$ rpki-client -vvf rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.mft File: -W-uKIpkMK3M-V4OqJ8IW7boKdQ.mft (raw, json) Hash identifier: mHWArk8UYfldVSM0ly9BE7HgH8riMplKFMBqOVC4OI4= Subject key identifier: 43:EB:7A:6A:DB:78:A2:4B:75:2F:6C:AE:14:31:92:82:FC:75:AE:CF Authority key identifier: F9:6F:AE:28:8A:64:30:AD:CC:F9:5E:0E:A8:9F:08:5B:B6:E8:29:D4 Certificate issuer: /CN=A91E5490/serialNumber=F96FAE288A6430ADCCF95E0EA89F085BB6E829D4 Certificate serial: 04F0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.mft Manifest number: 04E6 Signing time: Thu 24 Apr 2025 23:32:42 +0000 Manifest this update: Thu 24 Apr 2025 23:32:42 +0000 Manifest next update: Thu 01 May 2025 23:32:42 +0000 Files and hashes: 1: -W-uKIpkMK3M-V4OqJ8IW7boKdQ.crl (hash: rc6wTkboEYXnaoY8nCZZg1GGaM+p219OzMX6DMgJfP4=) 2: 8608449A356511EC9715F015C4F9AE02.roa (hash: clmx/oQr73cJ/dvXJjULbQlKZ0MXrmzLfgGRONsfwYo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.crl rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 23:32:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1264 (0x4f0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E5490, serialNumber=F96FAE288A6430ADCCF95E0EA89F085BB6E829D4 Validity Not Before: Apr 24 23:32:42 2025 GMT Not After : May 1 23:32:42 2025 GMT Subject: CN=680aca1a-ef79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:5b:61:75:09:cd:74:a6:7f:b5:c0:4c:2a:92: 6d:58:ed:72:77:6e:ac:2e:13:6b:99:5a:8c:e1:e9: 21:bc:e3:50:5a:ce:d0:9a:ed:c7:cb:f8:f7:fb:fb: af:90:29:21:5d:a5:ac:17:64:ea:5c:0b:f0:ef:b6: 36:d0:6f:90:1e:da:e5:8d:5c:ae:bd:8a:af:2d:93: 92:14:e5:08:52:70:31:03:77:f9:1b:1e:51:c1:41: ff:43:fa:c0:a3:b7:bb:f5:c8:53:72:7a:cc:94:71: df:60:58:5d:e9:ea:6a:cb:7b:f7:2e:7d:28:c0:cc: 8f:bf:f2:ec:d2:e1:54:83:11:71:7e:e9:87:59:14: 60:60:14:aa:83:0c:c2:a4:7a:7f:3b:fe:01:c2:d6: dc:de:77:1d:b0:8f:4d:81:ac:48:64:18:6e:f0:d8: a2:c8:07:65:1a:e5:00:6c:f4:5b:22:c8:07:e0:d8: b7:a3:65:83:45:d2:4c:92:26:56:d0:a4:cb:97:eb: 1b:e7:1e:13:7d:26:b1:15:e6:0f:ea:d9:d4:2b:74: c8:91:85:d1:be:41:15:37:45:04:18:e6:be:27:32: 04:02:9b:88:7e:9b:ff:c5:5e:44:1c:84:1c:38:48: 02:67:0f:b8:f1:52:a2:50:7d:31:14:09:93:49:29: 62:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:EB:7A:6A:DB:78:A2:4B:75:2F:6C:AE:14:31:92:82:FC:75:AE:CF X509v3 Authority Key Identifier: keyid:F9:6F:AE:28:8A:64:30:AD:CC:F9:5E:0E:A8:9F:08:5B:B6:E8:29:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E5490/321F591E146211EC9868C246C4F9AE02/-W-uKIpkMK3M-V4OqJ8IW7boKdQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:03:d4:0d:e7:61:ff:13:5d:1c:b6:60:ed:a7:72:17:23:a1: 