$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft File: raiu0ysVuH5hElLSnR4dW95YFkY.mft (raw, json) Hash identifier: Fby+/7K6tFOm5FgzJpzMX43d7SmazAPsUE5lH4bVprE= Subject key identifier: BA:BD:3A:00:F0:89:EF:18:88:6F:AF:E4:59:E5:7A:8C:72:90:1D:CA Authority key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 Certificate issuer: /CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Certificate serial: 3562 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft Manifest number: 34DE Signing time: Thu 24 Apr 2025 14:16:21 +0000 Manifest this update: Thu 24 Apr 2025 14:16:20 +0000 Manifest next update: Thu 01 May 2025 14:16:20 +0000 Files and hashes: 1: raiu0ysVuH5hElLSnR4dW95YFkY.crl (hash: /PeZcVHYkUldVbvu1mMyXdAkB67FbAUeW4Km0kfOTbU=) 2: C9B8A270483411ECA6C7C085C4F9AE02.roa (hash: nJvnNt0eJsmGuLUjItzV/NgJ7+2UZ1r5MhffEQ8w0sk=) 3: AF560BA2B1CC11EF80C4BE44C4F9AE02.roa (hash: JKOX2Bnk1obdJWD/11GK8Zj49w+PdYErgulVkpa2rdU=) 4: 7C836BA46C8E11EEA38B9554C4F9AE02.roa (hash: aQYfeFSthN9oof4UX3Yota3Vi8A1Xibnwm7ZRxMjljY=) 5: 539CC922366C11EEBEBBBE1DC4F9AE02.roa (hash: TrayTHMiKb+Dm5posHRv3ZfOvi01WiwhoUD8use0rkY=) 6: FC72B9529F0311EAB6B8EA87C4F9AE02.roa (hash: iJ1kB8ujNY3bRF9sFR+ioHj2q77p/d9prgJ8hOEg/Tw=) 7: E2446DD228AA11E79582F36BC4F9AE02.roa (hash: ZJSRmEu8ZSRqTlcPEDfX6hYX2fzOC+1QV4+V6A/VckU=) 8: 662A2F2286B411E6BAEB2614C4F9AE02.roa (hash: MRkFXSabw9acLO92YltXC7hoPQwJsDF6DX+Xsg12tnY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 14:16:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13666 (0x3562) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC5BE, serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Validity Not Before: Apr 24 14:16:20 2025 GMT Not After : May 1 14:16:20 2025 GMT Subject: CN=680a47b4-e2f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:37:5f:4b:df:93:bd:f3:ba:7d:f2:d4:ae:01: ff:41:56:c9:0f:f0:82:cb:ff:d6:fa:09:cd:93:3a: 6b:7b:8a:9b:a0:03:cc:fb:48:a6:9b:49:50:8d:f8: 7e:68:38:16:e2:6b:72:df:16:02:e3:6e:f0:a5:37: 95:22:a6:90:8c:9d:65:c5:30:11:f4:78:c2:67:db: 27:63:61:08:78:58:79:b7:16:8c:ee:28:df:82:8f: 53:ea:2e:97:05:e2:50:23:12:5a:61:38:f7:82:e5: 15:89:c9:31:41:e4:f1:5b:0d:47:2a:1a:39:0d:68: 12:53:6f:f7:f1:87:1f:b5:ca:c4:b6:b8:af:d5:4d: 7c:8b:cf:f9:87:b4:b2:5a:a2:51:2b:b0:b4:8b:9a: 8c:d7:c9:89:39:9f:a7:12:e1:9b:ec:8d:9a:b7:87: 67:9e:7e:90:b1:77:45:a0:69:3e:5c:9d:7a:84:be: 60:7c:77:76:bd:47:0c:7d:ea:41:d8:79:8a:15:bc: b8:51:95:63:32:cf:4e:52:dc:8d:cb:5c:02:b9:7b: 73:b0:b1:5b:20:2b:3e:9c:c6:c4:bc:9f:d0:fd:dc: 58:d7:4a:13:37:d9:23:cc:68:b9:24:f2:88:84:71: 04:74:ac:35:b8:4c:23:6a:ae:41:55:1f:4a:89:50: 49:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:BD:3A:00:F0:89:EF:18:88:6F:AF:E4:59:E5:7A:8C:72:90:1D:CA X509v3 Authority Key Identifier: keyid:AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:89:d0:e2:70:84:cc:db:50:a0:fa:d9:46:f1:b5:85:1a:b2: 99:55:9e:af:5c:3b:b0:b8:00:c1:3e:4e:13:75:b1:c1:00:38: 6e:2b:9a:7a:4f:55:ef:6a:3f:af:a7:c8:f8:c6:99:2f:8f:eb: f9:c1:56:c5:fc:63:36:5a:2c:51:02:bd:c5:78:00:01:40:d6: 77:dc:cb:26:75:86:69:4c:f2:c0:24:7b:db:21:b7:93:8a:fb: 44:c3:0e:1e:2a:0c:88:42:49:d2:ab:a9:dc:b8:52:45:a0:71: 19:a3:5c:95:f6:9e:4b:a3:7d:f8:99:d1:a3:79:ec:cc:ac:ae: 6e:23:83:46:c3:4a:5e:a3:d2:e7:58:b5:33:5b:c1:d1:70:29: 39:b3:af:52:09:51:9f:37:6b:78:e5:f6:9a:5b:e2:ab:a1:6a: 22:83:3d:75:0c:1f:c4:90:12:2b:54:7f:86:38:c2:b5:6f:1d: c7:4d:bf:b2:61:38:4a:d0:a6:ef:03:b7:ae:d0:f1:b0:ae:72: 48:34:23:36:ec:2e:f3:25:9c:f4:46:6f:91:dc:ff:8d:30:5a: 1d:a2:2f:f6:ef:f0:5d:2c:56:a8:c4:34:ea:25:0c:c9:a4:d8: d7:ea:dd:27:23:1a:03:98:3c:6a:77:8c:3d:ef:2f:05:ff:b0: 93:12:b5:8c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNWIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJEMjlEMUUxRDVC REU1ODE2NDYwHhcNMjUwNDI0MTQxNjIwWhcNMjUwNTAxMTQxNjIwWjAYMRYwFAYD VQQDEw02ODBhNDdiNC1lMmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzzdfS9+TvfO6ffLUrgH/QVbJD/CCy//W+gnNkzpre4qboAPM+0imm0lQjfh+ aDgW4mty3xYC427wpTeVIqaQjJ1lxTAR9HjCZ9snY2EIeFh5txaM7ijfgo9T6i6X BeJQIxJaYTj3guUVickxQeTxWw1HKho5DWgSU2/38YcftcrEtriv1U18i8/5h7Sy WqJRK7C0i5qM18mJOZ+nEuGb7I2at4dnnn6QsXdFoGk+XJ16hL5gfHd2vUcMfepB 2HmKFby4UZVjMs9OUtyNy1wCuXtzsLFbICs+nMbEvJ/Q/dxY10oTN9kjzGi5JPKI hHEEdKw1uEwjaq5BVR9KiVBJwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLq9OgDw ie8YiG+v5FnleoxykB3KMB8GA1UdIwQYMBaAFK2ortMrFbh+YRJS0p0eHVveWBZG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzVCRS9ENDAxNjE5QTFE NjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVINWhFbExTblI0ZFc5NVlG a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JhaXUweXNWdUg1aEVsTFNuUjRkVzk1WUZrWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzVCRS9ENDAxNjE5QTFENjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVI NWhFbExTblI0ZFc5NVlGa1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAtidDicITM21Cg+tlG8bWFGrKZVZ6vXDuwuADBPk4TdbHBADhuK5p6 T1Xvaj+vp8j4xpkvj+v5wVbF/GM2WixRAr3FeAABQNZ33MsmdYZpTPLAJHvbIbeT ivtEww4eKgyIQknSq6ncuFJFoHEZo1yV9p5Lo334mdGjeezMrK5uI4NGw0peo9Ln WLUzW8HRcCk5s69SCVGfN2t45faaW+KroWoigz11DB/EkBIrVH+GOMK1bx3HTb+y YThK0KbvA7eu0PGwrnJINCM27C7zJZz0Rm+R3P+NMFodoi/27/BdLFaoxDTqJQzJ pNjX6t0nIxoDmDxqd4w97y8F/7CTErWM -----END CERTIFICATE-----Generated at Sat Apr 26 15:19:12 2025 by rpki-client