$ rpki-client -vvf rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.mft File: STM5VHszADpYWZg2-0yZ55RJzfI.mft (raw, json) Hash identifier: fvxy8qKt0KEEu6TKx6BJX0eMtkRyfVp52NXPr9xhDcA= Subject key identifier: EB:81:98:5B:D4:0A:C1:9E:74:49:6D:7C:CA:D5:3D:B4:F8:D5:2A:F2 Authority key identifier: 49:33:39:54:7B:33:00:3A:58:59:98:36:FB:4C:99:E7:94:49:CD:F2 Certificate issuer: /CN=A916B795/serialNumber=493339547B33003A58599836FB4C99E79449CDF2 Certificate serial: 0A90 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.mft Manifest number: 0A74 Signing time: Fri 18 Apr 2025 19:45:31 +0000 Manifest this update: Fri 18 Apr 2025 19:45:31 +0000 Manifest next update: Fri 25 Apr 2025 19:45:31 +0000 Files and hashes: 1: STM5VHszADpYWZg2-0yZ55RJzfI.crl (hash: WQbXhBSivA6tKOMzNM4gnWM+7PbWYMQDY396RsoEvj0=) 2: 28BBBAA2634211EABE282367C4F9AE02.roa (hash: 6594I8zep7LQa/TMRBKeHx0wDGtSmtz334l2zdXQB4A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.crl rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Apr 2025 19:45:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2704 (0xa90) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916B795, serialNumber=493339547B33003A58599836FB4C99E79449CDF2 Validity Not Before: Apr 18 19:45:31 2025 GMT Not After : Apr 25 19:45:31 2025 GMT Subject: CN=6802abdb-1bfd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:48:12:5d:52:ec:97:54:ee:d9:6d:81:0a:3a: 96:f2:70:63:48:7c:fc:ca:a7:9c:7a:db:23:4c:a8: 76:83:20:fc:7a:5c:89:b7:1e:af:07:d4:2f:93:c2: 01:3e:5c:c8:dc:7a:6f:07:51:53:64:36:8e:c3:20: 05:e2:a1:2e:2c:4a:01:28:4b:37:00:4b:7c:ca:42: e5:2f:11:d4:31:66:b5:86:20:5f:10:44:72:bd:53: f4:a7:99:23:5e:7a:2d:20:9e:18:2d:33:5a:7e:6c: 0a:a3:3c:6f:e2:b0:1a:26:df:9f:9b:d4:04:1d:ee: a3:63:aa:8e:ce:55:8a:fa:76:29:0a:52:d5:15:4e: f2:19:34:ab:4f:38:ff:34:98:2f:37:3c:77:e0:16: 62:d6:6d:0a:fa:72:c6:3e:ab:de:9b:23:5a:00:4d: 53:84:4e:75:41:5f:ee:24:a3:51:96:36:56:58:a5: 70:d9:63:ff:6e:0a:64:43:bb:07:fb:6d:d1:f9:a9: 75:c8:33:b6:42:87:45:cc:4b:9e:d9:eb:ce:cd:49: a1:02:4e:cc:6d:6c:94:dc:14:64:21:bd:b5:02:7b: 92:2d:ae:89:d5:16:26:c9:23:f4:f6:db:ed:f7:5a: 0f:07:f5:3d:cd:65:ec:43:a3:72:2b:18:75:a2:66: 05:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:81:98:5B:D4:0A:C1:9E:74:49:6D:7C:CA:D5:3D:B4:F8:D5:2A:F2 X509v3 Authority Key Identifier: keyid:49:33:39:54:7B:33:00:3A:58:59:98:36:FB:4C:99:E7:94:49:CD:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/STM5VHszADpYWZg2-0yZ55RJzfI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B795/BD032E04634011EAACCF0262C4F9AE02/STM5VHszADpYWZg2-0yZ55RJzfI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:79:16:38:81:d7:2e:85:24:40:8d:76:03:64:c0:b9:7b:97: 