$ rpki-client -vvf rpki.apnic.net/member_repository/A91BFFBE/42159F5A9D0211EF99CC8609C4F9AE02/f5auCiLKk4vV-dmnMor1g2LrIsE.mft File: f5auCiLKk4vV-dmnMor1g2LrIsE.mft (raw, json) Hash identifier: /WE+i+2RSmUvcIer2++B1KZFW/Xeq65aYFLJNwhehvs= Subject key identifier: 1C:51:8F:CE:76:54:44:60:EC:88:C9:68:2D:79:35:DB:E8:CE:E8:1B Authority key identifier: 7F:96:AE:0A:22:CA:93:8B:D5:F9:D9:A7:32:8A:F5:83:62:EB:22:C1 Certificate issuer: /CN=A91BFFBE/serialNumber=7F96AE0A22CA938BD5F9D9A7328AF58362EB22C1 Certificate serial: 59 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f5auCiLKk4vV-dmnMor1g2LrIsE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BFFBE/42159F5A9D0211EF99CC8609C4F9AE02/f5auCiLKk4vV-dmnMor1g2LrIsE.mft Manifest number: 58 Signing time: Fri 25 Apr 2025 06:09:13 +0000 Manifest this update: Fri 25 Apr 2025 06:09:12 +0000 Manifest next update: Fri 02 May 2025 06:09:12 +0000 Files and hashes: 1: f5auCiLKk4vV-dmnMor1g2LrIsE.crl (hash: tVSISjo2Guzov0/+GtGBZXEt9LcumfyUch919LyW+zY=) 2: 4450DA2C9D0311EF877CD229C4F9AE02.roa (hash: buSMZTKEc3PdwiMwBtG/n0gmpQCMqdjfMf4AjKQfjyg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BFFBE/42159F5A9D0211EF99CC8609C4F9AE02/f5auCiLKk4vV-dmnMor1g2LrIsE.crl rsync://rpki.apnic.net/member_repository/A91BFFBE/42159F5A9D0211EF99CC8609C4F9AE02/f5auCiLKk4vV-dmnMor1g2LrIsE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f5auCiLKk4vV-dmnMor1g2LrIsE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:09:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 89 (0x59) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BFFBE, serialNumber=7F96AE0A22CA938BD5F9D9A7328AF58362EB22C1 Validity Not Before: Apr 25 06:09:12 2025 GMT Not After : May 2 06:09:12 2025 GMT Subject: CN=680b2708-bd2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:a4:0d:99:ed:60:f8:51:e5:e4:17:26:8e:ad: 1a:1b:77:b2:15:d3:be:1b:ec:21:9e:a7:ea:ae:d8: bc:75:72:e0:53:6f:e2:e4:70:af:ff:f8:01:6e:ef: 78:e0:33:de:9b:55:67:73:e7:8d:39:7a:98:36:6e: c0:6e:e8:c5:d3:63:30:ba:3f:74:d4:27:bd:ea:e7: 63:90:f7:d5:83:65:f2:4f:89:3d:3e:d8:4d:11:aa: 0f:09:df:50:d6:7e:f2:79:65:7a:65:14:f8:b9:4b: a8:be:3e:2d:93:13:5a:bf:d1:89:a9:1f:1d:7f:a4: c6:8f:ef:20:6b:c1:ec:da:dd:8f:f7:4a:c4:51:20: 44:a5:89:4f:a7:5c:72:2e:ee:4e:23:b7:6d:29:ab: 03:07:cb:6b:65:4f:61:3c:07:9c:7b:ea:e9:74:e2: b3:d6:af:bc:d3:a1:37:c8:44:8d:8f:61:b7:cc:59: 89:8e:32:71:46:04:41:18:dd:bb:6d:28:6c:e6:94: ea:0a:f6:31:44:a5:74:0d:07:41:4a:1c:45:5d:ab: ff:b6:c9:c5:4d:c6:ae:19:64:db:18:38:f8:e2:ba: 21:7f:c8:a8:6d:10:f2:bb:44:81:a8:ab:23:a2:d5: 7d:d9:ec:22:bb:6a:67:db:ff:64:bb:13:d4:c9:8c: 08:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:51:8F:CE:76:54:44:60:EC:88:C9:68:2D:79:35:DB:E8:CE:E8:1B X509v3 Authority Key Identifier: keyid:7F:96:AE:0A:22:CA:93:8B:D5:F9:D9:A7:32:8A:F5:83:62:EB:22:C1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BFFBE/42159F5A9D0211EF99CC8609C4F9AE02/f5auCiLKk4vV-dmnMor1g2LrIsE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f5auCiLKk4vV-dmnMor1g2LrIsE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BFFBE/42159F5A9D0211EF99CC8609C4F9AE02/f5auCiLKk4vV-dmnMor1g2LrIsE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:a0:7e:9d:9d:30:6e:e6:19:c6:db:20:f0:07:25:a4:c5:68: 7d:d0:99:8e:e9:18:26:33:5d:d8:fa:30:81:9d:47:01:5c:8f: b6:a5:a8:ad:e8:b1:dd:8e:0a:c6:98:12:f8:24:c7:00:42:ff: b8:38:ec:90:af:fa:59:53:7f:3f:9a:be:92:f4:2f:a3:15:e9: 01:36:f8:43:34:38:24:90:72:1b:31:de:14:58:86:fe:dc:6d: 6a:27:37:ca:3d:3a:41:1a:58:08:b9:ce:46:2a:7f:49:d0:05: fb:0e:ac:31:2c:c4:f5:d4:f9:68:5e:33:8b:b4:18:09:03:9f: 57:6f:f0:dd:fd:9e:1a:c7:bc:e8:28:d5:31:b5:ad:6e:c7:b4: 3e:81:82:db:49:0d:17:33:84:23:68:6e:f1:66:fb:d7:e2:f8: 31:99:8a:eb:51:1d:64:d3:31:7f:56:74:cc:68:20:31:4e:40: 43:e8:b5:65:72:46:60:e2:bb:85:ce:89:a7:de:06:f4:6a:9a: dc:df:5d:fa:c1:54:be:cb:2c:2a:21:a4:97:5d:94:7a:31:f3: 4d:b5:45:c8:2c:2c:3e:30:c3:4a:3b:51:ea:ea:05:bd:50:57: 17:55:0f:30:3c:82:39:43:87:9a:ac:be:43:89:d5:3b:32:0d: a6:77:c0:e6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC RkZCRTExMC8GA1UEBRMoN0Y5NkFFMEEyMkNBOTM4QkQ1RjlEOUE3MzI4QUY1ODM2 MkVCMjJDMTAeFw0yNTA0MjUwNjA5MTJaFw0yNTA1MDIwNjA5MTJaMBgxFjAUBgNV BAMTDTY4MGIyNzA4LWJkMmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDTpA2Z7WD4UeXkFyaOrRobd7IV074b7CGep+qu2Lx1cuBTb+LkcK//+AFu73jg M96bVWdz5405epg2bsBu6MXTYzC6P3TUJ73q52OQ99WDZfJPiT0+2E0Rqg8J31DW fvJ5ZXplFPi5S6i+Pi2TE1q/0YmpHx1/pMaP7yBrweza3Y/3SsRRIESliU+nXHIu 7k4jt20pqwMHy2tlT2E8B5x76ul04rPWr7zToTfIRI2PYbfMWYmOMnFGBEEY3btt KGzmlOoK9jFEpXQNB0FKHEVdq/+2ycVNxq4ZZNsYOPjiuiF/yKhtEPK7RIGoqyOi 1X3Z7CK7amfb/2S7E9TJjAgvAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUHFGPznZU RGDsiMloLXk12+jO6BswHwYDVR0jBBgwFoAUf5auCiLKk4vV+dmnMor1g2LrIsEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJGRkJFLzQyMTU5RjVBOUQw MjExRUY5OUNDODYwOUM0RjlBRTAyL2Y1YXVDaUxLazR2Vi1kbW5Nb3IxZzJMcklz RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvZjVhdUNpTEtrNHZWLWRtbk1vcjFnMkxySXNFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJG RkJFLzQyMTU5RjVBOUQwMjExRUY5OUNDODYwOUM0RjlBRTAyL2Y1YXVDaUxLazR2 Vi1kbW5Nb3IxZzJMcklzRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJigfp2dMG7mGcbbIPAHJaTFaH3QmY7pGCYzXdj6MIGdRwFcj7alqK3o sd2OCsaYEvgkxwBC/7g47JCv+llTfz+avpL0L6MV6QE2+EM0OCSQchsx3hRYhv7c bWonN8o9OkEaWAi5zkYqf0nQBfsOrDEsxPXU+WheM4u0GAkDn1dv8N39nhrHvOgo 1TG1rW7HtD6BgttJDRczhCNobvFm+9fi+DGZiutRHWTTMX9WdMxoIDFOQEPotWVy RmDiu4XOiafeBvRqmtzfXfrBVL7LLCohpJddlHox8021RcgsLD4ww0o7UerqBb1Q VxdVDzA8gjlDh5qsvkOJ1TsyDaZ3wOY= -----END CERTIFICATE-----Generated at Sat Apr 26 17:03:15 2025 by rpki-client