$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft File: i0hqzK8SpnqVaI6NEb1ljAQcElo.mft (raw, json) Hash identifier: c3ljJSrcua7oG4cPP0GIqGLqneROuuX3vt9NW4oOqyU= Subject key identifier: 38:B0:83:48:7E:81:94:DE:C0:84:95:C9:AC:6D:E0:F5:E0:83:22:E3 Authority key identifier: 8B:48:6A:CC:AF:12:A6:7A:95:68:8E:8D:11:BD:65:8C:04:1C:12:5A Certificate issuer: /CN=A91DBA5B/serialNumber=8B486ACCAF12A67A95688E8D11BD658C041C125A Certificate serial: 7E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft Manifest number: 7D Signing time: Sun 11 May 2025 05:26:58 +0000 Manifest this update: Sun 11 May 2025 05:26:58 +0000 Manifest next update: Sun 18 May 2025 05:26:58 +0000 Files and hashes: 1: i0hqzK8SpnqVaI6NEb1ljAQcElo.crl (hash: jlFnvyvjLAhUH0mzU01UJaTlgQlttun1i97gLuEUDXc=) 2: F305F43270E711EF8573CF71C4F9AE02.roa (hash: aci5Spv/e6z609EwzRrCe3VebaHTH23V/kyd6t5TMtw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.crl rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 05:26:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 126 (0x7e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBA5B, serialNumber=8B486ACCAF12A67A95688E8D11BD658C041C125A Validity Not Before: May 11 05:26:58 2025 GMT Not After : May 18 05:26:58 2025 GMT Subject: CN=68203522-448a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:03:56:1f:4d:c5:04:8d:3a:76:4a:83:f7:a0: ac:65:70:02:8d:a1:2a:99:b3:7f:84:f3:56:8b:ae: 0f:9a:65:7f:24:10:45:4b:c9:29:85:48:cf:1b:f4: f9:83:b1:a5:4e:ac:de:92:ef:1a:58:e6:dc:ef:a7: 75:e1:e5:5d:59:00:47:b7:84:30:32:48:33:a5:49: be:7c:b8:3a:53:96:f0:a8:78:54:c6:3f:5e:73:25: 11:e9:49:a7:84:39:5e:5b:45:e8:52:95:51:b3:d3: 42:94:c2:50:fd:69:c6:d0:ef:19:cf:0d:48:40:59: 93:21:e8:50:53:88:5d:d9:e9:b9:6d:99:da:e9:44: bf:c9:a6:16:45:5c:02:59:64:94:c0:43:da:5b:a2: 70:1b:7a:00:95:84:ac:30:e9:04:91:61:08:d6:ac: 34:39:29:85:a1:21:7a:fb:19:52:bf:54:7e:2b:a8: b0:24:88:64:f7:6f:b4:87:46:9f:f2:d9:be:7a:69: eb:ee:06:f4:84:14:7f:dd:44:6b:27:c5:83:85:70: 4c:8a:10:2b:84:23:78:3a:ef:ca:42:6f:ee:5e:2c: 9b:66:08:79:a3:f5:e6:42:6a:60:7a:df:a6:d3:25: 2c:76:af:fc:fe:4c:f8:ad:3b:38:08:0d:9c:bd:2e: 12:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:B0:83:48:7E:81:94:DE:C0:84:95:C9:AC:6D:E0:F5:E0:83:22:E3 X509v3 Authority Key Identifier: keyid:8B:48:6A:CC:AF:12:A6:7A:95:68:8E:8D:11:BD:65:8C:04:1C:12:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:d0:86:fe:c2:98:c6:48:97:76:67:d8:e4:c9:01:9d:c1:84: 