$ rpki-client -vvf rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.mft File: 3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.mft (raw, json) Hash identifier: gLayl/OUpeNAcCRd6HHXaaRXU3lY9BU5zAIKiTI0Iz4= Subject key identifier: BE:56:22:1B:43:6B:59:84:1A:74:C8:E7:C0:08:BC:70:55:98:05:86 Authority key identifier: DC:B8:39:31:9F:D5:2E:AD:9F:CB:97:78:29:84:FD:1F:D4:49:2C:17 Certificate issuer: /CN=A91B569E/serialNumber=DCB839319FD52EAD9FCB97782984FD1FD4492C17 Certificate serial: 01ED Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.mft Manifest number: 01E5 Signing time: Fri 25 Apr 2025 01:55:53 +0000 Manifest this update: Fri 25 Apr 2025 01:55:52 +0000 Manifest next update: Fri 02 May 2025 01:55:52 +0000 Files and hashes: 1: 3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.crl (hash: vY6Hs1NhdiFFYl2hZwyn/6c5JUwPCfI83T01j2NQ0xI=) 2: 0CDAA8EEE86611EFA5152A24C4F9AE02.roa (hash: lUMcuws+kkSP+r54F6XS/v0f47726g1ZKxyTfmh7RHY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.crl rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:55:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 493 (0x1ed) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B569E, serialNumber=DCB839319FD52EAD9FCB97782984FD1FD4492C17 Validity Not Before: Apr 25 01:55:52 2025 GMT Not After : May 2 01:55:52 2025 GMT Subject: CN=680aeba9-8df7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:5f:72:88:19:de:86:39:9d:f3:f3:2c:f3:28: 37:93:ba:63:7a:7c:a8:34:4e:69:fb:ec:7d:5e:e5: 0c:49:26:15:17:0f:81:c8:89:51:8d:34:69:54:e8: de:0e:d3:76:b9:50:b5:2a:55:39:df:1d:6f:b4:8e: 48:6c:37:48:90:1a:e9:6f:a3:c8:4f:f1:22:e3:0f: 95:f4:1c:78:7f:21:cb:92:41:d3:1c:ff:ec:84:95: 31:41:39:06:fa:f4:08:ef:d9:1c:45:fc:82:19:af: 44:b4:2d:c5:a5:e5:07:1e:6f:bc:65:19:27:88:a7: 1e:02:79:c2:91:54:cd:b4:12:83:aa:91:62:8d:d8: 24:d6:15:21:0b:8b:45:ed:ca:d2:6f:12:22:15:88: 28:7c:1a:45:5a:36:c1:c9:5e:97:4d:c5:81:6c:f4: f4:bf:c6:ec:07:e8:15:e9:24:0c:31:d6:45:59:08: b3:3d:20:ef:22:a7:91:a1:e5:3d:0e:21:55:98:64: ba:5b:f6:64:dd:cc:8e:a6:07:07:c0:01:1d:c2:44: 6a:db:dc:bd:f1:1b:85:61:6c:3a:56:2c:8f:11:88: 8d:38:8e:41:ac:18:73:46:42:5e:cf:3d:d6:7e:b7: 5a:e4:d7:4c:7c:b1:5c:d3:00:8e:c0:e7:4a:f6:3f: 6f:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:56:22:1B:43:6B:59:84:1A:74:C8:E7:C0:08:BC:70:55:98:05:86 X509v3 Authority Key Identifier: keyid:DC:B8:39:31:9F:D5:2E:AD:9F:CB:97:78:29:84:FD:1F:D4:49:2C:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B569E/2525C7C84D2511EDA6DDD22EC4F9AE02/3Lg5MZ_VLq2fy5d4KYT9H9RJLBc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:8c:e9:93:cd:ab:a6:4e:3a:7c:20:36:be:58:64:56:9f:48: 