$ rpki-client -vvf rpki.apnic.net/member_repository/A91F6E7D/1759E4C8838111EAACB9BC30C4F9AE02/Bt9S0pFQPQ4rEXLThcKxh3lMecc.mft File: Bt9S0pFQPQ4rEXLThcKxh3lMecc.mft (raw, json) Hash identifier: jIFvpV9cmtp0E6BBBFUD67/vhs4UMIdU+FhYkhFl89M= Subject key identifier: 5F:37:12:88:81:D6:22:13:BF:75:3D:B4:5F:74:6F:0C:39:96:F9:6E Authority key identifier: 06:DF:52:D2:91:50:3D:0E:2B:11:72:D3:85:C2:B1:87:79:4C:79:C7 Certificate issuer: /CN=A91F6E7D/serialNumber=06DF52D291503D0E2B1172D385C2B187794C79C7 Certificate serial: 09AC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Bt9S0pFQPQ4rEXLThcKxh3lMecc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F6E7D/1759E4C8838111EAACB9BC30C4F9AE02/Bt9S0pFQPQ4rEXLThcKxh3lMecc.mft Manifest number: 09A5 Signing time: Thu 24 Apr 2025 19:55:03 +0000 Manifest this update: Thu 24 Apr 2025 19:55:03 +0000 Manifest next update: Thu 01 May 2025 19:55:03 +0000 Files and hashes: 1: Bt9S0pFQPQ4rEXLThcKxh3lMecc.crl (hash: je1S57RYyku3wJM3COoLAnYS2jEl6B846gQKmzakOSk=) 2: 401EA996B5B511EABB640052C4F9AE02.roa (hash: rjAdNfdV9AdfawHfPlvLtufzt08XjVklPQmY9MfBrEE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F6E7D/1759E4C8838111EAACB9BC30C4F9AE02/Bt9S0pFQPQ4rEXLThcKxh3lMecc.crl rsync://rpki.apnic.net/member_repository/A91F6E7D/1759E4C8838111EAACB9BC30C4F9AE02/Bt9S0pFQPQ4rEXLThcKxh3lMecc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Bt9S0pFQPQ4rEXLThcKxh3lMecc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 01 May 2025 19:55:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2476 (0x9ac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F6E7D, serialNumber=06DF52D291503D0E2B1172D385C2B187794C79C7 Validity Not Before: Apr 24 19:55:03 2025 GMT Not After : May 1 19:55:03 2025 GMT Subject: CN=680a9717-5a33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:ba:5b:d6:81:10:46:15:f6:7a:4a:ff:9a:4b: 71:79:35:74:e7:e3:93:64:97:d9:12:0c:0d:de:a6: f0:7c:d3:17:5c:c6:28:03:f7:0e:96:b4:f8:c5:09: 12:9b:b3:b0:f7:f6:db:b4:7c:99:5c:fd:47:17:42: aa:3b:b9:9c:bb:48:47:bd:3a:6c:eb:87:b9:40:a2: 73:cb:2b:cb:3a:2d:92:db:cc:42:f7:6d:9c:6c:15: 3b:7f:5b:97:3f:02:5f:4a:a3:86:e4:fd:36:8e:bf: 5b:fd:31:9d:8c:65:29:f3:e6:c1:ec:b0:64:bb:44: 70:63:b6:1a:13:51:c4:de:de:78:a9:64:6b:f1:ca: d2:4d:3a:40:58:bc:1f:19:43:70:40:34:ac:d2:9b: 3d:5a:83:04:7c:ec:ba:35:84:94:89:fc:52:a4:e6: e9:24:12:17:a8:6a:75:82:13:20:bb:f9:2a:9e:6e: 23:7f:a6:91:7d:74:1d:57:3e:02:81:25:cd:ee:9c: 5f:f2:4f:bd:2a:2a:a9:5c:3c:88:a7:6e:6c:40:be: bc:ce:9e:3f:d6:d7:20:e7:de:1a:7f:7e:2b:e9:30: 9e:f1:e7:fe:87:3a:58:bc:1c:3b:8f:e1:2b:c6:6b: be:64:06:1e:eb:28:ea:20:96:3e:a1:26:d5:91:ae: 4d:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:37:12:88:81:D6:22:13:BF:75:3D:B4:5F:74:6F:0C:39:96:F9:6E X509v3 Authority Key Identifier: