$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.mft File: PN9D1xf8WEnyOpTimncrKKXXAeM.mft (raw, json) Hash identifier: ytUvf0Mm5mT7juo2yynbxuVXxuGFCGhqmKLo5oswN9I= Subject key identifier: C5:13:1F:3E:65:AA:D0:3F:6A:D2:5D:E2:59:F0:6B:9B:26:DA:28:5E Authority key identifier: 3C:DF:43:D7:17:FC:58:49:F2:3A:94:E2:9A:77:2B:28:A5:D7:01:E3 Certificate issuer: /CN=A91E3BB3/serialNumber=3CDF43D717FC5849F23A94E29A772B28A5D701E3 Certificate serial: 0848 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.mft Manifest number: 0840 Signing time: Fri 16 May 2025 21:05:36 +0000 Manifest this update: Fri 16 May 2025 21:05:35 +0000 Manifest next update: Fri 23 May 2025 21:05:35 +0000 Files and hashes: 1: PN9D1xf8WEnyOpTimncrKKXXAeM.crl (hash: JaW7yUrYZWeNSCKH82H+VLVNn/Y5IArze1ttdmFVLGs=) 2: D0CF108ED85111EF9DC0826CC4F9AE02.roa (hash: zvHITej7x6G5n4QCQAElY7CsJ+bvYQTRcFwTwkacxFI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.crl rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 23 May 2025 21:05:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2120 (0x848) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3BB3, serialNumber=3CDF43D717FC5849F23A94E29A772B28A5D701E3 Validity Not Before: May 16 21:05:35 2025 GMT Not After : May 23 21:05:35 2025 GMT Subject: CN=6827a89f-c424 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:79:12:a5:cb:8d:79:72:f6:9c:13:a9:63:c3: bc:06:6a:20:0f:97:3c:c7:21:37:04:91:c9:d1:68: da:09:96:ab:0c:65:14:b5:1f:89:a6:d3:52:b3:5a: f8:e4:2a:87:5d:86:e4:d1:08:d0:32:83:53:98:92: 13:86:fd:00:8a:56:21:46:79:c4:b2:b6:14:6c:ca: d7:97:99:de:42:57:13:7b:1a:ec:e0:ee:ee:74:9d: e0:c3:36:cf:fc:b1:6e:7a:64:75:bf:06:f0:41:4c: b0:05:f3:f6:36:91:3b:0f:68:1d:7d:6d:47:bb:93: 50:83:25:27:4a:ca:b8:2d:77:92:0d:81:d2:78:41: 3f:dc:2f:7e:5b:be:5a:56:c9:48:43:0e:cd:42:81: 77:bc:1c:ec:db:27:2b:d0:22:8c:67:78:b0:ce:e0: c7:16:4d:d7:76:6a:fa:6d:01:d8:c3:df:06:9f:39: 62:ce:a4:56:b2:bc:21:36:5d:97:4c:9f:bb:73:34: 59:70:dd:d0:f8:ad:06:32:c9:63:32:37:00:41:f9: 6b:7a:f3:1a:18:ca:46:fc:bc:88:d7:d7:86:02:75: b2:b4:ee:af:60:a8:b1:2f:5c:ff:35:e1:1f:01:55: 89:98:5d:28:f3:51:7d:f6:4c:c6:b9:76:8b:ad:4c: 02:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:13:1F:3E:65:AA:D0:3F:6A:D2:5D:E2:59:F0:6B:9B:26:DA:28:5E X509v3 Authority Key Identifier: keyid:3C:DF:43:D7:17:FC:58:49:F2:3A:94:E2:9A:77:2B:28:A5:D7:01:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PN9D1xf8WEnyOpTimncrKKXXAeM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3BB3/95AEA9E8CBE411EA806A4A75C4F9AE02/PN9D1xf8WEnyOpTimncrKKXXAeM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:62:c0:40:3a:03:1e:36:fb:80:84:6c:cc:1f:9f:88:0f:66: 