$ rpki-client -vvf rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.mft File: b814Gaj5P69A0OOH8htG6E3p1ws.mft (raw, json) Hash identifier: SiY58XV2jYHqWF3kKSlDhUToaqOeKrNCetcg3DnYMDA= Subject key identifier: 25:26:66:5B:BA:75:C1:92:61:08:51:DC:5F:01:62:44:EA:CD:2B:DD Authority key identifier: 6F:CD:78:19:A8:F9:3F:AF:40:D0:E3:87:F2:1B:46:E8:4D:E9:D7:0B Certificate issuer: /CN=A91B02A2/serialNumber=6FCD7819A8F93FAF40D0E387F21B46E84DE9D70B Certificate serial: 011A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b814Gaj5P69A0OOH8htG6E3p1ws.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.mft Manifest number: 0118 Signing time: Tue 29 Apr 2025 04:51:44 +0000 Manifest this update: Tue 29 Apr 2025 04:51:44 +0000 Manifest next update: Tue 06 May 2025 04:51:44 +0000 Files and hashes: 1: b814Gaj5P69A0OOH8htG6E3p1ws.crl (hash: s4vqEljPbg6c6om79cZsnxu97OXq1uXgjjIAqNJFCSg=) 2: 5D98833C77EC11EEA06F373BC4F9AE02.roa (hash: PTNlCaFqxgAXX8dh1a7LSvNmOXF/4erL00o7/e/JlJk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.crl rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b814Gaj5P69A0OOH8htG6E3p1ws.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 06 May 2025 04:51:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 282 (0x11a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B02A2, serialNumber=6FCD7819A8F93FAF40D0E387F21B46E84DE9D70B Validity Not Before: Apr 29 04:51:44 2025 GMT Not After : May 6 04:51:44 2025 GMT Subject: CN=68105ae0-2697 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:53:f0:dc:23:e9:e6:e0:9b:b6:79:ef:22:46: c9:7d:bd:92:e4:85:7a:e4:71:d2:d4:05:78:d6:2b: 6e:d9:e8:70:2a:00:7e:7e:67:fc:81:87:73:76:9d: 14:be:5a:21:17:6c:c7:8e:eb:e6:23:16:ef:e2:e9: 69:a0:85:1b:aa:d3:7a:f3:32:04:17:a3:5c:53:b7: a4:31:6e:12:a8:fe:46:c3:4e:db:01:c9:35:e7:08: 98:f9:78:a3:a7:cd:79:f7:1c:08:55:6b:d6:59:44: e3:67:11:32:a7:b3:2b:2b:bb:08:ed:82:b1:76:d7: 03:8c:a7:ca:83:db:cb:e0:42:63:6d:45:0d:82:31: d3:ea:4c:de:43:bf:8c:40:2c:be:c4:87:80:7f:6b: 18:9f:b7:c2:64:23:21:7e:9f:d7:1f:8d:8a:0d:ee: 8c:d8:c6:75:f7:70:21:1e:72:90:2d:00:a0:11:9e: b2:ed:e2:fa:3c:bf:30:75:fb:2d:e8:8e:94:34:37: 17:e9:e5:8b:55:d7:03:36:95:df:96:16:75:60:59: c8:ee:ee:85:67:7a:fb:ba:bb:a7:04:f2:20:fe:ec: d2:bf:9b:b1:87:54:28:16:66:86:0b:59:49:1a:e3: 00:30:b5:a1:ba:e1:47:2c:0f:0f:8d:a3:42:9c:a8: 2a:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:26:66:5B:BA:75:C1:92:61:08:51:DC:5F:01:62:44:EA:CD:2B:DD X509v3 Authority Key Identifier: keyid:6F:CD:78:19:A8:F9:3F:AF:40:D0:E3:87:F2:1B:46:E8:4D:E9:D7:0B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b814Gaj5P69A0OOH8htG6E3p1ws.