$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft File: raiu0ysVuH5hElLSnR4dW95YFkY.mft (raw, json) Hash identifier: 1Z72fuUNs5G9XP2tOtmKLde+h7p6N6T4IGRNR1IREcE= Subject key identifier: E9:4A:E6:84:DF:BE:62:3B:C4:81:1B:D1:D5:6C:78:E6:81:3D:01:C2 Authority key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 Certificate issuer: /CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Certificate serial: 3567 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft Manifest number: 34E3 Signing time: Sun 04 May 2025 14:16:19 +0000 Manifest this update: Sun 04 May 2025 14:16:19 +0000 Manifest next update: Sun 11 May 2025 14:16:19 +0000 Files and hashes: 1: raiu0ysVuH5hElLSnR4dW95YFkY.crl (hash: CORIPX1ffYJVbSRnJ/iy4adKei8EfOqwH1QSIIojijc=) 2: C9B8A270483411ECA6C7C085C4F9AE02.roa (hash: nJvnNt0eJsmGuLUjItzV/NgJ7+2UZ1r5MhffEQ8w0sk=) 3: AF560BA2B1CC11EF80C4BE44C4F9AE02.roa (hash: JKOX2Bnk1obdJWD/11GK8Zj49w+PdYErgulVkpa2rdU=) 4: 7C836BA46C8E11EEA38B9554C4F9AE02.roa (hash: aQYfeFSthN9oof4UX3Yota3Vi8A1Xibnwm7ZRxMjljY=) 5: 539CC922366C11EEBEBBBE1DC4F9AE02.roa (hash: TrayTHMiKb+Dm5posHRv3ZfOvi01WiwhoUD8use0rkY=) 6: FC72B9529F0311EAB6B8EA87C4F9AE02.roa (hash: iJ1kB8ujNY3bRF9sFR+ioHj2q77p/d9prgJ8hOEg/Tw=) 7: E2446DD228AA11E79582F36BC4F9AE02.roa (hash: ZJSRmEu8ZSRqTlcPEDfX6hYX2fzOC+1QV4+V6A/VckU=) 8: 662A2F2286B411E6BAEB2614C4F9AE02.roa (hash: MRkFXSabw9acLO92YltXC7hoPQwJsDF6DX+Xsg12tnY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 11 May 2025 14:16:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13671 (0x3567) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC5BE, serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Validity Not Before: May 4 14:16:19 2025 GMT Not After : May 11 14:16:19 2025 GMT Subject: CN=681776b3-a474 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:41:7b:35:7d:84:21:7b:13:bc:17:49:f5:72: 99:32:43:87:d6:c4:67:e8:c6:34:12:09:46:1c:ca: 1f:35:80:fb:d0:0c:2e:ab:43:a9:9c:dc:3c:85:ae: 11:6d:76:50:61:aa:e2:21:d4:3d:44:c0:12:a4:23: 8c:67:57:d4:b5:42:26:25:22:0b:86:8b:fa:8c:7f: 74:e9:b7:4a:4f:20:38:30:7d:91:18:16:71:bd:a3: 32:92:04:4e:5e:2b:e0:73:fb:d7:43:41:e7:34:a9: 28:61:3d:08:f6:f8:f3:4c:54:9c:35:24:4d:07:32: f3:88:af:ac:1c:c5:24:d2:4f:03:93:b2:73:43:68: 4c:e5:5c:1e:22:95:1c:1b:68:58:80:5e:25:8f:89: 5f:29:40:85:c8:78:7e:e5:82:73:d3:e6:a8:44:9d: 6e:0a:f3:53:bc:df:61:c2:2f:89:94:82:fe:2c:df: a4:74:4a:75:b5:25:68:ed:c6:c0:1a:6a:a4:1a:6d: 0d:4b:91:83:d6:de:e5:1e:cb:9c:cc:58:51:70:a6: 57:70:bd:7c:b7:e5:5c:f4:6d:1b:4b:43:f4:e7:01: 3c:12:f4:54:8d:83:59:cd:57:38:0c:df:7b:50:d8: a3:e3:57:18:46:a8:8f:cc:bb:66:32:cf:62:c8:87: 