$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft File: IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft (raw, json) Hash identifier: phuG7aLyjAR4wn0yFb0eSoCw4zNSAvNBks+9iHhbKd4= Subject key identifier: 7D:57:C7:4F:AD:BC:FA:0C:0D:F7:35:83:DF:4C:4C:75:DD:B2:7E:2A Authority key identifier: 21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA Certificate issuer: /CN=A91EA409/serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Certificate serial: 65 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft Manifest number: 63 Signing time: Sun 11 May 2025 05:47:51 +0000 Manifest this update: Sun 11 May 2025 05:47:51 +0000 Manifest next update: Sun 18 May 2025 05:47:51 +0000 Files and hashes: 1: IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl (hash: BKAqxC+MNYWfDPiFGNxC+2/TSFbN/JPvrBOOhRB5oOU=) 2: E9F177B89D9C11EFA9526A6CC4F9AE02.roa (hash: /L7H1H9bfON5bqOj4q1pWVjciM/BYtStadHGVAVA9LE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 05:47:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA409, serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Validity Not Before: May 11 05:47:51 2025 GMT Not After : May 18 05:47:51 2025 GMT Subject: CN=68203a07-70ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ae:f4:fe:1f:2e:83:7d:c5:e1:de:cf:da:d4: c9:10:d5:3a:dc:a1:00:bc:85:cb:4d:28:8f:83:07: fd:63:78:c6:2b:e5:0c:af:c7:dd:f2:9d:e9:58:cf: ed:c9:ce:a2:3d:67:e7:99:b8:64:11:9f:1a:b9:a5: 02:f0:93:a5:d3:c9:28:8e:18:2d:4e:11:1b:73:34: ad:63:af:2e:41:12:9b:19:fa:c3:ca:06:1b:3f:60: 59:6c:e6:88:7b:2e:d4:e1:27:58:f1:e7:ab:c7:43: 5d:3a:03:d4:37:18:05:8c:4e:13:a3:28:e0:28:a0: 59:d0:37:96:ab:e1:55:0a:c4:9f:cd:2e:f8:38:1a: bf:98:be:f1:a9:37:99:e1:9a:2f:02:57:90:df:bb: d5:a9:e3:20:71:83:69:22:4a:cd:23:22:df:b2:38: 51:58:da:73:ea:7e:3b:bf:a3:fe:7e:38:12:2d:64: 54:46:7e:a2:e7:57:00:44:6d:59:f3:15:74:7b:b6: bf:d2:82:37:df:6a:97:88:10:7f:78:6d:e2:f6:e4: e4:2c:3f:5a:8f:c7:f9:2e:1e:4e:05:1b:61:fb:81: 16:78:46:ad:46:9a:9b:f6:05:e4:75:60:70:e8:dc: 0e:b6:10:16:14:4d:46:19:39:e4:ee:d2:d6:86:56: 73:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:57:C7:4F:AD:BC:FA:0C:0D:F7:35:83:DF:4C:4C:75:DD:B2:7E:2A X509v3 Authority Key Identifier: keyid:21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:de:a3:60:a0:b0:3e:72:42:ec:51:26:88:94:d4:ed:c4:ef: 1a:09:7c:f3:d4:8e:9c:5b:ec:5e:5d:e8:ac:c4:ce:b9:df:63: ba:9b:90:6f:47:a3:7f:3d:53:91:06:55:36:ec:57:36:15:70: 5f:5d:bb:8a:88:47:3f:fb:0c:1f:fa:18:21:62:36:da:40:f8: e8:51:6e:ef:f2:21:30:be:34:15:9f:7c:8f:81:98:4b:66:67: e7:37:b6:57:1d:6e:12:58:cc:ad:25:00:1f:1a:66:e7:96:98: a4:51:94:06:33:fe:72:ce:04:dc:74:3c:d3:42:2a:c9:8b:7b: 03:d4:64:87:d0:0c:a9:e4:36:4c:28:3c:47:c2:70:f5:f2:21: 21:91:2e:41:bc:dd:5a:1f:fd:ed:d6:41:b6:88:22:bd:b7:0c: 59:a6:f2:01:cd:9f:da:0e:fa:a8:f1:27:87:b1:43:0a:33:78: 3d:26:2c:37:0f:f3:eb:fa:a0:5f:ae:e1:4c:76:86:05:c6:dd: 26:77:93:fd:97:e4:05:28:42:2f:2a:40:76:fe:6a:0d:81:12: 65:37:cc:27:d0:ec:66:78:3a:21:b6:ca:30:90:5f:6c:ce:3a: 64:d3:af:8c:96:8a:0e:f6:07:c5:80:77:38:78:a0:7f:cb:f9: 14:c5:bc:ef -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBZTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QTQwOTExMC8GA1UEBRMoMjE2NERENTlBNjE1RDVGMkUzMzkzRTcyMDk4QTczQUQ4 NjhFNzhEQTAeFw0yNTA1MTEwNTQ3NTFaFw0yNTA1MTgwNTQ3NTFaMBgxFjAUBgNV BAMTDTY4MjAzYTA3LTcwZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC0rvT+Hy6DfcXh3s/a1MkQ1TrcoQC8hctNKI+DB/1jeMYr5Qyvx93ynelYz+3J zqI9Z+eZuGQRnxq5pQLwk6XTySiOGC1OERtzNK1jry5BEpsZ+sPKBhs/YFls5oh7 LtThJ1jx56vHQ106A9Q3GAWMThOjKOAooFnQN5ar4VUKxJ/NLvg4Gr+YvvGpN5nh mi8CV5Dfu9Wp4yBxg2kiSs0jIt+yOFFY2nPqfju/o/5+OBItZFRGfqLnVwBEbVnz FXR7tr/SgjffapeIEH94beL25OQsP1qPx/kuHk4FG2H7gRZ4Rq1Gmpv2BeR1YHDo 3A62EBYUTUYZOeTu0taGVnM3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUfVfHT628 +gwN9zWD30xMdd2yfiowHwYDVR0jBBgwFoAUIWTdWaYV1fLjOT5yCYpzrYaOeNow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBNDA5L0Y5NDRFM0NDOUNB QjExRUZBQjU5NTUxNkM0RjlBRTAyL0lXVGRXYVlWMWZMak9UNXlDWXB6cllhT2VO by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSVdUZFdhWVYxZkxqT1Q1eUNZcHpyWWFPZU5vLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVB NDA5L0Y5NDRFM0NDOUNBQjExRUZBQjU5NTUxNkM0RjlBRTAyL0lXVGRXYVlWMWZM ak9UNXlDWXB6cllhT2VOby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHLeo2CgsD5yQuxRJoiU1O3E7xoJfPPUjpxb7F5d6KzEzrnfY7qbkG9H o389U5EGVTbsVzYVcF9du4qIRz/7DB/6GCFiNtpA+OhRbu/yITC+NBWffI+BmEtm Z+c3tlcdbhJYzK0lAB8aZueWmKRRlAYz/nLOBNx0PNNCKsmLewPUZIfQDKnkNkwo PEfCcPXyISGRLkG83Vof/e3WQbaIIr23DFmm8gHNn9oO+qjxJ4exQwozeD0mLDcP 8+v6oF+u4Ux2hgXG3SZ3k/2X5AUoQi8qQHb+ag2BEmU3zCfQ7GZ4OiG2yjCQX2zO OmTTr4yWig72B8WAdzh4oH/L+RTFvO8= -----END CERTIFICATE-----Generated at Mon May 12 19:19:40 2025 by rpki-client