$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft File: ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft (raw, json) Hash identifier: WIQdTr0upx223btaO7oLfIzaiyUwpq+HMPdsmSb82a4= Subject key identifier: 56:D4:F4:2E:26:E8:68:FF:E8:C8:8A:36:C4:61:62:85:92:27:1F:49 Authority key identifier: 93:2E:C2:E6:E5:2B:5A:F6:C7:B0:3C:41:50:20:ED:E2:72:AA:A1:45 Certificate issuer: /CN=A91CEF3E/serialNumber=932EC2E6E52B5AF6C7B03C415020EDE272AAA145 Certificate serial: 0E7E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ky7C5uUrWvbHsDxBUCDt4nKqoUU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft Manifest number: 0E6D Signing time: Sat 10 May 2025 17:35:38 +0000 Manifest this update: Sat 10 May 2025 17:35:37 +0000 Manifest next update: Sat 17 May 2025 17:35:37 +0000 Files and hashes: 1: ky7C5uUrWvbHsDxBUCDt4nKqoUU.crl (hash: 5HiUANHk0TdC+BncE8+V0/mwT+Rrik7oMDtCh6/a7Ps=) 2: 5C154406988911E991B10838C4F9AE02.roa (hash: rlBKToBwc/S7CrTJwY8L3fa6c6H9ms0SKbG322SWU2g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.crl rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ky7C5uUrWvbHsDxBUCDt4nKqoUU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 17:35:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3710 (0xe7e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CEF3E, serialNumber=932EC2E6E52B5AF6C7B03C415020EDE272AAA145 Validity Not Before: May 10 17:35:37 2025 GMT Not After : May 17 17:35:37 2025 GMT Subject: CN=681f8e69-740b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:da:b9:18:3b:7f:85:74:b9:d6:65:75:3b:3e: 37:07:b4:05:c7:aa:78:e5:56:a5:be:51:8e:ae:46: 01:9c:8c:73:2d:11:31:65:67:50:33:2b:37:53:7d: df:a4:e6:4b:fd:4a:73:4e:ac:46:a2:75:1b:e8:31: d5:29:42:91:0e:ed:45:52:c8:93:fd:c1:c2:71:d2: 7b:01:20:38:8c:db:c9:24:9f:52:ab:f7:72:60:2e: 34:56:30:23:77:ba:34:ab:bd:6a:45:f3:52:11:4e: 51:fe:28:65:99:8a:e6:c6:c0:f3:95:4f:aa:0c:93: 4a:7e:14:59:1c:a7:13:15:d1:03:38:2e:d4:8f:bb: ea:f3:68:80:48:74:65:80:e5:92:fd:95:46:a6:9e: 33:f7:03:2b:5f:4b:8d:ac:83:ce:d6:04:5f:cc:ef: 59:23:9c:c0:ec:e8:26:03:97:32:97:bd:a4:3b:cb: 54:d8:b7:da:71:6e:c8:d9:bc:14:88:ed:a8:14:bc: bf:38:56:f7:d4:bc:db:fe:a6:6c:6b:37:38:96:55: 92:0f:b0:f6:33:f7:db:97:65:1a:70:f3:48:98:ed: d0:04:00:cb:19:b1:f8:90:37:f2:b5:62:8e:cf:44: 91:16:7a:0f:29:fd:b9:81:c4:5b:21:b4:81:27:fc: df:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:D4:F4:2E:26:E8:68:FF:E8:C8:8A:36:C4:61:62:85:92:27:1F:49 X509v3 Authority Key Identifier: keyid:93:2E:C2:E6:E5:2B:5A:F6:C7:B0:3C:41:50:20:ED:E2:72:AA:A1:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ky7C5uUrWvbHsDxBUCDt4nKqoUU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEF3E/CB74CF6E987B11E983ECCF13C4F9AE02/ky7C5uUrWvbHsDxBUCDt4nKqoUU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:c8:00:27:bb:f0:9c:d5:31:28:ca:3a:04:ba:d5:b2:ba:88: 74:9e:a4:90:f9:02:13:75:e5:b4:92:ac:57:b9:9f:ab:90:a1: 73:00:87:13:dd:37:91:b0:2f:d4:49:5c:f2:9b:37:ed:26:f5: 0f:c1:74:2a:72:18:a9:72:af:de:1d:b5:39:60:f4:11:3e:d2: 69:ac:51:46:5e:97:dd:c6:88:df:5e:9e:bd:ab:db:4d:91:ff: 26:8b:6c:7d:36:6d:3e:c4:d5:3d:1d:39:e4:27:91:4a:f6:2b: 69:5e:7a:25:15:be:64:66:ae:b2:0d:c3:89:5d:87:90:30:f5: 53:9a:d2:c8:74:be:ee:66:7c:09:66:4d:21:bf:3f:f2:d6:0b: 25:ff:2d:fd:72:dc:42:36:9d:1f:8d:0a:ff:32:24:8f:9a:8c: c6:f7:f3:01:76:6b:d9:1f:42:ae:2e:0e:67:43:f5:ba:d5:aa: 14:cd:0f:a8:30:73:1f:7c:7b:9c:72:ba:e7:cb:d5:15:ce:1f: 1a:a2:04:79:40:cb:93:0e:d4:3b:93:ad:f6:98:fa:aa:fa:af: 55:b5:28:bb:b5:61:97:a1:75:49:1b:c7:6c:e4:92:ad:58:70: 1a:b7:1a:2f:f0:11:3b:90:c3:fd:74:47:e1:1d:e6:3f:11:ee: c6:ed:52:d2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDn4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0VGM0UxMTAvBgNVBAUTKDkzMkVDMkU2RTUyQjVBRjZDN0IwM0M0MTUwMjBFREUy NzJBQUExNDUwHhcNMjUwNTEwMTczNTM3WhcNMjUwNTE3MTczNTM3WjAYMRYwFAYD VQQDEw02ODFmOGU2OS03NDBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0tq5GDt/hXS51mV1Oz43B7QFx6p45ValvlGOrkYBnIxzLRExZWdQMys3U33f pOZL/UpzTqxGonUb6DHVKUKRDu1FUsiT/cHCcdJ7ASA4jNvJJJ9Sq/dyYC40VjAj d7o0q71qRfNSEU5R/ihlmYrmxsDzlU+qDJNKfhRZHKcTFdEDOC7Uj7vq82iASHRl gOWS/ZVGpp4z9wMrX0uNrIPO1gRfzO9ZI5zA7OgmA5cyl72kO8tU2LfacW7I2bwU iO2oFLy/OFb31Lzb/qZsazc4llWSD7D2M/fbl2UacPNImO3QBADLGbH4kDfytWKO z0SRFnoPKf25gcRbIbSBJ/zf6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFbU9C4m 6Gj/6MiKNsRhYoWSJx9JMB8GA1UdIwQYMBaAFJMuwublK1r2x7A8QVAg7eJyqqFF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUYzRS9DQjc0Q0Y2RTk4 N0IxMUU5ODNFQ0NGMTNDNEY5QUUwMi9reTdDNXVVcld2YkhzRHhCVUNEdDRuS3Fv VVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2t5N0M1dVVyV3ZiSHNEeEJVQ0R0NG5LcW9VVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RUYzRS9DQjc0Q0Y2RTk4N0IxMUU5ODNFQ0NGMTNDNEY5QUUwMi9reTdDNXVVcld2 YkhzRHhCVUNEdDRuS3FvVVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQACyAAnu/Cc1TEoyjoEutWyuoh0nqSQ+QITdeW0kqxXuZ+rkKFzAIcT 3TeRsC/USVzymzftJvUPwXQqchipcq/eHbU5YPQRPtJprFFGXpfdxojfXp69q9tN kf8mi2x9Nm0+xNU9HTnkJ5FK9itpXnolFb5kZq6yDcOJXYeQMPVTmtLIdL7uZnwJ Zk0hvz/y1gsl/y39ctxCNp0fjQr/MiSPmozG9/MBdmvZH0KuLg5nQ/W61aoUzQ+o MHMffHuccrrny9UVzh8aogR5QMuTDtQ7k632mPqq+q9VtSi7tWGXoXVJG8ds5JKt WHAatxov8BE7kMP9dEfhHeY/Ee7G7VLS -----END CERTIFICATE-----Generated at Sun May 11 12:30:04 2025 by rpki-client