$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.mft File: MGSQ23RcleyGYUmf_IJkZnumf4o.mft (raw, json) Hash identifier: knUhAQPMtv1oDXTQDUvmnhLjCjsjLIRuck96jjuCcpo= Subject key identifier: 53:47:C2:02:8B:AA:10:CE:A3:85:EB:E6:7D:B0:CB:A5:20:6C:CB:61 Authority key identifier: 30:64:90:DB:74:5C:95:EC:86:61:49:9F:FC:82:64:66:7B:A6:7F:8A Certificate issuer: /CN=A91CE7A4/serialNumber=306490DB745C95EC8661499FFC8264667BA67F8A Certificate serial: 42 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGSQ23RcleyGYUmf_IJkZnumf4o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.mft Manifest number: 41 Signing time: Wed 07 May 2025 06:35:14 +0000 Manifest this update: Wed 07 May 2025 06:35:14 +0000 Manifest next update: Wed 14 May 2025 06:35:13 +0000 Files and hashes: 1: MGSQ23RcleyGYUmf_IJkZnumf4o.crl (hash: XjjPIulU/NFk+NRdYEMJdSKffl/oxucAY/+JMlvsebw=) 2: 19C407C0CC1011EFBC7E0050C4F9AE02.roa (hash: 0uD06YfXP8jJiypkQtgg/+0Dg/DOv6s8Gpjo5ybB4rE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.crl rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGSQ23RcleyGYUmf_IJkZnumf4o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 14 May 2025 06:35:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66 (0x42) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE7A4, serialNumber=306490DB745C95EC8661499FFC8264667BA67F8A Validity Not Before: May 7 06:35:14 2025 GMT Not After : May 14 06:35:13 2025 GMT Subject: CN=681aff22-ca34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:81:8f:ee:51:10:e2:5d:a7:ea:b4:0e:3d:62: 3f:cd:00:1c:3f:44:10:3a:53:e6:0b:d6:7c:fa:53: 28:a8:4b:24:d8:73:84:81:f1:7f:01:a3:f3:89:b9: 0e:9d:2f:94:88:17:35:26:6a:d2:f2:8f:90:05:61: 80:1b:2b:c1:a6:ba:b1:7f:19:81:31:00:9f:c8:ea: 3d:8c:26:30:81:7c:73:0d:4a:e4:d3:e9:0d:cd:47: b7:98:fd:ec:e8:db:06:35:d8:42:d6:e7:ae:9d:ef: e3:f4:59:e2:5c:cb:c1:51:7f:98:49:2d:7f:3a:1f: 3a:dd:99:2b:8a:6c:fa:61:62:47:b1:9b:54:9e:29: c0:7b:9f:f0:db:11:db:57:ff:0b:58:b6:ed:98:bd: 70:45:d8:a7:9a:74:a0:c7:cc:5c:0f:9a:8d:9f:c6: f3:61:2c:91:66:b8:6a:f5:52:d7:98:ac:18:ac:60: 1a:61:39:6e:67:5d:0a:c9:e1:63:85:a0:de:ac:49: a6:d1:84:2c:58:66:9d:9e:9f:06:f3:4e:45:fc:14: b7:1a:d1:76:9c:0b:c6:9d:aa:a9:75:cd:dc:fd:11: 92:fa:c0:b5:90:30:b1:18:2c:4b:97:7b:d8:19:a4: 06:de:0b:fa:f3:29:46:52:4d:81:2f:2a:fb:8b:b9: 93:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:47:C2:02:8B:AA:10:CE:A3:85:EB:E6:7D:B0:CB:A5:20:6C:CB:61 X509v3 Authority Key Identifier: