$ rpki-client -vvf rpki.apnic.net/member_repository/A91ADDD5/8B0D0FF2E3F811EB9E08DB14C4F9AE02/-xEsrVYxm_qsoasoznvX9MsmjOk.mft File: -xEsrVYxm_qsoasoznvX9MsmjOk.mft (raw, json) Hash identifier: lf5mqlJIQF9sOk3dWt4W5Ckm2guXIzvI3iOcMuN80BI= Subject key identifier: 8C:07:B1:25:DD:C7:B7:86:47:A0:17:BC:87:A3:FC:3D:90:C4:53:7D Authority key identifier: FB:11:2C:AD:56:31:9B:FA:AC:A1:AB:28:CE:7B:D7:F4:CB:26:8C:E9 Certificate issuer: /CN=A91ADDD5/serialNumber=FB112CAD56319BFAACA1AB28CE7BD7F4CB268CE9 Certificate serial: 055E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-xEsrVYxm_qsoasoznvX9MsmjOk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ADDD5/8B0D0FF2E3F811EB9E08DB14C4F9AE02/-xEsrVYxm_qsoasoznvX9MsmjOk.mft Manifest number: 0552 Signing time: Fri 28 Mar 2025 23:42:35 +0000 Manifest this update: Fri 28 Mar 2025 23:42:34 +0000 Manifest next update: Fri 04 Apr 2025 23:42:34 +0000 Files and hashes: 1: -xEsrVYxm_qsoasoznvX9MsmjOk.crl (hash: DbOZFXWFiA2wZ7MH77+Ok5xAbquathUfYIoztIf5F1E=) 2: ABCDCC4EE16711EEA88FAE64C4F9AE02.roa (hash: ufMyNaGjuZX/NIDCDapqBE7K0L5whHlFadMDreUuVQI=) 3: 128DFF02E14611EE80D6C425C4F9AE02.roa (hash: iCz1ketzxjoXfDIC5MMDi5PROHAwL63mxQQHk82Ic5M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ADDD5/8B0D0FF2E3F811EB9E08DB14C4F9AE02/-xEsrVYxm_qsoasoznvX9MsmjOk.crl rsync://rpki.apnic.net/member_repository/A91ADDD5/8B0D0FF2E3F811EB9E08DB14C4F9AE02/-xEsrVYxm_qsoasoznvX9MsmjOk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-xEsrVYxm_qsoasoznvX9MsmjOk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 04 Apr 2025 23:42:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1374 (0x55e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ADDD5 Validity Not Before: Mar 28 23:42:34 2025 GMT Not After : Apr 4 23:42:34 2025 GMT Subject: CN=67e733eb-83b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:28:8c:69:35:3b:91:4b:88:b9:96:ea:e4:c1: c7:03:dd:f4:93:bf:cd:5b:d4:f2:28:88:9d:2f:2a: 17:06:18:bf:04:4b:bf:ce:dd:2d:8b:f7:05:fc:c8: 1b:b4:66:83:7d:f7:4b:11:34:6b:82:9c:75:bb:ed: f4:a9:ad:c8:49:e9:aa:ad:14:7e:3a:e2:96:c5:d6: 88:44:78:e2:1b:f9:23:13:4d:5c:bc:ad:a6:5b:7f: 5e:0c:8e:19:fb:b7:a3:0c:20:91:aa:f0:34:92:d9: b9:20:9b:84:d0:84:a3:e6:e7:b4:0c:c2:55:d9:24: 3d:66:c1:06:1c:c8:74:0e:39:cd:4f:2c:41:82:f2: 7c:a4:9d:44:fa:2b:60:1f:da:ee:e1:54:05:d6:e3: 8b:f7:02:65:2e:30:f8:bf:8b:fb:e9:26:03:a7:5f: 0f:9e:ba:26:ff:9d:0b:04:eb:50:59:72:d6:f9:c2: 69:f5:65:dd:0b:18:fe:75:61:91:3e:eb:d9:4f:a8: 21:2c:c9:45:5e:10:d2:fd:d6:00:37:c3:3e:65:b2: 58:23:95:b4:ba:ec:d3:bf:bf:72:99:91:5a:7a:de: 66:8e:a2:67:9d:76:d8:5b:ca:5c:05:41:f4:24:d2: bc:47:d9:fe:b1:a9:7a:7c:22:1d:40:82:30:93:37: ac:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:07:B1:25:DD:C7:B7:86:47:A0:17:BC:87:A3:FC:3D:90:C4:53:7D X509v3 Authority Key Identifier: