$ rpki-client -vvf rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft File: iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft (raw, json) Hash identifier: PX/+DGLeXs/M/M+yxIuFpn+4AQsXGGHRmEiB+KLHB8Y= Subject key identifier: 30:3B:BA:9B:D9:71:56:99:D0:C2:F9:8B:A5:7B:30:9E:90:8C:BC:E6 Authority key identifier: 89:02:78:90:03:3D:5D:62:3B:D4:E4:39:86:E8:80:F6:AB:13:84:94 Certificate issuer: /CN=A91ECE62/serialNumber=89027890033D5D623BD4E43986E880F6AB138494 Certificate serial: 0152 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQJ4kAM9XWI71OQ5huiA9qsThJQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft Manifest number: 014E Signing time: Sun 11 May 2025 03:06:52 +0000 Manifest this update: Sun 11 May 2025 03:06:51 +0000 Manifest next update: Sun 18 May 2025 03:06:51 +0000 Files and hashes: 1: iQJ4kAM9XWI71OQ5huiA9qsThJQ.crl (hash: 9Owp/JLIj7G/hm3OlQnfzUzqH9ohUSAFq7sdLacw37k=) 2: 047E1E9C341C11EE84F4D52CC4F9AE02.roa (hash: rbEk2KoFtT0uaq48+jo8FPtXO3/HKOrBaUxyg4fgBYU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.crl rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQJ4kAM9XWI71OQ5huiA9qsThJQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 03:06:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 338 (0x152) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ECE62, serialNumber=89027890033D5D623BD4E43986E880F6AB138494 Validity Not Before: May 11 03:06:51 2025 GMT Not After : May 18 03:06:51 2025 GMT Subject: CN=6820144b-620e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:ef:36:36:ec:08:ac:b9:48:a9:a0:de:dd:2c: 7e:d2:37:ac:1d:0d:9e:2b:f5:2c:70:85:bb:34:8d: c3:60:75:19:71:73:2d:52:cf:dc:2d:28:9b:b0:9b: c0:f0:8b:7d:3f:77:07:61:6f:e4:f2:41:7e:38:46: c0:14:9b:e9:3b:81:ce:f5:ab:65:b9:07:7b:56:7d: 03:ea:05:f8:db:4f:35:54:25:5d:85:cf:fe:f6:6d: a9:f2:6d:ff:fb:da:5c:4f:a9:ca:4e:60:92:43:15: be:d0:ba:59:b1:cf:00:5c:db:b9:bc:16:6c:52:08: 90:96:6f:8c:2c:b0:40:ce:5b:bf:67:8c:c0:63:d5: ed:fc:47:3c:ab:a1:20:5a:2c:e6:6c:81:4e:13:4b: fa:54:5d:06:ce:51:06:ea:93:6a:8d:d3:2c:f5:3f: ac:fa:7e:4d:4e:bf:eb:27:1c:14:1e:7b:fc:53:ae: d4:3d:d2:8e:2f:02:16:d5:6a:aa:55:be:51:3c:3b: 35:a1:b8:95:6d:40:2a:2c:d5:d2:20:63:9e:8c:1d: 01:c5:de:0f:bf:eb:4f:d1:d2:6a:ab:f4:4f:d4:06: d2:bf:5f:8a:af:50:37:ba:c9:26:89:94:6d:ee:af: b2:67:b8:3a:9c:39:f9:d4:3f:ee:16:b7:67:52:78: 0d:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:3B:BA:9B:D9:71:56:99:D0:C2:F9:8B:A5:7B:30:9E:90:8C:BC:E6 X509v3 Authority Key Identifier: