$ rpki-client -vvf rpki.apnic.net/member_repository/A91E520F/41CCBC6EA81911EFB9BDED71C4F9AE02/sb1NsCH1THJj88NTX4g2hJui5g4.mft File: sb1NsCH1THJj88NTX4g2hJui5g4.mft (raw, json) Hash identifier: 3DaZTiPio/ZaP7DqnehDKGpKMM+ERcmh7mXqLpJtR4s= Subject key identifier: F1:41:F0:A3:E6:CE:21:D1:31:FA:2A:FD:3D:FD:15:0A:D8:FB:7C:C8 Authority key identifier: B1:BD:4D:B0:21:F5:4C:72:63:F3:C3:53:5F:88:36:84:9B:A2:E6:0E Certificate issuer: /CN=A91E520F/serialNumber=B1BD4DB021F54C7263F3C3535F8836849BA2E60E Certificate serial: 5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sb1NsCH1THJj88NTX4g2hJui5g4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E520F/41CCBC6EA81911EFB9BDED71C4F9AE02/sb1NsCH1THJj88NTX4g2hJui5g4.mft Manifest number: 5B Signing time: Thu 15 May 2025 06:25:32 +0000 Manifest this update: Thu 15 May 2025 06:25:32 +0000 Manifest next update: Thu 22 May 2025 06:25:31 +0000 Files and hashes: 1: sb1NsCH1THJj88NTX4g2hJui5g4.crl (hash: O20reLZtNS88kpG9EwnvW8yY2vt2VOFQMXQFcvTp2D0=) 2: A30B17FAA81911EF862F3A56C4F9AE02.roa (hash: 5t/9vRDX7bOXj/AudhNlmGxZtmB+Rx0Lf8bwk6wLjkQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E520F/41CCBC6EA81911EFB9BDED71C4F9AE02/sb1NsCH1THJj88NTX4g2hJui5g4.crl rsync://rpki.apnic.net/member_repository/A91E520F/41CCBC6EA81911EFB9BDED71C4F9AE02/sb1NsCH1THJj88NTX4g2hJui5g4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sb1NsCH1THJj88NTX4g2hJui5g4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 22 May 2025 06:25:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 92 (0x5c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E520F, serialNumber=B1BD4DB021F54C7263F3C3535F8836849BA2E60E Validity Not Before: May 15 06:25:32 2025 GMT Not After : May 22 06:25:31 2025 GMT Subject: CN=682588dc-9a0e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:fd:a6:98:03:63:4b:47:51:c2:fd:02:39:fc: d9:ea:af:53:00:74:48:84:cc:9c:f7:3d:9f:e4:5f: b2:f0:cf:ef:8a:d0:8e:16:09:53:e5:dc:2d:c5:ad: 1c:c1:12:e9:13:c9:92:b0:5a:6d:61:0e:fc:d1:a7: 5d:2c:29:cc:6c:bf:17:3a:21:a2:7b:e2:ce:21:94: 6a:b6:f3:a7:77:30:cd:fe:83:67:19:76:cf:d8:20: 69:25:bf:3c:c4:08:37:e3:89:21:d7:49:7c:5e:d9: a4:c3:2f:a7:45:c8:70:a4:cd:c3:88:c2:d9:52:1f: 7b:81:9b:ca:17:aa:52:10:f3:3d:19:4b:54:e7:2c: ca:bc:01:65:c6:9f:a6:cd:55:7a:81:75:34:c0:b7: c1:59:b9:77:3d:b8:07:a2:1f:a3:10:28:cd:06:33: 5b:0f:7f:c2:14:1a:26:90:78:54:73:e0:6b:57:a3: 66:b5:14:b1:17:73:9b:86:80:39:0e:99:77:13:53: 48:7d:76:39:28:e1:30:48:aa:c9:14:e4:10:ec:ab: b3:22:4c:c4:29:f9:4a:26:4a:96:c8:f8:a8:3f:3b: d4:5f:9c:3d:ed:28:ec:1c:39:dd:e6:d4:fe:96:44: 15:eb:7a:87:60:bf:de:5f:7c:f5:8f:7b:b0:e1:3b: 58:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:41:F0:A3:E6:CE:21:D1:31:FA:2A:FD:3D:FD:15:0A:D8:FB:7C:C8 X509v3 Authority Key Identifier: