$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0D37/05EECD86535B11EE9BF20A6BC4F9AE02/5CANRK2dbstocvZTqVhD-yfYR6Q.mft File: 5CANRK2dbstocvZTqVhD-yfYR6Q.mft (raw, json) Hash identifier: TyjdeGn6ITP8LKWAdU2VaWuGjOpAfydk+XFNvRr60F8= Subject key identifier: A6:F8:A2:27:11:1E:AA:DA:28:40:B1:C5:B6:F9:A6:FA:F6:68:E2:3D Authority key identifier: E4:20:0D:44:AD:9D:6E:CB:68:72:F6:53:A9:58:43:FB:27:D8:47:A4 Certificate issuer: /CN=A91C0D37/serialNumber=E4200D44AD9D6ECB6872F653A95843FB27D847A4 Certificate serial: 0133 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5CANRK2dbstocvZTqVhD-yfYR6Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C0D37/05EECD86535B11EE9BF20A6BC4F9AE02/5CANRK2dbstocvZTqVhD-yfYR6Q.mft Manifest number: 012E Signing time: Mon 21 Apr 2025 03:28:40 +0000 Manifest this update: Mon 21 Apr 2025 03:28:39 +0000 Manifest next update: Mon 28 Apr 2025 03:28:39 +0000 Files and hashes: 1: 5CANRK2dbstocvZTqVhD-yfYR6Q.crl (hash: fYH+/AQ9Bh+lsP0HLTeYEXD9CzayKqYw9cuZjF79I1c=) 2: 0099AE56536911EE8594503BC4F9AE02.roa (hash: AOPC9WbNcZUf3rw4IBXy2gFnwozs8jTrPTS3eOn6dJw=) 3: C7C45DD643F611EF84151D6FC4F9AE02.roa (hash: SfS9ZnMJ4K7BL+m5tPbXXtGeAg5+tE+/js3vJ/6kex8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C0D37/05EECD86535B11EE9BF20A6BC4F9AE02/5CANRK2dbstocvZTqVhD-yfYR6Q.crl rsync://rpki.apnic.net/member_repository/A91C0D37/05EECD86535B11EE9BF20A6BC4F9AE02/5CANRK2dbstocvZTqVhD-yfYR6Q.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5CANRK2dbstocvZTqVhD-yfYR6Q.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 02:50:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 307 (0x133) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C0D37, serialNumber=E4200D44AD9D6ECB6872F653A95843FB27D847A4 Validity Not Before: Apr 21 03:28:39 2025 GMT Not After : Apr 28 03:28:39 2025 GMT Subject: CN=6805bb68-f310 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:eb:91:b7:39:ea:6b:c8:7e:f5:c0:ec:b3:09: 54:12:7c:78:a3:a2:8b:57:30:2d:0a:4f:d7:f7:f0: 76:88:90:0d:70:81:19:e6:65:48:52:9e:83:c8:73: c5:b3:9d:41:a7:80:4d:bb:26:4a:4b:61:d9:ad:36: 54:55:28:4d:3a:e0:0d:f4:a9:fa:d3:b8:7a:7e:99: 0b:c9:44:83:e7:d7:52:d0:42:f4:a0:7c:03:7d:0e: 8d:28:10:12:01:26:56:2c:5d:8c:ff:f9:f3:5f:39: 4e:36:29:c7:f4:9c:d4:db:c4:76:e5:52:fc:d9:ff: 34:b5:f9:0f:55:bb:2c:ac:0c:ca:2a:cc:e8:21:54: 86:d6:36:85:66:57:8d:f9:ae:db:1d:17:5e:4b:e7: cd:c9:ff:a0:54:a4:0d:ee:85:c7:1c:dd:d7:e0:8d: 04:98:14:2b:9c:20:c6:98:7d:ac:95:f9:dd:e5:be: ec:c1:94:58:15:57:c6:39:45:9e:24:90:c4:b0:ba: e2:de:0b:6c:46:7d:34:22:48:84:02:05:86:bd:5e: 32:f7:75:48:75:83:e5:e7:55:f0:d0:7d:b5:9a:8f: 2b:85:7c:fd:9a:90:6a:dd:91:61:d5:be:9f:a3:c5: bc:db:b4:e5:70:74:a0:9f:2b:d6:86:85:19:35:4b: 7c:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:F8:A2:27:11:1E:AA:DA:28:40:B1:C5:B6:F9:A6:FA:F6:68:E2:3D X509v3 Authority