$ rpki-client -vvf rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft File: 4hHNheByVQ4z5MyGpj-8360dNTI.mft (raw, json) Hash identifier: cvTimubrVOnWQlBwG7N/NzNB2kSwiQOm/O50NITFNDE= Subject key identifier: A9:A5:2C:BB:66:78:E7:F9:5B:77:EB:AA:EF:F9:80:BD:D6:8C:04:23 Authority key identifier: E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32 Certificate issuer: /CN=A91F85CD/serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532 Certificate serial: 0805 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft Manifest number: 07FD Signing time: Sat 10 May 2025 20:35:35 +0000 Manifest this update: Sat 10 May 2025 20:35:35 +0000 Manifest next update: Sat 17 May 2025 20:35:35 +0000 Files and hashes: 1: 4hHNheByVQ4z5MyGpj-8360dNTI.crl (hash: jfqMIbxSs/qZIGkXTjlZarzO6tFOe9MkD+ilWPSyu/k=) 2: 624086E2E99611EA930A5B74C4F9AE02.roa (hash: ZdmpHgIkxt7GWbnQ6LOR1kcULfHlPHaLzEsc6YKJVc0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 20:35:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2053 (0x805) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F85CD, serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532 Validity Not Before: May 10 20:35:35 2025 GMT Not After : May 17 20:35:35 2025 GMT Subject: CN=681fb897-0d0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:10:78:43:a2:40:e3:96:e9:57:58:66:68:d8: 0d:4f:74:f3:61:17:47:97:2c:81:37:41:85:b3:b5: 7c:27:98:54:93:3f:d4:65:9c:b1:d5:4e:fb:1a:bf: 8e:8b:e6:63:5c:b2:12:5e:92:86:bd:f1:39:7f:83: 76:da:2f:bc:b7:83:78:d8:57:dc:a7:07:6e:c2:02: 8e:2b:84:1a:55:b6:80:2c:c4:a0:e5:81:d0:d4:67: c3:fe:d3:8b:49:54:ee:ab:6e:30:78:c4:34:df:71: 2e:06:01:48:fc:d8:39:ff:95:aa:42:eb:06:68:ce: a6:51:2f:03:0a:86:d7:99:52:e4:63:f9:d6:4f:66: e4:30:46:f8:61:e4:7e:2a:71:17:44:c6:e4:52:24: 1a:89:a7:b3:11:34:33:a1:45:8f:e6:65:85:6b:e5: 5b:ff:d7:67:73:06:7f:42:aa:83:be:c0:39:18:7d: 38:3b:bc:14:06:2e:ba:79:9e:15:02:ff:db:20:f4: ed:1d:ed:16:cc:fd:f1:d4:86:0a:cc:da:19:10:5d: 14:f5:9d:e8:46:ad:63:2a:df:91:dc:1e:f0:bd:d1: 97:a4:ca:3f:93:d9:4b:fc:a4:9b:42:9e:02:fa:06: 99:13:d6:43:9d:0d:55:27:6a:3c:b6:81:78:f4:f0: ee:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:A5:2C:BB:66:78:E7:F9:5B:77:EB:AA:EF:F9:80:BD:D6:8C:04:23 X509v3 Authority Key Identifier: keyid:E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:a8:8d:c5:4a:41:df:f8:20:44:ac:4b:75:2c:d4:3d:bf:5c: 86:89:c1:8c:a5:4a:6b:08:b6:48:03:92:1c:fb:ca:c6:20:3b: 47:a6:c4:4d:42:e8:cd:1a:a3:67:7e:3a:e5:74:dd:ee:f7:fe: 53:9e:f6:79:18:ec:37:84:c7:6f:58:31:c6:8f:b8:e0:aa:91: be:ea:02:b8:cf:62:19:41:42:51:94:f6:ed:6b:46:0a:81:cb: 83:6a:69:4f:4f:50:bc:eb:04:1f:00:af:f2:8d:e1:1d:3a:8d: af:65:60:2e:0a:79:6a:30:31:4a:33:86:2f:00:10:7a:c0:0b: 33:7c:47:f8:10:c3:c3:34:ef:aa:17:a5:ed:36:c7:9c:be:49: f8:ce:1d:48:0f:5d:5a:c6:53:0b:4d:21:0e:2e:2c:7b:7d:43: 2b:e7:bc:51:33:e9:36:ed:07:9a:a3:86:cd:fd:79:2e:b8:48: 98:59:c2:32:cd:a0:30:11:e5:2d:e5:1d:48:53:32:a3:6d:70: 65:a7:a2:92:f5:88:17:61:62:ed:4b:99:d8:b8:26:61:ea:a7: 76:06:fb:80:66:e5:0b:35:ab:a7:9f:5c:69:2e:a6:9d:3c:37: 84:41:28:e9:e3:b7:62:bd:27:ae:4b:42:85:49:0b:c4:b4:68: 69:5e:c5:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCAUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Rjg1Q0QxMTAvBgNVBAUTKEUyMTFDRDg1RTA3MjU1MEUzM0U0Q0M4NkE2M0ZCQ0RG QUQxRDM1MzIwHhcNMjUwNTEwMjAzNTM1WhcNMjUwNTE3MjAzNTM1WjAYMRYwFAYD VQQDEw02ODFmYjg5Ny0wZDBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlRB4Q6JA45bpV1hmaNgNT3TzYRdHlyyBN0GFs7V8J5hUkz/UZZyx1U77Gr+O i+ZjXLISXpKGvfE5f4N22i+8t4N42FfcpwduwgKOK4QaVbaALMSg5YHQ1GfD/tOL SVTuq24weMQ033EuBgFI/Ng5/5WqQusGaM6mUS8DCobXmVLkY/nWT2bkMEb4YeR+ KnEXRMbkUiQaiaezETQzoUWP5mWFa+Vb/9dncwZ/QqqDvsA5GH04O7wUBi66eZ4V Av/bIPTtHe0WzP3x1IYKzNoZEF0U9Z3oRq1jKt+R3B7wvdGXpMo/k9lL/KSbQp4C +gaZE9ZDnQ1VJ2o8toF49PDu0wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKmlLLtm eOf5W3frqu/5gL3WjAQjMB8GA1UdIwQYMBaAFOIRzYXgclUOM+TMhqY/vN+tHTUy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODVDRC84QTUwNTU4OERE MTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZRNHo1TXlHcGotODM2MGRO VEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRoSE5oZUJ5VlE0ejVNeUdwai04MzYwZE5USS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODVDRC84QTUwNTU4OEREMTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZR NHo1TXlHcGotODM2MGROVEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQArqI3FSkHf+CBErEt1LNQ9v1yGicGMpUprCLZIA5Ic+8rGIDtHpsRN QujNGqNnfjrldN3u9/5TnvZ5GOw3hMdvWDHGj7jgqpG+6gK4z2IZQUJRlPbta0YK gcuDamlPT1C86wQfAK/yjeEdOo2vZWAuCnlqMDFKM4YvABB6wAszfEf4EMPDNO+q F6XtNsecvkn4zh1ID11axlMLTSEOLix7fUMr57xRM+k27Qeao4bN/XkuuEiYWcIy zaAwEeUt5R1IUzKjbXBlp6KS9YgXYWLtS5nYuCZh6qd2BvuAZuULNaunn1xpLqad PDeEQSjp47divSeuS0KFSQvEtGhpXsVo -----END CERTIFICATE-----Generated at Mon May 12 19:56:42 2025 by rpki-client