$ rpki-client -vvf rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft File: 1AI0WEr2BZHzfdP7on68uFzHZWo.mft (raw, json) Hash identifier: uMj3HTYiEQnsIHJA4tNLnn4m9df2OPA7yl6fqsOwqRg= Subject key identifier: BC:5E:A1:2A:D8:E5:57:65:B0:E2:A8:4E:DE:FD:7A:F3:31:0D:2C:9E Authority key identifier: D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A Certificate issuer: /CN=A91E27F3/serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Certificate serial: 348A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft Manifest number: 3485 Signing time: Sat 10 May 2025 15:03:55 +0000 Manifest this update: Sat 10 May 2025 15:03:55 +0000 Manifest next update: Sat 17 May 2025 15:03:55 +0000 Files and hashes: 1: 1AI0WEr2BZHzfdP7on68uFzHZWo.crl (hash: xhYy96yEbfb9z1v99KFtC9XvU24ML37T1VmM1VjEmAI=) 2: 1B4B4FC2152F11ECB72E546FC4F9AE02.roa (hash: 08icoQFu/lUzJ7/49iluwBG/IFFfyhiQgRTkubc2rPw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 15:03:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13450 (0x348a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E27F3, serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Validity Not Before: May 10 15:03:55 2025 GMT Not After : May 17 15:03:55 2025 GMT Subject: CN=681f6adb-c6b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:8a:d7:57:50:27:a3:b1:99:37:66:eb:d2:0a: 21:0f:bc:06:6e:ef:86:cb:a2:f1:d7:9f:a1:0e:2d: 48:e0:20:51:ef:75:13:9a:32:0c:32:17:cf:c6:74: 83:94:0b:34:5c:1c:1e:b4:e5:e2:c5:12:f6:4f:25: a1:3b:77:93:2b:c1:4d:c0:d5:97:6c:d9:8c:62:cc: a8:00:a9:7a:4d:6b:3f:77:a4:21:4f:0e:92:4f:60: eb:c1:70:cd:8f:cd:0e:60:47:f3:3a:bb:0d:de:e9: e2:fa:ca:4c:82:cb:d4:a8:dd:78:50:e4:16:9e:3a: 17:76:33:55:50:76:66:be:ed:aa:49:72:68:d2:70: 3f:12:d9:a8:6c:f3:0f:10:7e:ca:43:8a:83:ef:b6: 1d:f8:b7:76:c7:2a:8a:90:73:65:4a:12:98:43:83: c0:66:2e:27:f6:72:ca:c6:99:21:51:78:92:5e:db: 66:96:6c:4d:fa:e9:87:39:74:8b:87:7f:4c:3a:a6: ae:d2:0e:c0:fd:58:94:6d:be:34:4b:0f:77:85:26: 47:b0:61:26:b1:32:9f:84:c4:0d:93:9e:d9:39:ec: 30:a4:e8:ec:6f:e7:25:0c:8a:e7:fc:8d:cc:20:4f: 0f:dd:37:db:83:24:07:ed:e5:82:30:6e:35:03:6d: 20:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:5E:A1:2A:D8:E5:57:65:B0:E2:A8:4E:DE:FD:7A:F3:31:0D:2C:9E X509v3 Authority Key Identifier: keyid:D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:29:de:3b:f4:df:9b:cd:10:87:60:ba:07:7c:21:f4:06:1b: ad:e8:71:f0:2a:0e:1b:8a:f6:8c:3d:a4:f9:27:b6:5f:c6:69: 4c:f8:46:de:0f:72:1c:15:92:8e:9e:02:00:c9:27:72:e5:18: 7b:d3:90:b2:09:1f:12:f5:38:60:16:be:25:0a:ca:de:bb:a4: 00:9f:f5:b2:86:8e:48:4e:81:8d:e8:7a:16:e0:12:ac:96:10: e8:ef:64:c9:f8:f6:9a:ff:a6:f7:22:2e:4f:81:fc:ec:3f:f2: f3:76:27:de:29:12:c3:54:b9:23:07:d9:48:64:87:d7:09:a0: 36:9d:a0:7a:a4:cd:e7:68:21:d1:2d:67:98:ba:99:4b:ad:29: 7e:fb:f1:a0:57:c7:b8:98:ee:d8:8e:b3:c7:36:f1:91:30:58: 40:7e:bb:08:ae:9e:69:cf:15:96:28:25:db:bc:f0:6d:a0:1f: c1:22:ad:d2:84:80:03:37:a5:bc:dc:82:6d:e5:59:06:a4:35: 2b:68:cb:8d:c8:46:83:2e:73:ff:3c:e1:8d:c8:d8:d4:3c:2d: 0c:dc:d2:47:bf:da:a5:c0:df:0d:44:3f:01:31:ae:c9:26:78: 35:0d:86:7c:db:f6:da:43:8a:00:b7:67:07:a7:6c:e5:1b:15: ac:4e:1a:9a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNIowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTI3RjMxMTAvBgNVBAUTKEQ0MDIzNDU4NEFGNjA1OTFGMzdERDNGQkEyN0VCQ0I4 NUNDNzY1NkEwHhcNMjUwNTEwMTUwMzU1WhcNMjUwNTE3MTUwMzU1WjAYMRYwFAYD VQQDEw02ODFmNmFkYi1jNmIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6orXV1Ano7GZN2br0gohD7wGbu+Gy6Lx15+hDi1I4CBR73UTmjIMMhfPxnSD lAs0XBwetOXixRL2TyWhO3eTK8FNwNWXbNmMYsyoAKl6TWs/d6QhTw6ST2DrwXDN j80OYEfzOrsN3uni+spMgsvUqN14UOQWnjoXdjNVUHZmvu2qSXJo0nA/EtmobPMP EH7KQ4qD77Yd+Ld2xyqKkHNlShKYQ4PAZi4n9nLKxpkhUXiSXttmlmxN+umHOXSL h39MOqau0g7A/ViUbb40Sw93hSZHsGEmsTKfhMQNk57ZOewwpOjsb+clDIrn/I3M IE8P3TfbgyQH7eWCMG41A20g8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLxeoSrY 5VdlsOKoTt79evMxDSyeMB8GA1UdIwQYMBaAFNQCNFhK9gWR833T+6J+vLhcx2Vq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjdGMy9BNkRFMUNFODFE QTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJaSHpmZFA3b242OHVGekha V28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFBSTBXRXIyQlpIemZkUDdvbjY4dUZ6SFpXby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MjdGMy9BNkRFMUNFODFEQTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJa SHpmZFA3b242OHVGekhaV28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAzKd479N+bzRCHYLoHfCH0Bhut6HHwKg4bivaMPaT5J7ZfxmlM+Ebe D3IcFZKOngIAySdy5Rh705CyCR8S9ThgFr4lCsreu6QAn/Wyho5IToGN6HoW4BKs lhDo72TJ+Paa/6b3Ii5PgfzsP/LzdifeKRLDVLkjB9lIZIfXCaA2naB6pM3naCHR LWeYuplLrSl++/GgV8e4mO7YjrPHNvGRMFhAfrsIrp5pzxWWKCXbvPBtoB/BIq3S hIADN6W83IJt5VkGpDUraMuNyEaDLnP/POGNyNjUPC0M3NJHv9qlwN8NRD8BMa7J Jng1DYZ82/baQ4oAt2cHp2zlGxWsThqa -----END CERTIFICATE-----Generated at Sat May 10 19:44:16 2025 by rpki-client