$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9CA8/2932C588E4FD11EFAC1CE67FC4F9AE02/5JdLhBatO5ndEfOwQFbwx5m3ocs.mft File: 5JdLhBatO5ndEfOwQFbwx5m3ocs.mft (raw, json) Hash identifier: lSB1dRNCAtgZVz1Ow+vUAXcBfYR074KdDIRn1DzoStk= Subject key identifier: 8B:52:86:E9:9A:1D:C6:2C:A9:D2:F8:DC:CD:39:AD:0D:9C:EC:CD:2E Authority key identifier: E4:97:4B:84:16:AD:3B:99:DD:11:F3:B0:40:56:F0:C7:99:B7:A1:CB Certificate issuer: /CN=A91D9CA8/serialNumber=E4974B8416AD3B99DD11F3B04056F0C799B7A1CB Certificate serial: 31 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5JdLhBatO5ndEfOwQFbwx5m3ocs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9CA8/2932C588E4FD11EFAC1CE67FC4F9AE02/5JdLhBatO5ndEfOwQFbwx5m3ocs.mft Manifest number: 31 Signing time: Sun 11 May 2025 06:22:27 +0000 Manifest this update: Sun 11 May 2025 06:22:26 +0000 Manifest next update: Sun 18 May 2025 06:22:26 +0000 Files and hashes: 1: 5JdLhBatO5ndEfOwQFbwx5m3ocs.crl (hash: hY1IW8BLzg6zPBEZ8iOsL8/JGB/zjmJd74WuqQxuPOs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9CA8/2932C588E4FD11EFAC1CE67FC4F9AE02/5JdLhBatO5ndEfOwQFbwx5m3ocs.crl rsync://rpki.apnic.net/member_repository/A91D9CA8/2932C588E4FD11EFAC1CE67FC4F9AE02/5JdLhBatO5ndEfOwQFbwx5m3ocs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5JdLhBatO5ndEfOwQFbwx5m3ocs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 06:22:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49 (0x31) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9CA8, serialNumber=E4974B8416AD3B99DD11F3B04056F0C799B7A1CB Validity Not Before: May 11 06:22:26 2025 GMT Not After : May 18 06:22:26 2025 GMT Subject: CN=68204222-635a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:c6:91:c9:14:e0:dc:7b:57:2f:c4:90:2f:38: ec:10:78:98:95:15:eb:8b:89:75:cc:08:c5:b4:e4: c3:48:a3:03:2a:9a:f7:84:65:e1:c3:bb:f1:47:bd: a8:60:10:f3:4d:b2:18:1f:00:58:f5:5a:26:97:a2: 35:db:22:6c:1e:bd:c6:df:de:8b:6c:61:e7:64:88: 66:48:28:15:8e:a8:18:77:96:c4:c2:88:22:76:0a: bf:8e:62:d7:c8:16:a0:b5:89:7a:81:4b:a1:9b:42: 12:ea:4b:ec:de:93:c6:dc:f2:6e:6f:a7:88:f2:99: 7d:ba:2d:98:a0:52:4e:45:a0:d5:e5:08:1e:e9:a1: 15:99:78:fd:5a:2d:4b:94:54:f5:7f:83:5b:09:c1: 37:c1:6c:e9:ca:d6:ab:b8:db:0f:05:f3:57:0f:11: bd:fb:0e:f0:d6:d8:a6:7c:39:8a:ea:8b:47:e7:dc: 56:08:04:1b:e1:9c:e2:0b:bf:3c:a2:07:fa:bf:79: c9:02:bb:d0:48:14:db:8d:b0:27:5e:44:02:9b:e0: 6d:0c:4f:1b:9c:43:e8:8c:3c:da:4f:b0:d1:c8:35: 5f:db:3b:bf:1e:a4:42:74:88:f4:d0:40:23:ab:b5: b2:27:70:46:e5:1e:48:92:e4:d9:61:05:e6:39:d7: dd:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:52:86:E9:9A:1D:C6:2C:A9:D2:F8:DC:CD:39:AD:0D:9C:EC:CD:2E X509v3 Authority Key Identifier: