$ rpki-client -vvf rpki.apnic.net/member_repository/A915D8F3/C57F23AE9B0711EF837EA012C4F9AE02/MsAhMRti_kUAvI5OD0hSxkvF2ss.mft File: MsAhMRti_kUAvI5OD0hSxkvF2ss.mft (raw, json) Hash identifier: VOjabBhg+jY5AKxNOa9w86mt6J06KzVjMzjqc9IOhQs= Subject key identifier: 2D:AD:79:46:76:6A:60:38:EB:0D:81:BE:09:F3:86:C4:5D:C4:69:08 Authority key identifier: 32:C0:21:31:1B:62:FE:45:00:BC:8E:4E:0F:48:52:C6:4B:C5:DA:CB Certificate issuer: /CN=A915D8F3/serialNumber=32C021311B62FE4500BC8E4E0F4852C64BC5DACB Certificate serial: 5F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MsAhMRti_kUAvI5OD0hSxkvF2ss.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915D8F3/C57F23AE9B0711EF837EA012C4F9AE02/MsAhMRti_kUAvI5OD0hSxkvF2ss.mft Manifest number: 5D Signing time: Fri 25 Apr 2025 04:43:14 +0000 Manifest this update: Fri 25 Apr 2025 04:43:14 +0000 Manifest next update: Fri 02 May 2025 04:43:14 +0000 Files and hashes: 1: MsAhMRti_kUAvI5OD0hSxkvF2ss.crl (hash: VY2BUqIYu1PUf6S8kW4upwUu3dp+mBQZfBRbco3yA3s=) 2: 37DEC83C9DEC11EFB004850FC4F9AE02.roa (hash: AzFl0RFcs8OJznRZfBYgmDybc5F7V12CS5camGFMWxA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915D8F3/C57F23AE9B0711EF837EA012C4F9AE02/MsAhMRti_kUAvI5OD0hSxkvF2ss.crl rsync://rpki.apnic.net/member_repository/A915D8F3/C57F23AE9B0711EF837EA012C4F9AE02/MsAhMRti_kUAvI5OD0hSxkvF2ss.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MsAhMRti_kUAvI5OD0hSxkvF2ss.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 04:43:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 95 (0x5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915D8F3, serialNumber=32C021311B62FE4500BC8E4E0F4852C64BC5DACB Validity Not Before: Apr 25 04:43:14 2025 GMT Not After : May 2 04:43:14 2025 GMT Subject: CN=680b12e2-12ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:83:c4:15:18:5e:3c:48:0c:e9:4d:19:9d:3b: 64:b4:86:c4:09:ba:dc:14:5b:7b:94:a4:22:7f:38: f6:b8:26:f3:5f:a1:8d:b1:4b:76:3d:b2:00:ff:7b: 65:aa:c6:a1:21:93:b5:06:bd:63:77:8e:b1:a1:92: 1a:04:17:fc:67:03:1f:5d:df:86:65:ec:6c:73:a8: 24:0b:f9:3f:ea:ce:56:9f:8f:6e:9d:ce:ff:0d:6d: a2:ad:1e:c6:60:ad:c4:94:16:8f:ea:6d:ab:4c:6e: 7c:8a:f5:6a:08:2a:bb:d8:5b:c1:36:ce:db:88:59: cc:1d:e3:0f:29:ca:0e:8f:5e:af:4a:9d:40:bc:8b: 0c:b1:13:e9:ac:1c:01:c2:54:f6:99:3b:b5:85:15: 6f:aa:27:03:fb:86:24:c2:1f:b3:73:c5:31:6e:82: d5:ba:f4:cc:04:2b:a9:7a:fa:39:59:85:2f:ca:8f: b0:7d:ad:f0:96:f9:7b:82:63:a8:bd:e7:49:15:d7: 87:d9:8f:f2:01:77:37:57:a5:6e:c3:50:3f:63:be: 4d:ee:5a:53:2e:eb:f9:c3:89:ba:4c:23:c1:e5:03: ac:45:2b:b7:72:89:b8:f8:5c:d7:32:5a:5d:8c:b6: 57:4d:f2:d2:4b:de:ad:a6:9d:60:59:76:de:1a:de: 5c:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:AD:79:46:76:6A:60:38:EB:0D:81:BE:09:F3:86:C4:5D:C4:69:08 X509v3 Authority Key Identifier: keyid:32:C0:21:31:1B:62:FE:45:00:BC:8E:4E:0F:48:52:C6:4B:C5:DA:CB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915D8F3/C57F23AE9B0711EF837EA012C4F9AE02/MsAhMRti_kUAvI5OD0hSxkvF2ss.