$ rpki-client -vvf rpki.apnic.net/member_repository/A91F523F/4EBA6B32B05311EF9C2B8D3FC4F9AE02/Klm5bDClX71h0iMDc864nR2wGos.mft File: Klm5bDClX71h0iMDc864nR2wGos.mft (raw, json) Hash identifier: 2Y+12YiLMLu71g9Uz8+s31N/yIGp9QctwjBV+dt4oLI= Subject key identifier: 9B:F7:96:27:6E:70:28:E3:AE:DE:FB:7B:3E:61:20:3A:42:60:90:42 Authority key identifier: 2A:59:B9:6C:30:A5:5F:BD:61:D2:23:03:73:CE:B8:9D:1D:B0:1A:8B Certificate issuer: /CN=A91F523F/serialNumber=2A59B96C30A55FBD61D2230373CEB89D1DB01A8B Certificate serial: 54 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Klm5bDClX71h0iMDc864nR2wGos.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F523F/4EBA6B32B05311EF9C2B8D3FC4F9AE02/Klm5bDClX71h0iMDc864nR2wGos.mft Manifest number: 53 Signing time: Fri 09 May 2025 06:15:41 +0000 Manifest this update: Fri 09 May 2025 06:15:40 +0000 Manifest next update: Fri 16 May 2025 06:15:40 +0000 Files and hashes: 1: Klm5bDClX71h0iMDc864nR2wGos.crl (hash: /I8hVlq+dk3oNSS5S4HdJIZMAdu9sFfGdkZWD8v5tqA=) 2: 607B5F6AB05411EF84C8DC74C4F9AE02.roa (hash: OnMDRT+B6RI2pySK/GT7zK6sSZU+o29fnWCK2xZrKx8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F523F/4EBA6B32B05311EF9C2B8D3FC4F9AE02/Klm5bDClX71h0iMDc864nR2wGos.crl rsync://rpki.apnic.net/member_repository/A91F523F/4EBA6B32B05311EF9C2B8D3FC4F9AE02/Klm5bDClX71h0iMDc864nR2wGos.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Klm5bDClX71h0iMDc864nR2wGos.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 16 May 2025 06:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 84 (0x54) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F523F, serialNumber=2A59B96C30A55FBD61D2230373CEB89D1DB01A8B Validity Not Before: May 9 06:15:40 2025 GMT Not After : May 16 06:15:40 2025 GMT Subject: CN=681d9d8d-965a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:56:b2:c4:7e:bc:30:8e:88:9c:85:2e:0b:a4: 1b:b7:9d:56:77:87:6d:d1:3c:6a:f2:71:65:d7:f7: f8:39:db:10:19:3d:95:0a:95:a7:f6:bc:4a:49:8c: 4c:34:03:68:39:0c:c8:48:2d:65:90:c1:16:1e:eb: 3e:d7:f1:19:45:61:2d:5a:3d:0b:97:99:24:96:32: ed:5b:ee:e4:66:11:8e:c0:6a:1e:c5:b0:39:5b:b8: d6:cc:a7:7c:d2:54:cf:b4:53:2a:ba:0c:21:74:0f: dd:f1:1b:dd:f1:33:39:89:34:68:f3:76:a3:52:70: 6b:b3:e9:e0:b9:07:af:11:d8:00:94:b3:65:e5:14: 9c:78:83:62:a6:84:65:cd:08:1e:6f:24:17:ff:41: 88:63:90:14:fc:19:75:a0:10:80:86:48:74:94:18: 93:bc:64:6f:15:3d:29:18:1d:e3:18:2c:9d:c6:fc: 90:8c:44:61:4f:15:3e:8c:b3:dc:86:52:80:6c:87: 51:eb:5d:2e:29:a4:a5:a1:c4:31:a3:c4:2e:0c:84: c8:92:d5:b4:15:9d:28:97:ee:ec:7d:cf:26:3e:39: 06:f5:fb:a3:a5:16:0c:01:1e:a2:7b:c2:fa:ca:34: fa:76:15:11:38:57:66:64:9b:ad:57:98:28:2a:01: 5b:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:F7:96:27:6E:70:28:E3:AE:DE:FB:7B:3E:61:20:3A:42:60:90:42 X509v3 Authority Key Identifier: keyid:2A:59:B9:6C:30:A5:5F:BD:61:D2:23:03:73:CE:B8:9D:1D:B0:1A:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F523F/4EBA6B32B05311EF9C2B8D3FC4F9AE02/Klm5bDClX71h0iMDc864nR2wGos.