keyid:89:02:78:90:03:3D:5D:62:3B:D4:E4:39:86:E8:80:F6:AB:13:84:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQJ4kAM9XWI71OQ5huiA9qsThJQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:8e:4f:4b:59:89:e1:68:4a:a7:13:3e:ea:eb:0b:f9:0a:33: 37:92:71:97:1e:e1:83:3b:7d:0c:51:e7:31:f7:7b:08:9b:4e: 6f:f8:67:00:4e:62:ac:7c:08:e5:5a:75:58:d3:77:6d:71:f7: a3:3e:41:ef:1e:f5:2c:e3:1a:4f:75:f1:00:81:aa:28:ed:20: 65:73:a6:63:97:fb:57:92:dc:80:c2:57:1d:0e:be:0a:b5:cf: db:f9:5b:d7:6b:78:44:13:79:b9:71:f7:ed:be:ba:5c:fa:05: d6:52:61:0e:1e:c1:e5:4b:dc:95:52:03:4c:3d:ca:94:54:e4: 43:9e:7a:8b:8c:ee:51:a3:da:91:e9:8a:51:cc:8d:89:9c:ac: e6:90:2d:84:c6:9e:43:f8:0c:b8:ae:5e:7c:09:cb:de:a9:be: 10:d4:0d:3c:9b:4b:d1:2f:83:b1:23:dd:cd:2c:2a:7a:4f:10: 76:5d:31:b5:50:1c:22:08:6f:90:a0:53:59:85:0f:3b:07:62: ad:02:d8:10:df:6c:b0:ef:95:4c:72:0a:fd:79:cc:d2:99:84: 08:cc:fd:79:6d:59:b4:16:10:4f:a8:15:e5:3a:d5:f1:fe:cd: 18:f8:5c:e9:5a:3d:1d:73:ca:2f:12:0c:b7:f9:fe:0a:42:1f: 2b:f6:01:73 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUNFNjIxMTAvBgNVBAUTKDg5MDI3ODkwMDMzRDVENjIzQkQ0RTQzOTg2RTg4MEY2 QUIxMzg0OTQwHhcNMjUwNTExMDMwNjUxWhcNMjUwNTE4MDMwNjUxWjAYMRYwFAYD VQQDEw02ODIwMTQ0Yi02MjBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp+82NuwIrLlIqaDe3Sx+0jesHQ2eK/UscIW7NI3DYHUZcXMtUs/cLSibsJvA 8It9P3cHYW/k8kF+OEbAFJvpO4HO9atluQd7Vn0D6gX42081VCVdhc/+9m2p8m3/ +9pcT6nKTmCSQxW+0LpZsc8AXNu5vBZsUgiQlm+MLLBAzlu/Z4zAY9Xt/Ec8q6Eg WizmbIFOE0v6VF0GzlEG6pNqjdMs9T+s+n5NTr/rJxwUHnv8U67UPdKOLwIW1Wqq Vb5RPDs1obiVbUAqLNXSIGOejB0Bxd4Pv+tP0dJqq/RP1AbSv1+Kr1A3uskmiZRt 7q+yZ7g6nDn51D/uFrdnUngN2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDA7upvZ cVaZ0ML5i6V7MJ6QjLzmMB8GA1UdIwQYMBaAFIkCeJADPV1iO9TkOYbogParE4SU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQ0U2Mi8yMUQ1Q0NERTM0 MUIxMUVFOUY4NDkwMjhDNEY5QUUwMi9pUUo0a0FNOVhXSTcxT1E1aHVpQTlxc1Ro SlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lRSjRrQU05WFdJNzFPUTVodWlBOXFzVGhKUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF Q0U2Mi8yMUQ1Q0NERTM0MUIxMUVFOUY4NDkwMjhDNEY5QUUwMi9pUUo0a0FNOVhX STcxT1E1aHVpQTlxc1RoSlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGjk9LWYnhaEqnEz7q6wv5CjM3knGXHuGDO30MUecx93sIm05v+GcA TmKsfAjlWnVY03dtcfejPkHvHvUs4xpPdfEAgaoo7SBlc6Zjl/tXktyAwlcdDr4K tc/b+VvXa3hEE3m5cfftvrpc+gXWUmEOHsHlS9yVUgNMPcqUVORDnnqLjO5Ro9qR 6YpRzI2JnKzmkC2Exp5D+Ay4rl58Ccveqb4Q1A08m0vRL4OxI93NLCp6TxB2XTG1 UBwiCG+QoFNZhQ87B2KtAtgQ32yw75VMcgr9eczSmYQIzP15bVm0FhBPqBXlOtXx /s0Y+FzpWj0dc8ovEgy3+f4KQh8r9gFz -----END CERTIFICATE-----Generated at Mon May 12 04:40:01 2025 by rpki-client