$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft File: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft (raw, json) Hash identifier: Uj/uAgo38AJ2UP6nmkXinLRUqUxu7KCn+HZ96+TTr5M= Subject key identifier: 9F:BC:21:D3:94:A6:81:04:F3:74:E9:85:29:00:94:FB:9F:63:FD:D9 Authority key identifier: 8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E Certificate issuer: /CN=A91D4413/serialNumber=8AA8786526852346839372631DFB09984BC3005E Certificate serial: 0A87 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft Manifest number: 2B34 Signing time: Mon 12 May 2025 15:55:12 +0000 Manifest this update: Mon 12 May 2025 15:55:11 +0000 Manifest next update: Mon 19 May 2025 15:55:11 +0000 Files and hashes: 1: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl (hash: c9S+DJte7jRqn1uX48MOKLQSTPu+U53Z4KgoO6eyaBg=) 2: DD7FC172E17D11EFAC0A7E29C4F9AE02.roa (hash: iuR0hKy1te9ReiQAcpbPM6UF6bcHMIJQ871N78hvW5A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 15:55:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2695 (0xa87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4413, serialNumber=8AA8786526852346839372631DFB09984BC3005E Validity Not Before: May 12 15:55:11 2025 GMT Not After : May 19 15:55:11 2025 GMT Subject: CN=682219e0-cbe2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:68:9e:e3:18:70:94:78:0e:b2:cb:59:35:f6: 72:c3:3b:3d:7f:ea:5e:21:0b:fc:1a:16:44:b4:d8: 2c:dc:2b:13:f5:1b:5d:35:2c:61:93:fd:e0:0d:b4: 68:48:1d:ca:ea:7c:fc:f0:0b:c9:67:ae:25:79:99: c4:22:bd:04:23:50:45:8f:62:c0:c5:d1:2e:ce:fe: 94:58:6a:69:f6:47:b9:54:33:b9:db:c3:87:ef:6e: c1:42:d7:50:d7:31:13:75:52:c0:96:29:22:bf:5e: 33:be:a8:48:b5:6a:c5:c2:f9:20:bc:7d:6d:b5:73: a0:ca:27:ab:1e:a3:99:76:81:82:7e:14:e6:7b:74: c1:54:63:a3:c5:33:7b:26:ad:65:51:b6:95:5b:35: f4:c8:7f:42:03:e7:0d:ae:1c:a7:7b:d6:ed:13:0b: dd:d4:54:c3:93:82:af:99:ea:df:58:5c:65:48:a6: a2:97:72:41:ff:08:ec:30:ed:ff:75:a7:bc:2a:a8: 03:be:03:ba:bd:e5:dd:ad:56:2c:9c:9e:e5:0f:ce: c7:ea:3e:f1:98:28:56:c7:0e:dc:7e:16:62:4e:16: 88:3b:5e:5b:59:e4:48:44:c5:1d:d1:d1:b4:c4:48: 89:7e:66:fc:63:ed:b0:6b:cd:9c:11:03:76:02:08: 86:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:BC:21:D3:94:A6:81:04:F3:74:E9:85:29:00:94:FB:9F:63:FD:D9 X509v3 Authority Key Identifier: keyid:8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:bf:2e:55:f4:5f:c7:93:27:50:9f:35:b6:8f:ae:36:02:0d: 63:e6:6c:11:48:02:f7:04:83:7a:f6:b9:07:a2:87:1e:1c:f8: af:bd:ef:19:87:d4:c2:63:9e:e5:c1:35:be:55:ef:77:ea:4e: ce:ff:ed:ac:8a:66:e2:32:df:6c:9f:35:91:d5:dd:7f:22:f5: 02:f0:58:ab:a3:fe:22:6f:1a:5d:88:7f:ee:57:6d:8c:ac:5d: 97:a7:5c:fc:0e:30:a1:2b:37:08:67:a9:e5:d3:30:17:5d:1a: 6f:11:ee:86:c1:e3:04:25:7e:d4:b9:51:c0:ea:18:77:fa:ad: 60:88:02:f4:2c:19:24:52:65:2f:ae:7c:0a:cc:b0:99:d7:58: b6:84:34:4a:71:5a:40:be:99:05:8f:96:1b:9f:a3:26:6d:0f: b9:a2:b0:a9:a4:01:6a:be:bb:15:a1:31:17:1a:76:f3:e9:51: fd:21:c9:0d:dd:48:3a:a4:56:ad:c4:b8:ca:1b:4b:38:ec:dc: 30:77:90:b2:ea:05:74:ca:f6:71:68:aa:c5:d8:8d:a1:37:c0: b7:c5:2f:8f:e5:28:cf:0f:1a:35:5c:23:5f:0a:3b:f6:87:1b: f9:61:0b:d4:e4:d4:2a:ed:d8:55:80:50:b3:15:82:73:23:ae: e0:5b:37:d6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCocwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ0MTMxMTAvBgNVBAUTKDhBQTg3ODY1MjY4NTIzNDY4MzkzNzI2MzFERkIwOTk4 NEJDMzAwNUUwHhcNMjUwNTEyMTU1NTExWhcNMjUwNTE5MTU1NTExWjAYMRYwFAYD VQQDEw02ODIyMTllMC1jYmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA02ie4xhwlHgOsstZNfZywzs9f+peIQv8GhZEtNgs3CsT9RtdNSxhk/3gDbRo SB3K6nz88AvJZ64leZnEIr0EI1BFj2LAxdEuzv6UWGpp9ke5VDO528OH727BQtdQ 1zETdVLAlikiv14zvqhItWrFwvkgvH1ttXOgyierHqOZdoGCfhTme3TBVGOjxTN7 Jq1lUbaVWzX0yH9CA+cNrhyne9btEwvd1FTDk4KvmerfWFxlSKail3JB/wjsMO3/ dae8KqgDvgO6veXdrVYsnJ7lD87H6j7xmChWxw7cfhZiThaIO15bWeRIRMUd0dG0 xEiJfmb8Y+2wa82cEQN2AgiGlwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ+8IdOU poEE83TphSkAlPufY/3ZMB8GA1UdIwQYMBaAFIqoeGUmhSNGg5NyYx37CZhLwwBe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDQxMy8wODE2RTc1NEZG QjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkwYURrM0pqSGZzSm1FdkRB RjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lxaDRaU2FGSTBhRGszSmpIZnNKbUV2REFGNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDQxMy8wODE2RTc1NEZGQjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkw YURrM0pqSGZzSm1FdkRBRjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAAvy5V9F/HkydQnzW2j642Ag1j5mwRSAL3BIN69rkHooceHPivve8Z h9TCY57lwTW+Ve936k7O/+2simbiMt9snzWR1d1/IvUC8Firo/4ibxpdiH/uV22M rF2Xp1z8DjChKzcIZ6nl0zAXXRpvEe6GweMEJX7UuVHA6hh3+q1giAL0LBkkUmUv rnwKzLCZ11i2hDRKcVpAvpkFj5Ybn6MmbQ+5orCppAFqvrsVoTEXGnbz6VH9IckN 3Ug6pFatxLjKG0s47Nwwd5Cy6gV0yvZxaKrF2I2hN8C3xS+P5SjPDxo1XCNfCjv2 hxv5YQvU5NQq7dhVgFCzFYJzI67gWzfW -----END CERTIFICATE-----Generated at Wed May 14 10:39:55 2025 by rpki-client