$ rpki-client -vvf rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft File: 5OTCQkd4XDQv81kH9-EcSrs5i4M.mft (raw, json) Hash identifier: wGvMW6Z+F23TKEN6Ny66al6fE3DgP9Pc+7EjMRAt1hE= Subject key identifier: 23:D2:10:54:AC:D2:D7:62:8B:D4:D2:F6:E5:8B:B8:BC:4D:60:86:79 Authority key identifier: E4:E4:C2:42:47:78:5C:34:2F:F3:59:07:F7:E1:1C:4A:BB:39:8B:83 Certificate issuer: /CN=A91E85F1/serialNumber=E4E4C24247785C342FF35907F7E11C4ABB398B83 Certificate serial: 15 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5OTCQkd4XDQv81kH9-EcSrs5i4M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft Manifest number: 12 Signing time: Fri 25 Apr 2025 07:04:25 +0000 Manifest this update: Fri 25 Apr 2025 07:04:25 +0000 Manifest next update: Fri 02 May 2025 07:04:25 +0000 Files and hashes: 1: 5OTCQkd4XDQv81kH9-EcSrs5i4M.crl (hash: egET1vTAWIWU9LQzRF4elumovzM5aMKcj+Jl2Gu2Sjc=) 2: 212E0B520DFE11F0B266963AC4F9AE02.roa (hash: 44vHU0H/9/bs4kOPReZOgC2D0Y7H1F8Nu3vr76cFkxs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.crl rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5OTCQkd4XDQv81kH9-EcSrs5i4M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 07:04:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21 (0x15) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E85F1, serialNumber=E4E4C24247785C342FF35907F7E11C4ABB398B83 Validity Not Before: Apr 25 07:04:25 2025 GMT Not After : May 2 07:04:25 2025 GMT Subject: CN=680b33f9-6806 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:90:03:8d:af:d9:1c:1b:77:27:90:c5:57:f0: e8:48:e5:40:d0:61:ba:07:a4:68:8e:2a:c8:f2:aa: 02:6f:91:84:15:7a:eb:c4:8b:77:04:70:2b:3b:84: 6b:18:61:38:db:22:98:e0:ad:38:a1:e7:7e:60:13: 5d:4c:14:a3:c2:5a:3c:00:46:84:42:6d:ab:d7:e9: 88:e4:6e:f7:bf:71:52:4b:68:57:0a:f8:24:2c:b9: 05:dc:ce:02:53:67:af:45:cd:2f:b4:3c:0d:ed:41: 60:dd:4d:22:e7:1f:07:c1:da:82:f9:d7:16:16:be: 71:4a:dd:62:53:a1:0e:0a:7f:c4:d8:bd:72:c5:75: fb:29:75:61:00:b7:d2:a0:4d:fb:b8:7b:31:88:34: 8c:e1:47:42:21:84:da:27:77:05:d8:99:1b:13:a1: 38:f0:51:93:55:80:83:3e:69:f2:03:47:28:cf:19: 84:0a:ef:69:23:c8:0e:ab:47:ac:db:11:d9:a4:1f: de:f8:14:30:d6:7c:6c:91:5c:3d:77:c0:8f:79:2e: ab:67:72:f9:14:32:85:ba:36:62:49:c8:3a:e0:33: 23:b3:aa:a3:d3:90:9e:ee:d0:6f:c8:64:df:05:b5: 6a:b0:8e:b1:fa:f9:8c:1d:99:a0:c6:ef:02:0f:a5: 4c:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:D2:10:54:AC:D2:D7:62:8B:D4:D2:F6:E5:8B:B8:BC:4D:60:86:79 X509v3 Authority Key Identifier: keyid:E4:E4:C2:42:47:78:5C:34:2F:F3:59:07:F7:E1:1C:4A:BB:39:8B:83 