$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.mft File: pnTGcB4rDOPRB-nyNsVc7-aHaPE.mft (raw, json) Hash identifier: zWL49DfOAaUxid72AcO2bc5N14I+D6TdCtE1cqewBCg= Subject key identifier: 1A:8A:75:4D:C8:29:83:D1:15:0B:CE:E2:D4:7B:2E:53:7B:A9:4B:2E Authority key identifier: A6:74:C6:70:1E:2B:0C:E3:D1:07:E9:F2:36:C5:5C:EF:E6:87:68:F1 Certificate issuer: /CN=A91DD902/serialNumber=A674C6701E2B0CE3D107E9F236C55CEFE68768F1 Certificate serial: 0194 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pnTGcB4rDOPRB-nyNsVc7-aHaPE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.mft Manifest number: 0191 Signing time: Sun 11 May 2025 02:26:06 +0000 Manifest this update: Sun 11 May 2025 02:26:06 +0000 Manifest next update: Sun 18 May 2025 02:26:06 +0000 Files and hashes: 1: pnTGcB4rDOPRB-nyNsVc7-aHaPE.crl (hash: TXAlFI18ydQubivfF0VGRFCabEns+onWX3UzZuIwg3k=) 2: 33A48584C92911EDAE3AB84EC4F9AE02.roa (hash: ZbC1fIWVYM0VLVl8rd4V+PKdCpSrgSM3tfi0uNsU2b0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.crl rsync://rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pnTGcB4rDOPRB-nyNsVc7-aHaPE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 02:26:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 404 (0x194) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD902, serialNumber=A674C6701E2B0CE3D107E9F236C55CEFE68768F1 Validity Not Before: May 11 02:26:06 2025 GMT Not After : May 18 02:26:06 2025 GMT Subject: CN=68200abe-b995 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:2c:34:bc:c9:9d:71:3f:f2:b2:a7:1a:0c:cf: 20:d2:52:77:46:94:e0:c6:ed:36:6e:5c:93:30:a9: 9b:92:7a:fe:de:60:72:f1:27:50:00:3c:ee:9e:07: 68:f2:b6:ca:8b:45:be:76:b9:3a:c6:9e:90:90:45: 16:d8:53:85:5e:62:b1:ff:a3:31:71:64:20:e8:e1: 41:56:69:00:2e:54:c5:83:33:72:bb:3f:83:10:60: 35:a5:10:79:6e:7e:44:1f:66:b2:87:57:50:e1:bd: 8a:cd:d1:d9:37:6d:06:74:71:74:4a:54:25:1e:a0: 69:58:7b:16:c5:77:f8:8e:78:26:f4:1e:90:c5:9c: 04:5b:17:4a:08:5f:98:23:5c:cd:01:e3:b8:1b:fa: 75:a1:30:d5:9e:f3:89:fc:9e:62:fe:06:35:8c:32: e2:63:21:30:e3:28:19:30:6b:de:06:9e:49:9c:5c: 7c:de:cd:5e:f2:a0:b0:d2:64:3c:9e:25:d7:ab:15: ff:69:0a:2a:cf:0e:3c:e3:22:49:84:0b:7e:e0:88: 73:8b:4f:62:c9:61:63:45:6d:5b:59:08:aa:b1:a4: a1:35:f6:e7:08:9e:a1:3d:05:44:ab:eb:f0:e4:59: c8:99:ab:f8:03:d6:fd:32:98:d6:89:e5:9f:34:5f: e1:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:8A:75:4D:C8:29:83:D1:15:0B:CE:E2:D4:7B:2E:53:7B:A9:4B:2E X509v3 Authority Key Identifier: keyid:A6:74:C6:70:1E:2B:0C:E3:D1:07:E9:F2:36:C5:5C:EF:E6:87:68:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pnTGcB4rDOPRB-nyNsVc7-aHaPE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD902/570B3F8EC92611EDAF2B9D4DC4F9AE02/pnTGcB4rDOPRB-nyNsVc7-aHaPE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 87:ee:f7:cd:fe:e6:33:ce:78:76:8e:1b:fc:0a:1b:c8:50:d4: 90:65:9c:15:76:0e:df:fe:48:04:5e:4b:01:47:3d:83:d7:8b: 2c:8d:db:ba:cd:cd:2e:d2:9a:29:79:f3:fb:d9:b8:94:38:09: 7d:9c:2f:71:8d:e7:57:30:e4:b7:db:c7:00:3f:0b:94:af:fe: ca:8c:30:37:15:4e:73:04:95:c0:4c:e1:d9:24:8a:72:39:ad: 5c:72:c1:f9:24:70:b4:a7:7b:e7:4b:14:c5:f6:06:1c:e0:90: 03:7e:45:e8:bd:ac:7b:6c:03:4c:f9:b3:b4:0e:71:5a:f6:0a: c6:8e:75:de:9c:98:4b:df:a3:fb:a5:40:d8:f0:44:e2:d7:8c: c7:dc:54:f2:94:bd:92:bd:e2:4b:6a:32:ef:3f:16:97:cb:26: b8:e6:03:40:b6:e3:f2:d6:94:31:d8:ff:02:d6:8a:f7:31:2e: be:4b:d0:e3:83:29:38:95:29:36:8f:ad:73:30:08:ee:b4:f0: b6:15:3e:dc:06:af:e5:fe:77:eb:a6:a9:36:02:0b:10:22:9a: e3:07:2b:95:8b:e0:d2:3c:74:2d:5a:16:7e:e4:0d:bd:0e:a0: b3:a6:fd:d1:3b:a0:8c:4e:ea:40:82:a2:93:0e:85:d7:ff:36: 36:e1:f3:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REQ5MDIxMTAvBgNVBAUTKEE2NzRDNjcwMUUyQjBDRTNEMTA3RTlGMjM2QzU1Q0VG RTY4NzY4RjEwHhcNMjUwNTExMDIyNjA2WhcNMjUwNTE4MDIyNjA2WjAYMRYwFAYD VQQDEw02ODIwMGFiZS1iOTk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvCw0vMmdcT/ysqcaDM8g0lJ3RpTgxu02blyTMKmbknr+3mBy8SdQADzungdo 8rbKi0W+drk6xp6QkEUW2FOFXmKx/6MxcWQg6OFBVmkALlTFgzNyuz+DEGA1pRB5 bn5EH2ayh1dQ4b2KzdHZN20GdHF0SlQlHqBpWHsWxXf4jngm9B6QxZwEWxdKCF+Y I1zNAeO4G/p1oTDVnvOJ/J5i/gY1jDLiYyEw4ygZMGveBp5JnFx83s1e8qCw0mQ8 niXXqxX/aQoqzw484yJJhAt+4Ihzi09iyWFjRW1bWQiqsaShNfbnCJ6hPQVEq+vw 5FnImav4A9b9MpjWieWfNF/hEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBqKdU3I KYPRFQvO4tR7LlN7qUsuMB8GA1UdIwQYMBaAFKZ0xnAeKwzj0Qfp8jbFXO/mh2jx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDkwMi81NzBCM0Y4RUM5 MjYxMUVEQUYyQjlENERDNEY5QUUwMi9wblRHY0I0ckRPUFJCLW55TnNWYzctYUhh UEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BuVEdjQjRyRE9QUkItbnlOc1ZjNy1hSGFQRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RDkwMi81NzBCM0Y4RUM5MjYxMUVEQUYyQjlENERDNEY5QUUwMi9wblRHY0I0ckRP UFJCLW55TnNWYzctYUhhUEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCH7vfN/uYzznh2jhv8ChvIUNSQZZwVdg7f/kgEXksBRz2D14ssjdu6 zc0u0popefP72biUOAl9nC9xjedXMOS328cAPwuUr/7KjDA3FU5zBJXATOHZJIpy Oa1ccsH5JHC0p3vnSxTF9gYc4JADfkXovax7bANM+bO0DnFa9grGjnXenJhL36P7 pUDY8ETi14zH3FTylL2SveJLajLvPxaXyya45gNAtuPy1pQx2P8C1or3MS6+S9Dj gyk4lSk2j61zMAjutPC2FT7cBq/l/nfrpqk2AgsQIprjByuVi+DSPHQtWhZ+5A29 DqCzpv3RO6CMTupAgqKTDoXX/zY24fOI -----END CERTIFICATE-----Generated at Mon May 12 05:42:38 2025 by rpki-client