$ rpki-client -vvf rpki.apnic.net/member_repository/A91A5030/CE6A3F10FD2A11E4B74FEA42C4F9AE02/h2m5UvnIAGdXkp8GmXzeWx5EjxQ.mft File: h2m5UvnIAGdXkp8GmXzeWx5EjxQ.mft (raw, json) Hash identifier: VsWMaAegaT5iIlY/BqT5OrSmaqTKqmjZytZBJxd1mv0= Subject key identifier: EE:4C:F0:D3:19:96:2F:E0:AD:98:B1:98:DB:A6:1C:75:64:66:16:CA Authority key identifier: 87:69:B9:52:F9:C8:00:67:57:92:9F:06:99:7C:DE:5B:1E:44:8F:14 Certificate issuer: /CN=A91A5030/serialNumber=8769B952F9C8006757929F06997CDE5B1E448F14 Certificate serial: 25FA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h2m5UvnIAGdXkp8GmXzeWx5EjxQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A5030/CE6A3F10FD2A11E4B74FEA42C4F9AE02/h2m5UvnIAGdXkp8GmXzeWx5EjxQ.mft Manifest number: 25E7 Signing time: Thu 24 Apr 2025 15:43:55 +0000 Manifest this update: Thu 24 Apr 2025 15:43:54 +0000 Manifest next update: Thu 01 May 2025 15:43:54 +0000 Files and hashes: 1: h2m5UvnIAGdXkp8GmXzeWx5EjxQ.crl (hash: bfdKgSKrFxyxgNlpzP446LIxUL+b3n5CvEQLnFXsiQQ=) 2: 764601EE6A7A11EFAF10EC37C4F9AE02.roa (hash: wlnyKHrlK/WWGM/sWHlA6+OjLcmqJ1sU/DSuQx9lYJQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A5030/CE6A3F10FD2A11E4B74FEA42C4F9AE02/h2m5UvnIAGdXkp8GmXzeWx5EjxQ.crl rsync://rpki.apnic.net/member_repository/A91A5030/CE6A3F10FD2A11E4B74FEA42C4F9AE02/h2m5UvnIAGdXkp8GmXzeWx5EjxQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h2m5UvnIAGdXkp8GmXzeWx5EjxQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 15:43:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9722 (0x25fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A5030, serialNumber=8769B952F9C8006757929F06997CDE5B1E448F14 Validity Not Before: Apr 24 15:43:54 2025 GMT Not After : May 1 15:43:54 2025 GMT Subject: CN=680a5c3a-14dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:6a:59:c4:3f:63:d1:32:53:7b:ee:16:11:7e: 04:9e:7a:66:d3:81:85:4b:4d:98:55:f9:9b:80:c6: c2:13:8c:66:3b:58:c4:24:80:ce:23:03:81:59:30: 4a:ba:9f:d5:12:a9:bc:c3:1b:88:ba:89:27:cd:53: fa:8f:f0:bb:72:9e:3a:d3:44:b5:7a:24:a0:cf:07: 64:cc:3a:14:ea:b4:f6:83:e2:41:95:8c:9c:05:ac: 55:6c:3c:c4:50:cb:2e:b2:f5:fd:30:2a:47:7d:66: 01:9b:20:02:48:63:e1:e4:b0:b2:78:16:63:c3:3b: a8:7d:96:cd:59:24:54:b6:22:ea:df:6d:17:c3:36: de:83:c6:df:69:d9:8a:30:53:ba:98:8f:c3:77:84: 5b:e5:23:96:99:3d:fe:c6:f5:82:16:a2:46:28:1a: cb:be:bb:15:fd:57:74:6c:ef:11:56:47:28:f4:ef: fa:b6:ac:9c:ee:30:32:80:76:a6:06:e7:82:8c:b5: 3c:f6:2a:2b:cb:0a:aa:ff:cf:78:41:6c:94:f4:8a: 74:2a:89:9c:72:6d:37:52:ad:93:cb:b8:cc:8a:9c: e0:6c:a9:28:1b:e6:c5:05:d9:12:d6:d0:00:c6:6a: 9c:11:79:8f:10:18:f3:37:ff:4b:64:da:1c:a4:f8: 76:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:4C:F0:D3:19:96:2F:E0:AD:98:B1:98:DB:A6:1C:75:64:66:16:CA X509v3 Authority Key Identifier: