$ rpki-client -vvf rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.mft File: 5igiDz_QD0F7mXLh1KD2QWlueZk.mft (raw, json) Hash identifier: 26FFut9mUhPxcM0Q54Msj8tN79hKEc+c2C7w18SxC4s= Subject key identifier: C6:CF:D0:A4:DA:8D:4C:77:5A:76:95:D0:7B:66:5F:E6:07:07:D0:EB Authority key identifier: E6:28:22:0F:3F:D0:0F:41:7B:99:72:E1:D4:A0:F6:41:69:6E:79:99 Certificate issuer: /CN=A912E31D/serialNumber=E628220F3FD00F417B9972E1D4A0F641696E7999 Certificate serial: 21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5igiDz_QD0F7mXLh1KD2QWlueZk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.mft Manifest number: 1F Signing time: Fri 25 Apr 2025 06:53:14 +0000 Manifest this update: Fri 25 Apr 2025 06:53:13 +0000 Manifest next update: Fri 02 May 2025 06:53:13 +0000 Files and hashes: 1: 5igiDz_QD0F7mXLh1KD2QWlueZk.crl (hash: vVtd2aIhGuq5HCBohgiEeTW6FNgBbefV/uj0g7nT8rA=) 2: 9CDF0C0CFA4311EFAEC6A81AC4F9AE02.roa (hash: A659tR0soBiQRXoeD1FPvGrYfSs+v9kVVN6MSoHXtyU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.crl rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5igiDz_QD0F7mXLh1KD2QWlueZk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:53:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912E31D, serialNumber=E628220F3FD00F417B9972E1D4A0F641696E7999 Validity Not Before: Apr 25 06:53:13 2025 GMT Not After : May 2 06:53:13 2025 GMT Subject: CN=680b315a-7faf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:11:4b:33:89:62:63:40:56:f9:f7:6b:5a:18: 65:40:fa:93:63:11:b4:8d:4a:55:96:f9:c6:12:8c: cf:80:f7:3c:4c:e9:d9:19:f8:f1:e0:1c:74:d4:80: 71:66:d9:15:d2:9b:d7:e7:50:71:98:6a:fe:e4:67: 02:e5:1f:2e:b3:4b:b0:5e:a4:95:43:a1:00:f4:c7: 8a:2b:16:c5:6e:a6:64:00:28:b6:31:3d:db:1f:57: 9f:47:fa:48:b1:e2:78:b3:91:b0:36:16:5f:9e:a9: 06:cb:e5:c1:ef:90:5b:3d:89:44:df:87:a9:96:9c: 69:65:b1:2c:e8:45:cc:c2:e2:e8:0c:50:49:e0:92: 2a:68:c5:bb:da:85:9c:ab:0e:35:69:1b:25:0e:36: 2b:62:8e:bc:f3:ff:e4:db:80:68:d6:1e:96:58:5c: 50:ef:c3:15:d7:f0:ef:3c:b6:32:4e:6d:35:d1:ec: 84:90:29:b5:2d:c9:72:ad:1d:c6:3c:4c:28:56:33: a9:0f:74:25:e4:9f:72:32:94:db:a1:36:ad:d1:3d: 19:77:3d:72:72:da:af:38:5a:60:63:74:ce:25:14: 19:bf:13:64:54:11:af:50:3e:21:c5:25:c3:9b:46: 5d:32:8f:8d:e8:a1:8a:2b:e0:70:96:28:c1:da:6f: 7a:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:CF:D0:A4:DA:8D:4C:77:5A:76:95:D0:7B:66:5F:E6:07:07:D0:EB X509v3 Authority Key Identifier: keyid:E6:28:22:0F:3F:D0:0F:41:7B:99:72:E1:D4:A0:F6:41:69:6E:79:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5igiDz_QD0F7mXLh1KD2QWlueZk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:76:c2:52:9e:76:ad:16:8b:23:80:77:29:f8:cc:14:3d:a5: 6e:3e:4f:c4:48:55:77:f8:09:7c:bd:bb:ea:17:b7:e4:67:f3: c4:2c:2f:90:ac:91:62:58:cc:46:fe:1a:ef:15:fe:ba:34:48: 3d:f8:db:97:63:ca:ef:2f:50:de:50:63:03:48:1e:6b:c9:85: f1:4c:53:ea:bf:cf:f5:ec:64:b1:3e:d5:dc:73:62:b2:b4:05: 34:53:ba:69:9d:d7:e3:57:d2:d2:49:09:b4:eb:0d:30:41:81: 00:13:8a:9c:60:bc:59:f4:cc:dc:1f:e8:0e:15:4d:19:56:b3: c1:f9:8f:22:a4:81:66:e2:58:06:d0:27:f6:c9:a8:f4:ba:1f: f1:06:64:17:f8:52:e1:b2:f5:a3:78:44:b9:5b:68:60:c0:1a: 9d:db:73:22:ea:f0:ed:a8:2d:7c:11:7b:c0:a5:16:59:6f:c4: 33:1a:6a:13:95:4f:08:f3:7e:de:18:9f:0d:3e:90:f5:45:79: 06:73:2f:c1:a6:8f:0e:25:20:a5:d7:60:02:d6:63:de:41:ef: 24:f7:c3:18:ed:d7:a6:18:3c:eb:a0:77:c7:59:e0:30:38:fe: 7e:b8:68:7f:dd:a5:96:58:12:08:43:ad:bd:5c:7c:60:e9:54: ee:86:57:de -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy RTMxRDExMC8GA1UEBRMoRTYyODIyMEYzRkQwMEY0MTdCOTk3MkUxRDRBMEY2NDE2 OTZFNzk5OTAeFw0yNTA0MjUwNjUzMTNaFw0yNTA1MDIwNjUzMTNaMBgxFjAUBgNV BAMTDTY4MGIzMTVhLTdmYWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC6EUsziWJjQFb592taGGVA+pNjEbSNSlWW+cYSjM+A9zxM6dkZ+PHgHHTUgHFm 2RXSm9fnUHGYav7kZwLlHy6zS7BepJVDoQD0x4orFsVupmQAKLYxPdsfV59H+kix 4nizkbA2Fl+eqQbL5cHvkFs9iUTfh6mWnGllsSzoRczC4ugMUEngkipoxbvahZyr DjVpGyUONitijrzz/+TbgGjWHpZYXFDvwxXX8O88tjJObTXR7ISQKbUtyXKtHcY8 TChWM6kPdCXkn3IylNuhNq3RPRl3PXJy2q84WmBjdM4lFBm/E2RUEa9QPiHFJcOb Rl0yj43ooYor4HCWKMHab3ozAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUxs/QpNqN THdadpXQe2Zf5gcH0OswHwYDVR0jBBgwFoAU5igiDz/QD0F7mXLh1KD2QWlueZkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJFMzFELzJDRjZCOEIwRjlD OTExRUZBNTRGNzYyQUM0RjlBRTAyLzVpZ2lEel9RRDBGN21YTGgxS0QyUVdsdWVa ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNWlnaUR6X1FEMEY3bVhMaDFLRDJRV2x1ZVprLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJF MzFELzJDRjZCOEIwRjlDOTExRUZBNTRGNzYyQUM0RjlBRTAyLzVpZ2lEel9RRDBG N21YTGgxS0QyUVdsdWVaay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHN2wlKedq0WiyOAdyn4zBQ9pW4+T8RIVXf4CXy9u+oXt+Rn88QsL5Cs kWJYzEb+Gu8V/ro0SD3425djyu8vUN5QYwNIHmvJhfFMU+q/z/XsZLE+1dxzYrK0 BTRTummd1+NX0tJJCbTrDTBBgQATipxgvFn0zNwf6A4VTRlWs8H5jyKkgWbiWAbQ J/bJqPS6H/EGZBf4UuGy9aN4RLlbaGDAGp3bcyLq8O2oLXwRe8ClFllvxDMaahOV Twjzft4Ynw0+kPVFeQZzL8Gmjw4lIKXXYALWY95B7yT3wxjt16YYPOugd8dZ4DA4 /n64aH/dpZZYEghDrb1cfGDpVO6GV94= -----END CERTIFICATE-----Generated at Sat Apr 26 17:13:52 2025 by rpki-client