5e:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:4A:E6:84:DF:BE:62:3B:C4:81:1B:D1:D5:6C:78:E6:81:3D:01:C2 X509v3 Authority Key Identifier: keyid:AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:31:f0:88:f8:04:7f:c9:7d:79:ac:c6:fa:47:49:3e:df:34: cb:ca:18:e2:5e:41:96:21:97:00:84:b4:d9:cd:55:b5:b1:e3: 2f:c6:d7:55:45:90:00:17:30:0f:94:c6:97:09:46:60:2f:c5: 73:ec:61:36:46:b0:86:1c:36:86:12:a0:d4:d6:73:b8:f9:6d: b5:6d:28:15:f8:9f:92:42:54:06:7e:ff:3a:72:77:78:b7:24: c8:8e:76:da:69:9f:78:6d:93:9e:79:27:9e:2c:00:b1:17:09: 08:4c:a9:aa:93:67:00:d4:a7:9d:48:dd:30:c5:ec:05:09:1d: 0f:dd:fa:c0:51:67:0f:cb:06:ac:98:ac:cf:04:57:d6:40:8f: 92:b3:14:d6:5d:c1:30:dd:7b:10:ed:c2:c9:2f:9e:68:59:15: 94:e0:16:00:7f:10:83:49:03:b7:03:a0:dd:c7:00:48:0c:24: 27:db:05:e1:2a:2f:f1:c9:e5:20:83:ec:3c:5e:93:e0:f7:0e: ac:40:d5:9b:49:91:b7:16:20:a8:99:c4:6c:3a:17:a1:9e:34: 27:97:9b:f5:e2:89:06:64:93:12:28:a4:72:69:60:b3:f9:f4: 2b:16:0e:fb:e6:fe:5b:3b:e6:88:46:bb:69:14:9d:e5:b8:18: ed:ea:57:dd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNWcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJEMjlEMUUxRDVC REU1ODE2NDYwHhcNMjUwNTA0MTQxNjE5WhcNMjUwNTExMTQxNjE5WjAYMRYwFAYD VQQDEw02ODE3NzZiMy1hNDc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwEF7NX2EIXsTvBdJ9XKZMkOH1sRn6MY0EglGHMofNYD70Awuq0OpnNw8ha4R bXZQYariIdQ9RMASpCOMZ1fUtUImJSILhov6jH906bdKTyA4MH2RGBZxvaMykgRO Xivgc/vXQ0HnNKkoYT0I9vjzTFScNSRNBzLziK+sHMUk0k8Dk7JzQ2hM5VweIpUc G2hYgF4lj4lfKUCFyHh+5YJz0+aoRJ1uCvNTvN9hwi+JlIL+LN+kdEp1tSVo7cbA GmqkGm0NS5GD1t7lHsuczFhRcKZXcL18t+Vc9G0bS0P05wE8EvRUjYNZzVc4DN97 UNij41cYRqiPzLtmMs9iyIdekwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOlK5oTf vmI7xIEb0dVseOaBPQHCMB8GA1UdIwQYMBaAFK2ortMrFbh+YRJS0p0eHVveWBZG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzVCRS9ENDAxNjE5QTFE NjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVINWhFbExTblI0ZFc5NVlG a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JhaXUweXNWdUg1aEVsTFNuUjRkVzk1WUZrWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzVCRS9ENDAxNjE5QTFENjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVI NWhFbExTblI0ZFc5NVlGa1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQATMfCI+AR/yX15rMb6R0k+3zTLyhjiXkGWIZcAhLTZzVW1seMvxtdV RZAAFzAPlMaXCUZgL8Vz7GE2RrCGHDaGEqDU1nO4+W21bSgV+J+SQlQGfv86cnd4 tyTIjnbaaZ94bZOeeSeeLACxFwkITKmqk2cA1KedSN0wxewFCR0P3frAUWcPywas mKzPBFfWQI+SsxTWXcEw3XsQ7cLJL55oWRWU4BYAfxCDSQO3A6DdxwBIDCQn2wXh Ki/xyeUgg+w8XpPg9w6sQNWbSZG3FiComcRsOhehnjQnl5v14okGZJMSKKRyaWCz +fQrFg775v5bO+aIRrtpFJ3luBjt6lfd -----END CERTIFICATE-----Generated at Mon May 5 03:25:06 2025 by rpki-client