$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft File: 5bRMaejecz32GWYFbn5BXsfHDSo.mft (raw, json) Hash identifier: gbicnvjkdZRMV4Ptk6/ssQabraaP7uW758dKPY8rEFo= Subject key identifier: 18:9D:35:C9:27:75:86:9A:35:1B:F1:9B:0B:17:EC:E5:DD:B3:40:D5 Authority key identifier: E5:B4:4C:69:E8:DE:73:3D:F6:19:66:05:6E:7E:41:5E:C7:C7:0D:2A Certificate issuer: /CN=A91B4873/serialNumber=E5B44C69E8DE733DF61966056E7E415EC7C70D2A Certificate serial: 99 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft Manifest number: 98 Signing time: Fri 25 Apr 2025 05:18:48 +0000 Manifest this update: Fri 25 Apr 2025 05:18:48 +0000 Manifest next update: Fri 02 May 2025 05:18:48 +0000 Files and hashes: 1: 5bRMaejecz32GWYFbn5BXsfHDSo.crl (hash: HnZRpCc76bbrM1ZsooTBJgbdjEC9Siote+12U05sWxE=) 2: 01F62A6438F011EF9A82662BC4F9AE02.roa (hash: 6ibBV+FsUpvviGFZhtbUaWu715IOaDD6qWu96emn7VA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.crl rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:18:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 153 (0x99) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4873, serialNumber=E5B44C69E8DE733DF61966056E7E415EC7C70D2A Validity Not Before: Apr 25 05:18:48 2025 GMT Not After : May 2 05:18:48 2025 GMT Subject: CN=680b1b38-86f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f3:87:dd:82:30:b4:0f:7c:f3:45:57:88:1a: 06:79:a3:e8:34:53:06:57:b7:43:51:16:4f:1a:d2: cd:2f:2a:f3:c0:75:7c:5f:7d:42:68:9d:a8:28:be: 17:15:b0:5a:41:b0:28:a2:0f:16:44:70:b7:7e:de: 3a:a0:30:17:f8:d0:f3:bf:6a:a2:32:2f:94:9f:fd: bf:0b:c0:80:cd:69:45:bd:90:6d:87:6b:2d:e6:a9: 0e:3e:90:e9:91:06:09:f1:06:cf:2a:b8:16:0a:c6: db:78:18:cc:3b:72:2d:70:80:02:0b:40:69:86:13: 53:6a:6d:f2:6b:82:4d:d6:21:94:66:6b:ca:78:d0: 49:a3:22:8c:26:97:8d:99:9e:df:a5:fd:a6:e7:bb: 04:54:9d:af:b7:4a:1c:f6:20:0b:0f:65:6d:e8:cd: cb:25:79:9f:48:2e:fa:51:ed:16:cf:c8:ed:38:fe: 93:86:ba:00:d1:30:96:39:e5:45:df:95:88:ec:df: a2:d8:d5:e6:c6:fd:3c:d8:10:ef:19:dc:dd:a3:71: a4:d2:16:7d:62:91:b9:c0:38:74:d1:52:05:75:f1: d8:d6:1c:7e:0c:f4:6b:f5:96:70:5d:14:df:72:4d: 95:f3:66:e2:27:31:ad:ad:bc:5e:27:8f:e9:ea:2c: fd:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:9D:35:C9:27:75:86:9A:35:1B:F1:9B:0B:17:EC:E5:DD:B3:40:D5 X509v3 Authority Key Identifier: keyid:E5:B4:4C:69:E8:DE:73:3D:F6:19:66:05:6E:7E:41:5E:C7:C7:0D:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b9:ee:81:90:e8:46:7b:42:3f:dc:ae:a9:56:a5:0e:af:0e:5c: 