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MsAhMRti_kUAvI5OD0hSxkvF2ss.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915D8F3/C57F23AE9B0711EF837EA012C4F9AE02/MsAhMRti_kUAvI5OD0hSxkvF2ss.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:a4:c9:31:17:88:04:71:d9:6d:a8:d9:ee:49:f0:bc:a2:43: 65:9e:aa:3a:c2:28:73:45:b6:41:38:5e:c0:22:7f:b6:2c:cc: 3a:d9:b6:52:44:85:f9:3c:4c:24:a8:5d:22:2b:a9:d6:e2:c4: c7:f9:6b:eb:4f:10:1a:e5:61:7b:b3:0b:42:44:53:b7:37:ae: 71:57:0e:07:40:dc:5b:5e:ae:09:d5:07:00:12:e9:31:d0:fc: 94:20:56:f2:01:46:3d:e2:43:1d:d7:d4:ff:82:b4:7d:1e:52: 9e:a4:18:4b:77:b2:4e:b1:d8:34:c0:3e:7c:8c:38:52:49:aa: 31:f7:dd:a0:ed:a6:6f:14:40:55:4e:21:aa:cf:32:56:10:ab: be:1c:60:0c:5b:05:0a:bd:d7:08:25:2a:23:5f:cb:63:0f:ed: 77:a7:3c:f0:32:08:9f:fa:c0:3f:63:17:c1:bf:4c:a8:77:b3: ea:b5:15:42:f5:e3:31:1d:3d:29:04:b8:9b:53:cb:7a:46:07: d9:14:fb:9d:e4:7d:f7:91:75:ce:0d:96:fc:9e:72:09:ec:78: f0:a4:63:e5:20:0b:3e:90:8a:66:fe:04:89:9a:8d:71:7d:b2: 0a:d0:0b:9d:ef:f6:bc:ab:79:ec:76:80:2c:9a:1d:b3:81:e6: 96:00:1f:58 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 RDhGMzExMC8GA1UEBRMoMzJDMDIxMzExQjYyRkU0NTAwQkM4RTRFMEY0ODUyQzY0 QkM1REFDQjAeFw0yNTA0MjUwNDQzMTRaFw0yNTA1MDIwNDQzMTRaMBgxFjAUBgNV BAMTDTY4MGIxMmUyLTEyZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCwg8QVGF48SAzpTRmdO2S0hsQJutwUW3uUpCJ/OPa4JvNfoY2xS3Y9sgD/e2Wq xqEhk7UGvWN3jrGhkhoEF/xnAx9d34Zl7GxzqCQL+T/qzlafj26dzv8NbaKtHsZg rcSUFo/qbatMbnyK9WoIKrvYW8E2ztuIWcwd4w8pyg6PXq9KnUC8iwyxE+msHAHC VPaZO7WFFW+qJwP7hiTCH7NzxTFugtW69MwEK6l6+jlZhS/Kj7B9rfCW+XuCY6i9 50kV14fZj/IBdzdXpW7DUD9jvk3uWlMu6/nDibpMI8HlA6xFK7dyibj4XNcyWl2M tldN8tJL3q2mnWBZdt4a3lwjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQULa15RnZq YDjrDYG+CfOGxF3EaQgwHwYDVR0jBBgwFoAUMsAhMRti/kUAvI5OD0hSxkvF2ssw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVEOEYzL0M1N0YyM0FFOUIw NzExRUY4MzdFQTAxMkM0RjlBRTAyL01zQWhNUnRpX2tVQXZJNU9EMGhTeGt2RjJz cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvTXNBaE1SdGlfa1VBdkk1T0QwaFN4a3ZGMnNzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTVE OEYzL0M1N0YyM0FFOUIwNzExRUY4MzdFQTAxMkM0RjlBRTAyL01zQWhNUnRpX2tV QXZJNU9EMGhTeGt2RjJzcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACWkyTEXiARx2W2o2e5J8LyiQ2WeqjrCKHNFtkE4XsAif7YszDrZtlJE hfk8TCSoXSIrqdbixMf5a+tPEBrlYXuzC0JEU7c3rnFXDgdA3FtergnVBwAS6THQ /JQgVvIBRj3iQx3X1P+CtH0eUp6kGEt3sk6x2DTAPnyMOFJJqjH33aDtpm8UQFVO IarPMlYQq74cYAxbBQq91wglKiNfy2MP7XenPPAyCJ/6wD9jF8G/TKh3s+q1FUL1 4zEdPSkEuJtTy3pGB9kU+53kffeRdc4NlvyecgnsePCkY+UgCz6Qimb+BImajXF9 sgrQC53v9ryreex2gCyaHbOB5pYAH1g= -----END CERTIFICATE-----Generated at Sat Apr 26 17:15:51 2025 by rpki-client