$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8400/F681BBA4781111ECA397D034C4F9AE02/5dmsjXWxbbnyPICt2LO72OWLaHg.mft File: 5dmsjXWxbbnyPICt2LO72OWLaHg.mft (raw, json) Hash identifier: MHnW5ZY13A/Fx+iFTk/M0ioYvY2l9/zM/1JPgE7XTlE= Subject key identifier: 36:DF:E7:C0:06:1A:A1:EC:0E:29:58:D0:F4:9A:70:6B:E5:3D:1A:E4 Authority key identifier: E5:D9:AC:8D:75:B1:6D:B9:F2:3C:80:AD:D8:B3:BB:D8:E5:8B:68:78 Certificate issuer: /CN=A91D8400/serialNumber=E5D9AC8D75B16DB9F23C80ADD8B3BBD8E58B6878 Certificate serial: 03F3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5dmsjXWxbbnyPICt2LO72OWLaHg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8400/F681BBA4781111ECA397D034C4F9AE02/5dmsjXWxbbnyPICt2LO72OWLaHg.mft Manifest number: 03EE Signing time: Sun 11 May 2025 00:04:45 +0000 Manifest this update: Sun 11 May 2025 00:04:44 +0000 Manifest next update: Sun 18 May 2025 00:04:44 +0000 Files and hashes: 1: 5dmsjXWxbbnyPICt2LO72OWLaHg.crl (hash: BU8ckj9u7qE7tE8TY5qpPWguAtqWDaGaI0rN3PdlIb8=) 2: 46C1646C781611ECADCDAB0EC4F9AE02.roa (hash: X0bJVDOuH3hxzxDqtFhaGE8zyPysnrk6jtT4gfdw6QQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8400/F681BBA4781111ECA397D034C4F9AE02/5dmsjXWxbbnyPICt2LO72OWLaHg.crl rsync://rpki.apnic.net/member_repository/A91D8400/F681BBA4781111ECA397D034C4F9AE02/5dmsjXWxbbnyPICt2LO72OWLaHg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5dmsjXWxbbnyPICt2LO72OWLaHg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 00:04:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1011 (0x3f3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8400, serialNumber=E5D9AC8D75B16DB9F23C80ADD8B3BBD8E58B6878 Validity Not Before: May 11 00:04:44 2025 GMT Not After : May 18 00:04:44 2025 GMT Subject: CN=681fe99c-9056 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e9:66:1b:46:44:0b:76:0f:35:30:59:8c:40: 44:aa:a2:23:70:c9:52:31:21:57:96:0e:33:ff:fc: ab:61:7a:5f:f8:5b:17:bc:ed:da:89:ec:d5:7a:8f: fb:68:e9:9a:dd:92:dc:de:34:fd:47:73:1d:3f:6c: 1f:42:c1:85:0d:2c:d6:e4:03:2a:3e:f5:6f:0f:84: bf:46:a3:98:6f:9b:84:30:94:98:54:53:9a:aa:33: f2:99:2d:b3:49:b3:bd:3a:ba:2b:ad:58:f5:9d:e4: b3:9f:c6:a1:20:eb:27:ce:60:70:e1:62:ba:c1:2b: 93:d2:21:f9:8a:a3:41:4a:37:45:36:8c:97:80:6a: cc:65:91:23:2b:0e:8e:89:88:f4:c0:c7:ea:f4:32: 7c:7f:9e:7f:8b:d9:77:e1:ab:7c:90:83:10:8d:78: 4e:9c:7f:02:82:01:a7:9a:1f:58:30:c2:72:eb:f0: 29:f8:3d:f2:18:f0:77:34:5f:a5:a5:95:8c:8c:48: c8:08:82:b0:e7:ef:9f:9a:1d:7f:c8:fa:ce:66:60: e7:8c:96:f6:38:06:9c:04:b7:77:61:54:84:aa:82: 56:7d:3a:fe:3d:92:c5:97:3e:46:2a:08:a3:1c:4c: 7b:39:94:d1:19:90:8f:5b:bd:9b:ec:7e:e4:26:0c: d9:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:DF:E7:C0:06:1A:A1:EC:0E:29:58:D0:F4:9A:70:6B:E5:3D:1A:E4 X509v3 Authority Key Identifier: keyid:E5:D9:AC:8D:75:B1:6D:B9:F2:3C:80:AD:D8:B3:BB:D8:E5:8B:68:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8400/F681BBA4781111ECA397D034C4F9AE02/5dmsjXWxbbnyPICt2LO72OWLaHg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5dmsjXWxbbnyPICt2LO72OWLaHg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8400/F681BBA4781111ECA397D034C4F9AE02/5dmsjXWxbbnyPICt2LO72OWLaHg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:ed:61:4d:09:c2:1c:05:56:9e:4d:44:d3:7a:2d:04:34:57: ab:9a:83:a0:51:2e:f9:05:de:89:14:6e:a7:f5:6f:a5:62:5d: 84:75:70:c2:75:56:e7:fa:c4:d2:88:dd:e1:91:5b:2b:09:74: df:a1:23:b0:fb:a6:3b:81:25:c0:12:74:fd:06:7c:2d:48:4d: c6:0c:3b:56:4e:8d:c5:db:fb:9c:79:08:fc:57:93:8e:c8:6c: a6:4f:27:30:4f:b0:5d:f1:ef:33:44:97:1d:ad:a1:7c:29:7c: fc:5b:25:fe:7f:e4:ca:40:55:0c:0f:98:0e:d4:b1:26:a4:6a: 4f:0e:e7:54:7e:9e:c9:25:69:d5:f3:c5:4c:03:a4:82:b5:46: 79:74:09:17:6f:e2:49:71:9b:46:a4:d7:a1:eb:1a:02:01:8d: fe:44:67:e7:3c:62:23:bf:5c:79:75:61:b7:ac:c1:b7:c1:96: d2:68:25:43:c7:1e:3b:5a:5b:18:9b:27:2c:e2:fd:f8:03:ee: f8:9a:85:00:d8:4a:d0:f6:ad:bd:c8:fd:b3:ea:ee:fa:b8:2e: 15:ed:18:61:78:e8:98:db:f3:b2:0b:8e:01:b5:04:6d:05:e8: 3f:e0:08:82:a6:5b:e3:16:84:d9:48:03:30:41:1b:1f:70:f5: 4b:7c:9a:27 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA/MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDg0MDAxMTAvBgNVBAUTKEU1RDlBQzhENzVCMTZEQjlGMjNDODBBREQ4QjNCQkQ4 RTU4QjY4NzgwHhcNMjUwNTExMDAwNDQ0WhcNMjUwNTE4MDAwNDQ0WjAYMRYwFAYD VQQDEw02ODFmZTk5Yy05MDU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv+lmG0ZEC3YPNTBZjEBEqqIjcMlSMSFXlg4z//yrYXpf+FsXvO3aiezVeo/7 aOma3ZLc3jT9R3MdP2wfQsGFDSzW5AMqPvVvD4S/RqOYb5uEMJSYVFOaqjPymS2z SbO9OrorrVj1neSzn8ahIOsnzmBw4WK6wSuT0iH5iqNBSjdFNoyXgGrMZZEjKw6O iYj0wMfq9DJ8f55/i9l34at8kIMQjXhOnH8CggGnmh9YMMJy6/Ap+D3yGPB3NF+l pZWMjEjICIKw5++fmh1/yPrOZmDnjJb2OAacBLd3YVSEqoJWfTr+PZLFlz5GKgij HEx7OZTRGZCPW72b7H7kJgzZdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDbf58AG GqHsDilY0PSacGvlPRrkMB8GA1UdIwQYMBaAFOXZrI11sW258jyArdizu9jli2h4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODQwMC9GNjgxQkJBNDc4 MTExMUVDQTM5N0QwMzRDNEY5QUUwMi81ZG1zalhXeGJibnlQSUN0MkxPNzJPV0xh SGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVkbXNqWFd4YmJueVBJQ3QyTE83Mk9XTGFIZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODQwMC9GNjgxQkJBNDc4MTExMUVDQTM5N0QwMzRDNEY5QUUwMi81ZG1zalhXeGJi bnlQSUN0MkxPNzJPV0xhSGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBe7WFNCcIcBVaeTUTTei0ENFermoOgUS75Bd6JFG6n9W+lYl2EdXDC dVbn+sTSiN3hkVsrCXTfoSOw+6Y7gSXAEnT9BnwtSE3GDDtWTo3F2/uceQj8V5OO yGymTycwT7Bd8e8zRJcdraF8KXz8WyX+f+TKQFUMD5gO1LEmpGpPDudUfp7JJWnV 88VMA6SCtUZ5dAkXb+JJcZtGpNeh6xoCAY3+RGfnPGIjv1x5dWG3rMG3wZbSaCVD xx47WlsYmycs4v34A+74moUA2ErQ9q29yP2z6u76uC4V7RhheOiY2/OyC44BtQRt Beg/4AiCplvjFoTZSAMwQRsfcPVLfJon -----END CERTIFICATE-----Generated at Sun May 11 22:11:25 2025 by rpki-client