keyid:E4:97:4B:84:16:AD:3B:99:DD:11:F3:B0:40:56:F0:C7:99:B7:A1:CB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/2932C588E4FD11EFAC1CE67FC4F9AE02/5JdLhBatO5ndEfOwQFbwx5m3ocs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5JdLhBatO5ndEfOwQFbwx5m3ocs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/2932C588E4FD11EFAC1CE67FC4F9AE02/5JdLhBatO5ndEfOwQFbwx5m3ocs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:5d:bf:1d:20:49:d5:da:05:1b:00:70:11:68:ef:e3:4d:43: 2c:19:e9:b3:12:88:e0:77:a3:bf:d5:7d:71:89:3f:75:fb:65: a8:d2:e3:f9:df:a9:ea:b4:17:00:70:f2:bc:7e:cc:ec:c1:d5: fb:e9:1e:a4:ac:50:d6:cf:8a:a4:61:54:a2:6a:87:1b:63:b1: 66:e6:f6:36:5a:05:ce:1f:3d:5d:39:ed:cb:c2:aa:07:4b:44: f7:e8:9e:9f:33:e0:8a:0f:f7:18:28:22:99:bf:3a:2d:33:c1: 70:bd:57:26:66:92:c2:03:f7:ee:4a:5d:bb:a1:9f:64:32:8c: e9:20:18:88:33:14:ef:fd:e0:a5:01:33:04:57:2b:80:f6:d9: 51:9a:4b:b3:da:27:70:a0:15:da:fc:df:e3:41:fd:23:bd:1a: f2:81:ee:43:5d:9f:c4:0f:3d:72:12:a5:8f:26:74:95:2f:dd: ed:1a:c3:26:8a:5b:f2:24:6a:df:d8:1b:60:9b:16:6e:ef:bd: 61:15:f7:7f:eb:e8:be:84:23:49:9d:9a:0f:55:c0:ce:9a:23: 37:be:c3:3c:1f:2b:ec:bd:c4:46:12:76:f2:8d:db:11:6e:b3: 11:7d:a4:1b:aa:29:e5:9e:bc:05:cc:6a:55:53:fc:4c:d7:b8: 0a:47:b0:ad -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE OUNBODExMC8GA1UEBRMoRTQ5NzRCODQxNkFEM0I5OUREMTFGM0IwNDA1NkYwQzc5 OUI3QTFDQjAeFw0yNTA1MTEwNjIyMjZaFw0yNTA1MTgwNjIyMjZaMBgxFjAUBgNV BAMTDTY4MjA0MjIyLTYzNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDExpHJFODce1cvxJAvOOwQeJiVFeuLiXXMCMW05MNIowMqmveEZeHDu/FHvahg EPNNshgfAFj1WiaXojXbImwevcbf3otsYedkiGZIKBWOqBh3lsTCiCJ2Cr+OYtfI FqC1iXqBS6GbQhLqS+zek8bc8m5vp4jymX26LZigUk5FoNXlCB7poRWZeP1aLUuU VPV/g1sJwTfBbOnK1qu42w8F81cPEb37DvDW2KZ8OYrqi0fn3FYIBBvhnOILvzyi B/q/eckCu9BIFNuNsCdeRAKb4G0MTxucQ+iMPNpPsNHINV/bO78epEJ0iPTQQCOr tbIncEblHkiS5NlhBeY5192/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUi1KG6Zod xiyp0vjczTmtDZzszS4wHwYDVR0jBBgwFoAU5JdLhBatO5ndEfOwQFbwx5m3ocsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5Q0E4LzI5MzJDNTg4RTRG RDExRUZBQzFDRTY3RkM0RjlBRTAyLzVKZExoQmF0TzVuZEVmT3dRRmJ3eDVtM29j cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNUpkTGhCYXRPNW5kRWZPd1FGYnd4NW0zb2NzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5 Q0E4LzI5MzJDNTg4RTRGRDExRUZBQzFDRTY3RkM0RjlBRTAyLzVKZExoQmF0TzVu ZEVmT3dRRmJ3eDVtM29jcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEtdvx0gSdXaBRsAcBFo7+NNQywZ6bMSiOB3o7/VfXGJP3X7ZajS4/nf qeq0FwBw8rx+zOzB1fvpHqSsUNbPiqRhVKJqhxtjsWbm9jZaBc4fPV057cvCqgdL RPfonp8z4IoP9xgoIpm/Oi0zwXC9VyZmksID9+5KXbuhn2QyjOkgGIgzFO/94KUB MwRXK4D22VGaS7PaJ3CgFdr83+NB/SO9GvKB7kNdn8QPPXISpY8mdJUv3e0awyaK W/Ikat/YG2CbFm7vvWEV93/r6L6EI0mdmg9VwM6aIze+wzwfK+y9xEYSdvKN2xFu sxF9pBuqKeWevAXMalVT/EzXuApHsK0= -----END CERTIFICATE-----Generated at Mon May 12 07:33:35 2025 by rpki-client