$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft File: IAAAWsWhdEBL07_CmUMyPpYGJbk.mft (raw, json) Hash identifier: knCa4ZUul+VZlKFmdoi3V/S0MKAkp2Tt8fPEMWCyIoY= Subject key identifier: E4:1E:5A:03:2D:7A:B1:E8:E5:2E:DA:29:C2:EF:0B:9E:07:40:69:66 Authority key identifier: 20:00:00:5A:C5:A1:74:40:4B:D3:BF:C2:99:43:32:3E:96:06:25:B9 Certificate issuer: /CN=A91DA590/serialNumber=2000005AC5A174404BD3BFC29943323E960625B9 Certificate serial: 033F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft Manifest number: 0338 Signing time: Tue 13 May 2025 00:52:39 +0000 Manifest this update: Tue 13 May 2025 00:52:39 +0000 Manifest next update: Tue 20 May 2025 00:52:39 +0000 Files and hashes: 1: IAAAWsWhdEBL07_CmUMyPpYGJbk.crl (hash: j7hRGOwl/WIj/HV3+TFtqiuTDlTxoUQs9FIOk0+KskY=) 2: 09E46A74C07F11ECB0707F18C4F9AE02.roa (hash: fKQvUorpCo1+t6j4CpNdFsIqffZ/KOuD0j+HaDJA0Es=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.crl rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 00:52:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 831 (0x33f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA590, serialNumber=2000005AC5A174404BD3BFC29943323E960625B9 Validity Not Before: May 13 00:52:39 2025 GMT Not After : May 20 00:52:39 2025 GMT Subject: CN=682297d7-ba6c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:6d:a8:c7:55:17:06:23:e1:38:fb:5f:48:47: 6b:1e:9c:cd:d7:37:1a:93:fe:6f:66:0f:2d:ef:48: 5b:08:20:75:8e:dd:64:51:ab:13:27:38:91:77:b2: e9:99:de:5a:9a:50:39:46:9e:67:f6:6e:1d:47:cd: 10:b5:d5:28:10:03:a6:31:ff:f7:f4:4d:c4:49:b8: c8:87:99:f9:78:83:53:01:c8:50:72:18:9e:8d:1a: 0f:0c:d9:7b:f7:33:c3:4f:bc:18:1a:d1:2c:d5:cb: 1a:09:14:88:8a:3f:59:de:8d:52:50:04:77:e3:24: fc:08:af:ee:3f:56:40:4c:f5:15:78:50:6d:05:db: bc:8c:d3:57:6d:f2:12:d4:b3:0a:b1:ec:ea:10:28: 76:8e:49:79:b4:65:1b:42:8b:6d:e7:ac:f3:61:be: 39:54:58:a0:97:82:3d:d7:4d:27:6c:fd:25:ea:ab: f7:dc:77:ab:88:5c:4c:df:84:54:b3:aa:32:7f:4e: 80:6a:a1:27:3d:50:fa:36:f5:c1:00:5c:d5:1a:0b: 10:bb:62:1d:09:12:e8:24:b5:95:66:f7:95:8e:96: 57:1a:26:c6:b2:bb:26:7f:05:74:4a:ce:5e:6f:34: e8:50:a7:2b:05:3c:3f:f4:0e:85:46:03:38:dd:2a: 28:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:1E:5A:03:2D:7A:B1:E8:E5:2E:DA:29:C2:EF:0B:9E:07:40:69:66 X509v3 Authority Key Identifier: keyid:20:00:00:5A:C5:A1:74:40:4B:D3:BF:C2:99:43:32:3E:96:06:25:B9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:f7:0e:43:15:17:8b:a1:e5:8a:13:fb:bb:ea:fc:0e:e0:50: 