$ rpki-client -vvf rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft File: s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft (raw, json) Hash identifier: qr0kdDt+gZRi4lzcRyh3yo3GQfYHFTA2QLqypvl3bco= Subject key identifier: 3C:97:D5:84:F5:C9:CD:1A:C4:40:CE:DD:3C:94:D3:E6:11:C9:74:53 Authority key identifier: B3:98:66:A9:9D:1C:D9:F4:E7:E8:F5:3C:88:AD:14:DA:89:A1:86:25 Certificate issuer: /CN=A91964B3/serialNumber=B39866A99D1CD9F4E7E8F53C88AD14DA89A18625 Certificate serial: 3645 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft Manifest number: 3570 Signing time: Sat 26 Apr 2025 14:24:23 +0000 Manifest this update: Sat 26 Apr 2025 14:24:23 +0000 Manifest next update: Sat 03 May 2025 14:24:23 +0000 Files and hashes: 1: s5hmqZ0c2fTn6PU8iK0U2omhhiU.crl (hash: LBgiC3cwdYbU24GbPSkkavq+wW0jHfETZWVc9Omx1pM=) 2: B36EA83C70B111E98CFFF710C4F9AE02.roa (hash: YPxJgAFP2pm+e64iG82yJRkFHNHfja4F2rH7VSVuFpA=) 3: 4BE40306048011F0B0453C78C4F9AE02.roa (hash: ToQ9hHUeTJuT7Imt8d1Juyh6j9hy0IcEOvIx4Eihy0E=) 4: 160B219870BA11E99E0F6D2DC4F9AE02.roa (hash: 3QqIb/PpEMe7CSOMb9cfzIUcXW1tet3HABkiD8A3zkU=) 5: 26A143C291EB11EF8A024083C4F9AE02.roa (hash: apyNb0gzlP7QIPlzF+1SGVtUOjpAimi2EUrocnrYZRM=) 6: 18F4FD76918111EC93DCA42AC4F9AE02.roa (hash: 8JKaEfgtThOrevd/FI1wUsWQCsjDZCsWDfH4rtPvYOM=) 7: B0EB27B470B811E9B32F6726C4F9AE02.roa (hash: Yn6iyp3sOHzht7NrUVV1K95CTLrIyR+zeCU6DhPlbi0=) 8: 9538F912A09511EE9616A86EC4F9AE02.roa (hash: UIhH1UdXX1/WldxbBw/5eFdUsW8H5rv3xowCVi4x/js=) 9: 71D60BC2F6BA11EB865C4246C4F9AE02.roa (hash: E9Q0DLQxOx2PNLNxJzUPOmEekE0nfR8RNH8+NziMkYc=) 10: 9AF37E96D71B11EA9532F30CC4F9AE02.roa (hash: 6xFx//HoX9CSfFy+iBeZSYBO+hoRtkc5fjd5y3qvsJk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.crl rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 03 May 2025 14:24:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13893 (0x3645) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91964B3, serialNumber=B39866A99D1CD9F4E7E8F53C88AD14DA89A18625 Validity Not Before: Apr 26 14:24:23 2025 GMT Not After : May 3 14:24:23 2025 GMT Subject: CN=680cec97-624a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:57:d5:ae:9f:ec:ec:29:31:56:06:a0:c8:57: 8b:ed:1e:85:54:08:49:d1:3c:89:f2:41:d1:0d:c2: 15:73:df:4d:76:22:56:97:9b:69:68:04:16:07:2b: a0:07:44:b1:20:a3:11:83:d5:b0:b3:e6:08:d5:b5: 8b:32:76:e3:86:1c:07:52:c5:d6:3b:04:7f:ba:41: 25:f7:fa:fc:ab:32:1b:af:71:64:c9:67:99:6c:21: cc:e2:c3:80:bd:d2:0e:d3:a5:9c:eb:63:5d:de:5b: 31:ca:b7:e9:c9:67:73:8c:8d:4c:93:87:ac:05:ee: ea:5e:5a:74:66:4f:1f:35:c4:25:56:01:18:28:e6: 11:04:fa:a7:85:c5:fe:f2:b3:8e:3e:49:d2:8a:59: ae:c6:2a:a4:0b:31:c9:c5:c2:59:5d:2e:43:bb:d6: 9c:e6:81:07:7e:d3:27:49:0a:d3:3e:f2:91:09:6f: e4:55:4c:97:95:2f:32:07:c3:f7:8a:56:2c:57:1d: 19:03:5c:8b:c9:19:8e:50:66:f8:08:41:d0:4f:cc: 