81:a8:89:e6:ed:ef:30:5c:6a:6c:da:2d:15:e8:96:57:fa:bb: ac:03:81:a8:f7:95:80:76:c1:4b:db:a8:8e:a4:00:92:3b:6e: 7d:1b:3f:ad:c7:64:af:8f:d3:aa:66:63:6f:2c:2a:6e:15:a4: 99:60:6e:1e:a2:00:75:ea:f3:2a:6b:71:65:92:26:b9:50:4d: f4:a3:74:35:10:c0:c0:31:99:a3:28:5e:88:cb:30:bf:65:fd: d9:80:9c:77:32:02:68:d7:9b:1d:48:be:37:97:37:a0:eb:08: ce:a3:7c:a3:5c:b7:17:d8:d3:21:94:02:6d:2b:bb:4a:f0:98: 3c:a0:2c:11:9c:0f:2f:be:85:29:ec:fa:a9:81:38:4d:f5:ff: 73:8c:96:10:35:6c:de:1e:c0:c5:3c:6a:ab:e0:56:8e:2e:b5: 7d:f2:a1:25:2f:71:24:42:7b:2f:39:32:e1:ca:89:37:34:d6: 1e:24:5e:2f:1c:f3:e0:98:16:8a:2a:58:83:f4:0e:d8:d9:c6: 5d:9d:29:bb:47:12:47:d4:f6:8b:07:61:e7:01:60:c0:5a:22: a6:a3:c1:84:f6:cd:58:76:82:55:fe:a8:ba:f1:a0:91:b8:0e: 2e:6b:33:5c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQ4NzMxMTAvBgNVBAUTKEU1QjQ0QzY5RThERTczM0RGNjE5NjYwNTZFN0U0MTVF QzdDNzBEMkEwHhcNMjUwNDI1MDUxODQ4WhcNMjUwNTAyMDUxODQ4WjAYMRYwFAYD VQQDEw02ODBiMWIzOC04NmY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuPOH3YIwtA9880VXiBoGeaPoNFMGV7dDURZPGtLNLyrzwHV8X31CaJ2oKL4X FbBaQbAoog8WRHC3ft46oDAX+NDzv2qiMi+Un/2/C8CAzWlFvZBth2st5qkOPpDp kQYJ8QbPKrgWCsbbeBjMO3ItcIACC0BphhNTam3ya4JN1iGUZmvKeNBJoyKMJpeN mZ7fpf2m57sEVJ2vt0oc9iALD2Vt6M3LJXmfSC76Ue0Wz8jtOP6ThroA0TCWOeVF 35WI7N+i2NXmxv082BDvGdzdo3Gk0hZ9YpG5wDh00VIFdfHY1hx+DPRr9ZZwXRTf ck2V82biJzGtrbxeJ4/p6iz9awIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBidNckn dYaaNRvxmwsX7OXds0DVMB8GA1UdIwQYMBaAFOW0TGno3nM99hlmBW5+QV7Hxw0q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDg3My80RTI1QzhCQzM4 RTcxMUVGODQ0QjRGNjVDNEY5QUUwMi81YlJNYWVqZWN6MzJHV1lGYm41QlhzZkhE U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzViUk1hZWplY3ozMkdXWUZibjVCWHNmSERTby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDg3My80RTI1QzhCQzM4RTcxMUVGODQ0QjRGNjVDNEY5QUUwMi81YlJNYWVqZWN6 MzJHV1lGYm41QlhzZkhEU28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC57oGQ6EZ7Qj/crqlWpQ6vDlyBqInm7e8wXGps2i0V6JZX+rusA4Go 95WAdsFL26iOpACSO259Gz+tx2Svj9OqZmNvLCpuFaSZYG4eogB16vMqa3Flkia5 UE30o3Q1EMDAMZmjKF6IyzC/Zf3ZgJx3MgJo15sdSL43lzeg6wjOo3yjXLcX2NMh lAJtK7tK8Jg8oCwRnA8vvoUp7PqpgThN9f9zjJYQNWzeHsDFPGqr4FaOLrV98qEl L3EkQnsvOTLhyok3NNYeJF4vHPPgmBaKKliD9A7Y2cZdnSm7RxJH1PaLB2HnAWDA WiKmo8GE9s1YdoJV/qi68aCRuA4uazNc -----END CERTIFICATE-----Generated at Sat Apr 26 13:07:38 2025 by rpki-client