$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2F8C/5579B9B086E011EF9B6B177EC4F9AE02/AX2NuKeIdKsvmtl95Xr94b4WfUQ.mft File: AX2NuKeIdKsvmtl95Xr94b4WfUQ.mft (raw, json) Hash identifier: VfCEUO4wsHGIF9dvAGPiWcFC4YOIfneMHUzmY523i+g= Subject key identifier: D1:00:64:39:F7:35:2C:51:5A:5F:E9:E4:2B:5D:56:73:F6:41:DE:7B Authority key identifier: 01:7D:8D:B8:A7:88:74:AB:2F:9A:D9:7D:E5:7A:FD:E1:BE:16:7D:44 Certificate issuer: /CN=A91C2F8C/serialNumber=017D8DB8A78874AB2F9AD97DE57AFDE1BE167D44 Certificate serial: 68 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AX2NuKeIdKsvmtl95Xr94b4WfUQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C2F8C/5579B9B086E011EF9B6B177EC4F9AE02/AX2NuKeIdKsvmtl95Xr94b4WfUQ.mft Manifest number: 67 Signing time: Fri 25 Apr 2025 05:57:25 +0000 Manifest this update: Fri 25 Apr 2025 05:57:25 +0000 Manifest next update: Fri 02 May 2025 05:57:25 +0000 Files and hashes: 1: AX2NuKeIdKsvmtl95Xr94b4WfUQ.crl (hash: +CbU5dJPvJUF/LDlGhojetxmPZd+qSNVucDhveOib94=) 2: CEB2CA5686E011EF81BE1A7FC4F9AE02.roa (hash: 6Kn2Tc8nx8bkTt0Gnf962Qu64Px5Cncotr8SgT4Ke8I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C2F8C/5579B9B086E011EF9B6B177EC4F9AE02/AX2NuKeIdKsvmtl95Xr94b4WfUQ.crl rsync://rpki.apnic.net/member_repository/A91C2F8C/5579B9B086E011EF9B6B177EC4F9AE02/AX2NuKeIdKsvmtl95Xr94b4WfUQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AX2NuKeIdKsvmtl95Xr94b4WfUQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:57:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 104 (0x68) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C2F8C, serialNumber=017D8DB8A78874AB2F9AD97DE57AFDE1BE167D44 Validity Not Before: Apr 25 05:57:25 2025 GMT Not After : May 2 05:57:25 2025 GMT Subject: CN=680b2445-0d40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c2:0e:7c:8c:b8:0e:0d:b4:88:dd:b7:77:95: e9:b6:f1:df:87:27:d1:19:2e:6c:86:89:df:08:96: 55:04:ab:86:b9:49:fc:4b:0a:b0:93:63:63:9b:26: 47:59:48:9e:ec:00:66:87:e9:5c:c6:57:1e:9d:b2: 73:21:13:7a:42:01:ca:bb:79:a2:47:25:96:a2:a6: 22:77:69:a7:3d:c0:34:eb:7a:9e:7f:c2:a6:84:f1: cf:79:25:5a:b1:fe:68:0e:e9:d1:55:59:e1:4d:26: 68:27:66:f6:bf:b5:6c:62:90:81:a0:ee:af:92:3e: 47:1d:03:16:a8:99:0d:2b:7a:d2:ec:4c:70:2f:22: 6e:db:ed:a7:5d:8d:63:90:46:27:b0:51:c2:0a:5a: d7:56:3e:bb:42:d3:33:05:18:2a:cb:8f:e6:f9:55: b0:e0:91:11:bb:63:87:49:f6:f5:1c:22:cd:a0:8e: 03:2a:e1:cf:54:b1:e1:c1:8e:14:78:81:6a:d1:42: 24:78:7c:36:8e:82:26:b0:3e:42:d8:be:3e:70:ca: c8:24:5b:d8:c8:ee:38:38:c7:5d:c4:67:16:0c:31: 0c:1e:be:c9:98:69:22:81:9e:1e:ad:c8:5a:63:85: c9:fd:8f:79:46:07:6e:dc:e1:ef:fe:f8:ef:aa:92: 99:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:00:64:39:F7:35:2C:51:5A:5F:E9:E4:2B:5D:56:73:F6:41:DE:7B X509v3 Authority Key Identifier: keyid:01:7D:8D:B8:A7:88:74:AB:2F:9A:D9:7D:E5:7A:FD:E1:BE:16:7D:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C2F8C/5579B9B086E011EF9B6B177EC4F9AE02/AX2NuKeIdKsvmtl95Xr94b4WfUQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AX2NuKeIdKsvmtl95Xr94b4WfUQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2F8C/5579B9B086E011EF9B6B177EC4F9AE02/AX2NuKeIdKsvmtl95Xr94b4WfUQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:55:8f:5d:0a:01:08:77:89:37:95:db:ae:9d:67:03:f9:17: 75:26:37:74:41:50:70:f3:89:25:bb:d6:10:ca:ab:30:bf:9f: f1:0f:d0:15:0d:cb:a3:89:ba:90:34:cb:2c:60:29:82:ec:0f: 7b:a6:a0:13:16:72:e6:c0:8c:eb:c9:01:4f:c8:6a:aa:7e:93: 40:00:e4:26:32:f9:d1:63:18:1c:36:df:b0:bf:43:3f:57:bd: 4f:5b:b1:5f:33:1f:70:13:03:ea:ed:f1:40:6c:cc:1a:20:dd: 92:a4:17:71:32:16:e7:26:05:fb:8b:1c:55:91:26:ce:a8:37: ea:e3:f8:ee:a5:3f:b6:a1:5d:bf:22:b6:f2:80:35:65:c9:c8: 11:29:0d:70:8f:89:5a:77:cb:4f:d1:91:80:f7:52:05:d7:cf: 8b:07:a1:0e:f3:dd:b0:43:d0:6e:ea:f1:5e:78:72:2a:5d:99: 76:bb:ea:bb:1b:93:54:42:f2:fa:ef:ff:3a:0e:eb:1a:df:72: 0e:8d:7a:73:97:0f:c8:b8:75:5d:c9:7c:78:fe:6c:14:bf:84: a4:59:e7:61:aa:ca:54:cf:33:68:9c:50:e8:fe:91:12:79:49: b4:83:70:a4:81:e5:1a:14:6c:6f:bf:84:66:e8:8a:d6:d1:e1: 38:36:77:a8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBaDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD MkY4QzExMC8GA1UEBRMoMDE3RDhEQjhBNzg4NzRBQjJGOUFEOTdERTU3QUZERTFC RTE2N0Q0NDAeFw0yNTA0MjUwNTU3MjVaFw0yNTA1MDIwNTU3MjVaMBgxFjAUBgNV BAMTDTY4MGIyNDQ1LTBkNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDGwg58jLgODbSI3bd3lem28d+HJ9EZLmyGid8IllUEq4a5SfxLCrCTY2ObJkdZ SJ7sAGaH6VzGVx6dsnMhE3pCAcq7eaJHJZaipiJ3aac9wDTrep5/wqaE8c95JVqx /mgO6dFVWeFNJmgnZva/tWxikIGg7q+SPkcdAxaomQ0retLsTHAvIm7b7addjWOQ RiewUcIKWtdWPrtC0zMFGCrLj+b5VbDgkRG7Y4dJ9vUcIs2gjgMq4c9UseHBjhR4 gWrRQiR4fDaOgiawPkLYvj5wysgkW9jI7jg4x13EZxYMMQwevsmYaSKBnh6tyFpj hcn9j3lGB27c4e/++O+qkpmvAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU0QBkOfc1 LFFaX+nkK11Wc/ZB3nswHwYDVR0jBBgwFoAUAX2NuKeIdKsvmtl95Xr94b4WfUQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMyRjhDLzU1NzlCOUIwODZF MDExRUY5QjZCMTc3RUM0RjlBRTAyL0FYMk51S2VJZEtzdm10bDk1WHI5NGI0V2ZV US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvQVgyTnVLZUlkS3N2bXRsOTVYcjk0YjRXZlVRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMy RjhDLzU1NzlCOUIwODZFMDExRUY5QjZCMTc3RUM0RjlBRTAyL0FYMk51S2VJZEtz dm10bDk1WHI5NGI0V2ZVUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHdVj10KAQh3iTeV266dZwP5F3UmN3RBUHDziSW71hDKqzC/n/EP0BUN y6OJupA0yyxgKYLsD3umoBMWcubAjOvJAU/Iaqp+k0AA5CYy+dFjGBw237C/Qz9X vU9bsV8zH3ATA+rt8UBszBog3ZKkF3EyFucmBfuLHFWRJs6oN+rj+O6lP7ahXb8i tvKANWXJyBEpDXCPiVp3y0/RkYD3UgXXz4sHoQ7z3bBD0G7q8V54cipdmXa76rsb k1RC8vrv/zoO6xrfcg6NenOXD8i4dV3JfHj+bBS/hKRZ52GqylTPM2icUOj+kRJ5 SbSDcKSB5RoUbG+/hGboitbR4Tg2d6g= -----END CERTIFICATE-----Generated at Sat Apr 26 12:28:14 2025 by rpki-client