67:3b:42:f3:7c:cc:a2:a7:8f:a3:42:92:d6:b8:82:a9:b5:5c: c9:50:3b:df:97:c8:18:fe:72:24:0d:2c:7c:26:9d:48:01:cb: ea:9d:e7:29:7b:34:93:85:ba:d0:c1:64:51:c3:1d:08:65:72: 3f:63:fc:bb:b1:23:fb:b8:dc:fc:4a:19:53:a3:7a:7f:7a:55: 7c:89:98:01:14:af:36:54:dc:12:6f:24:5e:45:1c:26:71:44: 36:10:4b:2c:60:de:3c:a3:9b:e1:66:db:80:0f:87:b9:3a:87: 09:50:18:23:d0:fd:00:75:bd:14:25:f1:56:95:4f:0e:d4:e8: 13:4d:c3:34:1b:74:6e:a9:a4:d6:58:13:73:c4:23:67:f0:a6: 34:fc:f4:ac:bf:93:0c:a8:a7:0e:da:8f:4e:47:96:d8:21:45: 97:8e:03:03:5f:d6:19:bb:df:83:30:37:89:a0:8b:a1:e2:b7: 02:29:83:c3:85:4e:56:45:93:57:c0:80:7b:49:6f:70:ff:fd: 9b:fc:0a:5e:d6:c2:81:15:3e:5b:09:b9:16:91:75:57:f4:be: 15:0e:9b:1a:7c:9f:aa:d1:bf:57:b1:ed:e4:b5:e1:88:b7:e0: f2:2b:76:64 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCEgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTNCQjMxMTAvBgNVBAUTKDNDREY0M0Q3MTdGQzU4NDlGMjNBOTRFMjlBNzcyQjI4 QTVENzAxRTMwHhcNMjUwNTE2MjEwNTM1WhcNMjUwNTIzMjEwNTM1WjAYMRYwFAYD VQQDEw02ODI3YTg5Zi1jNDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1HkSpcuNeXL2nBOpY8O8BmogD5c8xyE3BJHJ0WjaCZarDGUUtR+JptNSs1r4 5CqHXYbk0QjQMoNTmJIThv0AilYhRnnEsrYUbMrXl5neQlcTexrs4O7udJ3gwzbP /LFuemR1vwbwQUywBfP2NpE7D2gdfW1Hu5NQgyUnSsq4LXeSDYHSeEE/3C9+W75a VslIQw7NQoF3vBzs2ycr0CKMZ3iwzuDHFk3Xdmr6bQHYw98GnzlizqRWsrwhNl2X TJ+7czRZcN3Q+K0GMsljMjcAQflrevMaGMpG/LyI19eGAnWytO6vYKixL1z/NeEf AVWJmF0o81F99kzGuXaLrUwC9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMUTHz5l qtA/atJd4lnwa5sm2iheMB8GA1UdIwQYMBaAFDzfQ9cX/FhJ8jqU4pp3Kyil1wHj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFM0JCMy85NUFFQTlFOENC RTQxMUVBODA2QTRBNzVDNEY5QUUwMi9QTjlEMXhmOFdFbnlPcFRpbW5jcktLWFhB ZU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BOOUQxeGY4V0VueU9wVGltbmNyS0tYWEFlTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF M0JCMy85NUFFQTlFOENCRTQxMUVBODA2QTRBNzVDNEY5QUUwMi9QTjlEMXhmOFdF bnlPcFRpbW5jcktLWFhBZU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApYsBAOgMeNvuAhGzMH5+ID2ZnO0LzfMyip4+jQpLWuIKptVzJUDvf l8gY/nIkDSx8Jp1IAcvqnecpezSThbrQwWRRwx0IZXI/Y/y7sSP7uNz8ShlTo3p/ elV8iZgBFK82VNwSbyReRRwmcUQ2EEssYN48o5vhZtuAD4e5OocJUBgj0P0Adb0U JfFWlU8O1OgTTcM0G3RuqaTWWBNzxCNn8KY0/PSsv5MMqKcO2o9OR5bYIUWXjgMD X9YZu9+DMDeJoIuh4rcCKYPDhU5WRZNXwIB7SW9w//2b/Ape1sKBFT5bCbkWkXVX 9L4VDpsafJ+q0b9Xse3kteGIt+DyK3Zk -----END CERTIFICATE-----Generated at Sat May 17 10:13:18 2025 by rpki-client