$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft File: IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft (raw, json) Hash identifier: etwJLB6/DB/mnRw0x+HpFPK09KCTn/nRYvMQ5xgfxUA= Subject key identifier: BC:71:DB:F2:A0:2F:38:76:FA:A8:17:E1:EA:B6:59:8F:3D:7F:3A:02 Authority key identifier: 21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA Certificate issuer: /CN=A91EA409/serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Certificate serial: 5D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft Manifest number: 5B Signing time: Fri 25 Apr 2025 06:08:38 +0000 Manifest this update: Fri 25 Apr 2025 06:08:38 +0000 Manifest next update: Fri 02 May 2025 06:08:38 +0000 Files and hashes: 1: IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl (hash: 21d979dG3dz83M9liGgGSBqy0xULCxvWRAKPJAzAosg=) 2: E9F177B89D9C11EFA9526A6CC4F9AE02.roa (hash: /L7H1H9bfON5bqOj4q1pWVjciM/BYtStadHGVAVA9LE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 02 May 2025 06:08:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 93 (0x5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA409, serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Validity Not Before: Apr 25 06:08:38 2025 GMT Not After : May 2 06:08:38 2025 GMT Subject: CN=680b26e6-dcd8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:f8:68:03:25:3f:0b:0f:8a:14:21:81:89:28: 83:34:e8:02:61:29:03:5e:89:f9:28:37:51:41:69: ae:39:e7:03:24:50:e5:8e:db:7a:54:35:2f:3f:a3: 46:61:3e:2e:62:eb:10:40:bd:a0:49:d1:da:67:4b: 98:09:43:b7:90:7b:72:fb:db:ff:77:67:85:f2:a3: fd:2c:e7:db:2c:ab:e7:00:3b:58:f8:18:66:09:f5: 27:31:c5:cc:f6:17:8b:60:28:21:6e:11:2c:5e:08: aa:1f:f6:d9:a7:63:5b:06:96:06:70:ea:8c:7f:de: c8:71:3c:63:60:f6:d7:69:98:64:46:04:0a:8a:43: 5d:31:e4:91:7a:90:c0:c7:d2:e1:0e:46:a3:fd:f5: 03:cf:96:40:64:4e:00:97:a5:3f:3b:72:69:06:09: 6d:51:ed:19:1c:48:9d:63:b6:f9:66:b4:c5:61:bc: 19:d6:51:97:9a:6d:85:b4:9d:25:87:8a:b5:e0:38: eb:d3:82:6a:c7:02:64:09:e4:55:d3:69:92:47:df: 7e:c3:dc:90:ba:4f:dd:ed:8a:78:14:1f:85:18:d2: ec:b5:8d:64:a4:ad:71:39:d0:d8:54:b2:34:ba:04: f5:b0:30:ff:4e:99:a8:01:bf:af:ff:c9:1f:19:29: 72:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:71:DB:F2:A0:2F:38:76:FA:A8:17:E1:EA:B6:59:8F:3D:7F:3A:02 X509v3 Authority Key Identifier: keyid:21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:8a:80:6f:e7:a4:c5:94:bd:b0:4c:f6:89:04:a5:07:00:d1: 69:79:c9:37:56:6d:2e:e9:10:69:1b:ce:3b:80:2d:3b:68:69: 1c:9e:7f:96:1e:bd:5a:35:a7:cb:09:e5:0d:ef:2d:74:5b:38: d8:a7:4f:b8:8c:88:4f:88:04:a1:8c:18:b4:08:b5:4a:bf:55: 87:38:59:b0:dc:46:db:aa:34:c0:49:b1:e7:7b:e4:fd:46:72: 04:21:fb:f4:a1:11:16:6b:95:09:f0:3b:d3:e5:f2:d1:9a:5a: 3c:44:1f:11:cc:70:f9:74:05:33:58:98:eb:1b:e2:4a:82:3b: c9:ab:8f:25:8b:f2:3b:17:83:79:cb:21:27:97:86:a8:d2:3e: 78:78:f6:37:e6:cd:d7:a2:ac:b3:9b:8a:d0:c0:00:49:45:a9: 6e:27:ee:68:2c:01:e6:a5:36:d0:16:5d:ea:ab:71:36:8e:7b: 34:47:6f:dc:d3:e4:72:e8:32:d9:0c:a0:14:1e:4f:4e:d0:dc: be:e3:fa:d2:a2:e8:34:17:e0:c6:b2:d0:61:de:ee:e6:09:90: e5:c4:dd:fe:94:c5:21:88:bd:d3:56:d0:80:b9:f8:e1:90:e9: 72:82:ae:a0:56:62:d7:45:d1:d2:ed:87:f0:29:ae:8c:c2:e7: 06:ad:8e:d2 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QTQwOTExMC8GA1UEBRMoMjE2NERENTlBNjE1RDVGMkUzMzkzRTcyMDk4QTczQUQ4 NjhFNzhEQTAeFw0yNTA0MjUwNjA4MzhaFw0yNTA1MDIwNjA4MzhaMBgxFjAUBgNV BAMTDTY4MGIyNmU2LWRjZDgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDE+GgDJT8LD4oUIYGJKIM06AJhKQNeifkoN1FBaa455wMkUOWO23pUNS8/o0Zh Pi5i6xBAvaBJ0dpnS5gJQ7eQe3L72/93Z4Xyo/0s59ssq+cAO1j4GGYJ9Scxxcz2 F4tgKCFuESxeCKof9tmnY1sGlgZw6ox/3shxPGNg9tdpmGRGBAqKQ10x5JF6kMDH 0uEORqP99QPPlkBkTgCXpT87cmkGCW1R7RkcSJ1jtvlmtMVhvBnWUZeabYW0nSWH irXgOOvTgmrHAmQJ5FXTaZJH337D3JC6T93tingUH4UY0uy1jWSkrXE50NhUsjS6 BPWwMP9OmagBv6//yR8ZKXLPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUvHHb8qAv OHb6qBfh6rZZjz1/OgIwHwYDVR0jBBgwFoAUIWTdWaYV1fLjOT5yCYpzrYaOeNow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBNDA5L0Y5NDRFM0NDOUNB QjExRUZBQjU5NTUxNkM0RjlBRTAyL0lXVGRXYVlWMWZMak9UNXlDWXB6cllhT2VO by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSVdUZFdhWVYxZkxqT1Q1eUNZcHpyWWFPZU5vLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVB NDA5L0Y5NDRFM0NDOUNBQjExRUZBQjU5NTUxNkM0RjlBRTAyL0lXVGRXYVlWMWZM ak9UNXlDWXB6cllhT2VOby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIiKgG/npMWUvbBM9okEpQcA0Wl5yTdWbS7pEGkbzjuALTtoaRyef5Ye vVo1p8sJ5Q3vLXRbONinT7iMiE+IBKGMGLQItUq/VYc4WbDcRtuqNMBJsed75P1G cgQh+/ShERZrlQnwO9Pl8tGaWjxEHxHMcPl0BTNYmOsb4kqCO8mrjyWL8jsXg3nL ISeXhqjSPnh49jfmzdeirLObitDAAElFqW4n7mgsAealNtAWXeqrcTaOezRHb9zT 5HLoMtkMoBQeT07Q3L7j+tKi6DQX4May0GHe7uYJkOXE3f6UxSGIvdNW0IC5+OGQ 6XKCrqBWYtdF0dLth/AprozC5watjtI= -----END CERTIFICATE-----Generated at Sat Apr 26 13:44:04 2025 by rpki-client