$ rpki-client -vvf rpki.apnic.net/member_repository/A91FF84F/DD487A5C981411EBA4B32150C4F9AE02/cUHDGbtEv7zeM4Kzu2kSZfldMJ8.mft File: cUHDGbtEv7zeM4Kzu2kSZfldMJ8.mft (raw, json) Hash identifier: BUaFsn5AvJJwb/ZeR1GGPlhoxAkrZzNut8fleD9TRMM= Subject key identifier: CD:F3:00:7F:F0:5C:70:80:30:14:6E:74:1F:16:CB:B5:EC:B2:37:B8 Authority key identifier: 71:41:C3:19:BB:44:BF:BC:DE:33:82:B3:BB:69:12:65:F9:5D:30:9F Certificate issuer: /CN=A91FF84F/serialNumber=7141C319BB44BFBCDE3382B3BB691265F95D309F Certificate serial: 0628 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cUHDGbtEv7zeM4Kzu2kSZfldMJ8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FF84F/DD487A5C981411EBA4B32150C4F9AE02/cUHDGbtEv7zeM4Kzu2kSZfldMJ8.mft Manifest number: 0622 Signing time: Mon 12 May 2025 22:32:25 +0000 Manifest this update: Mon 12 May 2025 22:32:25 +0000 Manifest next update: Mon 19 May 2025 22:32:25 +0000 Files and hashes: 1: cUHDGbtEv7zeM4Kzu2kSZfldMJ8.crl (hash: HESQD7T9C4bQKSJIX70By5hp3siUiL5BzFKWyirhN5c=) 2: 2F320256981611EB904AF150C4F9AE02.roa (hash: zydBQ6+XzPsP0D5XfuooCO12kFS+89HKhQ6kY0lGz0g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FF84F/DD487A5C981411EBA4B32150C4F9AE02/cUHDGbtEv7zeM4Kzu2kSZfldMJ8.crl rsync://rpki.apnic.net/member_repository/A91FF84F/DD487A5C981411EBA4B32150C4F9AE02/cUHDGbtEv7zeM4Kzu2kSZfldMJ8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cUHDGbtEv7zeM4Kzu2kSZfldMJ8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 22:32:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1576 (0x628) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FF84F, serialNumber=7141C319BB44BFBCDE3382B3BB691265F95D309F Validity Not Before: May 12 22:32:25 2025 GMT Not After : May 19 22:32:25 2025 GMT Subject: CN=682276f9-d6ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:af:07:03:3c:77:c7:ec:bd:e8:c1:93:71:74: 42:c4:0b:91:9a:15:3b:d5:f1:b9:2d:59:40:9e:3c: a1:d0:d8:de:43:42:c7:f7:7e:29:af:cb:81:40:cf: f3:e8:71:b0:27:45:4e:fa:9a:1b:54:2c:39:61:f8: 20:e1:c2:2d:53:35:0d:55:59:77:be:6a:5d:86:e8: 25:78:76:d9:6f:f9:e0:10:75:c8:bf:61:63:56:d0: 47:5d:9f:be:51:de:61:de:e1:c8:2b:8b:cb:22:00: db:40:59:fc:f8:0d:ea:38:67:1e:09:11:d2:ae:83: 7e:9e:7c:c2:3f:f8:37:59:79:4c:d1:73:50:ee:9f: e9:c0:19:d7:e7:c8:74:ce:96:7a:6d:0a:67:6e:30: 88:60:d2:bd:b0:76:a5:83:5b:01:cc:ff:96:70:f3: 24:7c:9d:9a:02:2d:bc:79:31:69:82:3f:f8:96:4f: e8:67:2a:1f:57:47:ce:46:5e:f1:49:18:b1:3d:9d: 9d:5a:a2:5f:35:6a:91:d4:f7:da:4e:86:64:41:c0: 1a:c3:3b:f3:64:72:e0:ac:39:de:2b:ca:5b:47:b4: 14:cc:08:40:56:df:12:18:61:5f:de:6c:26:ff:77: b4:68:d7:3b:06:cb:6f:a1:76:28:d1:43:92:7f:5a: 3f:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:F3:00:7F:F0:5C:70:80:30:14:6E:74:1F:16:CB:B5:EC:B2:37:B8 X509v3 Authority Key Identifier: keyid:71:41:C3:19:BB:44:BF:BC:DE:33:82:B3:BB:69:12:65:F9:5D:30:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FF84F/DD487A5C981411EBA4B32150C4F9AE02/cUHDGbtEv7zeM4Kzu2kSZfldMJ8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cUHDGbtEv7zeM4Kzu2kSZfldMJ8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FF84F/DD487A5C981411EBA4B32150C4F9AE02/cUHDGbtEv7zeM4Kzu2kSZfldMJ8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:ec:8f:f0:2b:0d:ca:98:af:de:27:e8:e2:85:c3:72:c1:03: 76:4d:fc:e9:45:7d:19:d5:cb:a6:82:51:f6:87:3f:02:da:fe: 89:91:8a:0e:6a:03:0e:3c:d1:67:41:77:c9:84:a7:9d:c9:6d: 36:14:0f:9d:fa:4e:57:9e:0c:50:6e:9e:d0:20:1c:c2:bd:72: 6d:39:bc:19:88:3d:88:15:77:b4:14:0c:d2:0f:a2:39:21:d3: 7a:a0:8f:ad:07:f5:16:0e:09:2d:c0:be:fc:2a:79:3a:9d:68: bd:98:4c:ad:75:17:e6:18:59:60:6c:bb:67:2a:94:06:25:8e: 35:cc:25:ab:63:c7:79:a4:54:0b:fc:0d:5b:a0:bb:52:55:79: 26:f6:56:94:91:4c:fb:76:b1:2f:8e:8b:7c:cc:43:80:9a:52: 60:99:9f:82:a4:51:b0:f1:c2:ac:ea:7e:d8:b4:8a:99:f2:0d: b1:c4:b5:be:43:41:37:59:10:2f:a7:f5:d0:bb:3d:6a:67:bc: fa:c7:95:dd:fb:93:0c:3d:8b:76:c4:84:b5:8f:94:8e:55:0e: de:53:54:9d:7c:65:95:67:f1:5a:a4:99:37:fe:27:6a:40:f7: 69:39:05:36:6f:da:73:b8:1f:cf:d4:b7:ae:19:7f:c4:bd:62: 29:e7:f8:bd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkY4NEYxMTAvBgNVBAUTKDcxNDFDMzE5QkI0NEJGQkNERTMzODJCM0JCNjkxMjY1 Rjk1RDMwOUYwHhcNMjUwNTEyMjIzMjI1WhcNMjUwNTE5MjIzMjI1WjAYMRYwFAYD VQQDEw02ODIyNzZmOS1kNmNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsa8HAzx3x+y96MGTcXRCxAuRmhU71fG5LVlAnjyh0NjeQ0LH934pr8uBQM/z 6HGwJ0VO+pobVCw5Yfgg4cItUzUNVVl3vmpdhugleHbZb/ngEHXIv2FjVtBHXZ++ Ud5h3uHIK4vLIgDbQFn8+A3qOGceCRHSroN+nnzCP/g3WXlM0XNQ7p/pwBnX58h0 zpZ6bQpnbjCIYNK9sHalg1sBzP+WcPMkfJ2aAi28eTFpgj/4lk/oZyofV0fORl7x SRixPZ2dWqJfNWqR1PfaToZkQcAawzvzZHLgrDneK8pbR7QUzAhAVt8SGGFf3mwm /3e0aNc7BstvoXYo0UOSf1o/HwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM3zAH/w XHCAMBRudB8Wy7Xssje4MB8GA1UdIwQYMBaAFHFBwxm7RL+83jOCs7tpEmX5XTCf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRjg0Ri9ERDQ4N0E1Qzk4 MTQxMUVCQTRCMzIxNTBDNEY5QUUwMi9jVUhER2J0RXY3emVNNEt6dTJrU1pmbGRN SjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NVSERHYnRFdjd6ZU00S3p1MmtTWmZsZE1KOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG Rjg0Ri9ERDQ4N0E1Qzk4MTQxMUVCQTRCMzIxNTBDNEY5QUUwMi9jVUhER2J0RXY3 emVNNEt6dTJrU1pmbGRNSjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAO7I/wKw3KmK/eJ+jihcNywQN2TfzpRX0Z1cumglH2hz8C2v6JkYoO agMOPNFnQXfJhKedyW02FA+d+k5XngxQbp7QIBzCvXJtObwZiD2IFXe0FAzSD6I5 IdN6oI+tB/UWDgktwL78Knk6nWi9mEytdRfmGFlgbLtnKpQGJY41zCWrY8d5pFQL /A1boLtSVXkm9laUkUz7drEvjot8zEOAmlJgmZ+CpFGw8cKs6n7YtIqZ8g2xxLW+ Q0E3WRAvp/XQuz1qZ7z6x5Xd+5MMPYt2xIS1j5SOVQ7eU1SdfGWVZ/FapJk3/idq QPdpOQU2b9pzuB/P1LeuGX/EvWIp5/i9 -----END CERTIFICATE-----Generated at Tue May 13 04:44:40 2025 by rpki-client