keyid:06:DF:52:D2:91:50:3D:0E:2B:11:72:D3:85:C2:B1:87:79:4C:79:C7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F6E7D/1759E4C8838111EAACB9BC30C4F9AE02/Bt9S0pFQPQ4rEXLThcKxh3lMecc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Bt9S0pFQPQ4rEXLThcKxh3lMecc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F6E7D/1759E4C8838111EAACB9BC30C4F9AE02/Bt9S0pFQPQ4rEXLThcKxh3lMecc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:30:e7:10:33:a8:c6:b0:e6:e2:23:de:f1:cc:a0:e1:55:85: f1:5a:da:90:40:42:b1:74:64:5c:33:41:78:52:41:98:d7:ce: 52:50:7a:e7:5a:c6:17:39:ca:ab:d1:6a:a9:27:b0:4a:cb:ab: 9d:1e:5e:1e:60:77:b1:cb:9f:ff:67:d8:c5:57:25:62:b9:aa: 07:36:b1:64:e9:9a:92:1e:62:9a:42:aa:ae:99:ed:88:5a:cc: b7:ff:54:4a:8c:31:b0:25:89:f2:3a:56:5e:bc:4f:be:12:7c: 86:af:b9:2c:ec:0b:e2:a8:f5:71:a6:9a:72:b5:10:6a:1a:22: a0:af:d9:c2:a5:d1:02:af:77:d5:f3:b7:b1:43:54:e5:d0:92: ad:db:ae:58:c1:8d:bb:70:60:d1:a7:51:38:de:49:37:79:ca: e1:46:2e:29:51:e3:e1:9b:a4:a8:22:02:f2:38:92:aa:73:7b: 74:1f:f0:fd:68:93:36:d0:d7:54:f2:93:83:e8:1a:d0:db:3b: cd:13:46:1d:96:60:c8:2f:64:81:8a:03:5a:00:ce:29:3e:bf: 7d:85:c6:7f:65:f4:3c:06:ac:a2:fc:e9:bd:6f:f3:55:08:7e: b5:18:0f:bf:0b:f9:90:32:5c:4c:0c:31:d7:35:f9:f9:68:f8: 81:b7:92:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCawwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjZFN0QxMTAvBgNVBAUTKDA2REY1MkQyOTE1MDNEMEUyQjExNzJEMzg1QzJCMTg3 Nzk0Qzc5QzcwHhcNMjUwNDI0MTk1NTAzWhcNMjUwNTAxMTk1NTAzWjAYMRYwFAYD VQQDEw02ODBhOTcxNy01YTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsrpb1oEQRhX2ekr/mktxeTV05+OTZJfZEgwN3qbwfNMXXMYoA/cOlrT4xQkS m7Ow9/bbtHyZXP1HF0KqO7mcu0hHvTps64e5QKJzyyvLOi2S28xC922cbBU7f1uX PwJfSqOG5P02jr9b/TGdjGUp8+bB7LBku0RwY7YaE1HE3t54qWRr8crSTTpAWLwf GUNwQDSs0ps9WoMEfOy6NYSUifxSpObpJBIXqGp1ghMgu/kqnm4jf6aRfXQdVz4C gSXN7pxf8k+9KiqpXDyIp25sQL68zp4/1tcg594af34r6TCe8ef+hzpYvBw7j+Er xmu+ZAYe6yjqIJY+oSbVka5NmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF83EoiB 1iITv3U9tF90bww5lvluMB8GA1UdIwQYMBaAFAbfUtKRUD0OKxFy04XCsYd5THnH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNkU3RC8xNzU5RTRDODgz ODExMUVBQUNCOUJDMzBDNEY5QUUwMi9CdDlTMHBGUVBRNHJFWExUaGNLeGgzbE1l Y2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0J0OVMwcEZRUFE0ckVYTFRoY0t4aDNsTWVjYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NkU3RC8xNzU5RTRDODgzODExMUVBQUNCOUJDMzBDNEY5QUUwMi9CdDlTMHBGUVBR NHJFWExUaGNLeGgzbE1lY2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBeMOcQM6jGsObiI97xzKDhVYXxWtqQQEKxdGRcM0F4UkGY185SUHrn WsYXOcqr0WqpJ7BKy6udHl4eYHexy5//Z9jFVyViuaoHNrFk6ZqSHmKaQqqume2I Wsy3/1RKjDGwJYnyOlZevE++EnyGr7ks7AviqPVxpppytRBqGiKgr9nCpdECr3fV 87exQ1Tl0JKt265YwY27cGDRp1E43kk3ecrhRi4pUePhm6SoIgLyOJKqc3t0H/D9 aJM20NdU8pOD6BrQ2zvNE0YdlmDIL2SBigNaAM4pPr99hcZ/ZfQ8Bqyi/Om9b/NV CH61GA+/C/mQMlxMDDHXNfn5aPiBt5K5 -----END CERTIFICATE-----Generated at Sat Apr 26 13:08:34 2025 by rpki-client