$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC524/B5C2B7342C5711EEBB188629C4F9AE02/x52oqmnxJno4UemSoGnAL1DoArw.mft File: x52oqmnxJno4UemSoGnAL1DoArw.mft (raw, json) Hash identifier: h/gQmPtG/92xJEIo+aautXE+PU10dPRc/PtqUpH9tFc= Subject key identifier: DF:56:68:82:AA:DE:CC:95:13:74:F9:FE:10:41:A8:32:70:C0:61:7B Authority key identifier: C7:9D:A8:AA:69:F1:26:7A:38:51:E9:92:A0:69:C0:2F:50:E8:02:BC Certificate issuer: /CN=A91DC524/serialNumber=C79DA8AA69F1267A3851E992A069C02F50E802BC Certificate serial: 014C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x52oqmnxJno4UemSoGnAL1DoArw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC524/B5C2B7342C5711EEBB188629C4F9AE02/x52oqmnxJno4UemSoGnAL1DoArw.mft Manifest number: 0149 Signing time: Fri 25 Apr 2025 03:21:40 +0000 Manifest this update: Fri 25 Apr 2025 03:21:39 +0000 Manifest next update: Fri 02 May 2025 03:21:39 +0000 Files and hashes: 1: x52oqmnxJno4UemSoGnAL1DoArw.crl (hash: ChH255i3XpjIH0SLbQI3C7Jkv5cbyaCnnqx1L9fEGg4=) 2: 0D705F8A2C5911EEBB4C2C4BC4F9AE02.roa (hash: ljYZPmOEJ2gVmqt+FLp/8ARO8gytp4GPuoxvLwL03ls=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC524/B5C2B7342C5711EEBB188629C4F9AE02/x52oqmnxJno4UemSoGnAL1DoArw.crl rsync://rpki.apnic.net/member_repository/A91DC524/B5C2B7342C5711EEBB188629C4F9AE02/x52oqmnxJno4UemSoGnAL1DoArw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x52oqmnxJno4UemSoGnAL1DoArw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 03:21:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 332 (0x14c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC524, serialNumber=C79DA8AA69F1267A3851E992A069C02F50E802BC Validity Not Before: Apr 25 03:21:39 2025 GMT Not After : May 2 03:21:39 2025 GMT Subject: CN=680affc3-7414 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:5a:a1:dc:c4:8b:77:f6:11:91:94:fc:26:e2: ef:5d:a2:a4:89:72:2a:4d:56:12:a0:1a:34:f2:2d: 78:60:35:cf:d6:80:d6:48:ce:e2:bb:5a:4c:53:67: e6:7e:bd:77:9d:92:31:50:98:dd:9d:07:4f:db:bb: 4d:ab:bc:63:e0:b7:bb:83:ee:31:f9:40:65:d9:d4: e8:bc:d9:85:52:3d:2c:87:19:0e:b9:40:a6:57:24: 5d:a2:45:48:fc:00:9f:7c:d8:46:17:db:06:79:a9: 60:55:0c:f7:f7:cb:5b:22:7e:ed:d4:ae:c7:34:07: 27:49:9a:65:14:77:80:8d:c1:65:cc:9f:3d:13:0d: 76:43:21:95:1e:d3:a9:52:5f:78:bf:0e:4c:f8:b5: 53:ab:af:d0:c9:e0:45:64:16:29:37:3a:b7:fc:67: bb:87:61:b9:1b:3e:a0:87:c6:c9:e7:7c:9c:5b:72: 21:e0:7c:2c:6c:89:f3:b7:ee:11:96:a3:d4:dd:4f: 82:d3:ff:b4:89:28:f8:8c:44:dc:1c:47:3f:c8:a1: a2:37:47:3c:49:6a:a5:e4:7d:4f:c0:eb:05:d8:c2: b3:6a:2e:f9:b5:42:ed:e4:4a:0c:c3:67:1e:11:69: 1b:9d:4b:81:e8:cf:14:3e:f5:55:c7:fd:b1:7a:73: 74:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:56:68:82:AA:DE:CC:95:13:74:F9:FE:10:41:A8:32:70:C0:61:7B X509v3 Authority Key Identifier: keyid:C7:9D:A8:AA:69:F1:26:7A:38:51:E9:92:A0:69:C0:2F:50:E8:02:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC524/B5C2B7342C5711EEBB188629C4F9AE02/x52oqmnxJno4UemSoGnAL1DoArw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x52oqmnxJno4UemSoGnAL1DoArw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC524/B5C2B7342C5711EEBB188629C4F9AE02/x52oqmnxJno4UemSoGnAL1DoArw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:7a:0f:74:bb:d2:15:68:cf:a6:de:09:c4:f7:bc:df:5f:04: 75:46:02:61:f8:59:a2:f2:b2:07:24:4f:8b:cd:5b:05:43:90: 75:2d:d9:b2:05:42:3d:9f:9e:0c:94:30:a3:18:5a:13:05:5f: b0:d1:1f:0b:0c:04:0e:c8:f4:2e:0b:d7:e1:b2:72:29:9a:58: 96:de:07:28:ac:c9:60:7a:f4:6c:62:42:6c:91:e7:f5:1d:82: 66:4a:75:9d:03:9d:9d:bc:e1:48:4c:c2:b6:ba:e7:0a:74:66: be:66:38:b4:95:fb:01:06:94:d3:cd:b3:da:61:ae:57:c4:12: c3:11:3f:fb:a3:15:74:8e:5f:83:fb:c3:39:2c:ec:2e:c8:a7: e4:c8:8c:c0:47:c0:84:38:40:dd:14:f2:f5:37:1b:a0:78:55: 84:8c:91:99:a1:a8:02:db:f7:41:76:48:d6:c6:93:6d:d2:01: 6c:3d:88:fa:88:d3:f4:a8:57:88:b4:2a:43:9b:f9:dd:73:95: f4:5c:a1:2b:8a:94:3d:00:a7:b5:9f:71:e2:24:7c:66:89:80: 44:7e:5d:19:e8:c3:4a:34:59:e1:c3:b4:ee:a7:8b:94:bf:1d: b1:a6:5c:f8:c2:21:02:8d:74:8f:2e:51:3d:1e:fe:f5:76:3c: 24:d0:d7:a8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM1MjQxMTAvBgNVBAUTKEM3OURBOEFBNjlGMTI2N0EzODUxRTk5MkEwNjlDMDJG NTBFODAyQkMwHhcNMjUwNDI1MDMyMTM5WhcNMjUwNTAyMDMyMTM5WjAYMRYwFAYD VQQDEw02ODBhZmZjMy03NDE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtVqh3MSLd/YRkZT8JuLvXaKkiXIqTVYSoBo08i14YDXP1oDWSM7iu1pMU2fm fr13nZIxUJjdnQdP27tNq7xj4Le7g+4x+UBl2dTovNmFUj0shxkOuUCmVyRdokVI /ACffNhGF9sGealgVQz398tbIn7t1K7HNAcnSZplFHeAjcFlzJ89Ew12QyGVHtOp Ul94vw5M+LVTq6/QyeBFZBYpNzq3/Ge7h2G5Gz6gh8bJ53ycW3Ih4HwsbInzt+4R lqPU3U+C0/+0iSj4jETcHEc/yKGiN0c8SWql5H1PwOsF2MKzai75tULt5EoMw2ce EWkbnUuB6M8UPvVVx/2xenN0qQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN9WaIKq 3syVE3T5/hBBqDJwwGF7MB8GA1UdIwQYMBaAFMedqKpp8SZ6OFHpkqBpwC9Q6AK8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzUyNC9CNUMyQjczNDJD NTcxMUVFQkIxODg2MjlDNEY5QUUwMi94NTJvcW1ueEpubzRVZW1Tb0duQUwxRG9B cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3g1Mm9xbW54Sm5vNFVlbVNvR25BTDFEb0Fydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzUyNC9CNUMyQjczNDJDNTcxMUVFQkIxODg2MjlDNEY5QUUwMi94NTJvcW1ueEpu bzRVZW1Tb0duQUwxRG9BcncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWeg90u9IVaM+m3gnE97zfXwR1RgJh+Fmi8rIHJE+LzVsFQ5B1Ldmy BUI9n54MlDCjGFoTBV+w0R8LDAQOyPQuC9fhsnIpmliW3gcorMlgevRsYkJskef1 HYJmSnWdA52dvOFITMK2uucKdGa+Zji0lfsBBpTTzbPaYa5XxBLDET/7oxV0jl+D +8M5LOwuyKfkyIzAR8CEOEDdFPL1NxugeFWEjJGZoagC2/dBdkjWxpNt0gFsPYj6 iNP0qFeItCpDm/ndc5X0XKEripQ9AKe1n3HiJHxmiYBEfl0Z6MNKNFnhw7Tup4uU vx2xplz4wiECjXSPLlE9Hv71djwk0Neo -----END CERTIFICATE-----Generated at Sat Apr 26 03:42:20 2025 by rpki-client