keyid:87:69:B9:52:F9:C8:00:67:57:92:9F:06:99:7C:DE:5B:1E:44:8F:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A5030/CE6A3F10FD2A11E4B74FEA42C4F9AE02/h2m5UvnIAGdXkp8GmXzeWx5EjxQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h2m5UvnIAGdXkp8GmXzeWx5EjxQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A5030/CE6A3F10FD2A11E4B74FEA42C4F9AE02/h2m5UvnIAGdXkp8GmXzeWx5EjxQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0f:aa:fc:b9:17:3a:9d:21:8e:5d:79:ba:8d:af:f3:8e:88:ad: 15:d4:96:ef:e7:5f:f8:12:8c:73:3b:ba:da:19:cf:fb:9e:5f: 57:37:4c:bf:0a:ac:75:fd:2c:45:84:79:09:9c:ce:81:9b:0f: 79:2a:c2:1e:be:18:b1:a8:8f:0c:b9:aa:82:0c:65:fc:a6:32: e6:bd:cf:7d:3f:24:81:47:70:7c:7b:f0:5d:c0:d1:50:0b:02: a8:df:00:86:a7:cc:c9:89:c4:2e:3e:bd:39:62:56:a5:e3:52: 14:38:d9:bd:c5:f3:9c:64:5f:2c:cb:1f:81:81:06:1e:0a:a6: 99:a8:bd:5b:a6:2f:73:51:bf:ed:0f:a7:64:6e:e5:d5:80:af: 6a:0b:11:03:68:f7:7f:2a:2a:2a:55:0f:80:83:6a:47:68:cf: 27:02:70:dc:85:2a:ed:ba:99:89:36:28:57:5a:7b:14:9b:c4: a7:78:1e:d7:34:67:55:5f:75:25:6f:09:1b:7e:93:50:79:e0: 53:1c:90:c1:e4:f7:08:87:34:49:84:7d:8f:f3:7c:51:0e:80: 16:a2:20:72:03:de:35:b3:55:92:0e:6c:9d:18:3a:dd:25:ec: 68:90:26:d5:5f:5a:9b:60:a0:9d:4e:41:be:12:b6:31:41:01: b7:b3:66:3d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJfowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTUwMzAxMTAvBgNVBAUTKDg3NjlCOTUyRjlDODAwNjc1NzkyOUYwNjk5N0NERTVC MUU0NDhGMTQwHhcNMjUwNDI0MTU0MzU0WhcNMjUwNTAxMTU0MzU0WjAYMRYwFAYD VQQDEw02ODBhNWMzYS0xNGRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3mpZxD9j0TJTe+4WEX4Ennpm04GFS02YVfmbgMbCE4xmO1jEJIDOIwOBWTBK up/VEqm8wxuIuoknzVP6j/C7cp4600S1eiSgzwdkzDoU6rT2g+JBlYycBaxVbDzE UMsusvX9MCpHfWYBmyACSGPh5LCyeBZjwzuofZbNWSRUtiLq320Xwzbeg8bfadmK MFO6mI/Dd4Rb5SOWmT3+xvWCFqJGKBrLvrsV/Vd0bO8RVkco9O/6tqyc7jAygHam BueCjLU89iorywqq/894QWyU9Ip0Komccm03Uq2Ty7jMipzgbKkoG+bFBdkS1tAA xmqcEXmPEBjzN/9LZNocpPh2xQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO5M8NMZ li/grZixmNumHHVkZhbKMB8GA1UdIwQYMBaAFIdpuVL5yABnV5KfBpl83lseRI8U MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTAzMC9DRTZBM0YxMEZE MkExMUU0Qjc0RkVBNDJDNEY5QUUwMi9oMm01VXZuSUFHZFhrcDhHbVh6ZVd4NUVq eFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2gybTVVdm5JQUdkWGtwOEdtWHplV3g1RWp4US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTAzMC9DRTZBM0YxMEZEMkExMUU0Qjc0RkVBNDJDNEY5QUUwMi9oMm01VXZuSUFH ZFhrcDhHbVh6ZVd4NUVqeFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAPqvy5FzqdIY5debqNr/OOiK0V1Jbv51/4EoxzO7raGc/7nl9XN0y/ Cqx1/SxFhHkJnM6Bmw95KsIevhixqI8MuaqCDGX8pjLmvc99PySBR3B8e/BdwNFQ CwKo3wCGp8zJicQuPr05Ylal41IUONm9xfOcZF8syx+BgQYeCqaZqL1bpi9zUb/t D6dkbuXVgK9qCxEDaPd/KioqVQ+Ag2pHaM8nAnDchSrtupmJNihXWnsUm8SneB7X NGdVX3UlbwkbfpNQeeBTHJDB5PcIhzRJhH2P83xRDoAWoiByA941s1WSDmydGDrd JexokCbVX1qbYKCdTkG+ErYxQQG3s2Y9 -----END CERTIFICATE-----Generated at Sat Apr 26 05:05:11 2025 by rpki-client