serial: B0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGcPYbflDgsLiOclHeh4TAPJ5GI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft Manifest number: AE Signing time: Sat 10 May 2025 15:41:09 +0000 Manifest this update: Sat 10 May 2025 15:41:08 +0000 Manifest next update: Sat 17 May 2025 15:41:08 +0000 Files and hashes: 1: MGcPYbflDgsLiOclHeh4TAPJ5GI.crl (hash: 0RG1zS4XnQrdRoA98ZAzh+R4eW8hmRj6lq5zl4KF3m4=) 2: 038610FC2D1E11EFA25C6D16C4F9AE02.roa (hash: nEx36xMYEspoRTHpBzsjyglWKve6HGzaUV9gJlWDtWQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.crl rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGcPYbflDgsLiOclHeh4TAPJ5GI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 15:41:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 176 (0xb0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE6EC, serialNumber=30670F61B7E50E0B0B88E7251DE8784C03C9E462 Validity Not Before: May 10 15:41:08 2025 GMT Not After : May 17 15:41:08 2025 GMT Subject: CN=681f7395-cc0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:a8:fb:07:f7:01:d0:db:b3:67:bd:5c:a5:d8: a1:f9:12:61:a9:3b:21:03:24:d0:c5:88:ea:cf:bf: b8:99:12:c8:08:12:30:95:73:a3:11:df:e7:23:9b: 06:aa:5f:52:d3:38:12:21:cf:fc:0f:93:e6:04:66: a8:0b:68:93:91:40:59:e8:44:22:3f:6c:45:80:9d: 68:75:37:25:ba:52:62:71:fd:a6:37:89:c6:1d:20: 80:08:ee:ea:f1:9f:27:57:ca:30:82:c4:f3:f1:10: 0f:3e:6f:7a:86:34:06:b6:9f:47:cf:32:16:7a:2e: 2d:b8:8c:c3:79:75:28:c0:d2:c1:75:b5:07:c1:72: 3a:93:6b:94:27:2f:16:b1:bd:53:b3:85:bd:1d:52: cb:19:4a:bc:8a:1c:80:c0:1c:d2:5a:fa:98:ab:7d: 8a:09:a8:e0:11:11:b7:da:07:bd:16:de:3a:8c:6a: 80:1e:a6:ff:b7:89:70:01:75:f0:b3:f5:3e:dd:18: 82:e2:07:0b:09:71:5d:66:ad:9b:05:bf:4c:0e:10: 93:b8:d9:ca:aa:92:c6:87:e6:da:17:12:aa:66:19: 10:69:e9:e5:50:9c:11:47:38:78:4b:0d:60:69:a0: 18:c9:19:01:3f:ba:9f:83:3e:9c:f3:8b:d3:9a:d9: 6e:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:31:ED:69:62:EC:58:19:04:E5:A5:F6:98:51:D4:6F:33:44:F0:04 X509v3 Authority Key Identifier: keyid:30:67:0F:61:B7:E5:0E:0B:0B:88:E7:25:1D:E8:78:4C:03:C9:E4:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGcPYbflDgsLiOclHeh4TAPJ5GI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/082A89F02A2911EF8895F11CC4F9AE02/MGcPYbflDgsLiOclHeh4TAPJ5GI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:a3:1a:76:50:9f:67:94:b8:56:4c:27:34:8b:cc:68:cb:fe: 10:f9:91:06:fb:0b:7b:4f:51:ee:95:5a:7e:5a:ca:73:43:ec: 5c:73:b8:46:ee:f4:86:26:46:1c:c1:b1:d5:1a:30:66:64:37: 39:f1:72:4d:63:e5:d2:94:b1:d5:0f:9a:bb:fe:84:e7:48:7b: eb:a9:6f:f6:31:71:7a:44:2e:20:5b:44:aa:c2:50:38:51:68: 06:bd:73:a8:2f:43:a2:53:e1:b6:f7:46:70:9c:af:32:e3:ad: 94:3b:52:7c:9c:5a:42:e7:e7:a7:10:33:14:a8:08:73:e2:0f: b5:cd:94:71:77:aa:fe:68:43:6f:35:8e:6a:a8:b0:da:6f:09: 03:61:70:4c:e2:5e:6e:00:04:73:a1:25:b4:d3:54:39:b1:13: 22:81:eb:f6:d8:a7:b1:10:f2:2b:b0:b0:e1:9d:81:6c:66:67: 69:f0:fd:c3:af:d1:2c:e8:9d:44:ca:6f:e8:bc:f3:e2:8e:17: f5:74:13:00:07:5f:23:f9:54:71:40:fc:92:c8:89:81:50:cc: 11:ea:7d:1a:62:95:89:5d:f7:a0:17:66:ce:9b:dc:94:d0:2c: 4b:43:f1:f6:0a:88:83:f7:d9:45:78:50:18:aa:d7:b2:1e:f5: 16:15:da:3b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U2RUMxMTAvBgNVBAUTKDMwNjcwRjYxQjdFNTBFMEIwQjg4RTcyNTFERTg3ODRD MDNDOUU0NjIwHhcNMjUwNTEwMTU0MTA4WhcNMjUwNTE3MTU0MTA4WjAYMRYwFAYD VQQDEw02ODFmNzM5NS1jYzBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4aj7B/cB0NuzZ71cpdih+RJhqTshAyTQxYjqz7+4mRLICBIwlXOjEd/nI5sG ql9S0zgSIc/8D5PmBGaoC2iTkUBZ6EQiP2xFgJ1odTclulJicf2mN4nGHSCACO7q 8Z8nV8owgsTz8RAPPm96hjQGtp9HzzIWei4tuIzDeXUowNLBdbUHwXI6k2uUJy8W sb1Ts4W9HVLLGUq8ihyAwBzSWvqYq32KCajgERG32ge9Ft46jGqAHqb/t4lwAXXw s/U+3RiC4gcLCXFdZq2bBb9MDhCTuNnKqpLGh+baFxKqZhkQaenlUJwRRzh4Sw1g aaAYyRkBP7qfgz6c84vTmtluAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN8x7Wli 7FgZBOWl9phR1G8zRPAEMB8GA1UdIwQYMBaAFDBnD2G35Q4LC4jnJR3oeEwDyeRi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTZFQy8wODJBODlGMDJB MjkxMUVGODg5NUYxMUNDNEY5QUUwMi9NR2NQWWJmbERnc0xpT2NsSGVoNFRBUEo1 R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL01HY1BZYmZsRGdzTGlPY2xIZWg0VEFQSjVHSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTZFQy8wODJBODlGMDJBMjkxMUVGODg5NUYxMUNDNEY5QUUwMi9NR2NQWWJmbERn c0xpT2NsSGVoNFRBUEo1R0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAtoxp2UJ9nlLhWTCc0i8xoy/4Q+ZEG+wt7T1HulVp+WspzQ+xcc7hG 7vSGJkYcwbHVGjBmZDc58XJNY+XSlLHVD5q7/oTnSHvrqW/2MXF6RC4gW0SqwlA4 UWgGvXOoL0OiU+G290ZwnK8y462UO1J8nFpC5+enEDMUqAhz4g+1zZRxd6r+aENv NY5qqLDabwkDYXBM4l5uAARzoSW001Q5sRMigev22KexEPIrsLDhnYFsZmdp8P3D r9Es6J1Eym/ovPPijhf1dBMAB18j+VRxQPySyImBUMwR6n0aYpWJXfegF2bOm9yU 0CxLQ/H2CoiD99lFeFAYqteyHvUWFdo7 -----END CERTIFICATE-----Generated at Sun May 11 15:22:34 2025 by rpki-client