$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft File: 71OR8qIt1l9IQxoyJt3MZbdllqk.mft (raw, json) Hash identifier: jO2y2ta8IBWhvf+EGF4jW9xWo49VOSmD/pnkGNMrz5o= Subject key identifier: D4:05:4C:61:0F:F1:83:BD:30:18:5F:22:69:59:F7:A7:7C:AD:D6:5B Authority key identifier: EF:53:91:F2:A2:2D:D6:5F:48:43:1A:32:26:DD:CC:65:B7:65:96:A9 Certificate issuer: /CN=A9157DA9/serialNumber=EF5391F2A22DD65F48431A3226DDCC65B76596A9 Certificate serial: 88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71OR8qIt1l9IQxoyJt3MZbdllqk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft Manifest number: 86 Signing time: Fri 25 Apr 2025 05:32:27 +0000 Manifest this update: Fri 25 Apr 2025 05:32:27 +0000 Manifest next update: Fri 02 May 2025 05:32:27 +0000 Files and hashes: 1: 71OR8qIt1l9IQxoyJt3MZbdllqk.crl (hash: Du0pQlKJhFqHORGB5GH1N3DTElpxTNGrjTPIKBC9rIk=) 2: 897F96FC5A1811EFAF24E138C4F9AE02.roa (hash: V/66FKVQueBWCxe2q60voG68SskFvIkojTU44XWkp4w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.crl rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71OR8qIt1l9IQxoyJt3MZbdllqk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:32:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 136 (0x88) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DA9, serialNumber=EF5391F2A22DD65F48431A3226DDCC65B76596A9 Validity Not Before: Apr 25 05:32:27 2025 GMT Not After : May 2 05:32:27 2025 GMT Subject: CN=680b1e6b-5296 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:12:99:20:eb:88:69:c6:b3:61:74:74:93:fb: 81:d0:f2:99:43:f2:e1:16:33:73:66:01:7a:7f:bf: e7:97:ab:65:18:e6:cd:83:18:ff:65:42:da:9a:e2: 1c:9c:a5:3d:b0:fc:9c:f6:ec:7c:3d:ad:c9:45:69: d9:3d:7a:96:ab:1d:c5:9b:ed:73:07:0f:9e:2e:2d: d9:d6:b2:03:bd:06:42:57:a8:ee:b4:b6:ba:01:36: 22:8f:35:00:5d:d5:b4:f2:5d:17:b3:85:59:9d:37: 9a:1b:9c:79:ed:b6:1f:63:9e:2e:93:c7:6a:79:74: 67:1e:ea:1d:62:65:7f:a6:96:3e:6d:e4:03:bc:89: c0:fd:3e:c9:72:5f:ce:4d:1b:5b:01:da:fd:a4:ab: 26:b6:f4:05:ed:9e:6e:47:24:8a:89:3f:2f:02:b8: 41:6b:f2:b6:03:d8:bb:4b:04:25:41:3f:88:c8:17: 94:d8:a7:85:9f:bd:93:af:1e:c5:ec:46:b2:6a:05: 99:89:40:04:ef:fb:58:28:0e:27:dc:f8:6a:2e:9a: c7:af:61:b7:c1:19:38:8f:f1:ee:1c:95:63:4c:2a: 2f:99:4f:59:c1:16:5b:4a:83:c7:06:09:dc:b2:d4: fb:a2:d4:28:1f:6c:3f:31:2c:fe:0f:1b:4a:7f:9a: fa:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:05:4C:61:0F:F1:83:BD:30:18:5F:22:69:59:F7:A7:7C:AD:D6:5B X509v3 Authority Key Identifier: keyid:EF:53:91:F2:A2:2D:D6:5F:48:43:1A:32:26:DD:CC:65:B7:65:96:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71OR8qIt1l9IQxoyJt3MZbdllqk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:1f:bc:ba:5a:00:48:8c:7b:20:2e:36:52:61:6e:d9:b3:0e: 64:db:d5:00:22:9e:4f:92:de:74:28:c1:cc:ba:8e:1f:19:86: d5:05:9a:42:d5:62:cb:5f:83:e1:be:ac:2a:a2:b7:77:66:9d: 5b:72:96:ce:46:2e:11:89:48:67:37:6f:b1:50:81:fe:38:5c: a1:15:b2:91:b3:18:b0:11:21:0b:37:92:ef:4e:f9:4a:3b:9c: ed:d5:83:10:2f:43:b8:96:ec:32:8c:f3:f2:dd:3e:3f:68:a5: d3:b6:a2:76:bc:e5:7e:25:fb:32:27:51:78:3d:0f:83:ae:5f: 20:75:1a:d7:04:04:d8:6a:fc:dc:72:1e:fb:61:2a:c1:b4:73: a7:26:32:40:d7:af:9d:db:7e:73:aa:77:f1:b9:2d:61:ae:57: 46:94:88:75:33:04:60:a3:82:d5:f3:7f:bd:85:73:2f:00:6a: 91:5d:9f:bb:49:3f:e9:2f:7f:b9:b1:a1:4e:26:c4:4f:6b:8b: a0:39:0c:68:f8:83:39:bf:8e:4e:ea:e0:6a:81:5a:41:96:92: c7:6b:04:b5:15:e5:de:c0:6c:0e:70:61:cf:7d:44:2a:10:7a: 35:20:74:58:f0:be:1e:53:f5:59:f5:a0:5e:ae:e5:5c:99:73: 23:e0:5b:c7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQTkxMTAvBgNVBAUTKEVGNTM5MUYyQTIyREQ2NUY0ODQzMUEzMjI2RERDQzY1 Qjc2NTk2QTkwHhcNMjUwNDI1MDUzMjI3WhcNMjUwNTAyMDUzMjI3WjAYMRYwFAYD VQQDEw02ODBiMWU2Yi01Mjk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApxKZIOuIacazYXR0k/uB0PKZQ/LhFjNzZgF6f7/nl6tlGObNgxj/ZULamuIc nKU9sPyc9ux8Pa3JRWnZPXqWqx3Fm+1zBw+eLi3Z1rIDvQZCV6jutLa6ATYijzUA XdW08l0Xs4VZnTeaG5x57bYfY54uk8dqeXRnHuodYmV/ppY+beQDvInA/T7Jcl/O TRtbAdr9pKsmtvQF7Z5uRySKiT8vArhBa/K2A9i7SwQlQT+IyBeU2KeFn72Trx7F 7EayagWZiUAE7/tYKA4n3PhqLprHr2G3wRk4j/HuHJVjTCovmU9ZwRZbSoPHBgnc stT7otQoH2w/MSz+DxtKf5r6fQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNQFTGEP 8YO9MBhfImlZ96d8rdZbMB8GA1UdIwQYMBaAFO9TkfKiLdZfSEMaMibdzGW3ZZap MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBOS80MjNFMUFENDVB MTgxMUVGQkQ0NzczMzhDNEY5QUUwMi83MU9SOHFJdDFsOUlReG95SnQzTVpiZGxs cWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzcxT1I4cUl0MWw5SVF4b3lKdDNNWmJkbGxxay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0RBOS80MjNFMUFENDVBMTgxMUVGQkQ0NzczMzhDNEY5QUUwMi83MU9SOHFJdDFs OUlReG95SnQzTVpiZGxscWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAZH7y6WgBIjHsgLjZSYW7Zsw5k29UAIp5Pkt50KMHMuo4fGYbVBZpC 1WLLX4Phvqwqord3Zp1bcpbORi4RiUhnN2+xUIH+OFyhFbKRsxiwESELN5LvTvlK O5zt1YMQL0O4luwyjPPy3T4/aKXTtqJ2vOV+JfsyJ1F4PQ+Drl8gdRrXBATYavzc ch77YSrBtHOnJjJA16+d235zqnfxuS1hrldGlIh1MwRgo4LV83+9hXMvAGqRXZ+7 ST/pL3+5saFOJsRPa4ugOQxo+IM5v45O6uBqgVpBlpLHawS1FeXewGwOcGHPfUQq EHo1IHRY8L4eU/VZ9aBeruVcmXMj4FvH -----END CERTIFICATE-----Generated at Sat Apr 26 14:34:46 2025 by rpki-client