24:bf:c4:c8:1c:1d:4f:be:e0:74:a0:86:8e:ea:07:f8:57:05: f0:94:83:27:fb:a0:dd:bb:3b:d4:b3:cc:8d:30:dc:4a:1c:c5: c8:f0:33:82:0e:85:a4:1f:4c:c4:0e:d5:5b:f7:4a:2e:1f:7a: 92:41:e6:2f:f9:8a:9b:5a:5a:04:b6:c5:4e:7d:09:aa:33:63: 9b:c5:aa:e5:74:ed:65:5d:74:83:a9:2a:65:2b:8c:9f:74:ac: 25:57:3b:fc:3d:16:63:a8:d0:cf:dc:df:f0:ee:8d:00:d6:e0: b1:e9:d7:fc:87:b8:a9:de:bd:be:32:3f:b2:14:cb:17:df:87: 16:ca:39:15:4b:8b:1d:57:af:cf:17:bb:8e:f3:bb:a8:7b:5f: 82:b4:c4:b6:4c:38:ea:a6:c6:9d:5b:13:7a:2b:37:da:46:00: 5f:1b:b1:0c:2d:4a:43:c0:e0:43:06:de:34:5f:73:cc:68:3e: 2c:91:d6:31:4b:87:6c:a5:31:31:4f:53:2b:0f:3b:9d:a4:b4: a4:60:62:1a:e3:cb:e3:06:82:04:dc:23:c3:ea:6c:0d:68:02: a3:df:6b:43:38:9f:a3:a4:5f:47:7f:8f:4c:9c:70:87:89:43: aa:89:34:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCpAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkI3OTUxMTAvBgNVBAUTKDQ5MzMzOTU0N0IzMzAwM0E1ODU5OTgzNkZCNEM5OUU3 OTQ0OUNERjIwHhcNMjUwNDE4MTk0NTMxWhcNMjUwNDI1MTk0NTMxWjAYMRYwFAYD VQQDEw02ODAyYWJkYi0xYmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzEgSXVLsl1Tu2W2BCjqW8nBjSHz8yqecetsjTKh2gyD8elyJtx6vB9Qvk8IB PlzI3HpvB1FTZDaOwyAF4qEuLEoBKEs3AEt8ykLlLxHUMWa1hiBfEERyvVP0p5kj XnotIJ4YLTNafmwKozxv4rAaJt+fm9QEHe6jY6qOzlWK+nYpClLVFU7yGTSrTzj/ NJgvNzx34BZi1m0K+nLGPqvemyNaAE1ThE51QV/uJKNRljZWWKVw2WP/bgpkQ7sH +23R+al1yDO2QodFzEue2evOzUmhAk7MbWyU3BRkIb21AnuSLa6J1RYmySP09tvt 91oPB/U9zWXsQ6NyKxh1omYF2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOuBmFvU CsGedEltfMrVPbT41SryMB8GA1UdIwQYMBaAFEkzOVR7MwA6WFmYNvtMmeeUSc3y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2Qjc5NS9CRDAzMkUwNDYz NDAxMUVBQUNDRjAyNjJDNEY5QUUwMi9TVE01VkhzekFEcFlXWmcyLTB5WjU1Ukp6 ZkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1NUTTVWSHN6QURwWVdaZzItMHlaNTVSSnpmSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 Qjc5NS9CRDAzMkUwNDYzNDAxMUVBQUNDRjAyNjJDNEY5QUUwMi9TVE01VkhzekFE cFlXWmcyLTB5WjU1Ukp6ZkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBdeRY4gdcuhSRAjXYDZMC5e5ckv8TIHB1PvuB0oIaO6gf4VwXwlIMn +6DduzvUs8yNMNxKHMXI8DOCDoWkH0zEDtVb90ouH3qSQeYv+YqbWloEtsVOfQmq M2ObxarldO1lXXSDqSplK4yfdKwlVzv8PRZjqNDP3N/w7o0A1uCx6df8h7ip3r2+ Mj+yFMsX34cWyjkVS4sdV6/PF7uO87uoe1+CtMS2TDjqpsadWxN6KzfaRgBfG7EM LUpDwOBDBt40X3PMaD4skdYxS4dspTExT1MrDzudpLSkYGIa48vjBoIE3CPD6mwN aAKj32tDOJ+jpF9Hf49MnHCHiUOqiTSI -----END CERTIFICATE-----Generated at Sun Apr 20 19:28:45 2025 by rpki-client