$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF1E7/1DBE1A3247B911EEAAD3DB4AC4F9AE02/iP8qX1-BdhNDU35LVLXmoW8gfqk.mft File: iP8qX1-BdhNDU35LVLXmoW8gfqk.mft (raw, json) Hash identifier: uXHoZxaONBNyJtLbJ8y997v11EDAUYFmXHlsnsEd8MA= Subject key identifier: EB:DC:B8:C2:04:CA:BB:28:08:96:00:66:C7:9C:0B:08:5F:53:56:0A Authority key identifier: 88:FF:2A:5F:5F:81:76:13:43:53:7E:4B:54:B5:E6:A1:6F:20:7E:A9 Certificate issuer: /CN=A91CF1E7/serialNumber=88FF2A5F5F81761343537E4B54B5E6A16F207EA9 Certificate serial: 013E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iP8qX1-BdhNDU35LVLXmoW8gfqk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CF1E7/1DBE1A3247B911EEAAD3DB4AC4F9AE02/iP8qX1-BdhNDU35LVLXmoW8gfqk.mft Manifest number: 013E Signing time: Tue 13 May 2025 03:33:57 +0000 Manifest this update: Tue 13 May 2025 03:33:57 +0000 Manifest next update: Tue 20 May 2025 03:33:57 +0000 Files and hashes: 1: iP8qX1-BdhNDU35LVLXmoW8gfqk.crl (hash: ZVjEVGsbKE4nY95z5yZKpMh0OjmGnipJtMUkXKBQTz4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CF1E7/1DBE1A3247B911EEAAD3DB4AC4F9AE02/iP8qX1-BdhNDU35LVLXmoW8gfqk.crl rsync://rpki.apnic.net/member_repository/A91CF1E7/1DBE1A3247B911EEAAD3DB4AC4F9AE02/iP8qX1-BdhNDU35LVLXmoW8gfqk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iP8qX1-BdhNDU35LVLXmoW8gfqk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 03:33:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 318 (0x13e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CF1E7, serialNumber=88FF2A5F5F81761343537E4B54B5E6A16F207EA9 Validity Not Before: May 13 03:33:57 2025 GMT Not After : May 20 03:33:57 2025 GMT Subject: CN=6822bda5-910b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:b4:2d:e6:18:b9:c0:f2:00:4f:c5:07:2e:9a: d5:40:01:6c:bf:62:0a:af:3e:b7:ed:64:55:83:11: a2:53:28:2f:55:06:bb:ab:92:fe:f4:c8:6a:32:fa: 4c:a4:f5:38:f4:c9:f7:49:b9:5c:4e:9d:d4:1b:f4: 3b:db:ac:e4:29:7b:16:68:68:b0:a3:f1:e3:22:11: 61:68:94:90:ed:0f:e0:62:05:23:74:8c:b1:e6:84: d8:03:5b:97:19:87:ec:87:40:51:54:b5:09:80:d3: 6c:e3:2c:7a:aa:c0:f3:48:20:ec:f7:2d:d6:f5:d0: 98:c8:38:ea:67:35:49:6e:1b:a1:55:19:ea:80:81: 82:e8:f5:03:73:c9:66:fb:50:f7:31:e9:f2:d6:b6: 37:04:4f:1f:6c:5b:43:6a:1f:32:3b:e1:76:17:ff: 45:f0:d1:95:fc:10:63:40:02:8f:47:69:a0:34:c5: 67:f5:4d:24:9a:81:09:2c:17:11:da:a7:e2:be:b1: c0:c6:f3:b4:65:49:83:f0:c1:5f:bb:4d:69:73:13: 49:03:c8:d2:48:42:3c:a2:3e:19:71:6b:96:df:e9: ac:03:41:ba:d7:7c:04:e8:ca:e2:88:f1:d8:86:cf: f9:71:2e:71:c6:16:b6:23:d8:25:86:f6:fa:9c:93: 23:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:DC:B8:C2:04:CA:BB:28:08:96:00:66:C7:9C:0B:08:5F:53:56:0A X509v3 Authority Key Identifier: