$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0CA1/7063E424523F11EA8C9CF016C4F9AE02/4dlaPL3ZICmuvh4TCAmeYknNNiQ.mft File: 4dlaPL3ZICmuvh4TCAmeYknNNiQ.mft (raw, json) Hash identifier: PkM26As0HMyDW6bhu9veXiE4AeqeMYqMXjnvpydS/pQ= Subject key identifier: 31:EC:71:0C:03:3F:F0:7F:6F:AA:BA:81:44:9A:F8:E8:B7:8F:68:FF Authority key identifier: E1:D9:5A:3C:BD:D9:20:29:AE:BE:1E:13:08:09:9E:62:49:CD:36:24 Certificate issuer: /CN=A91E0CA1/serialNumber=E1D95A3CBDD92029AEBE1E1308099E6249CD3624 Certificate serial: 0AB5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4dlaPL3ZICmuvh4TCAmeYknNNiQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0CA1/7063E424523F11EA8C9CF016C4F9AE02/4dlaPL3ZICmuvh4TCAmeYknNNiQ.mft Manifest number: 0AAE Signing time: Mon 12 May 2025 19:21:09 +0000 Manifest this update: Mon 12 May 2025 19:21:08 +0000 Manifest next update: Mon 19 May 2025 19:21:08 +0000 Files and hashes: 1: 4dlaPL3ZICmuvh4TCAmeYknNNiQ.crl (hash: sgBYR4k78qMID7qEWI6K9ancQWFfCiIel+nTxM9ViG8=) 2: 29B9D5B8524111EABEF0A119C4F9AE02.roa (hash: XgnhviRQUKAkeu4itRmlPhHlV4kxqNIZcBKK2pdxl3k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0CA1/7063E424523F11EA8C9CF016C4F9AE02/4dlaPL3ZICmuvh4TCAmeYknNNiQ.crl rsync://rpki.apnic.net/member_repository/A91E0CA1/7063E424523F11EA8C9CF016C4F9AE02/4dlaPL3ZICmuvh4TCAmeYknNNiQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4dlaPL3ZICmuvh4TCAmeYknNNiQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 19:21:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2741 (0xab5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0CA1, serialNumber=E1D95A3CBDD92029AEBE1E1308099E6249CD3624 Validity Not Before: May 12 19:21:08 2025 GMT Not After : May 19 19:21:08 2025 GMT Subject: CN=68224a25-433b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:cd:8b:d0:d4:dd:c8:19:33:7f:a0:2e:4e:26: 96:cf:a7:4c:8b:0d:91:64:3b:a3:f2:80:99:d9:6a: 82:df:87:23:ac:da:bb:b4:be:69:74:8e:c5:af:d4: 7d:3c:a6:96:7f:33:54:47:52:d8:8d:59:d6:61:2b: 5e:ef:9b:cd:84:e3:d2:7a:56:28:1f:f7:08:29:ed: c3:2e:05:46:85:37:45:9a:42:11:50:44:2c:95:73: 88:1d:9e:60:9f:98:36:dc:24:cb:b8:4b:51:dc:74: 0e:ee:50:26:99:76:bc:93:19:61:5d:6d:fc:93:ac: 3f:c6:f0:48:77:dc:4b:81:d3:18:62:df:2b:42:85: 98:e7:4d:02:bf:b0:c5:bb:95:c8:99:6d:b4:fa:25: ef:22:75:02:77:e4:57:41:31:5b:9c:c0:43:cb:55: 4a:9f:8c:9a:fb:f3:31:72:c3:4f:87:ea:39:b3:a8: 2c:c2:4b:45:9e:fe:aa:f1:31:00:57:a1:12:2c:d1: da:98:f2:3f:2c:bd:2f:06:d3:d5:af:5c:02:db:ff: 36:fc:e3:92:8c:64:cb:ec:c7:4e:31:47:7a:47:c0: 6d:f2:4f:9b:cf:3e:b4:cc:23:c4:79:1a:13:e2:f7: 2c:ab:0d:a4:27:48:2f:6e:2c:db:f4:60:c1:48:5f: 55:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:EC:71:0C:03:3F:F0:7F:6F:AA:BA:81:44:9A:F8:E8:B7:8F:68:FF X509v3 Authority Key Identifier: keyid:E1:D9:5A:3C:BD:D9:20:29:AE:BE:1E:13:08:09:9E:62:49:CD:36:24 