$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft File: IHitW73x1MW5cLvik02aNV2zHOg.mft (raw, json) Hash identifier: NZUDYIS42IMLSsS0nZS1L02omNdXfzPRyHsuKUbeoHo= Subject key identifier: 65:EC:6C:3E:F3:F5:1B:5B:55:92:69:A1:16:38:DC:E5:B2:56:FE:6A Authority key identifier: 20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 Certificate issuer: /CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Certificate serial: 04EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft Manifest number: 04E1 Signing time: Thu 08 May 2025 23:35:20 +0000 Manifest this update: Thu 08 May 2025 23:35:19 +0000 Manifest next update: Thu 15 May 2025 23:35:19 +0000 Files and hashes: 1: IHitW73x1MW5cLvik02aNV2zHOg.crl (hash: kVxmhR5u8dqGaoYAwu9S419Coo9UAE3N8lMNDOmkXRM=) 2: 5EAA75CC28E511F0BE4DF317C4F9AE02.roa (hash: aZ97R0qET0w8nFTTAAMLi629/SQxZPM4icyK4OVkGiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 15 May 2025 23:35:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1259 (0x4eb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4DFA, serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Validity Not Before: May 8 23:35:19 2025 GMT Not After : May 15 23:35:19 2025 GMT Subject: CN=681d3fb8-b2a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:6e:48:f6:cb:ef:10:16:d4:3e:0d:ce:8f:fe: 87:28:31:8e:6f:f8:22:f2:bf:23:ec:d4:65:0c:ac: eb:bc:ec:2e:f0:53:20:c3:fd:26:0c:71:e1:1f:ff: d9:df:f2:bf:54:f7:65:e1:02:2d:e0:39:af:27:83: f8:f7:cc:6a:ba:d1:3c:da:46:9a:04:a6:69:ff:51: 54:96:4b:ef:fb:51:8f:63:30:6a:b7:34:35:6e:ad: 07:27:bf:c7:70:2a:ca:84:a7:66:a1:f6:68:af:52: 66:a5:0e:77:9c:47:8d:ee:43:aa:e4:ae:09:2b:9b: 42:69:f6:a0:53:3d:1a:b2:60:0e:96:fd:1e:77:83: 59:5d:32:c6:fb:d8:04:13:58:be:90:7f:e4:f0:44: c1:f0:72:22:69:d3:ff:56:03:fb:71:c8:d3:c5:f3: 26:32:33:61:48:6f:14:89:f0:fe:3f:b3:4e:fa:49: f6:f1:a2:98:7b:1a:1e:56:63:da:8c:c5:9d:4d:8b: 84:9f:70:41:3e:3b:f2:79:1f:ff:7b:77:f3:cd:b2: eb:ae:e3:70:23:07:f6:2b:63:eb:cd:9f:d2:db:17: a9:c8:8e:8c:3b:dc:05:1a:91:0b:9b:a3:46:d5:7b: 10:49:1f:1d:71:a4:3e:93:86:29:d1:5f:7a:2e:ee: 55:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:EC:6C:3E:F3:F5:1B:5B:55:92:69:A1:16:38:DC:E5:B2:56:FE:6A X509v3 Authority Key Identifier: keyid:20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:3e:a4:cc:39:b6:f7:a1:9d:7b:8a:87:bb:b3:f9:d4:71:b0: 37:9b:9a:b0:37:98:41:23:3f:d1:85:28:51:f7:a1:15:d2:d7: 17:f0:0f:c1:77:51:c2:88:95:3e:5d:43:de:06:9f:11:b3:0d: 5c:69:7e:b1:38:8b:a6:c0:1d:18:74:a8:89:ed:e8:54:ca:86: 9c:c6:5a:63:22:a7:b2:90:0f:d2:73:fb:8e:0f:c6:46:9f:ea: fa:e1:37:26:86:ff:d4:4e:ee:30:3c:5c:92:70:7c:53:be:68: 3a:ab:4d:f2:b6:f3:66:9e:35:90:df:f7:86:9c:21:43:53:65: b9:72:87:15:ea:bb:ac:d1:b3:96:e5:db:ae:e3:a3:6b:7c:0e: 39:b9:83:be:a5:67:e2:07:fa:08:ab:21:2c:2e:6c:33:55:90: 4b:82:ce:32:cb:0b:f0:f7:98:a0:0c:21:2f:47:7b:f9:5a:20: 2e:b5:c4:e4:bf:af:c2:39:a6:da:c7:b5:09:6d:d5:7b:3d:98: d0:eb:11:1e:8e:ef:16:00:75:1c:dd:06:5a:01:3b:6a:90:53: fa:45:af:40:7e:31:ef:ff:0f:cf:38:2e:46:a1:fb:80:57:d8: 2b:58:16:ba:09:22:52:36:36:c9:f6:5e:fa:1c:d6:43:a1:49: 0e:b2:63:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBOswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTRERkExMTAvBgNVBAUTKDIwNzhBRDVCQkRGMUQ0QzVCOTcwQkJFMjkzNEQ5QTM1 NURCMzFDRTgwHhcNMjUwNTA4MjMzNTE5WhcNMjUwNTE1MjMzNTE5WjAYMRYwFAYD VQQDEw02ODFkM2ZiOC1iMmE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmm5I9svvEBbUPg3Oj/6HKDGOb/gi8r8j7NRlDKzrvOwu8FMgw/0mDHHhH//Z 3/K/VPdl4QIt4DmvJ4P498xqutE82kaaBKZp/1FUlkvv+1GPYzBqtzQ1bq0HJ7/H cCrKhKdmofZor1JmpQ53nEeN7kOq5K4JK5tCafagUz0asmAOlv0ed4NZXTLG+9gE E1i+kH/k8ETB8HIiadP/VgP7ccjTxfMmMjNhSG8UifD+P7NO+kn28aKYexoeVmPa jMWdTYuEn3BBPjvyeR//e3fzzbLrruNwIwf2K2PrzZ/S2xepyI6MO9wFGpELm6NG 1XsQSR8dcaQ+k4Yp0V96Lu5VIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGXsbD7z 9RtbVZJpoRY43OWyVv5qMB8GA1UdIwQYMBaAFCB4rVu98dTFuXC74pNNmjVdsxzo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNERGQS84NDU5ODRDRTFB ODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFNVzVjTHZpazAyYU5WMnpI T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lIaXRXNzN4MU1XNWNMdmlrMDJhTlYyekhPZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NERGQS84NDU5ODRDRTFBODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFN VzVjTHZpazAyYU5WMnpIT2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkPqTMObb3oZ17ioe7s/nUcbA3m5qwN5hBIz/RhShR96EV0tcX8A/B d1HCiJU+XUPeBp8Rsw1caX6xOIumwB0YdKiJ7ehUyoacxlpjIqeykA/Sc/uOD8ZG n+r64Tcmhv/UTu4wPFyScHxTvmg6q03ytvNmnjWQ3/eGnCFDU2W5cocV6rus0bOW 5duu46NrfA45uYO+pWfiB/oIqyEsLmwzVZBLgs4yywvw95igDCEvR3v5WiAutcTk v6/COabax7UJbdV7PZjQ6xEeju8WAHUc3QZaATtqkFP6Ra9AfjHv/w/POC5GofuA V9grWBa6CSJSNjbJ9l76HNZDoUkOsmNo -----END CERTIFICATE-----Generated at Sat May 10 19:08:05 2025 by rpki-client