$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC524/B5C2B7342C5711EEBB188629C4F9AE02/x52oqmnxJno4UemSoGnAL1DoArw.mft File: x52oqmnxJno4UemSoGnAL1DoArw.mft (raw, json) Hash identifier: ket2dZ3NEWQbOjmvaa2vnjAy1SvHj6qFQPTYZnpafc4= Subject key identifier: 31:E8:92:B2:2B:41:15:F7:12:89:CB:8C:56:20:F5:BF:66:B7:39:21 Authority key identifier: C7:9D:A8:AA:69:F1:26:7A:38:51:E9:92:A0:69:C0:2F:50:E8:02:BC Certificate issuer: /CN=A91DC524/serialNumber=C79DA8AA69F1267A3851E992A069C02F50E802BC Certificate serial: 0145 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x52oqmnxJno4UemSoGnAL1DoArw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC524/B5C2B7342C5711EEBB188629C4F9AE02/x52oqmnxJno4UemSoGnAL1DoArw.mft Manifest number: 0142 Signing time: Fri 11 Apr 2025 03:36:10 +0000 Manifest this update: Fri 11 Apr 2025 03:36:10 +0000 Manifest next update: Fri 18 Apr 2025 03:36:10 +0000 Files and hashes: 1: x52oqmnxJno4UemSoGnAL1DoArw.crl (hash: 1RGhVyTR6gYJ8H12M2Yq6UbbM5jkuknRWhhbNBpRxNM=) 2: 0D705F8A2C5911EEBB4C2C4BC4F9AE02.roa (hash: ljYZPmOEJ2gVmqt+FLp/8ARO8gytp4GPuoxvLwL03ls=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC524/B5C2B7342C5711EEBB188629C4F9AE02/x52oqmnxJno4UemSoGnAL1DoArw.crl rsync://rpki.apnic.net/member_repository/A91DC524/B5C2B7342C5711EEBB188629C4F9AE02/x52oqmnxJno4UemSoGnAL1DoArw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x52oqmnxJno4UemSoGnAL1DoArw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 18 Apr 2025 03:36:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 325 (0x145) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC524, serialNumber=C79DA8AA69F1267A3851E992A069C02F50E802BC Validity Not Before: Apr 11 03:36:10 2025 GMT Not After : Apr 18 03:36:10 2025 GMT Subject: CN=67f88e2a-ef8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:14:b7:ed:07:cd:a7:a8:4d:55:4f:c5:7b:77: d0:af:e3:2e:c9:2f:44:ea:36:3c:02:6a:aa:71:e7: e8:89:64:6d:93:5d:77:be:14:6d:7e:a5:c8:75:e4: f0:8d:cb:f3:2c:b4:e8:de:bd:ed:1e:b1:6f:04:de: f2:fa:42:9e:d1:cd:7c:49:8d:96:38:70:d9:77:43: 62:2c:92:cb:bb:e8:d3:ca:4e:bb:b5:2a:44:41:4f: cd:c3:5d:50:78:62:d1:02:d6:d9:d9:1b:60:f7:11: b1:7f:be:fa:d6:61:e4:d3:0d:9f:64:20:dc:77:86: f0:f1:b7:36:aa:07:56:fb:70:ae:33:98:3a:e0:4b: cc:27:ba:7b:37:f9:9c:64:1d:6a:8c:f5:bf:47:09: 23:da:f6:cf:5f:e1:f0:2d:82:96:67:1a:b7:9f:74: 65:ff:53:80:c7:64:ae:4a:d3:65:6a:37:26:2d:71: 3f:12:ae:27:63:de:36:11:d3:33:58:ef:de:73:9b: 2c:11:4c:43:ec:40:d2:5f:09:a8:18:11:3e:fb:41: 40:45:23:21:3f:83:8f:a1:9b:bd:70:42:d2:59:83: 7d:ff:a2:c1:f5:e4:c7:44:b7:97:4f:6b:95:e9:62: 0e:9b:ac:78:c5:bb:26:f2:c8:87:52:bc:bb:7d:bc: 47:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:E8:92:B2:2B:41:15:F7:12:89:CB:8C:56:20:F5:BF:66:B7:39:21 X509v3 Authority Key Identifier: keyid:C7:9D:A8:AA:69:F1:26:7A:38:51:E9:92:A0:69:C0:2F:50:E8:02:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC524/B5C2B7342C5711EEBB188629C4F9AE02/x52oqmnxJno4UemSoGnAL1DoArw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x52oqmnxJno4UemSoGnAL1DoArw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC524/B5C2B7342C5711EEBB188629C4F9AE02/x52oqmnxJno4UemSoGnAL1DoArw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:36:23:b3:d3:d7:7c:a1:a3:65:09:2f:bc:cc:6d:c3:13:84: 21:a2:b6:a1:e6:3a:92:1f:8e:7e:96:e2:a2:9d:d5:d6:c7:62: c3:63:37:a1:b4:99:e0:1a:1e:34:4c:ba:6f:7f:b3:00:13:e5: e1:93:6c:02:f6:94:35:44:0e:bb:e3:a9:5e:69:2f:ba:93:4c: a5:d3:8c:bd:8d:f3:b2:42:82:d4:a8:9f:5c:2d:f1:3f:63:13: 61:93:b2:f4:12:5d:34:58:21:99:61:03:c3:62:29:d6:99:a1: 32:46:4a:81:8b:ee:e2:4c:55:b4:f5:dc:98:60:b5:17:e3:16: cd:13:86:35:46:c8:8b:3a:e2:1a:dd:4f:20:23:23:14:8e:f4: 2c:68:1e:0c:72:29:b0:e1:6e:19:91:6d:62:bb:a6:59:b2:3b: 38:a9:e9:f3:81:66:30:76:55:0b:f0:25:dc:60:c0:af:48:a5: c3:2d:32:13:19:02:9d:7f:a6:2f:7c:ff:50:7f:59:e8:a0:ed: 3a:3c:5e:ea:d3:a6:bd:dd:b4:12:b0:84:80:13:c2:18:a7:42: 6a:8c:4a:22:5d:2e:52:f1:df:7f:c8:cf:62:6b:0e:a4:dc:67: b8:af:63:d4:d5:33:fc:c4:c3:ff:a5:18:ba:41:1d:bf:a0:6f: e6:79:07:c3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM1MjQxMTAvBgNVBAUTKEM3OURBOEFBNjlGMTI2N0EzODUxRTk5MkEwNjlDMDJG NTBFODAyQkMwHhcNMjUwNDExMDMzNjEwWhcNMjUwNDE4MDMzNjEwWjAYMRYwFAYD VQQDEw02N2Y4OGUyYS1lZjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6xS37QfNp6hNVU/Fe3fQr+MuyS9E6jY8AmqqcefoiWRtk113vhRtfqXIdeTw jcvzLLTo3r3tHrFvBN7y+kKe0c18SY2WOHDZd0NiLJLLu+jTyk67tSpEQU/Nw11Q eGLRAtbZ2Rtg9xGxf7761mHk0w2fZCDcd4bw8bc2qgdW+3CuM5g64EvMJ7p7N/mc ZB1qjPW/Rwkj2vbPX+HwLYKWZxq3n3Rl/1OAx2SuStNlajcmLXE/Eq4nY942EdMz WO/ec5ssEUxD7EDSXwmoGBE++0FARSMhP4OPoZu9cELSWYN9/6LB9eTHRLeXT2uV 6WIOm6x4xbsm8siHUry7fbxHZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDHokrIr QRX3EonLjFYg9b9mtzkhMB8GA1UdIwQYMBaAFMedqKpp8SZ6OFHpkqBpwC9Q6AK8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzUyNC9CNUMyQjczNDJD NTcxMUVFQkIxODg2MjlDNEY5QUUwMi94NTJvcW1ueEpubzRVZW1Tb0duQUwxRG9B cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3g1Mm9xbW54Sm5vNFVlbVNvR25BTDFEb0Fydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzUyNC9CNUMyQjczNDJDNTcxMUVFQkIxODg2MjlDNEY5QUUwMi94NTJvcW1ueEpu bzRVZW1Tb0duQUwxRG9BcncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQARNiOz09d8oaNlCS+8zG3DE4Qhorah5jqSH45+luKindXWx2LDYzeh tJngGh40TLpvf7MAE+Xhk2wC9pQ1RA6746leaS+6k0yl04y9jfOyQoLUqJ9cLfE/ YxNhk7L0El00WCGZYQPDYinWmaEyRkqBi+7iTFW09dyYYLUX4xbNE4Y1RsiLOuIa 3U8gIyMUjvQsaB4Mcimw4W4ZkW1iu6ZZsjs4qenzgWYwdlUL8CXcYMCvSKXDLTIT GQKdf6YvfP9Qf1nooO06PF7q06a93bQSsISAE8IYp0JqjEoiXS5S8d9/yM9iaw6k 3Ge4r2PU1TP8xMP/pRi6QR2/oG/meQfD -----END CERTIFICATE-----Generated at Sat Apr 12 22:26:42 2025 by rpki-client