keyid:88:FF:2A:5F:5F:81:76:13:43:53:7E:4B:54:B5:E6:A1:6F:20:7E:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CF1E7/1DBE1A3247B911EEAAD3DB4AC4F9AE02/iP8qX1-BdhNDU35LVLXmoW8gfqk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iP8qX1-BdhNDU35LVLXmoW8gfqk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF1E7/1DBE1A3247B911EEAAD3DB4AC4F9AE02/iP8qX1-BdhNDU35LVLXmoW8gfqk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c4:58:77:34:62:08:22:04:9a:85:d6:aa:20:ca:e2:8e:53:ee: 46:e4:32:d2:01:34:15:e1:60:76:7a:82:50:a1:1d:77:23:16: 2a:9e:97:32:0a:7e:ba:e4:dd:ba:a8:68:f5:bf:58:48:7f:36: 04:6a:ea:1c:ef:3e:b6:80:49:b2:a6:fb:a7:f7:db:5d:8d:8d: 42:bd:83:68:c8:42:4e:f2:28:fe:41:e2:3b:46:5e:fb:b7:83: 18:d4:43:f6:00:74:7a:03:42:6b:e5:ec:2f:bf:60:98:60:b5: 85:70:2c:28:d3:ba:c9:05:e0:34:dd:fb:66:83:0d:35:57:c8: 56:07:25:88:96:2a:0f:3e:2f:07:7a:6d:28:5b:8a:b6:5e:d2: 80:15:9b:b0:0f:7a:37:b0:e0:38:8a:1a:f6:d8:7f:98:90:1b: 16:ae:dd:84:a7:04:bc:64:ab:93:3b:6d:61:37:f0:e5:e0:1b: 89:ab:0d:28:12:15:27:ed:6e:0d:08:d6:a7:9a:98:93:9c:7b: 86:7f:fd:74:21:b8:96:06:3a:19:0a:c7:50:3e:75:b5:33:e9: 73:70:93:3c:78:76:e9:f9:83:12:8e:05:1b:bc:cc:3a:d7:c3: 59:fd:bb:38:a5:21:54:d5:05:43:7f:81:1b:3e:da:31:c4:c2: f7:21:31:bc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAT4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0YxRTcxMTAvBgNVBAUTKDg4RkYyQTVGNUY4MTc2MTM0MzUzN0U0QjU0QjVFNkEx NkYyMDdFQTkwHhcNMjUwNTEzMDMzMzU3WhcNMjUwNTIwMDMzMzU3WjAYMRYwFAYD VQQDEw02ODIyYmRhNS05MTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv7Qt5hi5wPIAT8UHLprVQAFsv2IKrz637WRVgxGiUygvVQa7q5L+9MhqMvpM pPU49Mn3SblcTp3UG/Q726zkKXsWaGiwo/HjIhFhaJSQ7Q/gYgUjdIyx5oTYA1uX GYfsh0BRVLUJgNNs4yx6qsDzSCDs9y3W9dCYyDjqZzVJbhuhVRnqgIGC6PUDc8lm +1D3Meny1rY3BE8fbFtDah8yO+F2F/9F8NGV/BBjQAKPR2mgNMVn9U0kmoEJLBcR 2qfivrHAxvO0ZUmD8MFfu01pcxNJA8jSSEI8oj4ZcWuW3+msA0G613wE6MriiPHY hs/5cS5xxha2I9glhvb6nJMjCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOvcuMIE yrsoCJYAZsecCwhfU1YKMB8GA1UdIwQYMBaAFIj/Kl9fgXYTQ1N+S1S15qFvIH6p MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjFFNy8xREJFMUEzMjQ3 QjkxMUVFQUFEM0RCNEFDNEY5QUUwMi9pUDhxWDEtQmRoTkRVMzVMVkxYbW9XOGdm cWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lQOHFYMS1CZGhORFUzNUxWTFhtb1c4Z2Zxay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RjFFNy8xREJFMUEzMjQ3QjkxMUVFQUFEM0RCNEFDNEY5QUUwMi9pUDhxWDEtQmRo TkRVMzVMVkxYbW9XOGdmcWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDEWHc0YggiBJqF1qogyuKOU+5G5DLSATQV4WB2eoJQoR13IxYqnpcy Cn665N26qGj1v1hIfzYEauoc7z62gEmypvun99tdjY1CvYNoyEJO8ij+QeI7Rl77 t4MY1EP2AHR6A0Jr5ewvv2CYYLWFcCwo07rJBeA03ftmgw01V8hWByWIlioPPi8H em0oW4q2XtKAFZuwD3o3sOA4ihr22H+YkBsWrt2EpwS8ZKuTO21hN/Dl4BuJqw0o EhUn7W4NCNanmpiTnHuGf/10IbiWBjoZCsdQPnW1M+lzcJM8eHbp+YMSjgUbvMw6 18NZ/bs4pSFU1QVDf4EbPtoxxML3ITG8 -----END CERTIFICATE-----Generated at Wed May 14 17:23:45 2025 by rpki-client