1c:d0:09:4a:a6:7e:72:cc:74:32:4f:ef:2c:c3:59:8c:c2:88: a3:e3:56:48:af:91:06:03:a9:a3:a7:13:0f:0e:cf:50:e5:98: 5d:f8:af:f6:57:24:8e:aa:55:1a:eb:6b:2f:7c:28:9b:d6:44: 48:90:7c:de:44:45:76:14:09:68:18:da:99:a5:ec:a2:c8:b4: 5f:b2:a7:dd:97:42:ab:9c:3c:3f:32:79:a2:07:de:0e:04:2f: c5:b2:59:83:1c:dd:ec:51:71:4b:30:18:98:b0:f8:59:95:6a: df:c0:bc:68:2c:7f:dd:d2:f2:57:e2:ea:37:23:ca:1b:bb:13: cc:c9:73:d0:b2:5c:50:9c:d8:2d:02:fc:29:e1:c7:4c:6e:78: e1:a7:6c:fc:6f:d3:e1:17:0c:06:e0:96:6b:98:2d:b8:24:e4: 0d:2a:fc:f3:69:85:6d:6e:9d:1e:44:82:98:c9:55:9e:da:a7: 2e:d0:82:8c:c2:47:d3:a9:59:5f:26:5f:b0:ef:eb:f9:63:cd: 6a:ef:13:0f:4f:12:d2:5b:f6:08:65:12:f6:f1:03:24:8f:1a: b5:bd:e2:8f:6d:96:93:d2:f9:7a:07:58:b5:93:53:0c:35:e4: 73:a7:f5:d0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAz8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REE1OTAxMTAvBgNVBAUTKDIwMDAwMDVBQzVBMTc0NDA0QkQzQkZDMjk5NDMzMjNF OTYwNjI1QjkwHhcNMjUwNTEzMDA1MjM5WhcNMjUwNTIwMDA1MjM5WjAYMRYwFAYD VQQDEw02ODIyOTdkNy1iYTZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvW2ox1UXBiPhOPtfSEdrHpzN1zcak/5vZg8t70hbCCB1jt1kUasTJziRd7Lp md5amlA5Rp5n9m4dR80QtdUoEAOmMf/39E3ESbjIh5n5eINTAchQchiejRoPDNl7 9zPDT7wYGtEs1csaCRSIij9Z3o1SUAR34yT8CK/uP1ZATPUVeFBtBdu8jNNXbfIS 1LMKsezqECh2jkl5tGUbQott56zzYb45VFigl4I9100nbP0l6qv33HeriFxM34RU s6oyf06AaqEnPVD6NvXBAFzVGgsQu2IdCRLoJLWVZveVjpZXGibGsrsmfwV0Ss5e bzToUKcrBTw/9A6FRgM43SoofQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOQeWgMt erHo5S7aKcLvC54HQGlmMB8GA1UdIwQYMBaAFCAAAFrFoXRAS9O/wplDMj6WBiW5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTU5MC85NTEwRTg2QUMw N0IxMUVDOTg3Qjg0N0ZDNEY5QUUwMi9JQUFBV3NXaGRFQkwwN19DbVVNeVBwWUdK YmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lBQUFXc1doZEVCTDA3X0NtVU15UHBZR0piay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QTU5MC85NTEwRTg2QUMwN0IxMUVDOTg3Qjg0N0ZDNEY5QUUwMi9JQUFBV3NXaGRF QkwwN19DbVVNeVBwWUdKYmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBt9w5DFReLoeWKE/u76vwO4FAc0AlKpn5yzHQyT+8sw1mMwoij41ZI r5EGA6mjpxMPDs9Q5Zhd+K/2VySOqlUa62svfCib1kRIkHzeREV2FAloGNqZpeyi yLRfsqfdl0KrnDw/MnmiB94OBC/FslmDHN3sUXFLMBiYsPhZlWrfwLxoLH/d0vJX 4uo3I8obuxPMyXPQslxQnNgtAvwp4cdMbnjhp2z8b9PhFwwG4JZrmC24JOQNKvzz aYVtbp0eRIKYyVWe2qcu0IKMwkfTqVlfJl+w7+v5Y81q7xMPTxLSW/YIZRL28QMk jxq1veKPbZaT0vl6B1i1k1MMNeRzp/XQ -----END CERTIFICATE-----Generated at Tue May 13 08:21:01 2025 by rpki-client