28:1e:4d:f1:15:f3:dd:3d:b1:51:3a:0d:aa:46:e2:0e:db:a7: cb:1f:a1:dd:62:00:e0:b6:ad:82:0a:51:1e:57:56:45:27:72: 56:91:63:cd:8e:8b:92:a7:57:6d:61:28:e1:85:82:33:56:b1: 4d:e1:b0:5a:eb:2e:10:8a:f1:57:6b:ee:93:b6:ae:33:a1:a5: a4:6e:68:ee:bc:b0:76:03:73:54:0c:71:86:44:5c:81:4d:b5: 92:d0:fa:1b:34:9e:47:2b:a3:7e:a7:af:1c:46:2d:46:02:b7: 55:82:66:fb:ce:8b:82:9c:ca:22:c6:ed:c8:d0:fb:82:b0:2b: 7f:0b:d2:cf:29:00:9d:e0:f7:1d:82:32:0f:7a:0a:58:4d:2d: 89:1c:0d:0a:6f:38:c7:d9:fb:34:d4:3a:08:e3:22:cb:b0:95: 41:93:75:8f:b5:d0:ef:28:a5:74:5a:b0:4c:e4:76:d8:01:a0: d8:ee:76:ef:99:d1:73:29:c9:1a:45:ca:82:a8:62:ac:67:9d: 9b:64:06:59:05:14:b0:a0:7c:cc:16:fa:1a:06:ae:53:df:87: 3e:5e:96:41:66:6d:f2:fe:d2:fa:54:b7:83:99:81:a9:a0:01: 0d:33:59:fe -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAe0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjU2OUUxMTAvBgNVBAUTKERDQjgzOTMxOUZENTJFQUQ5RkNCOTc3ODI5ODRGRDFG RDQ0OTJDMTcwHhcNMjUwNDI1MDE1NTUyWhcNMjUwNTAyMDE1NTUyWjAYMRYwFAYD VQQDEw02ODBhZWJhOS04ZGY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvV9yiBnehjmd8/Ms8yg3k7pjenyoNE5p++x9XuUMSSYVFw+ByIlRjTRpVOje DtN2uVC1KlU53x1vtI5IbDdIkBrpb6PIT/Ei4w+V9Bx4fyHLkkHTHP/shJUxQTkG +vQI79kcRfyCGa9EtC3FpeUHHm+8ZRkniKceAnnCkVTNtBKDqpFijdgk1hUhC4tF 7crSbxIiFYgofBpFWjbByV6XTcWBbPT0v8bsB+gV6SQMMdZFWQizPSDvIqeRoeU9 DiFVmGS6W/Zk3cyOpgcHwAEdwkRq29y98RuFYWw6ViyPEYiNOI5BrBhzRkJezz3W frda5NdMfLFc0wCOwOdK9j9vIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL5WIhtD a1mEGnTI58AIvHBVmAWGMB8GA1UdIwQYMBaAFNy4OTGf1S6tn8uXeCmE/R/USSwX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTY5RS8yNTI1QzdDODRE MjUxMUVEQTZEREQyMkVDNEY5QUUwMi8zTGc1TVpfVkxxMmZ5NWQ0S1lUOUg5UkpM QmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNMZzVNWl9WTHEyZnk1ZDRLWVQ5SDlSSkxCYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NTY5RS8yNTI1QzdDODREMjUxMUVEQTZEREQyMkVDNEY5QUUwMi8zTGc1TVpfVkxx MmZ5NWQ0S1lUOUg5UkpMQmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQALjOmTzaumTjp8IDa+WGRWn0goHk3xFfPdPbFROg2qRuIO26fLH6Hd YgDgtq2CClEeV1ZFJ3JWkWPNjouSp1dtYSjhhYIzVrFN4bBa6y4QivFXa+6Ttq4z oaWkbmjuvLB2A3NUDHGGRFyBTbWS0PobNJ5HK6N+p68cRi1GArdVgmb7zouCnMoi xu3I0PuCsCt/C9LPKQCd4PcdgjIPegpYTS2JHA0KbzjH2fs01DoI4yLLsJVBk3WP tdDvKKV0WrBM5HbYAaDY7nbvmdFzKckaRcqCqGKsZ52bZAZZBRSwoHzMFvoaBq5T 34c+XpZBZm3y/tL6VLeDmYGpoAENM1n+ -----END CERTIFICATE-----Generated at Sat Apr 26 04:19:10 2025 by rpki-client