keyid:30:64:90:DB:74:5C:95:EC:86:61:49:9F:FC:82:64:66:7B:A6:7F:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGSQ23RcleyGYUmf_IJkZnumf4o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:fc:a5:4a:93:0a:0a:d4:ee:fb:b2:55:bf:68:56:97:7b:6a: fa:31:bb:af:94:9b:c5:17:21:af:d3:43:a8:00:79:1e:08:0d: 4d:04:a0:73:d9:c7:7e:20:37:7f:31:a1:fb:58:f2:6a:59:ae: 8e:95:56:26:83:16:f1:fe:60:2a:52:0a:06:39:74:65:18:a2: 34:d5:eb:6a:6c:dd:ab:e2:9f:8a:ef:79:ae:69:9c:c7:6f:e9: 11:1f:68:48:f8:06:82:5e:22:1c:87:b2:4e:d6:19:c3:79:8e: fc:0d:8d:37:d8:2e:12:91:8d:27:f1:c0:51:3a:f0:0a:20:d5: c0:0c:83:7e:41:68:96:5f:03:dd:ba:a3:5e:b6:5f:fa:db:1b: 82:45:0d:ef:bc:a1:37:4b:85:ac:0b:57:8e:ae:a3:a6:14:9d: 8e:33:99:3a:69:8d:59:8f:ea:e6:83:91:a7:a9:60:7f:0a:20: e8:b2:f8:83:27:bd:b1:90:3b:89:f8:02:72:47:c1:9b:fe:95: 9a:b7:69:a5:09:93:76:de:a4:66:76:ef:de:a9:55:f6:57:83: 69:37:06:4e:a1:dd:41:06:02:05:4e:1c:6b:d3:d8:53:90:cc: 7a:4b:de:4d:1e:12:a0:38:cb:66:30:47:cd:94:ee:bd:14:8b: 73:8b:81:4e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RTdBNDExMC8GA1UEBRMoMzA2NDkwREI3NDVDOTVFQzg2NjE0OTlGRkM4MjY0NjY3 QkE2N0Y4QTAeFw0yNTA1MDcwNjM1MTRaFw0yNTA1MTQwNjM1MTNaMBgxFjAUBgNV BAMTDTY4MWFmZjIyLWNhMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCygY/uURDiXafqtA49Yj/NABw/RBA6U+YL1nz6UyioSyTYc4SB8X8Bo/OJuQ6d L5SIFzUmatLyj5AFYYAbK8GmurF/GYExAJ/I6j2MJjCBfHMNSuTT6Q3NR7eY/ezo 2wY12ELW566d7+P0WeJcy8FRf5hJLX86HzrdmSuKbPphYkexm1SeKcB7n/DbEdtX /wtYtu2YvXBF2KeadKDHzFwPmo2fxvNhLJFmuGr1UteYrBisYBphOW5nXQrJ4WOF oN6sSabRhCxYZp2enwbzTkX8FLca0XacC8adqql1zdz9EZL6wLWQMLEYLEuXe9gZ pAbeC/rzKUZSTYEvKvuLuZM7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUU0fCAouq EM6jhevmfbDLpSBsy2EwHwYDVR0jBBgwFoAUMGSQ23RcleyGYUmf/IJkZnumf4ow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFN0E0L0I4OTBERkQyQ0Mw RjExRUZBMjc4RkQ0Q0M0RjlBRTAyL01HU1EyM1JjbGV5R1lVbWZfSUprWm51bWY0 by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTUdTUTIzUmNsZXlHWVVtZl9JSmtabnVtZjRvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNF N0E0L0I4OTBERkQyQ0MwRjExRUZBMjc4RkQ0Q0M0RjlBRTAyL01HU1EyM1JjbGV5 R1lVbWZfSUprWm51bWY0by5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAv8pUqTCgrU7vuyVb9oVpd7avoxu6+Um8UXIa/TQ6gAeR4IDU0EoHPZ x34gN38xoftY8mpZro6VViaDFvH+YCpSCgY5dGUYojTV62ps3avin4rvea5pnMdv 6REfaEj4BoJeIhyHsk7WGcN5jvwNjTfYLhKRjSfxwFE68Aog1cAMg35BaJZfA926 o162X/rbG4JFDe+8oTdLhawLV46uo6YUnY4zmTppjVmP6uaDkaepYH8KIOiy+IMn vbGQO4n4AnJHwZv+lZq3aaUJk3bepGZ2796pVfZXg2k3Bk6h3UEGAgVOHGvT2FOQ zHpL3k0eEqA4y2YwR82U7r0Ui3OLgU4= -----END CERTIFICATE-----Generated at Thu May 8 17:13:35 2025 by rpki-client