keyid:FB:11:2C:AD:56:31:9B:FA:AC:A1:AB:28:CE:7B:D7:F4:CB:26:8C:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ADDD5/8B0D0FF2E3F811EB9E08DB14C4F9AE02/-xEsrVYxm_qsoasoznvX9MsmjOk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-xEsrVYxm_qsoasoznvX9MsmjOk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ADDD5/8B0D0FF2E3F811EB9E08DB14C4F9AE02/-xEsrVYxm_qsoasoznvX9MsmjOk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:ba:ed:b4:40:16:51:e3:c8:03:5d:e6:f1:ad:dc:9f:83:74: 19:68:c5:7b:bb:20:46:0c:c9:c4:c1:a8:8d:9a:9d:72:a3:0e: 37:f5:fc:b4:13:b2:39:ef:40:1e:71:e1:1c:45:a6:47:a6:58: c3:74:7e:a7:61:cc:85:df:25:68:88:3e:5d:74:09:ed:b4:a5: 88:e2:41:e2:ff:0d:40:c6:7f:19:7f:5e:44:e7:5d:25:4e:fc: 1d:d7:60:83:73:f6:c7:ec:db:e2:6d:96:0e:05:3a:cf:2a:ab: 3a:35:80:68:58:e4:2d:31:27:90:46:73:4a:c6:b7:e5:d9:55: 65:69:e8:2a:d3:09:7b:5f:5f:e3:49:06:5c:89:4f:87:01:94: cb:12:7a:92:9d:ff:bd:d2:91:72:c3:f8:b9:20:45:61:13:fb: 66:83:8a:2e:27:84:ff:1b:b0:5d:5e:d2:b5:30:65:5d:e6:59: a4:b2:2f:8f:82:ff:40:ed:da:ac:48:b1:d8:99:4a:e2:f8:aa: ab:29:54:b8:a8:2a:ac:ae:b5:95:8f:61:ae:5b:1e:e6:6d:60: 52:0b:77:aa:80:3b:25:75:db:2c:b5:b9:3c:63:6c:29:e0:b6: 5e:2c:12:e8:1c:90:cb:cc:3e:ea:1e:0a:78:20:12:6e:5d:32: a2:dc:73:be -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBV4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QURERDUxMTAvBgNVBAUTKEZCMTEyQ0FENTYzMTlCRkFBQ0ExQUIyOENFN0JEN0Y0 Q0IyNjhDRTkwHhcNMjUwMzI4MjM0MjM0WhcNMjUwNDA0MjM0MjM0WjAYMRYwFAYD VQQDEw02N2U3MzNlYi04M2I4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoiiMaTU7kUuIuZbq5MHHA930k7/NW9TyKIidLyoXBhi/BEu/zt0ti/cF/Mgb tGaDffdLETRrgpx1u+30qa3ISemqrRR+OuKWxdaIRHjiG/kjE01cvK2mW39eDI4Z +7ejDCCRqvA0ktm5IJuE0ISj5ue0DMJV2SQ9ZsEGHMh0DjnNTyxBgvJ8pJ1E+itg H9ru4VQF1uOL9wJlLjD4v4v76SYDp18Pnrom/50LBOtQWXLW+cJp9WXdCxj+dWGR PuvZT6ghLMlFXhDS/dYAN8M+ZbJYI5W0uuzTv79ymZFaet5mjqJnnXbYW8pcBUH0 JNK8R9n+sal6fCIdQIIwkzesuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIwHsSXd x7eGR6AXvIej/D2QxFN9MB8GA1UdIwQYMBaAFPsRLK1WMZv6rKGrKM571/TLJozp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRERENS84QjBEMEZGMkUz RjgxMUVCOUUwOERCMTRDNEY5QUUwMi8teEVzclZZeG1fcXNvYXNvem52WDlNc21q T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy14RXNyVll4bV9xc29hc296bnZYOU1zbWpPay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RERENS84QjBEMEZGMkUzRjgxMUVCOUUwOERCMTRDNEY5QUUwMi8teEVzclZZeG1f cXNvYXNvem52WDlNc21qT2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAVuu20QBZR48gDXebxrdyfg3QZaMV7uyBGDMnEwaiNmp1yow439fy0 E7I570AeceEcRaZHpljDdH6nYcyF3yVoiD5ddAnttKWI4kHi/w1Axn8Zf15E510l Tvwd12CDc/bH7NvibZYOBTrPKqs6NYBoWOQtMSeQRnNKxrfl2VVlaegq0wl7X1/j SQZciU+HAZTLEnqSnf+90pFyw/i5IEVhE/tmg4ouJ4T/G7BdXtK1MGVd5lmksi+P gv9A7dqsSLHYmUri+KqrKVS4qCqsrrWVj2GuWx7mbWBSC3eqgDslddsstbk8Y2wp 4LZeLBLoHJDLzD7qHgp4IBJuXTKi3HO+ -----END CERTIFICATE-----Generated at Fri Apr 4 21:55:38 2025 by rpki-client