36:15:9e:24:cf:46:39:cb:2f:35:01:42:d7:47:1d: f1:55:6c:29:fc:f7:8e:11:90:5e:03:5d:0a:8f:28: 77:c7:38:df:e2:4d:84:48:a7:01:5c:65:32:a4:1c: ac:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:97:D5:84:F5:C9:CD:1A:C4:40:CE:DD:3C:94:D3:E6:11:C9:74:53 X509v3 Authority Key Identifier: keyid:B3:98:66:A9:9D:1C:D9:F4:E7:E8:F5:3C:88:AD:14:DA:89:A1:86:25 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:97:20:72:0d:6d:1d:d7:26:ae:27:22:8b:29:b5:c1:86:80: de:7c:3b:fc:5d:84:15:81:f2:fa:3d:fa:5d:87:ea:08:62:0d: 71:83:35:d9:c8:fb:5f:e8:e0:84:53:00:68:62:89:53:30:5f: 9d:86:7a:03:42:3a:0a:71:8b:48:4c:62:a9:8a:de:3f:1a:e5: 67:a0:be:9e:8f:3b:7b:51:44:8a:8d:64:27:07:56:6a:ba:cf: 50:03:94:bd:21:90:42:61:21:6f:cb:b1:36:55:91:90:1f:fc: 32:22:1c:90:d8:b4:a9:32:83:50:9e:7e:c5:2c:9a:c6:e7:04: b1:6f:32:68:b9:b5:83:63:a0:cd:cf:7d:43:53:52:ae:18:59: 9e:43:32:c3:ea:5b:cb:d7:9f:3e:9c:62:d1:e4:04:93:4f:32: 72:99:34:ea:d6:19:cb:2e:96:17:a9:ad:f8:aa:16:88:11:91: 61:9f:4a:b1:78:27:52:25:c2:a3:33:d9:8b:37:14:31:fc:e4: 7f:21:4b:f1:4f:48:f7:9c:ba:5f:44:cb:a8:84:e1:23:dc:a1: f6:37:ab:60:95:88:f1:82:b7:b2:20:8a:65:3b:30:dc:17:67: f6:94:e3:02:65:5c:28:9d:a4:6b:34:50:3d:0f:7d:40:5f:87: b4:bb:ec:dd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNkUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTY0QjMxMTAvBgNVBAUTKEIzOTg2NkE5OUQxQ0Q5RjRFN0U4RjUzQzg4QUQxNERB ODlBMTg2MjUwHhcNMjUwNDI2MTQyNDIzWhcNMjUwNTAzMTQyNDIzWjAYMRYwFAYD VQQDEw02ODBjZWM5Ny02MjRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz1fVrp/s7CkxVgagyFeL7R6FVAhJ0TyJ8kHRDcIVc99NdiJWl5tpaAQWByug B0SxIKMRg9Wws+YI1bWLMnbjhhwHUsXWOwR/ukEl9/r8qzIbr3FkyWeZbCHM4sOA vdIO06Wc62Nd3lsxyrfpyWdzjI1Mk4esBe7qXlp0Zk8fNcQlVgEYKOYRBPqnhcX+ 8rOOPknSilmuxiqkCzHJxcJZXS5Du9ac5oEHftMnSQrTPvKRCW/kVUyXlS8yB8P3 ilYsVx0ZA1yLyRmOUGb4CEHQT8w2FZ4kz0Y5yy81AULXRx3xVWwp/PeOEZBeA10K jyh3xzjf4k2ESKcBXGUypBysjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDyX1YT1 yc0axEDO3TyU0+YRyXRTMB8GA1UdIwQYMBaAFLOYZqmdHNn05+j1PIitFNqJoYYl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NjRCMy9FNjU4NTExMjFE ODQxMUUyQTFCQTMwREIwOEIwMkNEMi9zNWhtcVowYzJmVG42UFU4aUswVTJvbWho aVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3M1aG1xWjBjMmZUbjZQVThpSzBVMm9taGhpVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NjRCMy9FNjU4NTExMjFEODQxMUUyQTFCQTMwREIwOEIwMkNEMi9zNWhtcVowYzJm VG42UFU4aUswVTJvbWhoaVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAilyByDW0d1yauJyKLKbXBhoDefDv8XYQVgfL6Pfpdh+oIYg1xgzXZ yPtf6OCEUwBoYolTMF+dhnoDQjoKcYtITGKpit4/GuVnoL6ejzt7UUSKjWQnB1Zq us9QA5S9IZBCYSFvy7E2VZGQH/wyIhyQ2LSpMoNQnn7FLJrG5wSxbzJoubWDY6DN z31DU1KuGFmeQzLD6lvL158+nGLR5ASTTzJymTTq1hnLLpYXqa34qhaIEZFhn0qx eCdSJcKjM9mLNxQx/OR/IUvxT0j3nLpfRMuohOEj3KH2N6tglYjxgreyIIplOzDc F2f2lOMCZVwonaRrNFA9D31AX4e0u+zd -----END CERTIFICATE-----Generated at Sat Apr 26 17:19:26 2025 by rpki-client