$ rpki-client -vvf rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.mft File: BXtTd0A4JnigePW_KExyZ5S50TQ.mft (raw, json) Hash identifier: zItrUk/UeZfiUyEerxhh4ogwhOek82bAmk8IHf72McI= Subject key identifier: B4:95:67:26:66:01:A7:29:E5:0F:E7:73:61:70:2A:A9:A0:BA:75:5C Authority key identifier: 05:7B:53:77:40:38:26:78:A0:78:F5:BF:28:4C:72:67:94:B9:D1:34 Certificate issuer: /CN=A91992FA/serialNumber=057B537740382678A078F5BF284C726794B9D134 Certificate serial: 25 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXtTd0A4JnigePW_KExyZ5S50TQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.mft Manifest number: 24 Signing time: Fri 25 Apr 2025 06:48:12 +0000 Manifest this update: Fri 25 Apr 2025 06:48:12 +0000 Manifest next update: Fri 02 May 2025 06:48:12 +0000 Files and hashes: 1: BXtTd0A4JnigePW_KExyZ5S50TQ.crl (hash: fHc4EmMlctuAmGyvkkmDvUUZSNjq414p2xj31l6x/9A=) 2: 44A28FACEFEC11EF80EC123DC4F9AE02.roa (hash: kIHtM5yk/7E77z9qFDfBUJpQm2RMukSPxAc1zKCnuxc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.crl rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXtTd0A4JnigePW_KExyZ5S50TQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:48:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37 (0x25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91992FA, serialNumber=057B537740382678A078F5BF284C726794B9D134 Validity Not Before: Apr 25 06:48:12 2025 GMT Not After : May 2 06:48:12 2025 GMT Subject: CN=680b302c-9fa3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:ab:ec:80:9c:6d:98:d1:a7:e5:c0:60:00:0e: ab:0e:fb:21:6f:52:cd:14:91:e9:d7:e2:93:ef:71: fc:ed:7d:c5:ed:41:7f:cc:86:4f:df:d3:31:43:03: d5:f5:a6:e2:2a:06:be:4a:1b:93:6e:79:fe:67:15: 3a:d9:50:94:e3:96:d6:e9:9b:49:3d:69:07:75:6d: bf:61:11:62:36:0e:03:b2:0d:3a:a8:ff:8e:17:12: 1f:fd:80:f4:19:87:e9:ad:54:bf:51:b8:8b:da:d4: 6d:61:c7:59:db:2c:62:2e:8c:d5:c7:39:b5:a9:0b: 6a:dd:e4:bf:63:5b:67:85:e5:c5:27:c4:74:c0:47: ec:9a:8d:90:5c:34:df:64:da:4c:d1:78:09:96:fe: ab:96:59:ac:a6:fe:b5:88:78:44:ff:44:a0:9c:a2: 0b:43:68:61:55:75:a4:e9:c4:d3:34:9b:4f:96:63: f9:35:8d:41:2c:75:63:af:32:51:ff:58:1b:24:d0: e0:bb:6f:24:1f:87:a7:47:8d:47:76:2d:16:12:ec: a5:ee:6b:93:6c:a1:a0:ad:c3:ff:ba:29:e4:1b:81: 93:82:49:4d:6e:c5:99:11:4b:58:5e:98:b1:29:7b: 31:0a:94:06:18:12:fa:b1:bb:78:6c:ae:8c:2b:32: 01:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:95:67:26:66:01:A7:29:E5:0F:E7:73:61:70:2A:A9:A0:BA:75:5C X509v3 Authority Key Identifier: