$ rpki-client -vvf rpki.apnic.net/member_repository/A914A47A/4AF221DA1D9811E2AD2B398208B02CD2/5S1_f7qsH3Wv-nYu2z8oFgvPvSU.mft File: 5S1_f7qsH3Wv-nYu2z8oFgvPvSU.mft (raw, json) Hash identifier: mcaJvLfpqVn2sgM/BcS1TMYKOLqtWf6JMdJn9+1r3/4= Subject key identifier: 9F:AF:D0:E2:33:B4:F2:AB:55:53:81:56:5A:F3:1F:DB:61:0C:81:FA Authority key identifier: E5:2D:7F:7F:BA:AC:1F:75:AF:FA:76:2E:DB:3F:28:16:0B:CF:BD:25 Certificate issuer: /CN=A914A47A/serialNumber=E52D7F7FBAAC1F75AFFA762EDB3F28160BCFBD25 Certificate serial: 3477 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5S1_f7qsH3Wv-nYu2z8oFgvPvSU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914A47A/4AF221DA1D9811E2AD2B398208B02CD2/5S1_f7qsH3Wv-nYu2z8oFgvPvSU.mft Manifest number: 3472 Signing time: Sun 20 Apr 2025 14:52:18 +0000 Manifest this update: Sun 20 Apr 2025 14:52:17 +0000 Manifest next update: Sun 27 Apr 2025 14:52:17 +0000 Files and hashes: 1: 5S1_f7qsH3Wv-nYu2z8oFgvPvSU.crl (hash: 1nB03WKsx8qJCDyH4sqC5kpZg0nOitSbom1uYMneIWU=) 2: A5C01D6ED15511EA904EF30BC4F9AE02.roa (hash: g9pqUh5erEZO/WLay3//J8dkPYx1y9WBTENSIPISBog=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914A47A/4AF221DA1D9811E2AD2B398208B02CD2/5S1_f7qsH3Wv-nYu2z8oFgvPvSU.crl rsync://rpki.apnic.net/member_repository/A914A47A/4AF221DA1D9811E2AD2B398208B02CD2/5S1_f7qsH3Wv-nYu2z8oFgvPvSU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5S1_f7qsH3Wv-nYu2z8oFgvPvSU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Apr 2025 14:52:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13431 (0x3477) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914A47A, serialNumber=E52D7F7FBAAC1F75AFFA762EDB3F28160BCFBD25 Validity Not Before: Apr 20 14:52:17 2025 GMT Not After : Apr 27 14:52:17 2025 GMT Subject: CN=68050a22-f157 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:48:94:3e:fa:21:64:1c:5f:e3:8c:ac:39:73: 53:c4:f7:1f:e8:e9:06:17:da:22:65:e4:b0:3b:df: 3f:8d:7d:eb:74:98:d4:80:14:49:37:84:38:0f:12: 06:77:e3:cc:3b:43:9a:2e:ba:91:34:29:1a:bd:ae: 48:ee:fd:cf:cc:62:2a:6f:3e:21:95:8e:a5:5e:30: 18:eb:bf:85:da:07:31:5a:6a:09:5f:d9:dc:fe:fa: fe:8b:cf:6d:dd:d6:3a:7f:fc:c7:9c:a9:8b:35:9c: b5:15:55:59:98:89:97:f6:36:55:c3:b5:ec:04:17: a8:52:b0:50:fc:99:4d:95:9e:8b:c6:38:d9:ac:88: a0:30:8b:54:cf:7a:37:25:2d:11:32:08:d7:54:0b: a6:ef:64:0a:5e:ba:53:7e:9f:98:3f:d7:64:0d:06: c5:f9:e2:22:0e:93:89:15:fc:74:84:cb:d4:e3:e1: 06:a3:1e:54:09:2a:da:41:4d:b6:d9:86:08:eb:41: 9f:56:85:42:c6:de:c7:bd:fd:d4:c2:e2:fd:70:56: 14:9d:c7:fb:e1:ae:b6:ec:f1:c5:0e:4f:52:3d:8f: d6:9f:7f:bf:b7:a4:23:4e:e9:87:c1:c6:bb:b4:73: 46:12:c4:f5:3e:9d:02:92:1a:f6:8e:ff:18:fc:70: 5a:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:AF:D0:E2:33:B4:F2:AB:55:53:81:56:5A:F3:1F:DB:61:0C:81:FA X509v3 Authority Key Identifier: keyid:E5:2D:7F:7F:BA:AC:1F:75:AF:FA:76:2E:DB:3F:28:16:0B:CF:BD:25 