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Klm5bDClX71h0iMDc864nR2wGos.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F523F/4EBA6B32B05311EF9C2B8D3FC4F9AE02/Klm5bDClX71h0iMDc864nR2wGos.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 51:b5:ec:b7:6e:40:17:08:0d:41:73:8e:3f:ef:f3:3d:8b:b2: b7:47:8a:5c:a4:30:09:32:60:36:e0:0d:49:70:20:31:27:3b: b4:f3:42:7a:1d:0b:3d:88:b6:a8:ad:1c:fb:7b:26:20:9f:73: ab:46:27:62:f2:76:21:d2:1f:90:4d:9f:39:7a:04:b3:ae:5b: f7:bb:29:69:4d:15:c5:2f:37:25:15:18:9a:53:e7:c0:66:db: 2a:27:dc:6e:b2:5b:ef:48:2d:e8:29:0e:ce:80:86:12:eb:a4: b0:14:df:01:dc:3a:8e:a0:17:0b:cb:f1:8e:c2:63:a5:13:0a: 51:f6:47:81:a1:3f:18:c8:3a:0e:9d:30:26:8b:7d:3b:7d:33: 18:48:98:2a:df:07:de:34:1c:6b:85:12:1c:c8:5a:af:9b:80: 98:cc:52:94:62:a6:9b:18:d0:6e:6d:81:33:f7:6b:90:9b:0b: 80:b9:03:78:fe:44:e7:03:93:f2:d8:5d:0c:72:13:1f:87:cb: 51:51:f8:9a:13:7e:9d:ed:95:c2:ab:61:8d:cb:e6:ab:83:f7: fe:41:1e:23:25:d5:26:d9:b9:32:a2:46:59:87:af:61:fd:03: 93:9b:81:e4:ee:9a:47:85:ae:1d:bd:05:9e:88:2c:44:44:b8: a3:bb:5f:77 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBVDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG NTIzRjExMC8GA1UEBRMoMkE1OUI5NkMzMEE1NUZCRDYxRDIyMzAzNzNDRUI4OUQx REIwMUE4QjAeFw0yNTA1MDkwNjE1NDBaFw0yNTA1MTYwNjE1NDBaMBgxFjAUBgNV BAMTDTY4MWQ5ZDhkLTk2NWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDFVrLEfrwwjoichS4LpBu3nVZ3h23RPGrycWXX9/g52xAZPZUKlaf2vEpJjEw0 A2g5DMhILWWQwRYe6z7X8RlFYS1aPQuXmSSWMu1b7uRmEY7Aah7FsDlbuNbMp3zS VM+0Uyq6DCF0D93xG93xMzmJNGjzdqNScGuz6eC5B68R2ACUs2XlFJx4g2KmhGXN CB5vJBf/QYhjkBT8GXWgEICGSHSUGJO8ZG8VPSkYHeMYLJ3G/JCMRGFPFT6Ms9yG UoBsh1HrXS4ppKWhxDGjxC4MhMiS1bQVnSiX7ux9zyY+OQb1+6OlFgwBHqJ7wvrK NPp2FRE4V2Zkm61XmCgqAVv3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUm/eWJ25w KOOu3vt7PmEgOkJgkEIwHwYDVR0jBBgwFoAUKlm5bDClX71h0iMDc864nR2wGosw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY1MjNGLzRFQkE2QjMyQjA1 MzExRUY5QzJCOEQzRkM0RjlBRTAyL0tsbTViRENsWDcxaDBpTURjODY0blIyd0dv cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvS2xtNWJEQ2xYNzFoMGlNRGM4NjRuUjJ3R29zLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY1 MjNGLzRFQkE2QjMyQjA1MzExRUY5QzJCOEQzRkM0RjlBRTAyL0tsbTViRENsWDcx aDBpTURjODY0blIyd0dvcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFG17LduQBcIDUFzjj/v8z2LsrdHilykMAkyYDbgDUlwIDEnO7TzQnod Cz2ItqitHPt7JiCfc6tGJ2LydiHSH5BNnzl6BLOuW/e7KWlNFcUvNyUVGJpT58Bm 2yon3G6yW+9ILegpDs6AhhLrpLAU3wHcOo6gFwvL8Y7CY6UTClH2R4GhPxjIOg6d MCaLfTt9MxhImCrfB940HGuFEhzIWq+bgJjMUpRippsY0G5tgTP3a5CbC4C5A3j+ ROcDk/LYXQxyEx+Hy1FR+JoTfp3tlcKrYY3L5quD9/5BHiMl1SbZuTKiRlmHr2H9 A5ObgeTumkeFrh29BZ6ILEREuKO7X3c= -----END CERTIFICATE-----Generated at Sat May 10 20:13:55 2025 by rpki-client