$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF4FC/3B634BBEB44411E986713D1DC4F9AE02/8eArOUb---b0ZPQ0jvIVX2HQehs.mft File: 8eArOUb---b0ZPQ0jvIVX2HQehs.mft (raw, json) Hash identifier: sBNn2IFPk0sKH07/dm0nGTw/kni2i3GHmGmIx9jcLEA= Subject key identifier: 11:92:8F:E9:52:88:EC:46:AD:80:C2:19:0F:75:C7:78:58:F1:8A:8E Authority key identifier: F1:E0:2B:39:46:FE:FB:E6:F4:64:F4:34:8E:F2:15:5F:61:D0:7A:1B Certificate issuer: /CN=A91FF4FC/serialNumber=F1E02B3946FEFBE6F464F4348EF2155F61D07A1B Certificate serial: 0DD5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8eArOUb---b0ZPQ0jvIVX2HQehs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FF4FC/3B634BBEB44411E986713D1DC4F9AE02/8eArOUb---b0ZPQ0jvIVX2HQehs.mft Manifest number: 0DD0 Signing time: Sat 10 May 2025 17:45:08 +0000 Manifest this update: Sat 10 May 2025 17:45:07 +0000 Manifest next update: Sat 17 May 2025 17:45:07 +0000 Files and hashes: 1: 8eArOUb---b0ZPQ0jvIVX2HQehs.crl (hash: VfwWfUmZO5fq96SgiGTVZe8nCimlZBFEQX5kMRJQqt0=) 2: A280C1FCA06D11EB92FB3739C4F9AE02.roa (hash: RrERgA4WZb4Wa4GmbO3PCvypqKfkRQ0lOSC1wGlAXvY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FF4FC/3B634BBEB44411E986713D1DC4F9AE02/8eArOUb---b0ZPQ0jvIVX2HQehs.crl rsync://rpki.apnic.net/member_repository/A91FF4FC/3B634BBEB44411E986713D1DC4F9AE02/8eArOUb---b0ZPQ0jvIVX2HQehs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8eArOUb---b0ZPQ0jvIVX2HQehs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 17:45:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3541 (0xdd5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FF4FC, serialNumber=F1E02B3946FEFBE6F464F4348EF2155F61D07A1B Validity Not Before: May 10 17:45:07 2025 GMT Not After : May 17 17:45:07 2025 GMT Subject: CN=681f90a4-a2cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:e2:b1:c3:e7:bf:f5:e5:11:50:d5:61:aa:f4: 53:15:57:5f:24:8f:27:cc:3c:1a:9f:e3:47:37:3a: 57:bb:98:19:28:bf:b3:2f:6d:db:62:c3:3e:33:4e: 15:92:0d:6c:89:3b:4f:ce:75:45:a1:bd:1a:df:cb: c3:04:3c:51:75:06:f4:53:0c:ff:46:a0:1f:75:8e: 84:34:b0:d7:8b:ac:00:db:b1:27:0c:56:43:cd:ba: 4a:38:79:5e:b5:e3:29:80:e6:1f:49:57:7b:be:7c: e8:34:8f:dd:06:71:e3:39:bb:6a:3c:d2:2f:93:a0: e7:53:bc:66:a4:a4:73:4f:16:3e:40:c0:b3:21:0d: ba:c8:45:f6:2c:82:3e:7c:b3:f8:fc:c2:d8:0f:a5: f4:f7:33:94:ac:ce:96:a1:91:a3:91:c2:45:ed:6b: ce:fd:8f:8d:98:7c:74:b5:34:e1:23:73:96:bb:cb: bd:54:ad:bc:b8:7f:20:36:0f:79:df:c5:7d:72:c8: cf:ca:19:b1:14:8b:97:70:6b:60:ba:39:7b:a3:e3: d8:c2:a3:d2:9e:c4:21:93:20:ce:24:d2:6c:b6:d7: d7:97:c5:10:1d:59:0a:08:36:bc:34:63:3e:5b:d3: 4d:20:f8:7b:7b:39:a7:2b:84:eb:8d:85:70:b3:d0: b9:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:92:8F:E9:52:88:EC:46:AD:80:C2:19:0F:75:C7:78:58:F1:8A:8E X509v3 Authority Key Identifier: keyid:F1:E0:2B:39:46:FE:FB:E6:F4:64:F4:34:8E:F2:15:5F:61:D0:7A:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FF4FC/3B634BBEB44411E986713D1DC4F9AE02/8eArOUb---b0ZPQ0jvIVX2HQehs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8eArOUb---b0ZPQ0jvIVX2HQehs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF4FC/3B634BBEB44411E986713D1DC4F9AE02/8eArOUb---b0ZPQ0jvIVX2HQehs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:4f:25:df:d4:b7:da:d6:51:cc:8c:83:40:1d:84:64:aa:11: 7e:14:bf:16:79:bb:ef:cd:0e:f1:22:69:7f:de:ae:72:46:85: 05:3b:2b:d5:28:d2:71:dc:9c:73:14:74:a2:72:37:9c:86:52: bc:2f:2b:cf:16:ae:0a:81:67:88:40:7b:31:61:55:53:4b:58: 0a:b1:47:74:81:25:e1:b6:2a:a8:17:33:aa:d8:9b:40:27:63: 69:6b:8a:6b:64:d2:a8:d5:4c:ef:03:03:3f:30:e7:00:4e:ee: 1f:9d:00:e3:b8:95:ab:27:ae:f6:fd:7c:a7:88:fa:99:9c:5b: a7:6f:54:96:b9:08:b6:d5:69:ac:29:13:f0:d8:71:24:0b:b4: c5:7c:d1:2f:f1:cc:71:e8:cf:0c:04:36:eb:68:c8:71:bd:df: 54:7a:c0:21:c2:6d:e2:3b:50:34:a6:ae:a8:0e:dc:6b:b6:a7: ee:f9:6d:be:e4:42:4e:16:00:96:2e:c5:2e:c8:94:81:d4:15: eb:d4:6e:ea:b3:9d:80:a2:46:49:03:79:6c:7b:f8:8f:12:b7: bf:97:21:d4:74:63:34:9c:0c:59:a8:88:b7:ca:3c:71:43:ae: 65:d6:f5:ed:91:75:82:43:ea:8e:c2:26:ac:6a:ec:e6:34:e7: c4:91:a4:47 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDdUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkY0RkMxMTAvBgNVBAUTKEYxRTAyQjM5NDZGRUZCRTZGNDY0RjQzNDhFRjIxNTVG NjFEMDdBMUIwHhcNMjUwNTEwMTc0NTA3WhcNMjUwNTE3MTc0NTA3WjAYMRYwFAYD VQQDEw02ODFmOTBhNC1hMmNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4uKxw+e/9eURUNVhqvRTFVdfJI8nzDwan+NHNzpXu5gZKL+zL23bYsM+M04V kg1siTtPznVFob0a38vDBDxRdQb0Uwz/RqAfdY6ENLDXi6wA27EnDFZDzbpKOHle teMpgOYfSVd7vnzoNI/dBnHjObtqPNIvk6DnU7xmpKRzTxY+QMCzIQ26yEX2LII+ fLP4/MLYD6X09zOUrM6WoZGjkcJF7WvO/Y+NmHx0tTThI3OWu8u9VK28uH8gNg95 38V9csjPyhmxFIuXcGtgujl7o+PYwqPSnsQhkyDOJNJsttfXl8UQHVkKCDa8NGM+ W9NNIPh7ezmnK4TrjYVws9C5lwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBGSj+lS iOxGrYDCGQ91x3hY8YqOMB8GA1UdIwQYMBaAFPHgKzlG/vvm9GT0NI7yFV9h0Hob MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjRGQy8zQjYzNEJCRUI0 NDQxMUU5ODY3MTNEMURDNEY5QUUwMi84ZUFyT1ViLS0tYjBaUFEwanZJVlgySFFl aHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhlQXJPVWItLS1iMFpQUTBqdklWWDJIUWVocy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RjRGQy8zQjYzNEJCRUI0NDQxMUU5ODY3MTNEMURDNEY5QUUwMi84ZUFyT1ViLS0t YjBaUFEwanZJVlgySFFlaHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBUTyXf1Lfa1lHMjINAHYRkqhF+FL8WebvvzQ7xIml/3q5yRoUFOyvV KNJx3JxzFHSicjechlK8LyvPFq4KgWeIQHsxYVVTS1gKsUd0gSXhtiqoFzOq2JtA J2Npa4prZNKo1UzvAwM/MOcATu4fnQDjuJWrJ672/XyniPqZnFunb1SWuQi21Wms KRPw2HEkC7TFfNEv8cxx6M8MBDbraMhxvd9UesAhwm3iO1A0pq6oDtxrtqfu+W2+ 5EJOFgCWLsUuyJSB1BXr1G7qs52AokZJA3lse/iPEre/lyHUdGM0nAxZqIi3yjxx Q65l1vXtkXWCQ+qOwiasauzmNOfEkaRH -----END CERTIFICATE-----Generated at Sun May 11 00:35:38 2025 by rpki-client