keyid:B1:BD:4D:B0:21:F5:4C:72:63:F3:C3:53:5F:88:36:84:9B:A2:E6:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E520F/41CCBC6EA81911EFB9BDED71C4F9AE02/sb1NsCH1THJj88NTX4g2hJui5g4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sb1NsCH1THJj88NTX4g2hJui5g4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E520F/41CCBC6EA81911EFB9BDED71C4F9AE02/sb1NsCH1THJj88NTX4g2hJui5g4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:4c:e6:66:c6:75:c9:38:db:b2:ec:b1:11:f9:30:9c:fd:50: 6f:56:b0:2c:8c:f5:f9:c5:66:b6:fa:f8:61:72:df:ed:c1:4c: 2f:15:19:64:1b:e6:05:a4:43:b0:38:ed:7e:ff:9c:db:47:50: 1d:28:8b:3a:cd:fd:04:37:6f:75:21:0a:91:5c:d9:ec:ce:68: ff:fe:f4:ec:6b:cf:f2:72:39:0b:1e:63:29:d7:7b:c5:03:6c: 17:e7:d0:2d:d8:82:bd:95:34:47:77:e1:68:cf:18:cd:06:b6: 4e:2b:c5:75:3d:d4:cf:4b:b8:b0:a7:4c:08:34:22:2f:9f:c5: 5f:fa:e0:05:77:4e:fa:e3:ce:32:62:49:dd:da:38:f5:f6:1f: 04:5b:cd:d6:10:de:e2:2c:d3:60:55:c0:43:0e:40:a9:48:59: 4f:c6:db:f6:ad:f5:2c:07:65:af:fd:d4:71:f6:9c:b7:32:88: b6:78:75:68:26:b9:53:9f:d8:eb:d3:77:68:3f:b0:f5:9c:a5: 51:f1:f0:81:62:ac:00:03:a4:d8:a5:12:c5:2f:5d:ed:b0:cd: fa:1a:17:dd:0f:e1:53:5c:3d:3c:f5:37:10:6e:ad:bc:29:b8: ad:25:af:06:a9:86:19:f8:d4:80:2b:85:d0:03:30:d0:3a:b8: 91:64:92:aa -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF NTIwRjExMC8GA1UEBRMoQjFCRDREQjAyMUY1NEM3MjYzRjNDMzUzNUY4ODM2ODQ5 QkEyRTYwRTAeFw0yNTA1MTUwNjI1MzJaFw0yNTA1MjIwNjI1MzFaMBgxFjAUBgNV BAMTDTY4MjU4OGRjLTlhMGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC2/aaYA2NLR1HC/QI5/Nnqr1MAdEiEzJz3PZ/kX7Lwz++K0I4WCVPl3C3FrRzB EukTyZKwWm1hDvzRp10sKcxsvxc6IaJ74s4hlGq286d3MM3+g2cZds/YIGklvzzE CDfjiSHXSXxe2aTDL6dFyHCkzcOIwtlSH3uBm8oXqlIQ8z0ZS1TnLMq8AWXGn6bN VXqBdTTAt8FZuXc9uAeiH6MQKM0GM1sPf8IUGiaQeFRz4GtXo2a1FLEXc5uGgDkO mXcTU0h9djko4TBIqskU5BDsq7MiTMQp+UomSpbI+Kg/O9RfnD3tKOwcOd3m1P6W RBXreodgv95ffPWPe7DhO1jjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU8UHwo+bO IdEx+ir9Pf0VCtj7fMgwHwYDVR0jBBgwFoAUsb1NsCH1THJj88NTX4g2hJui5g4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU1MjBGLzQxQ0NCQzZFQTgx OTExRUZCOUJERUQ3MUM0RjlBRTAyL3NiMU5zQ0gxVEhKajg4TlRYNGcyaEp1aTVn NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvc2IxTnNDSDFUSEpqODhOVFg0ZzJoSnVpNWc0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU1 MjBGLzQxQ0NCQzZFQTgxOTExRUZCOUJERUQ3MUM0RjlBRTAyL3NiMU5zQ0gxVEhK ajg4TlRYNGcyaEp1aTVnNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGNM5mbGdck427LssRH5MJz9UG9WsCyM9fnFZrb6+GFy3+3BTC8VGWQb 5gWkQ7A47X7/nNtHUB0oizrN/QQ3b3UhCpFc2ezOaP/+9Oxrz/JyOQseYynXe8UD bBfn0C3Ygr2VNEd34WjPGM0Gtk4rxXU91M9LuLCnTAg0Ii+fxV/64AV3TvrjzjJi Sd3aOPX2HwRbzdYQ3uIs02BVwEMOQKlIWU/G2/at9SwHZa/91HH2nLcyiLZ4dWgm uVOf2OvTd2g/sPWcpVHx8IFirAADpNilEsUvXe2wzfoaF90P4VNcPTz1NxBurbwp uK0lrwaphhn41IArhdADMNA6uJFkkqo= -----END CERTIFICATE-----Generated at Fri May 16 09:46:14 2025 by rpki-client