$ rpki-client -vvf rpki.apnic.net/member_repository/A91F715C/5F0726384F3311EE966E0F72C4F9AE02/53Ey5P6tBO7U_pRtYHoNy1ekIGU.mft File: 53Ey5P6tBO7U_pRtYHoNy1ekIGU.mft (raw, json) Hash identifier: yrGktLEGrsVsoKmaN6vCM/jUz2Pe0w+h1vUmv3L9yaU= Subject key identifier: 89:CF:9B:BA:10:55:03:A0:D3:3A:41:44:0B:B0:81:E7:DF:38:BF:43 Authority key identifier: E7:71:32:E4:FE:AD:04:EE:D4:FE:94:6D:60:7A:0D:CB:57:A4:20:65 Certificate issuer: /CN=A91F715C/serialNumber=E77132E4FEAD04EED4FE946D607A0DCB57A42065 Certificate serial: 0153 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/53Ey5P6tBO7U_pRtYHoNy1ekIGU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F715C/5F0726384F3311EE966E0F72C4F9AE02/53Ey5P6tBO7U_pRtYHoNy1ekIGU.mft Manifest number: 0145 Signing time: Mon 21 Apr 2025 03:25:55 +0000 Manifest this update: Mon 21 Apr 2025 03:25:55 +0000 Manifest next update: Mon 28 Apr 2025 03:25:55 +0000 Files and hashes: 1: 53Ey5P6tBO7U_pRtYHoNy1ekIGU.crl (hash: kQQof8De0IerAi7sdwVr2WYkf9SAZ5HVSJyUnCzqhqo=) 2: 7A97D2F2174311EFAA4B5762C4F9AE02.roa (hash: qiuU93Lc7YatLMlsGPtovUfT87zuHB3bZX8CwFGs5GE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F715C/5F0726384F3311EE966E0F72C4F9AE02/53Ey5P6tBO7U_pRtYHoNy1ekIGU.crl rsync://rpki.apnic.net/member_repository/A91F715C/5F0726384F3311EE966E0F72C4F9AE02/53Ey5P6tBO7U_pRtYHoNy1ekIGU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/53Ey5P6tBO7U_pRtYHoNy1ekIGU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Apr 2025 03:25:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 339 (0x153) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F715C, serialNumber=E77132E4FEAD04EED4FE946D607A0DCB57A42065 Validity Not Before: Apr 21 03:25:55 2025 GMT Not After : Apr 28 03:25:55 2025 GMT Subject: CN=6805bac3-22dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:3f:eb:d6:c3:79:68:65:15:e1:c7:83:ea:b9: 91:83:3b:5d:8f:85:50:0d:2c:f2:ab:06:fc:77:04: 4d:54:c5:d7:be:df:7c:5b:e2:0e:36:97:f7:10:79: 6d:b0:82:98:57:b5:df:74:07:d1:a1:75:98:b1:a9: 97:08:32:59:b1:b5:85:c2:48:69:18:36:fa:c3:bd: 7c:da:b6:81:d4:19:cc:36:77:91:9b:60:e4:1e:a7: 89:cc:04:92:3c:50:5a:b3:a5:8e:64:8a:cf:bc:3b: 5d:65:b4:64:98:73:69:1c:a7:2f:f9:ba:8e:80:7e: 69:25:b2:95:00:73:be:58:3d:30:ad:2d:d1:3d:ad: f8:f7:4c:ba:df:4b:9c:74:7b:c7:75:1e:ee:2a:a5: 34:13:5b:5e:6d:86:e1:44:0e:30:04:43:81:52:49: cf:5a:be:3d:13:6f:fd:17:59:30:a2:d9:d1:eb:54: c9:ef:a1:98:b4:ae:ce:b2:e0:b8:cd:00:27:8e:16: 83:0b:f0:86:87:5b:3d:9b:7d:27:af:47:e8:c8:0d: 90:30:05:1c:4b:6b:4c:b9:e5:20:a9:75:a2:6b:19: 93:a1:7a:02:69:60:74:b6:8c:05:14:b4:d8:f3:74: 19:e0:42:44:80:f4:a2:8f:d1:73:be:3e:3d:c3:1f: 48:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:CF:9B:BA:10:55:03:A0:D3:3A:41:44:0B:B0:81:E7:DF:38:BF:43 X509v3 Authority Key Identifier: