$ rpki-client -vvf rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/I1WemnFX565_YExCiDcpLeAzCaA.mft File: I1WemnFX565_YExCiDcpLeAzCaA.mft (raw, json) Hash identifier: kxtGeHqKuRPAHWM/2vssXsocQbDqI4tF3RzwOyTKSb4= Subject key identifier: 70:12:D8:37:B1:F0:E8:0F:EB:F2:3D:70:39:03:D1:72:BB:67:62:6B Authority key identifier: 23:55:9E:9A:71:57:E7:AE:7F:60:4C:42:88:37:29:2D:E0:33:09:A0 Certificate issuer: /CN=A91BEA2A/serialNumber=23559E9A7157E7AE7F604C428837292DE03309A0 Certificate serial: 028A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I1WemnFX565_YExCiDcpLeAzCaA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/I1WemnFX565_YExCiDcpLeAzCaA.mft Manifest number: 0285 Signing time: Fri 25 Apr 2025 01:22:12 +0000 Manifest this update: Fri 25 Apr 2025 01:22:12 +0000 Manifest next update: Fri 02 May 2025 01:22:12 +0000 Files and hashes: 1: I1WemnFX565_YExCiDcpLeAzCaA.crl (hash: 7MU3NrckzyVY0u6MQVxGe1pXypj095PllrGl8r2FRBM=) 2: CFF0FDEC025911EDA0A85765C4F9AE02.roa (hash: fWJ7cRsTCAW0U+0r1+X1xY7gsboVcmoNdt+pkuhh4IE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/I1WemnFX565_YExCiDcpLeAzCaA.crl rsync://rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/I1WemnFX565_YExCiDcpLeAzCaA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I1WemnFX565_YExCiDcpLeAzCaA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 01:22:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 650 (0x28a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BEA2A, serialNumber=23559E9A7157E7AE7F604C428837292DE03309A0 Validity Not Before: Apr 25 01:22:12 2025 GMT Not After : May 2 01:22:12 2025 GMT Subject: CN=680ae3c4-ed23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:f5:45:04:a9:6d:fd:d4:31:88:5e:c6:6c:98: ae:98:47:33:4e:e3:9f:20:08:d9:13:97:99:6c:ac: 1d:f6:5b:1f:fe:7b:0a:60:2c:1b:04:04:3e:52:ff: 48:bc:5f:78:34:b8:7c:ee:46:fd:58:fb:88:d0:ec: 85:53:75:0e:5d:66:63:c7:1e:46:2f:44:b7:a3:77: 3d:b1:e2:ae:b0:97:f1:f9:6d:8b:f4:0c:13:cc:4f: 9e:b4:9b:f4:7c:c9:20:8d:01:80:cd:38:11:f2:8c: fb:12:18:f5:86:88:b7:89:a5:01:5d:bd:d8:a9:e5: 36:18:62:44:64:ea:0d:34:2e:39:dd:fe:77:36:e2: ab:9d:ad:58:fd:7f:b9:8e:8b:66:1f:1d:e4:6c:a4: 95:e6:0e:70:86:50:4b:af:08:c5:83:89:1d:c2:9d: cd:94:7f:ed:28:af:01:e4:2c:7c:cb:9b:de:bc:37: a9:5a:c3:3d:bb:f7:a2:39:e5:af:78:41:2e:a8:08: 80:bc:f3:d2:43:f8:43:72:89:37:5e:c9:d1:97:fa: e4:d7:c6:2a:3d:c1:3e:0e:2e:98:3e:22:fc:33:57: f9:d7:05:21:4d:d8:d5:cf:1c:7b:9f:6c:a7:28:83: 9d:c9:ee:f0:ac:be:76:48:09:3c:e2:bb:f1:c1:68: a9:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:12:D8:37:B1:F0:E8:0F:EB:F2:3D:70:39:03:D1:72:BB:67:62:6B X509v3 Authority Key Identifier: keyid:23:55:9E:9A:71:57:E7:AE:7F:60:4C:42:88:37:29:2D:E0:33:09:A0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/I1WemnFX565_YExCiDcpLeAzCaA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I1WemnFX565_YExCiDcpLeAzCaA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BEA2A/3D350FD2025611EDA1322D5DC4F9AE02/I1WemnFX565_YExCiDcpLeAzCaA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:d4:a2:db:ac:1b:7f:6c:22:e3:7a:cf:73:43:2e:c7:08:7f: 72:89:dc:09:27:d7:c3:a2:da:4f:5f:27:60:0c:cb:5f:d2:a0: e9:2d:31:38:b5:1e:58:44:c0:93:12:f6:de:7f:8b:ac:78:d7: 3f:19:1d:3a:41:63:2f:82:6d:6e:af:d7:67:19:62:bb:23:08: 83:eb:d2:26:77:d4:e0:20:a0:ff:c6:5f:c7:bf:1b:15:a9:f6: aa:54:1d:fe:a0:e1:44:70:41:37:fd:9f:b9:2f:98:bc:30:b0: a6:19:53:1e:dd:28:9b:6f:e8:43:53:a7:14:d9:7e:3d:15:01: 76:ef:2b:ea:07:f3:13:10:fe:4b:bc:44:7e:13:8c:f1:c6:b8: 07:07:fa:df:6f:21:01:8b:75:d7:d5:e4:b9:8a:e0:da:22:f2: d8:28:2c:a3:65:75:ff:eb:dd:3f:3a:58:cc:c5:c6:b1:10:43: ce:84:11:d6:b9:3b:6b:0a:1a:ba:88:ad:8b:c7:52:7f:ef:e5: 1c:e2:4f:95:ed:08:7b:8b:27:83:94:09:94:06:22:06:b2:22: 5d:b3:58:ba:48:b8:12:7b:20:99:e4:9e:cb:88:8d:43:57:a1: 38:33:22:e5:8a:ed:96:c8:6d:df:1c:2d:15:30:a6:77:45:01: 84:24:c8:e3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAoowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkVBMkExMTAvBgNVBAUTKDIzNTU5RTlBNzE1N0U3QUU3RjYwNEM0Mjg4MzcyOTJE RTAzMzA5QTAwHhcNMjUwNDI1MDEyMjEyWhcNMjUwNTAyMDEyMjEyWjAYMRYwFAYD VQQDEw02ODBhZTNjNC1lZDIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxfVFBKlt/dQxiF7GbJiumEczTuOfIAjZE5eZbKwd9lsf/nsKYCwbBAQ+Uv9I vF94NLh87kb9WPuI0OyFU3UOXWZjxx5GL0S3o3c9seKusJfx+W2L9AwTzE+etJv0 fMkgjQGAzTgR8oz7Ehj1hoi3iaUBXb3YqeU2GGJEZOoNNC453f53NuKrna1Y/X+5 jotmHx3kbKSV5g5whlBLrwjFg4kdwp3NlH/tKK8B5Cx8y5vevDepWsM9u/eiOeWv eEEuqAiAvPPSQ/hDcok3XsnRl/rk18YqPcE+Di6YPiL8M1f51wUhTdjVzxx7n2yn KIOdye7wrL52SAk84rvxwWip+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHAS2Dex 8OgP6/I9cDkD0XK7Z2JrMB8GA1UdIwQYMBaAFCNVnppxV+euf2BMQog3KS3gMwmg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRUEyQS8zRDM1MEZEMjAy NTYxMUVEQTEzMjJENURDNEY5QUUwMi9JMVdlbW5GWDU2NV9ZRXhDaURjcExlQXpD YUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0kxV2VtbkZYNTY1X1lFeENpRGNwTGVBekNhQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RUEyQS8zRDM1MEZEMjAyNTYxMUVEQTEzMjJENURDNEY5QUUwMi9JMVdlbW5GWDU2 NV9ZRXhDaURjcExlQXpDYUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBs1KLbrBt/bCLjes9zQy7HCH9yidwJJ9fDotpPXydgDMtf0qDpLTE4 tR5YRMCTEvbef4useNc/GR06QWMvgm1ur9dnGWK7IwiD69Imd9TgIKD/xl/HvxsV qfaqVB3+oOFEcEE3/Z+5L5i8MLCmGVMe3Sibb+hDU6cU2X49FQF27yvqB/MTEP5L vER+E4zxxrgHB/rfbyEBi3XX1eS5iuDaIvLYKCyjZXX/690/OljMxcaxEEPOhBHW uTtrChq6iK2Lx1J/7+Uc4k+V7Qh7iyeDlAmUBiIGsiJds1i6SLgSeyCZ5J7LiI1D V6E4MyLliu2WyG3fHC0VMKZ3RQGEJMjj -----END CERTIFICATE-----Generated at Sat Apr 26 04:18:58 2025 by rpki-client