$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9CA8/2932C588E4FD11EFAC1CE67FC4F9AE02/5JdLhBatO5ndEfOwQFbwx5m3ocs.mft File: 5JdLhBatO5ndEfOwQFbwx5m3ocs.mft (raw, json) Hash identifier: sOXK5qA9PECFI29mwwOXNXCBNeHDKOngEFc/X/YHyZg= Subject key identifier: 85:EB:4A:9A:2A:73:C2:FC:90:27:26:81:0C:A9:EA:5F:04:01:E9:3F Authority key identifier: E4:97:4B:84:16:AD:3B:99:DD:11:F3:B0:40:56:F0:C7:99:B7:A1:CB Certificate issuer: /CN=A91D9CA8/serialNumber=E4974B8416AD3B99DD11F3B04056F0C799B7A1CB Certificate serial: 29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5JdLhBatO5ndEfOwQFbwx5m3ocs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9CA8/2932C588E4FD11EFAC1CE67FC4F9AE02/5JdLhBatO5ndEfOwQFbwx5m3ocs.mft Manifest number: 29 Signing time: Fri 25 Apr 2025 06:43:28 +0000 Manifest this update: Fri 25 Apr 2025 06:43:27 +0000 Manifest next update: Fri 02 May 2025 06:43:27 +0000 Files and hashes: 1: 5JdLhBatO5ndEfOwQFbwx5m3ocs.crl (hash: Zze83qgp7z/Zk1r2YaaEjzcnqou3bJBranqSJtnmXpI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9CA8/2932C588E4FD11EFAC1CE67FC4F9AE02/5JdLhBatO5ndEfOwQFbwx5m3ocs.crl rsync://rpki.apnic.net/member_repository/A91D9CA8/2932C588E4FD11EFAC1CE67FC4F9AE02/5JdLhBatO5ndEfOwQFbwx5m3ocs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5JdLhBatO5ndEfOwQFbwx5m3ocs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:43:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41 (0x29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9CA8, serialNumber=E4974B8416AD3B99DD11F3B04056F0C799B7A1CB Validity Not Before: Apr 25 06:43:27 2025 GMT Not After : May 2 06:43:27 2025 GMT Subject: CN=680b2f0f-c6d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:83:b5:13:87:32:8e:d2:28:3d:ed:9f:d7:d5: ce:af:d0:19:00:32:57:39:21:e9:c6:45:2e:1a:bb: f6:64:27:a3:60:cd:7b:61:48:5e:4b:3a:00:36:66: cd:11:72:27:65:48:7a:46:95:8f:5a:97:a8:20:41: 9b:60:35:71:1c:36:c6:80:22:f6:dc:b0:f5:1a:fb: fa:b2:6c:1d:08:ed:12:85:f5:d1:a9:a9:47:a1:fb: a2:eb:e5:dc:e3:5d:83:2a:4f:04:9d:3c:ea:4b:32: b7:26:71:6e:8a:ef:69:16:f0:b7:b8:29:c6:f0:80: f7:ce:e0:b3:db:b2:59:8c:1c:e3:73:a3:2c:cb:76: a4:ae:40:14:7e:03:ae:ce:89:cc:a9:e9:60:f8:85: 03:2b:bb:ad:a5:2a:c2:58:96:a6:50:52:a8:97:4f: 5a:cd:82:b6:94:e3:6c:fb:89:f5:0d:7f:bc:76:eb: 85:86:10:c5:91:97:e3:e1:99:0f:05:ea:14:93:31: 63:1f:c3:4f:87:81:86:8a:99:5e:10:ad:0b:89:0b: 41:81:eb:79:ce:2c:70:59:c5:d2:d4:00:46:87:23: 75:25:6a:af:58:56:7b:47:80:7e:43:b0:0a:b1:f6: 27:ce:42:5e:ed:50:ea:8c:91:4f:37:cd:aa:90:13: 59:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:EB:4A:9A:2A:73:C2:FC:90:27:26:81:0C:A9:EA:5F:04:01:E9:3F X509v3 Authority Key Identifier: keyid:E4:97:4B:84:16:AD:3B:99:DD:11:F3:B0:40:56:F0:C7:99:B7:A1:CB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/2932C588E4FD11EFAC1CE67FC4F9AE02/5JdLhBatO5ndEfOwQFbwx5m3ocs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5JdLhBatO5ndEfOwQFbwx5m3ocs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9CA8/2932C588E4FD11EFAC1CE67FC4F9AE02/5JdLhBatO5ndEfOwQFbwx5m3ocs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:94:b1:60:fe:02:34:e6:e6:7c:b6:11:a1:67:c6:9a:61:15: f2:a6:7d:14:6b:1a:fd:8a:59:8b:44:2d:81:6b:63:a4:84:f9: d2:9f:44:e6:3c:95:07:6b:7e:89:52:11:40:3f:1e:d1:00:26: 35:e2:5a:e7:6f:2e:ce:65:84:e0:12:4e:55:1a:5e:3e:51:66: 2b:c1:76:71:6d:90:88:a0:ed:fc:64:99:27:b8:25:0c:bd:05: 11:83:6d:59:84:30:c8:5d:14:e8:d0:ef:3d:92:9b:03:f1:35: 19:9f:82:4b:2b:bd:1b:41:22:4c:69:ba:51:35:9e:79:78:3d: 24:f8:95:a7:e6:76:a8:d1:3b:46:c8:b3:48:63:7f:cf:99:fa: 9b:dc:88:b0:11:43:02:fc:58:a2:20:48:bb:73:a8:2a:91:43: 0c:dd:96:46:d2:ce:40:7a:ea:d6:22:56:65:b3:8a:86:94:f2: df:56:00:51:d4:3c:25:d3:05:d8:b3:65:fb:3d:c4:f1:9f:01: 28:bf:7f:bf:7e:95:d9:c6:8b:7c:42:d0:c8:33:69:d5:d9:e9: 35:98:f8:3c:33:03:ce:5f:0a:1c:4c:af:23:c0:75:7f:9f:e1: 03:da:e7:0e:87:e6:70:c3:ab:c2:18:22:cd:29:56:da:52:c3: 17:93:05:80 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE OUNBODExMC8GA1UEBRMoRTQ5NzRCODQxNkFEM0I5OUREMTFGM0IwNDA1NkYwQzc5 OUI3QTFDQjAeFw0yNTA0MjUwNjQzMjdaFw0yNTA1MDIwNjQzMjdaMBgxFjAUBgNV BAMTDTY4MGIyZjBmLWM2ZDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDHg7UThzKO0ig97Z/X1c6v0BkAMlc5IenGRS4au/ZkJ6NgzXthSF5LOgA2Zs0R cidlSHpGlY9al6ggQZtgNXEcNsaAIvbcsPUa+/qybB0I7RKF9dGpqUeh+6Lr5dzj XYMqTwSdPOpLMrcmcW6K72kW8Le4KcbwgPfO4LPbslmMHONzoyzLdqSuQBR+A67O icyp6WD4hQMru62lKsJYlqZQUqiXT1rNgraU42z7ifUNf7x264WGEMWRl+PhmQ8F 6hSTMWMfw0+HgYaKmV4QrQuJC0GB63nOLHBZxdLUAEaHI3Ulaq9YVntHgH5DsAqx 9ifOQl7tUOqMkU83zaqQE1l/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUhetKmipz wvyQJyaBDKnqXwQB6T8wHwYDVR0jBBgwFoAU5JdLhBatO5ndEfOwQFbwx5m3ocsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5Q0E4LzI5MzJDNTg4RTRG RDExRUZBQzFDRTY3RkM0RjlBRTAyLzVKZExoQmF0TzVuZEVmT3dRRmJ3eDVtM29j cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNUpkTGhCYXRPNW5kRWZPd1FGYnd4NW0zb2NzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ5 Q0E4LzI5MzJDNTg4RTRGRDExRUZBQzFDRTY3RkM0RjlBRTAyLzVKZExoQmF0TzVu ZEVmT3dRRmJ3eDVtM29jcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAD6UsWD+AjTm5ny2EaFnxpphFfKmfRRrGv2KWYtELYFrY6SE+dKfROY8 lQdrfolSEUA/HtEAJjXiWudvLs5lhOASTlUaXj5RZivBdnFtkIig7fxkmSe4JQy9 BRGDbVmEMMhdFOjQ7z2SmwPxNRmfgksrvRtBIkxpulE1nnl4PST4lafmdqjRO0bI s0hjf8+Z+pvciLARQwL8WKIgSLtzqCqRQwzdlkbSzkB66tYiVmWzioaU8t9WAFHU PCXTBdizZfs9xPGfASi/f79+ldnGi3xC0MgzadXZ6TWY+DwzA85fChxMryPAdX+f 4QPa5w6H5nDDq8IYIs0pVtpSwxeTBYA= -----END CERTIFICATE-----Generated at Sat Apr 26 16:50:41 2025 by rpki-client