07:e5:95:3e:af:5b:71:d6:9b:de:e6:97:bb:33:0f:df:11:03: fc:db:e5:7f:c9:97:3b:85:35:3d:bc:7b:61:34:14:f7:68:32: 54:0f:5e:1e:55:e6:c8:15:8b:47:5b:83:45:3b:16:ba:0e:5b: 36:81:79:34:96:df:0b:0a:67:26:b6:55:d7:31:78:d4:37:26: 06:fa:bc:a0:32:8d:da:37:7d:ca:9f:7b:1f:70:99:eb:1e:c9: 33:3b:1b:5c:09:51:f6:ee:a9:06:7d:d4:8b:b9:9d:10:82:14: 94:e2:d7:f5:43:ef:1a:0c:08:6a:ea:1b:d1:02:34:e9:4e:3c: b8:92:bf:f6:6c:1d:a0:14:a5:97:e5:e9:97:f9:7f:11:24:48: a6:c9:4b:a7:7d:bf:29:ca:3f:c3:15:27:44:76:5c:ce:2d:bc: 80:e4:6e:8b:fc:fe:5d:88:5b:6d:2b:0a:1c:55:ed:d4:87:9e: 4d:f7:b5:f9:63:cd:be:6b:c4:5b:c8:a9:91:de:7b:2a:1d:1a: e3:15:a3:21:6a:b4:ef:06:83:18:32:21:aa:40:26:64:28:16: ba:f5:a7:15:2d:6c:07:f9:8b:4d:48:a0:22:d6:0f:e8:bc:c0: 3a:8c:e1:15 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBPAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTU0OTAxMTAvBgNVBAUTKEY5NkZBRTI4OEE2NDMwQURDQ0Y5NUUwRUE4OUYwODVC QjZFODI5RDQwHhcNMjUwNDI0MjMzMjQyWhcNMjUwNTAxMjMzMjQyWjAYMRYwFAYD VQQDEw02ODBhY2ExYS1lZjc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtlthdQnNdKZ/tcBMKpJtWO1yd26sLhNrmVqM4ekhvONQWs7Qmu3Hy/j3+/uv kCkhXaWsF2TqXAvw77Y20G+QHtrljVyuvYqvLZOSFOUIUnAxA3f5Gx5RwUH/Q/rA o7e79chTcnrMlHHfYFhd6epqy3v3Ln0owMyPv/Ls0uFUgxFxfumHWRRgYBSqgwzC pHp/O/4Bwtbc3ncdsI9NgaxIZBhu8NiiyAdlGuUAbPRbIsgH4Ni3o2WDRdJMkiZW 0KTLl+sb5x4TfSaxFeYP6tnUK3TIkYXRvkEVN0UEGOa+JzIEApuIfpv/xV5EHIQc OEgCZw+48VKiUH0xFAmTSSliowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEPremrb eKJLdS9srhQxkoL8da7PMB8GA1UdIwQYMBaAFPlvriiKZDCtzPleDqifCFu26CnU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTQ5MC8zMjFGNTkxRTE0 NjIxMUVDOTg2OEMyNDZDNEY5QUUwMi8tVy11S0lwa01LM00tVjRPcUo4SVc3Ym9L ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1XLXVLSXBrTUszTS1WNE9xSjhJVzdib0tkUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NTQ5MC8zMjFGNTkxRTE0NjIxMUVDOTg2OEMyNDZDNEY5QUUwMi8tVy11S0lwa01L M00tVjRPcUo4SVc3Ym9LZFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKA9QN52H/E10ctmDtp3IXI6EH5ZU+r1tx1pve5pe7Mw/fEQP82+V/ yZc7hTU9vHthNBT3aDJUD14eVebIFYtHW4NFOxa6Dls2gXk0lt8LCmcmtlXXMXjU NyYG+rygMo3aN33Kn3sfcJnrHskzOxtcCVH27qkGfdSLuZ0QghSU4tf1Q+8aDAhq 6hvRAjTpTjy4kr/2bB2gFKWX5emX+X8RJEimyUunfb8pyj/DFSdEdlzOLbyA5G6L /P5diFttKwocVe3Uh55N97X5Y82+a8RbyKmR3nsqHRrjFaMharTvBoMYMiGqQCZk KBa69acVLWwH+YtNSKAi1g/ovMA6jOEV -----END CERTIFICATE-----Generated at Sat Apr 26 04:33:20 2025 by rpki-client