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914A47A/4AF221DA1D9811E2AD2B398208B02CD2/5S1_f7qsH3Wv-nYu2z8oFgvPvSU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5S1_f7qsH3Wv-nYu2z8oFgvPvSU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914A47A/4AF221DA1D9811E2AD2B398208B02CD2/5S1_f7qsH3Wv-nYu2z8oFgvPvSU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:43:5e:47:41:4b:a1:ef:ba:71:5a:e0:9e:22:0e:cc:27:6b: e3:d9:3a:28:df:33:69:5d:cb:b3:d2:50:16:09:4b:fe:9d:b7: 05:c0:2d:cb:6a:ac:3b:4a:f5:95:f5:71:4e:cf:0e:20:f0:d2: a0:cf:63:86:47:d9:42:a3:9c:17:14:0d:bb:20:b4:6d:42:dc: 71:16:57:8d:36:d5:b0:5c:a6:96:33:cb:ae:d4:68:39:43:0a: f4:c4:0a:b7:5c:c3:95:e5:1f:f2:8a:79:29:d2:21:c3:e7:2c: f5:00:ab:b4:1b:1b:35:8d:74:46:0b:e6:ba:17:70:6f:17:a7: 3d:d0:1c:ec:b5:a1:10:7c:10:8b:ba:c8:05:72:c2:d0:88:3e: 46:9c:d6:4c:77:d9:57:b4:f3:7e:79:4b:3a:97:bc:72:a0:8e: 69:ee:a7:62:c5:93:6a:a5:51:fa:d8:4e:e2:2a:01:e0:3a:4e: af:0e:5b:3b:ea:b0:4a:17:b6:e3:e6:ae:0f:7b:62:80:88:c0: 36:8a:eb:8c:c5:ae:49:87:fd:ad:6f:e7:00:0b:76:e8:45:b1: 6d:3a:13:fa:19:a8:3c:54:e6:f4:05:f2:d1:e7:58:d7:5e:af: 3a:f5:fe:31:be:3d:c2:9b:53:75:e1:17:28:a7:74:ac:38:ed: 4a:98:8e:54 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNHcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEE0N0ExMTAvBgNVBAUTKEU1MkQ3RjdGQkFBQzFGNzVBRkZBNzYyRURCM0YyODE2 MEJDRkJEMjUwHhcNMjUwNDIwMTQ1MjE3WhcNMjUwNDI3MTQ1MjE3WjAYMRYwFAYD VQQDEw02ODA1MGEyMi1mMTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0UiUPvohZBxf44ysOXNTxPcf6OkGF9oiZeSwO98/jX3rdJjUgBRJN4Q4DxIG d+PMO0OaLrqRNCkava5I7v3PzGIqbz4hlY6lXjAY67+F2gcxWmoJX9nc/vr+i89t 3dY6f/zHnKmLNZy1FVVZmImX9jZVw7XsBBeoUrBQ/JlNlZ6LxjjZrIigMItUz3o3 JS0RMgjXVAum72QKXrpTfp+YP9dkDQbF+eIiDpOJFfx0hMvU4+EGox5UCSraQU22 2YYI60GfVoVCxt7Hvf3UwuL9cFYUncf74a627PHFDk9SPY/Wn3+/t6QjTumHwca7 tHNGEsT1Pp0Ckhr2jv8Y/HBacQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ+v0OIz tPKrVVOBVlrzH9thDIH6MB8GA1UdIwQYMBaAFOUtf3+6rB91r/p2Lts/KBYLz70l MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QTQ3QS80QUYyMjFEQTFE OTgxMUUyQUQyQjM5ODIwOEIwMkNEMi81UzFfZjdxc0gzV3Ytbll1Mno4b0ZndlB2 U1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVTMV9mN3FzSDNXdi1uWXUyejhvRmd2UHZTVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QTQ3QS80QUYyMjFEQTFEOTgxMUUyQUQyQjM5ODIwOEIwMkNEMi81UzFfZjdxc0gz V3Ytbll1Mno4b0ZndlB2U1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC6Q15HQUuh77pxWuCeIg7MJ2vj2Too3zNpXcuz0lAWCUv+nbcFwC3L aqw7SvWV9XFOzw4g8NKgz2OGR9lCo5wXFA27ILRtQtxxFleNNtWwXKaWM8uu1Gg5 Qwr0xAq3XMOV5R/yinkp0iHD5yz1AKu0Gxs1jXRGC+a6F3BvF6c90BzstaEQfBCL usgFcsLQiD5GnNZMd9lXtPN+eUs6l7xyoI5p7qdixZNqpVH62E7iKgHgOk6vDls7 6rBKF7bj5q4Pe2KAiMA2iuuMxa5Jh/2tb+cAC3boRbFtOhP6Gag8VOb0BfLR51jX Xq869f4xvj3Cm1N14Rcop3SsOO1KmI5U -----END CERTIFICATE-----Generated at Mon Apr 21 05:52:57 2025 by rpki-client