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0CA1/7063E424523F11EA8C9CF016C4F9AE02/4dlaPL3ZICmuvh4TCAmeYknNNiQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4dlaPL3ZICmuvh4TCAmeYknNNiQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0CA1/7063E424523F11EA8C9CF016C4F9AE02/4dlaPL3ZICmuvh4TCAmeYknNNiQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:0e:a2:19:a7:cd:fb:4b:f6:bf:7a:02:6a:d2:65:95:76:e8: 24:c0:f7:6b:eb:50:c6:37:aa:c1:d4:3c:72:4f:e3:cf:a2:7f: 71:fb:1e:a4:ce:be:40:f6:27:0e:d3:ff:5b:c9:5e:6f:33:92: 4c:8c:08:d6:8f:07:17:e5:16:b1:8a:7d:a1:f4:ca:df:0f:bb: 88:64:00:8d:86:4d:f3:48:9a:8b:46:1e:ef:1e:cf:92:0f:e7: 30:82:3e:00:0a:1b:49:2b:8a:0b:31:31:c3:60:2b:dc:58:46: f9:73:12:22:28:63:06:8d:23:25:a7:f2:9c:6c:36:26:e1:86: 79:fe:d9:3c:c5:fc:ad:3b:1b:eb:29:4e:65:a2:42:5c:e0:3b: 10:9a:09:f7:91:49:fb:49:bb:49:e2:88:aa:41:88:7f:e3:29: f4:e3:22:5c:e5:71:66:a6:4d:d8:b4:1b:60:20:bb:31:ed:64: 46:ff:92:ed:e1:52:fb:c0:b1:84:37:27:fa:af:2e:fe:7c:30: 99:57:8a:15:5e:a4:b5:cf:36:c3:b6:ad:dc:6c:42:08:cf:ad: dc:6e:65:e9:6d:2b:6b:0d:d3:c5:9a:f2:c4:ad:56:8f:79:29: 2e:4c:ff:8e:2e:c0:31:76:8d:e9:d4:2b:f6:04:1b:c2:e1:4c: 4d:50:ad:37 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCrUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTBDQTExMTAvBgNVBAUTKEUxRDk1QTNDQkREOTIwMjlBRUJFMUUxMzA4MDk5RTYy NDlDRDM2MjQwHhcNMjUwNTEyMTkyMTA4WhcNMjUwNTE5MTkyMTA4WjAYMRYwFAYD VQQDEw02ODIyNGEyNS00MzNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyc2L0NTdyBkzf6AuTiaWz6dMiw2RZDuj8oCZ2WqC34cjrNq7tL5pdI7Fr9R9 PKaWfzNUR1LYjVnWYSte75vNhOPSelYoH/cIKe3DLgVGhTdFmkIRUEQslXOIHZ5g n5g23CTLuEtR3HQO7lAmmXa8kxlhXW38k6w/xvBId9xLgdMYYt8rQoWY500Cv7DF u5XImW20+iXvInUCd+RXQTFbnMBDy1VKn4ya+/MxcsNPh+o5s6gswktFnv6q8TEA V6ESLNHamPI/LL0vBtPVr1wC2/82/OOSjGTL7MdOMUd6R8Bt8k+bzz60zCPEeRoT 4vcsqw2kJ0gvbizb9GDBSF9VQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDHscQwD P/B/b6q6gUSa+Oi3j2j/MB8GA1UdIwQYMBaAFOHZWjy92SAprr4eEwgJnmJJzTYk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMENBMS83MDYzRTQyNDUy M0YxMUVBOEM5Q0YwMTZDNEY5QUUwMi80ZGxhUEwzWklDbXV2aDRUQ0FtZVlrbk5O aVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRkbGFQTDNaSUNtdXZoNFRDQW1lWWtuTk5pUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MENBMS83MDYzRTQyNDUyM0YxMUVBOEM5Q0YwMTZDNEY5QUUwMi80ZGxhUEwzWklD bXV2aDRUQ0FtZVlrbk5OaVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQByDqIZp837S/a/egJq0mWVdugkwPdr61DGN6rB1DxyT+PPon9x+x6k zr5A9icO0/9byV5vM5JMjAjWjwcX5Raxin2h9MrfD7uIZACNhk3zSJqLRh7vHs+S D+cwgj4AChtJK4oLMTHDYCvcWEb5cxIiKGMGjSMlp/KcbDYm4YZ5/tk8xfytOxvr KU5lokJc4DsQmgn3kUn7SbtJ4oiqQYh/4yn04yJc5XFmpk3YtBtgILsx7WRG/5Lt 4VL7wLGENyf6ry7+fDCZV4oVXqS1zzbDtq3cbEIIz63cbmXpbStrDdPFmvLErVaP eSkuTP+OLsAxdo3p1Cv2BBvC4UxNUK03 -----END CERTIFICATE-----Generated at Wed May 14 01:16:27 2025 by rpki-client