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5OTCQkd4XDQv81kH9-EcSrs5i4M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E85F1/6220633C0DFC11F0A1D98053C4F9AE02/5OTCQkd4XDQv81kH9-EcSrs5i4M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:07:76:e4:2d:82:4c:41:75:2d:d6:a6:13:2d:0a:5b:a1:7c: 4b:a2:8b:11:ed:28:3b:2b:c9:d5:29:cb:9d:82:7c:f8:26:e2: 45:ef:a1:e1:1c:2a:57:8f:70:90:9b:73:2f:f9:00:24:a3:61: 1a:8f:e3:4c:b4:65:4f:d9:31:27:ad:c5:3c:09:ec:98:f8:a4: d6:e8:7d:08:0e:72:f7:45:a6:13:b2:8e:13:a5:1c:ae:61:31: c6:33:2c:90:4c:52:50:6d:16:50:0a:ab:46:a1:ff:4a:e3:7e: 0c:b8:a5:06:68:6b:40:88:d3:d2:bf:90:22:bf:3e:d1:78:de: 86:f7:ba:c2:34:bb:87:7c:89:c0:59:87:66:8d:ce:4f:a0:3c: 1b:9e:0f:9b:45:13:19:55:4d:8c:68:4c:4b:fe:40:e0:05:58: 6b:2a:b2:ef:97:09:d6:d8:21:ec:1b:2f:af:90:10:34:8a:f9: 03:e8:b3:9e:b9:93:3f:78:f8:6f:52:9b:52:85:f3:ca:e9:49: 93:08:62:1e:b0:a2:bc:db:b2:2d:76:a5:38:bf:7a:15:e1:dc: c1:01:d6:a5:9b:9d:bb:20:ba:28:d6:57:53:9a:99:08:b1:e4: 26:ed:02:db:5c:1a:0d:67:dc:92:e9:73:2b:45:02:ac:2e:f0: 4f:03:52:7e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF ODVGMTExMC8GA1UEBRMoRTRFNEMyNDI0Nzc4NUMzNDJGRjM1OTA3RjdFMTFDNEFC QjM5OEI4MzAeFw0yNTA0MjUwNzA0MjVaFw0yNTA1MDIwNzA0MjVaMBgxFjAUBgNV BAMTDTY4MGIzM2Y5LTY4MDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDDkAONr9kcG3cnkMVX8OhI5UDQYboHpGiOKsjyqgJvkYQVeuvEi3cEcCs7hGsY YTjbIpjgrTih535gE11MFKPCWjwARoRCbavX6Yjkbve/cVJLaFcK+CQsuQXczgJT Z69FzS+0PA3tQWDdTSLnHwfB2oL51xYWvnFK3WJToQ4Kf8TYvXLFdfspdWEAt9Kg Tfu4ezGINIzhR0IhhNondwXYmRsToTjwUZNVgIM+afIDRyjPGYQK72kjyA6rR6zb EdmkH974FDDWfGyRXD13wI95LqtncvkUMoW6NmJJyDrgMyOzqqPTkJ7u0G/IZN8F tWqwjrH6+YwdmaDG7wIPpUylAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUI9IQVKzS 12KL1NL25Yu4vE1ghnkwHwYDVR0jBBgwFoAU5OTCQkd4XDQv81kH9+EcSrs5i4Mw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4NUYxLzYyMjA2MzNDMERG QzExRjBBMUQ5ODA1M0M0RjlBRTAyLzVPVENRa2Q0WERRdjgxa0g5LUVjU3JzNWk0 TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvNU9UQ1FrZDRYRFF2ODFrSDktRWNTcnM1aTRNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUU4 NUYxLzYyMjA2MzNDMERGQzExRjBBMUQ5ODA1M0M0RjlBRTAyLzVPVENRa2Q0WERR djgxa0g5LUVjU3JzNWk0TS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAwHduQtgkxBdS3WphMtCluhfEuiixHtKDsrydUpy52CfPgm4kXvoeEc KlePcJCbcy/5ACSjYRqP40y0ZU/ZMSetxTwJ7Jj4pNbofQgOcvdFphOyjhOlHK5h McYzLJBMUlBtFlAKq0ah/0rjfgy4pQZoa0CI09K/kCK/PtF43ob3usI0u4d8icBZ h2aNzk+gPBueD5tFExlVTYxoTEv+QOAFWGsqsu+XCdbYIewbL6+QEDSK+QPos565 kz94+G9Sm1KF88rpSZMIYh6worzbsi12pTi/ehXh3MEB1qWbnbsguijWV1OamQix 5CbtAttcGg1n3JLpcytFAqwu8E8DUn4= -----END CERTIFICATE-----Generated at Sat Apr 26 13:05:27 2025 by rpki-client