keyid:E7:71:32:E4:FE:AD:04:EE:D4:FE:94:6D:60:7A:0D:CB:57:A4:20:65 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F715C/5F0726384F3311EE966E0F72C4F9AE02/53Ey5P6tBO7U_pRtYHoNy1ekIGU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/53Ey5P6tBO7U_pRtYHoNy1ekIGU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F715C/5F0726384F3311EE966E0F72C4F9AE02/53Ey5P6tBO7U_pRtYHoNy1ekIGU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0f:50:3a:b9:1d:d1:d8:57:fa:2c:2a:04:28:fa:12:1e:ea:a8: 1f:78:b6:21:af:63:75:91:4f:52:3e:46:2e:f3:cb:71:4f:be: ce:b8:fa:88:17:f7:66:f9:b1:de:73:eb:be:83:7c:83:63:f1: cd:f8:00:fe:70:59:9b:e2:21:a5:d3:d9:ba:d4:45:f0:5b:20: 18:0f:bc:01:13:cc:b4:c0:f6:74:9a:f6:fd:d4:3f:2a:c5:5a: 4f:1f:39:67:56:a7:72:92:e9:a2:3a:74:0e:b6:b0:0c:89:0b: 94:9b:ea:2a:f9:60:4c:77:b9:c6:dc:41:a3:b3:89:fd:41:ce: 41:59:23:34:7c:f8:57:1f:9f:3a:f0:a0:06:80:b6:1d:6d:ab: 10:89:1b:d9:a1:6e:1c:2b:da:30:a8:43:c9:dc:be:e0:72:6c: 16:62:be:61:ac:09:b0:91:f3:14:b2:91:06:c1:e9:c4:41:c3: 36:21:ed:29:29:a8:86:d5:24:e0:84:55:a8:69:25:db:be:3b: 2e:80:b6:b1:76:3c:1e:bd:08:02:b0:1a:02:80:93:f4:89:8c: 35:ef:98:ad:7f:87:59:93:09:58:29:8f:98:a8:fb:c7:f6:98: fa:bc:1e:88:10:b8:6d:d7:d6:8b:82:24:3b:dc:29:2b:11:9b: c3:16:d0:3f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjcxNUMxMTAvBgNVBAUTKEU3NzEzMkU0RkVBRDA0RUVENEZFOTQ2RDYwN0EwRENC NTdBNDIwNjUwHhcNMjUwNDIxMDMyNTU1WhcNMjUwNDI4MDMyNTU1WjAYMRYwFAYD VQQDEw02ODA1YmFjMy0yMmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyD/r1sN5aGUV4ceD6rmRgztdj4VQDSzyqwb8dwRNVMXXvt98W+IONpf3EHlt sIKYV7XfdAfRoXWYsamXCDJZsbWFwkhpGDb6w7182raB1BnMNneRm2DkHqeJzASS PFBas6WOZIrPvDtdZbRkmHNpHKcv+bqOgH5pJbKVAHO+WD0wrS3RPa3490y630uc dHvHdR7uKqU0E1tebYbhRA4wBEOBUknPWr49E2/9F1kwotnR61TJ76GYtK7OsuC4 zQAnjhaDC/CGh1s9m30nr0foyA2QMAUcS2tMueUgqXWiaxmToXoCaWB0towFFLTY 83QZ4EJEgPSij9Fzvj49wx9I4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFInPm7oQ VQOg0zpBRAuwgeffOL9DMB8GA1UdIwQYMBaAFOdxMuT+rQTu1P6UbWB6DctXpCBl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzE1Qy81RjA3MjYzODRG MzMxMUVFOTY2RTBGNzJDNEY5QUUwMi81M0V5NVA2dEJPN1VfcFJ0WUhvTnkxZWtJ R1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzUzRXk1UDZ0Qk83VV9wUnRZSG9OeTFla0lHVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NzE1Qy81RjA3MjYzODRGMzMxMUVFOTY2RTBGNzJDNEY5QUUwMi81M0V5NVA2dEJP N1VfcFJ0WUhvTnkxZWtJR1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAPUDq5HdHYV/osKgQo+hIe6qgfeLYhr2N1kU9SPkYu88txT77OuPqI F/dm+bHec+u+g3yDY/HN+AD+cFmb4iGl09m61EXwWyAYD7wBE8y0wPZ0mvb91D8q xVpPHzlnVqdykumiOnQOtrAMiQuUm+oq+WBMd7nG3EGjs4n9Qc5BWSM0fPhXH586 8KAGgLYdbasQiRvZoW4cK9owqEPJ3L7gcmwWYr5hrAmwkfMUspEGwenEQcM2Ie0p KaiG1STghFWoaSXbvjsugLaxdjwevQgCsBoCgJP0iYw175itf4dZkwlYKY+YqPvH 9pj6vB6IELht19aLgiQ73CkrEZvDFtA/ -----END CERTIFICATE-----Generated at Mon Apr 21 15:39:40 2025 by rpki-client