4f:47:a7:37:4b:c7:9b:54:93:70:5d:58:67:1c:e0:b3:1c:45: 08:a8:fd:a4:21:e2:99:ad:be:41:f6:0b:0d:ca:53:57:11:71: c4:04:00:29:8d:d5:3f:9f:4a:5a:40:b4:8a:2d:0d:db:d8:ce: 9c:12:be:d9:c7:16:b9:db:10:02:11:38:08:63:49:e0:7e:4a: 6b:be:07:26:5d:24:79:59:9a:01:dc:90:94:c2:9b:0e:1e:ca: cf:bf:b4:35:1e:31:5f:9b:40:d0:4c:36:88:1d:fe:0e:6a:b6: c9:a1:b5:0d:59:47:95:b6:cc:a9:81:95:17:39:b2:3b:ba:7f: f2:bd:6d:a7:92:4a:bf:ff:8c:c7:a7:59:65:df:0b:ba:8f:a6: f5:a0:fe:d2:10:ae:bb:5a:ff:cf:ee:4c:8c:d1:c7:94:1d:c5: 1e:2b:c2:16:d9:5f:95:3c:d3:15:7b:a3:e7:a1:37:36:3c:70: ac:e2:15:44:f6:aa:8b:15:04:ac:62:0e:54:88:b5:73:18:a8: 78:f5:a1:8b:28:9c:6a:58:dc:e6:02:b3:c8:16:4e:fa:28:55: 48:ef:7f:d1:c9:73:c2:98:47:97:f2:a4:b1:7b:4b:45:d8:9b: 02:28:9a:46 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBfjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QkE1QjExMC8GA1UEBRMoOEI0ODZBQ0NBRjEyQTY3QTk1Njg4RThEMTFCRDY1OEMw NDFDMTI1QTAeFw0yNTA1MTEwNTI2NThaFw0yNTA1MTgwNTI2NThaMBgxFjAUBgNV BAMTDTY4MjAzNTIyLTQ0OGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC3A1YfTcUEjTp2SoP3oKxlcAKNoSqZs3+E81aLrg+aZX8kEEVLySmFSM8b9PmD saVOrN6S7xpY5tzvp3Xh5V1ZAEe3hDAySDOlSb58uDpTlvCoeFTGP15zJRHpSaeE OV5bRehSlVGz00KUwlD9acbQ7xnPDUhAWZMh6FBTiF3Z6bltmdrpRL/JphZFXAJZ ZJTAQ9pbonAbegCVhKww6QSRYQjWrDQ5KYWhIXr7GVK/VH4rqLAkiGT3b7SHRp/y 2b56aevuBvSEFH/dRGsnxYOFcEyKECuEI3g678pCb+5eLJtmCHmj9eZCamB636bT JSx2r/z+TPitOzgIDZy9LhKFAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOLCDSH6B lN7AhJXJrG3g9eCDIuMwHwYDVR0jBBgwFoAUi0hqzK8SpnqVaI6NEb1ljAQcElow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURCQTVCLzREN0NFNjZBNzBF NzExRUZCNDQ0QUY3MEM0RjlBRTAyL2kwaHF6SzhTcG5xVmFJNk5FYjFsakFRY0Vs by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvaTBocXpLOFNwbnFWYUk2TkViMWxqQVFjRWxvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURC QTVCLzREN0NFNjZBNzBFNzExRUZCNDQ0QUY3MEM0RjlBRTAyL2kwaHF6SzhTcG5x VmFJNk5FYjFsakFRY0Vsby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAC3Qhv7CmMZIl3Zn2OTJAZ3BhE9HpzdLx5tUk3BdWGcc4LMcRQio/aQh 4pmtvkH2Cw3KU1cRccQEACmN1T+fSlpAtIotDdvYzpwSvtnHFrnbEAIROAhjSeB+ Smu+ByZdJHlZmgHckJTCmw4eys+/tDUeMV+bQNBMNogd/g5qtsmhtQ1ZR5W2zKmB lRc5sju6f/K9baeSSr//jMenWWXfC7qPpvWg/tIQrrta/8/uTIzRx5QdxR4rwhbZ X5U80xV7o+ehNzY8cKziFUT2qosVBKxiDlSItXMYqHj1oYsonGpY3OYCs8gWTvoo VUjvf9HJc8KYR5fypLF7S0XYmwIomkY= -----END CERTIFICATE-----Generated at Mon May 12 01:34:22 2025 by rpki-client