Key Identifier: keyid:E4:20:0D:44:AD:9D:6E:CB:68:72:F6:53:A9:58:43:FB:27:D8:47:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C0D37/05EECD86535B11EE9BF20A6BC4F9AE02/5CANRK2dbstocvZTqVhD-yfYR6Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5CANRK2dbstocvZTqVhD-yfYR6Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0D37/05EECD86535B11EE9BF20A6BC4F9AE02/5CANRK2dbstocvZTqVhD-yfYR6Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:e9:71:da:01:41:ab:97:29:2f:14:6e:e7:22:0e:8d:7d:13: ab:50:81:2b:8c:cb:d5:cb:8f:82:75:d0:76:f0:15:08:34:15: 4c:f5:74:54:75:db:cb:07:b4:07:60:be:15:7d:d8:38:d5:19: 8e:40:57:c5:3a:6d:9c:ad:7c:27:aa:fb:05:45:66:67:55:cf: a8:96:48:f4:71:31:af:66:6a:bb:a1:a3:91:8b:90:7e:e7:c4: 7b:a6:65:52:47:a8:3d:0e:af:58:9c:b7:c3:98:42:fd:3d:a6: 85:e6:af:5c:fb:76:83:6e:5d:82:bb:3b:3e:ba:48:41:c7:6b: af:b4:b0:8d:18:e5:b6:f3:98:c1:fe:9c:1d:dd:60:18:87:2e: 41:24:d1:50:62:e6:8b:3e:3c:cc:0a:e5:1f:97:8f:f1:ea:36: 9a:fb:0e:a4:e8:8c:9e:ad:68:b2:e4:df:77:32:48:60:8b:c1: 3e:67:bf:6a:f7:ec:ae:73:1b:54:d3:39:82:42:23:c4:fb:6d: f3:f7:56:c3:f3:d2:93:35:b7:2a:93:07:5d:07:84:df:7d:54: 49:fb:8c:86:18:e7:af:14:5d:21:8e:05:60:e5:61:9b:22:63: ea:be:e7:fe:1a:34:d4:d8:5f:08:ac:b3:29:ad:a0:11:e2:d6: 60:91:e5:6e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzBEMzcxMTAvBgNVBAUTKEU0MjAwRDQ0QUQ5RDZFQ0I2ODcyRjY1M0E5NTg0M0ZC MjdEODQ3QTQwHhcNMjUwNDIxMDMyODM5WhcNMjUwNDI4MDMyODM5WjAYMRYwFAYD VQQDEw02ODA1YmI2OC1mMzEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2OuRtznqa8h+9cDsswlUEnx4o6KLVzAtCk/X9/B2iJANcIEZ5mVIUp6DyHPF s51Bp4BNuyZKS2HZrTZUVShNOuAN9Kn607h6fpkLyUSD59dS0EL0oHwDfQ6NKBAS ASZWLF2M//nzXzlONinH9JzU28R25VL82f80tfkPVbssrAzKKszoIVSG1jaFZleN +a7bHRdeS+fNyf+gVKQN7oXHHN3X4I0EmBQrnCDGmH2slfnd5b7swZRYFVfGOUWe JJDEsLri3gtsRn00IkiEAgWGvV4y93VIdYPl51Xw0H21mo8rhXz9mpBq3ZFh1b6f o8W827TlcHSgnyvWhoUZNUt8cQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKb4oicR HqraKECxxbb5pvr2aOI9MB8GA1UdIwQYMBaAFOQgDUStnW7LaHL2U6lYQ/sn2Eek MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEQzNy8wNUVFQ0Q4NjUz NUIxMUVFOUJGMjBBNkJDNEY5QUUwMi81Q0FOUksyZGJzdG9jdlpUcVZoRC15ZllS NlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzVDQU5SSzJkYnN0b2N2WlRxVmhELXlmWVI2US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MEQzNy8wNUVFQ0Q4NjUzNUIxMUVFOUJGMjBBNkJDNEY5QUUwMi81Q0FOUksyZGJz dG9jdlpUcVZoRC15ZllSNlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAX6XHaAUGrlykvFG7nIg6NfROrUIErjMvVy4+CddB28BUINBVM9XRU ddvLB7QHYL4Vfdg41RmOQFfFOm2crXwnqvsFRWZnVc+olkj0cTGvZmq7oaORi5B+ 58R7pmVSR6g9Dq9YnLfDmEL9PaaF5q9c+3aDbl2Cuzs+ukhBx2uvtLCNGOW285jB /pwd3WAYhy5BJNFQYuaLPjzMCuUfl4/x6jaa+w6k6IyerWiy5N93Mkhgi8E+Z79q 9+yucxtU0zmCQiPE+23z91bD89KTNbcqkwddB4TffVRJ+4yGGOevFF0hjgVg5WGb ImPqvuf+GjTU2F8IrLMpraAR4tZgkeVu -----END CERTIFICATE-----Generated at Mon Apr 21 11:19:28 2025 by rpki-client