$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft File: 5bsti54YaXwBWe2BMuXzS4axN7E.mft (raw, json) Hash identifier: m0IpHD1NzbCa+srGNwbxcc7P05I4nZxZAQL+IyvNaHM= Subject key identifier: 2A:3A:0F:47:58:9A:EC:EC:CD:94:A3:07:7B:D7:39:C7:E6:5A:24:12 Authority key identifier: E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 Certificate issuer: /CN=A91E0C2B/serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Certificate serial: 018E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft Manifest number: 018A Signing time: Fri 25 Apr 2025 02:44:08 +0000 Manifest this update: Fri 25 Apr 2025 02:44:07 +0000 Manifest next update: Fri 02 May 2025 02:44:07 +0000 Files and hashes: 1: 5bsti54YaXwBWe2BMuXzS4axN7E.crl (hash: 949+RANdCcm2CDuplPpDvG/7MBLsictgLFsrEj5C7lE=) 2: 12B9A5DECBC211EDB6F09516C4F9AE02.roa (hash: GC2+Qt2m2cOxU2MSwTfp+OhWSqEwAQ14izm/J1/ZU5o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 02:44:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 398 (0x18e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0C2B, serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Validity Not Before: Apr 25 02:44:07 2025 GMT Not After : May 2 02:44:07 2025 GMT Subject: CN=680af6f8-b91b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:4a:50:39:b7:e6:5d:c8:12:e6:e2:c9:e3:4c: 6e:34:f7:a5:55:36:cd:9a:e1:e7:b2:06:5c:4a:8b: 37:07:f0:7e:47:e0:e1:0d:7b:c0:1c:f9:1c:12:6d: 2c:4a:1c:54:83:a1:c1:bf:e8:0c:40:31:ab:de:23: 2e:af:e1:b3:e4:1c:ad:db:62:99:82:7b:4a:7d:24: 66:aa:5a:82:1d:db:3e:66:e2:54:27:c8:79:94:29: ba:49:88:7b:bf:f0:b7:1c:2d:1c:ab:46:18:f0:06: ef:4a:62:a1:b7:11:7a:a3:e2:29:13:40:bd:30:cf: 5f:10:94:b0:01:b9:11:0a:b0:04:c2:a4:c6:18:d1: b6:bb:15:c1:e1:8d:27:86:7d:92:cb:f7:05:4c:9c: e4:a0:ef:d7:cb:a3:0c:ab:da:c9:0b:3b:9e:a2:6a: 3f:af:b5:05:b4:f4:6e:ff:ca:d0:aa:d6:0d:d7:74: 9d:29:34:79:a6:f9:5b:3e:97:49:42:49:30:27:24: 22:59:59:28:af:b1:49:af:41:ed:41:a7:cd:a6:d1: 12:07:66:68:b1:f1:c0:11:55:34:71:a4:67:6c:dc: 0a:21:6a:e3:bf:ac:6b:a9:dc:7f:da:c9:c4:dc:ee: f4:2e:bb:2a:0a:19:a6:98:f0:b6:07:48:6f:0b:22: 63:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:3A:0F:47:58:9A:EC:EC:CD:94:A3:07:7B:D7:39:C7:E6:5A:24:12 X509v3 Authority Key Identifier: keyid:E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:d4:49:31:15:9f:6c:59:61:14:ac:a0:71:b4:e6:7b:96:05: 61:80:1b:f0:2c:db:84:b0:e6:0a:0c:7c:2c:fb:43:03:e7:fe: f1:70:42:73:d8:de:30:a0:60:03:82:57:aa:31:77:8e:ca:a7: 23:e8:08:15:5d:97:8f:92:c8:77:c7:d3:37:94:4a:51:4c:14: 1e:89:fb:0d:e8:cd:68:07:65:ad:06:07:78:5d:23:50:61:d4: 25:d8:55:b0:74:21:58:56:3f:e7:3d:30:3f:af:7c:c8:71:0b: 44:7c:6b:50:46:6d:a2:20:d4:7b:11:5b:da:b1:0c:a6:75:a9: 38:b3:34:9c:eb:3f:9d:1d:8c:fa:d5:e7:2c:e0:a6:3b:a3:fc: 7b:7d:48:48:0a:1b:6c:20:40:e7:e1:c6:2a:62:bb:ba:38:1f: b4:79:3e:b7:a6:a1:43:48:85:ef:1d:cc:78:90:33:42:bd:08: 1a:76:92:9e:07:57:65:c5:f8:98:b3:c3:e4:18:c1:62:3d:90: 79:c2:ba:3e:31:83:7f:e6:12:a9:a0:5a:28:e1:b8:73:67:88: 0b:56:69:f4:8b:ae:04:c5:fd:d4:1d:a2:aa:5d:83:2a:c2:2c: cb:5e:ad:d1:0c:b9:ab:f9:98:fd:59:61:42:59:9d:d8:38:ca: fc:46:ff:a0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAY4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTBDMkIxMTAvBgNVBAUTKEU1QkIyRDhCOUUxODY5N0MwMTU5RUQ4MTMyRTVGMzRC ODZCMTM3QjEwHhcNMjUwNDI1MDI0NDA3WhcNMjUwNTAyMDI0NDA3WjAYMRYwFAYD VQQDEw02ODBhZjZmOC1iOTFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuEpQObfmXcgS5uLJ40xuNPelVTbNmuHnsgZcSos3B/B+R+DhDXvAHPkcEm0s ShxUg6HBv+gMQDGr3iMur+Gz5Byt22KZgntKfSRmqlqCHds+ZuJUJ8h5lCm6SYh7 v/C3HC0cq0YY8AbvSmKhtxF6o+IpE0C9MM9fEJSwAbkRCrAEwqTGGNG2uxXB4Y0n hn2Sy/cFTJzkoO/Xy6MMq9rJCzueomo/r7UFtPRu/8rQqtYN13SdKTR5pvlbPpdJ QkkwJyQiWVkor7FJr0HtQafNptESB2ZosfHAEVU0caRnbNwKIWrjv6xrqdx/2snE 3O70LrsqChmmmPC2B0hvCyJjfwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCo6D0dY muzszZSjB3vXOcfmWiQSMB8GA1UdIwQYMBaAFOW7LYueGGl8AVntgTLl80uGsTex MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMEMyQi9EMjdFNkVEMENC OTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFYd0JXZTJCTXVYelM0YXhO N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVic3RpNTRZYVh3QldlMkJNdVh6UzRheE43RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MEMyQi9EMjdFNkVEMENCOTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFY d0JXZTJCTXVYelM0YXhON0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBD1EkxFZ9sWWEUrKBxtOZ7lgVhgBvwLNuEsOYKDHws+0MD5/7xcEJz 2N4woGADgleqMXeOyqcj6AgVXZePksh3x9M3lEpRTBQeifsN6M1oB2WtBgd4XSNQ YdQl2FWwdCFYVj/nPTA/r3zIcQtEfGtQRm2iINR7EVvasQymdak4szSc6z+dHYz6 1ecs4KY7o/x7fUhIChtsIEDn4cYqYru6OB+0eT63pqFDSIXvHcx4kDNCvQgadpKe B1dlxfiYs8PkGMFiPZB5wro+MYN/5hKpoFoo4bhzZ4gLVmn0i64Exf3UHaKqXYMq wizLXq3RDLmr+Zj9WWFCWZ3YOMr8Rv+g -----END CERTIFICATE-----Generated at Sat Apr 26 04:33:19 2025 by rpki-client