$ rpki-client -vvf rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.mft File: Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.mft (raw, json) Hash identifier: 1fRtCMdpDldTG/51kybnpFDpu5PmxIMCfsBuLh42B4Y= Subject key identifier: E5:45:B3:BC:B8:36:D8:73:3B:31:6C:DF:3C:F1:4B:C4:F6:F9:D7:C5 Authority key identifier: 22:4E:66:8F:40:56:01:CA:DC:33:91:38:3F:CA:96:DF:94:68:D9:5A Certificate issuer: /CN=A91F83DC/serialNumber=224E668F405601CADC3391383FCA96DF9468D95A Certificate serial: A9 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.mft Manifest number: A5 Signing time: Thu 17 Apr 2025 05:03:00 +0000 Manifest this update: Thu 17 Apr 2025 05:02:59 +0000 Manifest next update: Thu 24 Apr 2025 05:02:59 +0000 Files and hashes: 1: Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.crl (hash: C1GIDth+zUpGYYN8Gos2zB2SXffRYcHpyfLTedgzeg4=) 2: 097951DC271E11EFA1884C2EC4F9AE02.roa (hash: TmyUhAAOaU6CYroA57XlncbnofjVXGoZ5jM7LnuMB/M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.crl rsync://rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 24 Apr 2025 05:02:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 169 (0xa9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F83DC, serialNumber=224E668F405601CADC3391383FCA96DF9468D95A Validity Not Before: Apr 17 05:02:59 2025 GMT Not After : Apr 24 05:02:59 2025 GMT Subject: CN=68008b84-653e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:f4:11:cd:31:6d:29:31:0f:98:db:8b:f0:d7: 38:71:96:29:ca:a3:99:43:49:f8:d0:b0:21:b9:ed: 93:e9:58:f6:2e:60:c9:8b:72:6d:86:64:8d:bf:86: cc:c5:d8:dd:3c:89:54:f4:a3:1e:df:6b:14:01:df: 12:12:fc:db:13:12:76:db:49:da:5f:97:28:6f:3c: a3:0b:9b:34:d3:33:5a:69:2a:ac:27:ba:03:15:a1: cb:fa:3b:9e:47:d5:f8:84:86:01:d0:be:36:a5:60: ce:7f:2d:3d:6f:41:07:f4:26:2b:ca:9a:43:ca:05: cd:ec:48:c9:a3:38:d9:aa:b1:28:fb:af:df:e1:19: 85:0a:68:9b:93:a4:fa:18:36:de:4c:41:7d:b7:75: 39:2f:cd:78:58:4b:e8:3d:1d:26:7a:48:3d:a0:e2: 15:73:22:94:77:24:29:4a:1b:dd:20:79:2f:ef:6b: e2:72:9d:4b:71:c2:bc:a4:00:d2:09:28:19:25:7e: 62:d8:28:a2:c2:b0:84:fb:e2:a1:2c:a9:80:25:bc: 36:7b:a7:21:44:83:66:e2:f5:03:28:e1:5e:8e:4e: ac:64:a3:e2:f3:77:ed:22:3a:70:b3:38:56:12:95: 5f:57:16:7e:17:08:86:71:25:17:12:ef:f1:a1:6a: a7:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:45:B3:BC:B8:36:D8:73:3B:31:6C:DF:3C:F1:4B:C4:F6:F9:D7:C5 X509v3 Authority Key Identifier: keyid:22:4E:66:8F:40:56:01:CA:DC:33:91:38:3F:CA:96:DF:94:68:D9:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F83DC/99C7488826ED11EFB4C9BA28C4F9AE02/Ik5mj0BWAcrcM5E4P8qW35Ro2Vo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:be:21:4b:9e:a7:1c:4c:04:e3:ab:56:d2:44:44:d8:9a:4d: cd:ba:c5:51:11:f2:ce:5a:63:5c:32:17:d9:71:78:a7:d0:15: 81:c8:96:d2:ce:ae:44:4a:7e:53:b2:cf:87:1a:c8:70:69:9e: e3:32:4c:5f:45:92:69:a5:6f:f6:2d:32:5f:ae:09:f8:a1:01: 01:38:4a:a1:27:fe:9e:fb:39:34:84:6d:32:67:47:63:c8:c7: 54:95:83:b8:32:be:24:8c:a0:56:2b:e6:28:d2:1f:1b:f5:77: 59:87:d0:79:c9:9d:cf:36:58:fa:31:25:a5:18:08:19:29:f8: eb:db:85:44:6b:2b:9a:26:ed:8a:6f:be:3d:43:4e:3e:c4:13: 37:24:5a:a6:cc:71:2d:83:fc:51:37:a4:51:6c:56:f9:1c:25: d4:18:21:50:87:ff:73:1b:f1:7d:73:75:29:f6:84:c8:c7:c6: 24:a7:bc:83:e8:a4:f1:c5:e7:8b:df:00:46:69:b8:63:3a:2f: c4:f8:c8:3b:dd:a4:91:26:9f:fb:b2:13:82:78:86:fc:45:44: dc:45:39:81:92:47:6d:4e:8e:24:ac:7a:27:33:53:cb:bc:18: 14:64:12:39:60:16:08:4d:4f:1c:ab:ab:3b:25:d3:e5:d9:ae: e9:25:bd:cb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjgzREMxMTAvBgNVBAUTKDIyNEU2NjhGNDA1NjAxQ0FEQzMzOTEzODNGQ0E5NkRG OTQ2OEQ5NUEwHhcNMjUwNDE3MDUwMjU5WhcNMjUwNDI0MDUwMjU5WjAYMRYwFAYD VQQDEw02ODAwOGI4NC02NTNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt/QRzTFtKTEPmNuL8Nc4cZYpyqOZQ0n40LAhue2T6Vj2LmDJi3JthmSNv4bM xdjdPIlU9KMe32sUAd8SEvzbExJ220naX5cobzyjC5s00zNaaSqsJ7oDFaHL+jue R9X4hIYB0L42pWDOfy09b0EH9CYryppDygXN7EjJozjZqrEo+6/f4RmFCmibk6T6 GDbeTEF9t3U5L814WEvoPR0mekg9oOIVcyKUdyQpShvdIHkv72vicp1LccK8pADS CSgZJX5i2CiiwrCE++KhLKmAJbw2e6chRINm4vUDKOFejk6sZKPi83ftIjpwszhW EpVfVxZ+FwiGcSUXEu/xoWqn7QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOVFs7y4 NthzOzFs3zzxS8T2+dfFMB8GA1UdIwQYMBaAFCJOZo9AVgHK3DOROD/Klt+UaNla MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODNEQy85OUM3NDg4ODI2 RUQxMUVGQjRDOUJBMjhDNEY5QUUwMi9JazVtajBCV0FjcmNNNUU0UDhxVzM1Um8y Vm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lrNW1qMEJXQWNyY001RTRQOHFXMzVSbzJWby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODNEQy85OUM3NDg4ODI2RUQxMUVGQjRDOUJBMjhDNEY5QUUwMi9JazVtajBCV0Fj cmNNNUU0UDhxVzM1Um8yVm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBeviFLnqccTATjq1bSRETYmk3NusVREfLOWmNcMhfZcXin0BWByJbS zq5ESn5Tss+HGshwaZ7jMkxfRZJppW/2LTJfrgn4oQEBOEqhJ/6e+zk0hG0yZ0dj yMdUlYO4Mr4kjKBWK+Yo0h8b9XdZh9B5yZ3PNlj6MSWlGAgZKfjr24VEayuaJu2K b749Q04+xBM3JFqmzHEtg/xRN6RRbFb5HCXUGCFQh/9zG/F9c3Up9oTIx8Ykp7yD 6KTxxeeL3wBGabhjOi/E+Mg73aSRJp/7shOCeIb8RUTcRTmBkkdtTo4krHonM1PL vBgUZBI5YBYITU8cq6s7JdPl2a7pJb3L -----END CERTIFICATE-----Generated at Fri Apr 18 16:00:10 2025 by rpki-client