$ rpki-client -vvf rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/4vF3N7hMH2eGnAOkf4xBn9QgAWw.mft File: 4vF3N7hMH2eGnAOkf4xBn9QgAWw.mft (raw, json) Hash identifier: kRNVxD9lCNlM05zxzje4YUmOkgzO2+rSySkhjfMQQ3A= Subject key identifier: E4:E2:BE:D0:1B:8A:02:84:A1:48:88:E7:69:F4:B7:A0:11:A4:ED:B1 Authority key identifier: E2:F1:77:37:B8:4C:1F:67:86:9C:03:A4:7F:8C:41:9F:D4:20:01:6C Certificate issuer: /CN=A91E1604/serialNumber=E2F17737B84C1F67869C03A47F8C419FD420016C Certificate serial: A1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vF3N7hMH2eGnAOkf4xBn9QgAWw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/4vF3N7hMH2eGnAOkf4xBn9QgAWw.mft Manifest number: A0 Signing time: Tue 13 May 2025 05:24:37 +0000 Manifest this update: Tue 13 May 2025 05:24:37 +0000 Manifest next update: Tue 20 May 2025 05:24:37 +0000 Files and hashes: 1: 4vF3N7hMH2eGnAOkf4xBn9QgAWw.crl (hash: 1pG9mnQOmscYswl41IFa7NfUTWCG/e1qZI63Sxq3DN4=) 2: 0B725F44496D11EF9F7F2116C4F9AE02.roa (hash: cLMsRe3bjQqt9KTlSv77ZsvirHU5HvmwxB64rB3nwQc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/4vF3N7hMH2eGnAOkf4xBn9QgAWw.crl rsync://rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/4vF3N7hMH2eGnAOkf4xBn9QgAWw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vF3N7hMH2eGnAOkf4xBn9QgAWw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 05:24:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 161 (0xa1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E1604, serialNumber=E2F17737B84C1F67869C03A47F8C419FD420016C Validity Not Before: May 13 05:24:37 2025 GMT Not After : May 20 05:24:37 2025 GMT Subject: CN=6822d795-9330 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:44:99:80:8a:ab:a5:38:1e:74:7e:ef:78:24: 35:02:f4:29:89:87:44:32:bb:fa:90:36:f9:43:3c: 34:8e:8f:b2:15:3e:dc:ea:98:8f:14:54:8c:c0:8f: 62:ed:1d:5b:84:0a:05:ab:36:36:aa:02:25:49:83: df:e9:a5:d7:35:88:a4:d9:cc:83:e5:28:1f:2b:28: 25:1f:af:37:13:ad:6d:07:fd:1c:a1:a6:0f:4e:56: 50:cf:39:04:71:8d:67:0c:b0:f0:b9:38:a9:7d:1b: 34:26:48:81:0e:32:b5:73:1e:74:df:6d:7d:15:c6: ff:af:8a:e7:88:84:a1:8d:e3:17:7c:55:f6:d9:9b: 9c:3a:fd:bf:90:bc:d6:81:dd:a3:98:b6:bd:85:2d: e2:e7:b6:0b:6a:01:4d:da:6e:8d:81:c0:8c:b2:16: 09:ba:3c:db:0a:16:8d:fc:cd:6a:93:d3:ec:9d:89: 9f:cc:70:6a:0e:52:57:e7:84:b7:91:9a:b3:cd:69: 60:f4:20:57:03:64:6b:1f:86:82:b0:f7:e5:c1:82: cf:61:13:c2:19:7b:43:bb:fd:c5:50:64:2a:96:0e: e5:47:fc:62:8f:d7:c1:eb:5a:c8:3a:73:56:78:5e: 68:79:1b:58:ec:54:f9:ba:4e:ae:7a:27:87:b5:51: f7:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:E2:BE:D0:1B:8A:02:84:A1:48:88:E7:69:F4:B7:A0:11:A4:ED:B1 X509v3 Authority Key Identifier: keyid:E2:F1:77:37:B8:4C:1F:67:86:9C:03:A4:7F:8C:41:9F:D4:20:01:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/4vF3N7hMH2eGnAOkf4xBn9QgAWw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vF3N7hMH2eGnAOkf4xBn9QgAWw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E1604/120C2C743CEB11EF94E24F59C4F9AE02/4vF3N7hMH2eGnAOkf4xBn9QgAWw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:14:2f:21:af:1f:3b:f1:1f:39:76:16:21:55:45:78:64:14: 27:8d:dd:89:95:da:1c:b5:bb:a0:e8:9a:bd:ad:bc:fd:b1:57: 77:ad:ea:cf:24:a6:d5:7b:fc:87:2e:c2:11:b3:37:a2:12:fa: 5b:ed:f8:73:1a:e9:f3:a9:6c:d7:9a:d4:5f:e8:52:77:24:78: 33:2c:ab:ce:3e:f1:95:76:13:0c:62:86:94:5e:1f:d5:da:3c: e4:ef:eb:13:1e:16:69:0f:9f:ab:a1:98:5c:fc:b3:e4:bb:69: 2e:d3:33:04:bc:62:0d:63:3b:dc:f0:a8:03:93:59:25:07:f3: e9:a1:cb:b1:22:31:a7:0d:0a:15:02:7d:7c:8a:67:55:aa:e2: c9:0c:f2:b4:43:b5:1b:bf:49:10:37:a4:4b:91:3f:cd:49:2b: 7b:a0:2c:7f:b1:b8:3c:cf:34:91:35:eb:ac:ce:f2:c3:86:8b: 62:b4:74:22:09:61:d3:46:ee:1e:74:6f:9e:db:7f:7f:d9:a2: 44:1f:06:e3:62:c8:ef:88:a6:be:2e:e1:f6:f0:f2:00:ac:99: dd:e4:7c:c0:91:b6:96:12:e1:4d:d8:15:c2:e7:b9:8c:a8:0b: 5c:d2:eb:b8:ab:ed:20:c7:b0:10:fe:a5:b3:4e:3e:bd:3b:31: 9c:e8:18:e0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTE2MDQxMTAvBgNVBAUTKEUyRjE3NzM3Qjg0QzFGNjc4NjlDMDNBNDdGOEM0MTlG RDQyMDAxNkMwHhcNMjUwNTEzMDUyNDM3WhcNMjUwNTIwMDUyNDM3WjAYMRYwFAYD VQQDEw02ODIyZDc5NS05MzMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq0SZgIqrpTgedH7veCQ1AvQpiYdEMrv6kDb5Qzw0jo+yFT7c6piPFFSMwI9i 7R1bhAoFqzY2qgIlSYPf6aXXNYik2cyD5SgfKyglH683E61tB/0coaYPTlZQzzkE cY1nDLDwuTipfRs0JkiBDjK1cx503219Fcb/r4rniIShjeMXfFX22ZucOv2/kLzW gd2jmLa9hS3i57YLagFN2m6NgcCMshYJujzbChaN/M1qk9PsnYmfzHBqDlJX54S3 kZqzzWlg9CBXA2RrH4aCsPflwYLPYRPCGXtDu/3FUGQqlg7lR/xij9fB61rIOnNW eF5oeRtY7FT5uk6ueieHtVH3ZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOTivtAb igKEoUiI52n0t6ARpO2xMB8GA1UdIwQYMBaAFOLxdze4TB9nhpwDpH+MQZ/UIAFs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMTYwNC8xMjBDMkM3NDND RUIxMUVGOTRFMjRGNTlDNEY5QUUwMi80dkYzTjdoTUgyZUduQU9rZjR4Qm45UWdB V3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzR2RjNON2hNSDJlR25BT2tmNHhCbjlRZ0FXdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MTYwNC8xMjBDMkM3NDNDRUIxMUVGOTRFMjRGNTlDNEY5QUUwMi80dkYzTjdoTUgy ZUduQU9rZjR4Qm45UWdBV3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB1FC8hrx878R85dhYhVUV4ZBQnjd2Jldoctbug6Jq9rbz9sVd3rerP JKbVe/yHLsIRszeiEvpb7fhzGunzqWzXmtRf6FJ3JHgzLKvOPvGVdhMMYoaUXh/V 2jzk7+sTHhZpD5+roZhc/LPku2ku0zMEvGINYzvc8KgDk1klB/PpocuxIjGnDQoV An18imdVquLJDPK0Q7Ubv0kQN6RLkT/NSSt7oCx/sbg8zzSRNeuszvLDhotitHQi CWHTRu4edG+e239/2aJEHwbjYsjviKa+LuH28PIArJnd5HzAkbaWEuFN2BXC57mM qAtc0uu4q+0gx7AQ/qWzTj69OzGc6Bjg -----END CERTIFICATE-----Generated at Thu May 15 03:37:34 2025 by rpki-client