$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft File: ciYIDnxlJSNDlihmsxOfAjhyxAI.mft (raw, json) Hash identifier: V2hqpL9/fqkEvcnrloNE2KW69qQrbvQA5q/iTLvoKR8= Subject key identifier: 4A:1E:32:8D:25:77:10:48:FB:F7:F5:51:A1:C2:F5:59:4B:FE:CA:83 Authority key identifier: 72:26:08:0E:7C:65:25:23:43:96:28:66:B3:13:9F:02:38:72:C4:02 Certificate issuer: /CN=A91ED596/serialNumber=7226080E7C65252343962866B3139F023872C402 Certificate serial: 8C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ciYIDnxlJSNDlihmsxOfAjhyxAI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft Manifest number: 8B Signing time: Sun 11 May 2025 05:13:39 +0000 Manifest this update: Sun 11 May 2025 05:13:39 +0000 Manifest next update: Sun 18 May 2025 05:13:39 +0000 Files and hashes: 1: ciYIDnxlJSNDlihmsxOfAjhyxAI.crl (hash: 8oD636IRKjtLzDzG3oXrAPvJtzHZlUa7hRSw70rQoHQ=) 2: C0C401905AE311EF90924C30C4F9AE02.roa (hash: 7P9QGIuS2YxmoaQtTvokUjWFQu4qLuQF/pm4P1jB/wE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.crl rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ciYIDnxlJSNDlihmsxOfAjhyxAI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 140 (0x8c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ED596, serialNumber=7226080E7C65252343962866B3139F023872C402 Validity Not Before: May 11 05:13:39 2025 GMT Not After : May 18 05:13:39 2025 GMT Subject: CN=68203203-dec7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:fd:1e:36:f5:e4:74:2b:57:5a:df:a3:a5:d3: a0:51:ef:00:5e:f8:4b:a3:99:4f:9e:64:f6:f8:62: 13:4f:cc:19:36:30:db:52:e9:e9:a7:f9:8c:ec:32: 86:ef:7a:d7:7f:d1:3a:b1:ce:5f:21:1a:8d:5b:25: 83:6a:96:6a:6b:43:52:30:90:c7:03:2f:0c:4e:c7: cb:81:e3:b2:cd:d4:43:c6:49:79:3f:25:df:c2:b3: bd:c9:45:2c:a3:e5:0e:7d:0b:bc:3f:75:5c:d9:ef: e7:87:d5:8a:c7:52:5b:b4:a7:1e:5f:03:15:56:d7: b0:37:2a:1c:49:d7:10:7f:01:c5:39:01:ca:c5:d4: 21:f4:88:22:47:dc:75:c7:d7:be:f7:ac:d3:7d:6c: b5:e6:d8:7f:66:2e:4c:4d:fb:34:82:3c:98:e0:0a: 14:2a:8d:8f:85:2c:d5:8b:65:08:53:45:89:9b:25: 9e:f9:9d:a5:19:64:ca:fa:0e:4a:26:12:62:a6:66: 3f:bd:e0:e5:3f:ad:2b:f3:92:e2:d0:9d:9d:1d:6f: bd:af:89:da:f4:6d:c7:59:6e:37:73:ea:23:e4:9f: 57:f9:7f:de:ba:20:27:c4:41:b2:ba:4f:6a:3e:bb: 9c:25:b9:d5:e1:89:69:a7:a4:6f:d8:ed:e9:f3:c2: 52:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:1E:32:8D:25:77:10:48:FB:F7:F5:51:A1:C2:F5:59:4B:FE:CA:83 X509v3 Authority Key Identifier: keyid:72:26:08:0E:7C:65:25:23:43:96:28:66:B3:13:9F:02:38:72:C4:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ciYIDnxlJSNDlihmsxOfAjhyxAI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:3a:8f:eb:88:20:58:a5:bf:cb:57:54:49:0e:0e:36:fa:01: 3c:ec:25:25:04:8b:0b:d6:c3:b9:55:46:3d:5e:5a:95:b7:e8: 66:19:ba:35:25:49:65:80:14:84:49:26:ff:4c:22:1e:db:f2: 86:0c:4f:ef:d2:95:7f:cd:4f:96:1f:53:c4:42:d6:3e:af:7e: 11:02:4a:14:94:a1:0d:ed:58:3c:b7:23:97:2e:88:56:38:76: 17:51:97:4f:c6:89:d1:3a:56:1c:23:c5:64:3b:20:f9:de:4d: 4a:77:41:6d:4f:5d:6b:6f:22:66:fa:c1:9c:17:00:2a:56:28: 26:51:2c:ba:cb:ba:8a:80:e2:f6:95:dd:36:9b:84:e8:9a:53: 88:0e:a2:16:33:fb:fc:40:b0:8a:16:20:ca:b0:54:6c:d3:2a: 1b:5c:0b:70:80:90:5e:63:64:ab:d8:d3:af:3d:cd:87:ec:34: 99:26:d1:8f:91:b9:db:b8:19:2f:aa:d2:42:66:3a:b3:11:32: 31:67:cc:24:b6:7d:07:6c:30:6a:ad:7d:15:d6:c1:a2:0d:6b: 3d:78:ce:fe:f9:5a:b9:8a:cf:3b:78:c8:b6:78:92:e2:3f:2d: a1:c0:09:c2:4d:c3:d1:62:d5:73:bc:09:48:f1:77:c0:6b:33: c6:97:ff:22 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUQ1OTYxMTAvBgNVBAUTKDcyMjYwODBFN0M2NTI1MjM0Mzk2Mjg2NkIzMTM5RjAy Mzg3MkM0MDIwHhcNMjUwNTExMDUxMzM5WhcNMjUwNTE4MDUxMzM5WjAYMRYwFAYD VQQDEw02ODIwMzIwMy1kZWM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9P0eNvXkdCtXWt+jpdOgUe8AXvhLo5lPnmT2+GITT8wZNjDbUunpp/mM7DKG 73rXf9E6sc5fIRqNWyWDapZqa0NSMJDHAy8MTsfLgeOyzdRDxkl5PyXfwrO9yUUs o+UOfQu8P3Vc2e/nh9WKx1JbtKceXwMVVtewNyocSdcQfwHFOQHKxdQh9IgiR9x1 x9e+96zTfWy15th/Zi5MTfs0gjyY4AoUKo2PhSzVi2UIU0WJmyWe+Z2lGWTK+g5K JhJipmY/veDlP60r85Li0J2dHW+9r4na9G3HWW43c+oj5J9X+X/euiAnxEGyuk9q PrucJbnV4Ylpp6Rv2O3p88JSpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEoeMo0l dxBI+/f1UaHC9VlL/sqDMB8GA1UdIwQYMBaAFHImCA58ZSUjQ5YoZrMTnwI4csQC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDU5Ni8wREUyM0UxNjVB RTMxMUVGOTMyQzIzMkZDNEY5QUUwMi9jaVlJRG54bEpTTkRsaWhtc3hPZkFqaHl4 QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NpWUlEbnhsSlNORGxpaG1zeE9mQWpoeXhBSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RDU5Ni8wREUyM0UxNjVBRTMxMUVGOTMyQzIzMkZDNEY5QUUwMi9jaVlJRG54bEpT TkRsaWhtc3hPZkFqaHl4QUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA1Oo/riCBYpb/LV1RJDg42+gE87CUlBIsL1sO5VUY9XlqVt+hmGbo1 JUllgBSESSb/TCIe2/KGDE/v0pV/zU+WH1PEQtY+r34RAkoUlKEN7Vg8tyOXLohW OHYXUZdPxonROlYcI8VkOyD53k1Kd0FtT11rbyJm+sGcFwAqVigmUSy6y7qKgOL2 ld02m4TomlOIDqIWM/v8QLCKFiDKsFRs0yobXAtwgJBeY2Sr2NOvPc2H7DSZJtGP kbnbuBkvqtJCZjqzETIxZ8wktn0HbDBqrX0V1sGiDWs9eM7++Vq5is87eMi2eJLi Py2hwAnCTcPRYtVzvAlI8XfAazPGl/8i -----END CERTIFICATE-----Generated at Sun May 11 13:15:33 2025 by rpki-client