$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft File: i0hqzK8SpnqVaI6NEb1ljAQcElo.mft (raw, json) Hash identifier: kE2KGjDXnSjCbqiIi9gh51J5XtjAKxmpODGWPKegV6k= Subject key identifier: B2:65:2C:C1:53:AA:A8:4A:35:DF:C6:E5:BF:6A:4D:6F:86:ED:2F:C2 Authority key identifier: 8B:48:6A:CC:AF:12:A6:7A:95:68:8E:8D:11:BD:65:8C:04:1C:12:5A Certificate issuer: /CN=A91DBA5B/serialNumber=8B486ACCAF12A67A95688E8D11BD658C041C125A Certificate serial: 76 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft Manifest number: 75 Signing time: Fri 25 Apr 2025 05:47:24 +0000 Manifest this update: Fri 25 Apr 2025 05:47:23 +0000 Manifest next update: Fri 02 May 2025 05:47:23 +0000 Files and hashes: 1: i0hqzK8SpnqVaI6NEb1ljAQcElo.crl (hash: rpxp94nrBXhANHppcDn0OjrBNM5y7xpKihu05UqntjM=) 2: F305F43270E711EF8573CF71C4F9AE02.roa (hash: aci5Spv/e6z609EwzRrCe3VebaHTH23V/kyd6t5TMtw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.crl rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 05:47:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 118 (0x76) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBA5B, serialNumber=8B486ACCAF12A67A95688E8D11BD658C041C125A Validity Not Before: Apr 25 05:47:23 2025 GMT Not After : May 2 05:47:23 2025 GMT Subject: CN=680b21eb-8855 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:db:4c:7f:dc:ec:a1:6a:d8:f4:bd:10:92:d0: 0b:68:c3:f3:ea:0b:7a:0a:f1:fc:66:ef:b5:82:90: c1:43:94:ed:ff:3a:e0:3c:c5:c6:db:34:22:75:05: 82:5e:13:af:de:6c:f8:68:5d:7c:1b:da:42:2a:1c: 58:50:22:45:4e:67:8a:83:7b:83:c1:be:13:0a:ef: 63:9f:51:1b:58:0f:5d:20:9d:e7:d0:e0:82:f1:73: a3:bb:53:b7:81:da:f2:76:6a:00:28:bf:c8:d4:e5: b0:84:e9:47:24:43:6c:8e:dd:15:68:ab:18:68:4a: 3e:00:43:d7:33:23:bf:bb:cc:82:0a:ab:52:11:0d: de:aa:d1:c6:98:57:07:90:ff:ef:5c:57:13:ea:ba: 40:7d:d7:9e:0e:4f:b5:cb:29:8d:09:d9:3b:07:41: 10:c3:79:7f:41:72:4b:e3:b1:af:e4:d0:1f:19:da: 56:f3:42:3f:ce:cd:d5:6e:8c:fd:fb:74:cf:37:57: 98:56:16:9d:33:4c:43:a5:22:22:42:78:23:99:b7: 80:74:12:2f:93:7c:f0:c1:51:f6:36:aa:33:26:e8: d2:a7:c7:c3:74:11:37:67:1b:a1:1d:0a:43:44:ef: ca:23:c1:2a:18:ce:81:f3:6e:08:e6:5b:18:db:62: fa:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:65:2C:C1:53:AA:A8:4A:35:DF:C6:E5:BF:6A:4D:6F:86:ED:2F:C2 X509v3 Authority Key Identifier: keyid:8B:48:6A:CC:AF:12:A6:7A:95:68:8E:8D:11:BD:65:8C:04:1C:12:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 62:d4:58:37:57:ee:b7:bf:06:59:a2:49:6c:96:52:d0:cf:ed: fa:e8:d3:96:23:d8:e7:f0:8a:82:9e:6d:e9:af:28:49:66:b3: 5e:9a:df:ef:e3:b6:da:8a:74:15:c6:e9:b8:93:5f:9f:c1:27: 05:5b:f2:44:92:bd:7c:0a:1b:f4:ff:8b:5b:8b:12:82:04:7c: fe:b7:7e:e5:73:1d:fb:c2:cf:b4:0a:92:12:e8:d5:84:b6:6e: ec:ee:68:7a:97:ee:0b:94:0e:43:4b:1f:4f:e7:d1:b7:4f:5d: 45:6a:da:a4:8b:3d:14:12:df:73:85:4a:ff:a3:07:eb:32:19: fa:ac:9d:b0:08:d9:31:d2:7e:f1:be:4b:03:f1:a9:4b:a1:65: 14:bd:e5:41:af:0e:89:58:92:fc:94:58:0f:24:72:2d:34:6a: 45:a5:b6:e0:c4:ee:53:5b:8e:3e:f6:be:26:8f:05:c2:63:8a: ad:62:67:10:91:1b:34:a3:6d:3d:d0:fa:36:dc:18:33:da:49: 87:bc:5f:a3:5d:7a:18:de:ed:ba:51:8d:a9:4e:66:81:50:d1: 46:c8:f1:72:e8:c6:ea:3f:ed:41:ef:02:98:0e:ba:15:61:90: 93:46:19:1e:ac:18:47:c2:85:2a:ae:1d:2b:1d:8e:a8:2a:05: 51:28:3a:87 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBdjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QkE1QjExMC8GA1UEBRMoOEI0ODZBQ0NBRjEyQTY3QTk1Njg4RThEMTFCRDY1OEMw NDFDMTI1QTAeFw0yNTA0MjUwNTQ3MjNaFw0yNTA1MDIwNTQ3MjNaMBgxFjAUBgNV BAMTDTY4MGIyMWViLTg4NTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCv20x/3Oyhatj0vRCS0Atow/PqC3oK8fxm77WCkMFDlO3/OuA8xcbbNCJ1BYJe E6/ebPhoXXwb2kIqHFhQIkVOZ4qDe4PBvhMK72OfURtYD10gnefQ4ILxc6O7U7eB 2vJ2agAov8jU5bCE6UckQ2yO3RVoqxhoSj4AQ9czI7+7zIIKq1IRDd6q0caYVweQ /+9cVxPqukB9154OT7XLKY0J2TsHQRDDeX9Bckvjsa/k0B8Z2lbzQj/OzdVujP37 dM83V5hWFp0zTEOlIiJCeCOZt4B0Ei+TfPDBUfY2qjMm6NKnx8N0ETdnG6EdCkNE 78ojwSoYzoHzbgjmWxjbYvrXAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUsmUswVOq qEo138blv2pNb4btL8IwHwYDVR0jBBgwFoAUi0hqzK8SpnqVaI6NEb1ljAQcElow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURCQTVCLzREN0NFNjZBNzBF NzExRUZCNDQ0QUY3MEM0RjlBRTAyL2kwaHF6SzhTcG5xVmFJNk5FYjFsakFRY0Vs by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvaTBocXpLOFNwbnFWYUk2TkViMWxqQVFjRWxvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURC QTVCLzREN0NFNjZBNzBFNzExRUZCNDQ0QUY3MEM0RjlBRTAyL2kwaHF6SzhTcG5x VmFJNk5FYjFsakFRY0Vsby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGLUWDdX7re/BlmiSWyWUtDP7fro05Yj2OfwioKebemvKElms16a3+/j ttqKdBXG6biTX5/BJwVb8kSSvXwKG/T/i1uLEoIEfP63fuVzHfvCz7QKkhLo1YS2 buzuaHqX7guUDkNLH0/n0bdPXUVq2qSLPRQS33OFSv+jB+syGfqsnbAI2THSfvG+ SwPxqUuhZRS95UGvDolYkvyUWA8kci00akWltuDE7lNbjj72viaPBcJjiq1iZxCR GzSjbT3Q+jbcGDPaSYe8X6Ndehje7bpRjalOZoFQ0UbI8XLoxuo/7UHvApgOuhVh kJNGGR6sGEfChSquHSsdjqgqBVEoOoc= -----END CERTIFICATE-----Generated at Sat Apr 26 16:40:00 2025 by rpki-client