keyid:05:7B:53:77:40:38:26:78:A0:78:F5:BF:28:4C:72:67:94:B9:D1:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXtTd0A4JnigePW_KExyZ5S50TQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:e5:f4:b1:88:a5:ed:cc:d3:45:b5:d3:32:79:c7:ed:0a:18: 9d:7e:88:b5:e7:97:31:22:fb:8c:84:71:5e:af:41:b9:d0:a3: c5:74:0c:1a:3c:36:80:dc:1d:70:ec:67:19:4b:dd:ed:35:3a: c1:36:d1:9e:75:cb:9e:e9:c3:e4:82:ea:da:92:b7:cd:97:d9: 83:27:a2:9e:e9:fd:d7:62:1d:78:5d:b0:d7:cc:ee:2a:47:c1: 52:67:57:35:d5:20:9f:db:f0:52:d1:da:83:e4:4b:97:4e:bc: 60:6c:36:dc:4d:76:71:db:38:54:c1:8a:70:d9:3a:30:c3:e5: 35:25:53:30:6a:59:fa:f4:29:67:8d:da:33:1d:99:96:5a:86: df:8a:08:8d:9a:0b:86:59:36:57:51:4e:e4:e6:d2:ba:f7:46: b6:6f:c8:97:5e:f4:79:19:e5:17:d0:83:27:e8:b4:b6:20:e6: e3:bd:b3:61:5c:08:52:bf:6f:f9:9c:8c:e5:a6:da:32:5a:ee: c2:9d:8e:2b:79:a9:0e:e8:4b:fb:9f:4c:95:44:4b:8b:f9:b4: 4e:aa:73:c6:77:69:e5:e4:3e:99:e0:d4:67:08:94:25:56:bc: 87:17:03:62:a6:d5:a7:c8:32:db:ba:b2:08:b3:b2:6e:d1:86: 9a:39:46:e7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 OTJGQTExMC8GA1UEBRMoMDU3QjUzNzc0MDM4MjY3OEEwNzhGNUJGMjg0QzcyNjc5 NEI5RDEzNDAeFw0yNTA0MjUwNjQ4MTJaFw0yNTA1MDIwNjQ4MTJaMBgxFjAUBgNV BAMTDTY4MGIzMDJjLTlmYTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCgq+yAnG2Y0aflwGAADqsO+yFvUs0UkenX4pPvcfztfcXtQX/Mhk/f0zFDA9X1 puIqBr5KG5Nuef5nFTrZUJTjltbpm0k9aQd1bb9hEWI2DgOyDTqo/44XEh/9gPQZ h+mtVL9RuIva1G1hx1nbLGIujNXHObWpC2rd5L9jW2eF5cUnxHTAR+yajZBcNN9k 2kzReAmW/quWWaym/rWIeET/RKCcogtDaGFVdaTpxNM0m0+WY/k1jUEsdWOvMlH/ WBsk0OC7byQfh6dHjUd2LRYS7KXua5NsoaCtw/+6KeQbgZOCSU1uxZkRS1hemLEp ezEKlAYYEvqxu3hsrowrMgG1AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUtJVnJmYB pynlD+dzYXAqqaC6dVwwHwYDVR0jBBgwFoAUBXtTd0A4JnigePW/KExyZ5S50TQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk5MkZBL0ZBNDZFMEQyRUUw MzExRUY5QzJCOEE0OUM0RjlBRTAyL0JYdFRkMEE0Sm5pZ2VQV19LRXh5WjVTNTBU US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQlh0VGQwQTRKbmlnZVBXX0tFeHlaNVM1MFRRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk5 MkZBL0ZBNDZFMEQyRUUwMzExRUY5QzJCOEE0OUM0RjlBRTAyL0JYdFRkMEE0Sm5p Z2VQV19LRXh5WjVTNTBUUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEzl9LGIpe3M00W10zJ5x+0KGJ1+iLXnlzEi+4yEcV6vQbnQo8V0DBo8 NoDcHXDsZxlL3e01OsE20Z51y57pw+SC6tqSt82X2YMnop7p/ddiHXhdsNfM7ipH wVJnVzXVIJ/b8FLR2oPkS5dOvGBsNtxNdnHbOFTBinDZOjDD5TUlUzBqWfr0KWeN 2jMdmZZaht+KCI2aC4ZZNldRTuTm0rr3RrZvyJde9HkZ5RfQgyfotLYg5uO9s2Fc CFK/b/mcjOWm2jJa7sKdjit5qQ7oS/ufTJVES4v5tE6qc8Z3aeXkPpng1GcIlCVW vIcXA2Km1afIMtu6sgizsm7Rhpo5Ruc= -----END CERTIFICATE-----Generated at Sat Apr 26 15:28:13 2025 by rpki-client