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2c:a2:e0:ce:67:6a:51:b5:46:9f:3a:9b:75:39:0c:4b:c1:19: ca:7d:91:fd:63:26:d1:29:b6:bf:9c:d6:65:e7:bf:7e:bf:5b: 25:65:48:dc:1f:62:03:37:d9:17:97:50:85:17:e7:7d:e8:7c: 32:8e:23:6f:22:7e:0c:a5:a6:5a:12:c6:2d:1f:a6:19:bc:14: db:33:6c:0e:25:a1:8f:08:fa:81:b7:49:31:20:a7:69:06:3d: 2c:74:6d:03:14:0d:fa:66:d5:e9:ab:c2:39:53:1e:23:fc:a9: bb:38:1f:8d:86:49:f4:2b:9f:1d:1b:09:1d:45:21:65:0a:1b: ec:94:00:d7:96:fd:0a:70:7b:77:67:86:bf:05:0e:0b:ef:1c: 83:cc:18:de:fb:7b:3f:15:cf:b7:57:92:ab:16:95:5e:43:c1: 3f:e5:3a:cf:82:02:1c:fa:74:c5:ee:9f:d5:09:e0:f6:c6:67: 61:f0:dd:a1:d2:9d:36:61:99:8b:d6:90:4d:8e:9a:ea:0b:3b: 03:fb:0e:3c:7b:25:77:7b:45:c5:7c:bb:f6:3f:6e:e4:64:27: f6:db:b4:7f:47:ac:a7:ea:51:58:c0:d1:b7:dd:08:8d:8c:a7: 6e:82:a5:17:09:9e:3d:25:cc:14:20:1f:cc:c1:15:8c:55:82: 87:b7:12:d3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICARowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjAyQTIxMTAvBgNVBAUTKDZGQ0Q3ODE5QThGOTNGQUY0MEQwRTM4N0YyMUI0NkU4 NERFOUQ3MEIwHhcNMjUwNDI5MDQ1MTQ0WhcNMjUwNTA2MDQ1MTQ0WjAYMRYwFAYD VQQDEw02ODEwNWFlMC0yNjk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp1Pw3CPp5uCbtnnvIkbJfb2S5IV65HHS1AV41itu2ehwKgB+fmf8gYdzdp0U vlohF2zHjuvmIxbv4ulpoIUbqtN68zIEF6NcU7ekMW4SqP5Gw07bAck15wiY+Xij p8159xwIVWvWWUTjZxEyp7MrK7sI7YKxdtcDjKfKg9vL4EJjbUUNgjHT6kzeQ7+M QCy+xIeAf2sYn7fCZCMhfp/XH42KDe6M2MZ193AhHnKQLQCgEZ6y7eL6PL8wdfst 6I6UNDcX6eWLVdcDNpXflhZ1YFnI7u6FZ3r7urunBPIg/uzSv5uxh1QoFmaGC1lJ GuMAMLWhuuFHLA8PjaNCnKgqEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCUmZlu6 dcGSYQhR3F8BYkTqzSvdMB8GA1UdIwQYMBaAFG/NeBmo+T+vQNDjh/IbRuhN6dcL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDJBMi9FRkQyMTU4NDc3 RUIxMUVFOTNCNjhCM0FDNEY5QUUwMi9iODE0R2FqNVA2OUEwT09IOGh0RzZFM3Ax d3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I4MTRHYWo1UDY5QTBPT0g4aHRHNkUzcDF3cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MDJBMi9FRkQyMTU4NDc3RUIxMUVFOTNCNjhCM0FDNEY5QUUwMi9iODE0R2FqNVA2 OUEwT09IOGh0RzZFM3Axd3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAsouDOZ2pRtUafOpt1OQxLwRnKfZH9YybRKba/nNZl579+v1slZUjc H2IDN9kXl1CFF+d96HwyjiNvIn4MpaZaEsYtH6YZvBTbM2wOJaGPCPqBt0kxIKdp Bj0sdG0DFA36ZtXpq8I5Ux4j/Km7OB+Nhkn0K58dGwkdRSFlChvslADXlv0KcHt3 Z4a/BQ4L7xyDzBje+3s/Fc+3V5KrFpVeQ8E/5TrPggIc+nTF7p/VCeD2xmdh8N2h 0p02YZmL1pBNjprqCzsD+w48eyV3e0XFfLv2P27kZCf227R/R6yn6lFYwNG33QiN jKdugqUXCZ49JcwUIB/MwRWMVYKHtxLT -----END CERTIFICATE-----Generated at Tue Apr 29 07:47:02 2025 by rpki-client