$ rpki-client -vvf rpki.apnic.net/member_repository/A91185B8/CFA3409ABE3111EDB4FF7D34C4F9AE02/D5BpKh7v5_ChrGi14awJ9wJpccw.mft File: D5BpKh7v5_ChrGi14awJ9wJpccw.mft (raw, json) Hash identifier: +LglYU0b31tOJuULR6cZ6rFdIIQNLOfh2VA53fRtjVE= Subject key identifier: 32:AE:3A:C5:2E:C4:BD:33:D3:3E:C0:7A:F0:59:57:E7:A3:1C:34:02 Authority key identifier: 0F:90:69:2A:1E:EF:E7:F0:A1:AC:68:B5:E1:AC:09:F7:02:69:71:CC Certificate issuer: /CN=A91185B8/serialNumber=0F90692A1EEFE7F0A1AC68B5E1AC09F7026971CC Certificate serial: 01A3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D5BpKh7v5_ChrGi14awJ9wJpccw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91185B8/CFA3409ABE3111EDB4FF7D34C4F9AE02/D5BpKh7v5_ChrGi14awJ9wJpccw.mft Manifest number: 01A3 Signing time: Sun 01 Jun 2025 03:02:39 +0000 Manifest this update: Sun 01 Jun 2025 03:02:39 +0000 Manifest next update: Sun 08 Jun 2025 03:02:39 +0000 Files and hashes: 1: D5BpKh7v5_ChrGi14awJ9wJpccw.crl (hash: DnKG0fcfDNXmuoOxuErMQq5NrGLkJODRqsyAVu8Zuyc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91185B8/CFA3409ABE3111EDB4FF7D34C4F9AE02/D5BpKh7v5_ChrGi14awJ9wJpccw.crl rsync://rpki.apnic.net/member_repository/A91185B8/CFA3409ABE3111EDB4FF7D34C4F9AE02/D5BpKh7v5_ChrGi14awJ9wJpccw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D5BpKh7v5_ChrGi14awJ9wJpccw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 03:02:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 419 (0x1a3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91185B8, serialNumber=0F90692A1EEFE7F0A1AC68B5E1AC09F7026971CC Validity Not Before: Jun 1 03:02:39 2025 GMT Not After : Jun 8 03:02:39 2025 GMT Subject: CN=683bc2cf-42a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:45:d1:39:df:f4:af:dc:3f:96:33:bf:92:5c: 17:08:9b:14:bd:40:28:b0:44:83:ab:b5:c7:05:cb: 26:77:89:7b:97:2e:42:72:d2:d5:a1:b8:04:03:06: 50:f2:51:f5:60:c4:51:6d:a3:38:e6:87:7e:92:54: 52:17:89:1c:95:32:93:9f:82:81:15:cf:75:ae:65: ce:90:91:e5:0d:ff:8c:de:6a:20:47:12:17:30:a2: ab:b6:0b:c3:3b:33:29:56:5c:8f:25:eb:b7:ac:8b: e7:82:c2:b2:0a:1f:10:f5:42:6e:14:63:99:61:f9: 45:41:ce:17:2d:f2:3f:d1:b3:1f:fc:f1:e9:9c:2a: 1a:b1:4a:c5:93:75:f6:4b:01:61:83:61:66:b2:73: 15:b4:11:fd:5f:e2:85:0d:ad:2a:a6:3e:b2:da:c4: 37:19:76:a2:97:25:ab:e3:36:fe:9c:4e:3e:bc:03: be:c1:3d:b0:b3:a4:c2:06:3d:a8:dc:1e:f0:c7:20: d5:4f:5a:e7:53:d5:65:a6:14:41:0c:64:31:90:66: 72:5c:1b:fa:ef:9b:5e:3b:1e:7a:2a:7d:a8:63:59: 68:9d:78:19:e1:0f:e7:86:ff:e6:35:04:ea:cc:77: 49:b3:4b:7a:56:2c:08:ac:e2:47:d8:32:51:d6:21: a8:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:AE:3A:C5:2E:C4:BD:33:D3:3E:C0:7A:F0:59:57:E7:A3:1C:34:02 X509v3 Authority Key Identifier: keyid:0F:90:69:2A:1E:EF:E7:F0:A1:AC:68:B5:E1:AC:09:F7:02:69:71:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91185B8/CFA3409ABE3111EDB4FF7D34C4F9AE02/D5BpKh7v5_ChrGi14awJ9wJpccw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D5BpKh7v5_ChrGi14awJ9wJpccw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91185B8/CFA3409ABE3111EDB4FF7D34C4F9AE02/D5BpKh7v5_ChrGi14awJ9wJpccw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:97:00:7f:bd:b8:ce:e0:d8:c5:1e:1f:27:d3:df:0d:0b:03: 38:04:03:9c:42:46:bb:35:14:b6:3c:4c:70:13:ae:0a:1a:61: 2f:f3:35:e3:55:1e:04:40:ed:01:62:4e:b6:0b:10:75:42:1e: 2b:73:53:3b:d2:55:f7:2b:de:0a:6b:ef:3d:9e:9b:d1:43:87: 36:9c:38:77:3d:d6:22:fa:5d:13:94:be:b3:b0:e6:fc:05:c7: e4:79:81:31:a9:f0:38:54:7b:37:9c:c3:ac:51:a7:14:ed:8b: 26:87:c0:c1:d4:fe:12:08:72:77:08:8d:5f:83:ef:15:0e:f2: 1c:49:07:9a:18:da:3c:dd:36:17:bd:95:d1:e6:fd:c6:d0:3e: 6c:a2:dc:18:42:93:62:8f:b1:62:0e:49:75:9c:c3:15:0a:61: 3f:18:ce:6e:26:b6:a8:91:66:a6:fc:46:d9:98:cb:75:25:70: dc:de:8d:86:c9:dc:8c:22:9d:b1:10:c0:50:20:88:5e:a6:7b: a8:55:9d:74:50:a4:59:3a:b5:7a:00:7e:d0:40:c7:c7:db:57: 04:64:d2:31:09:9f:d5:04:bf:6d:ef:04:44:3d:4c:b5:2d:30: 36:a3:7b:6f:90:64:d7:63:4b:19:0e:d6:6c:6c:2d:1c:6a:b7: 90:f5:9f:56 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAaMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTg1QjgxMTAvBgNVBAUTKDBGOTA2OTJBMUVFRkU3RjBBMUFDNjhCNUUxQUMwOUY3 MDI2OTcxQ0MwHhcNMjUwNjAxMDMwMjM5WhcNMjUwNjA4MDMwMjM5WjAYMRYwFAYD VQQDEw02ODNiYzJjZi00MmE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3EXROd/0r9w/ljO/klwXCJsUvUAosESDq7XHBcsmd4l7ly5CctLVobgEAwZQ 8lH1YMRRbaM45od+klRSF4kclTKTn4KBFc91rmXOkJHlDf+M3mogRxIXMKKrtgvD OzMpVlyPJeu3rIvngsKyCh8Q9UJuFGOZYflFQc4XLfI/0bMf/PHpnCoasUrFk3X2 SwFhg2FmsnMVtBH9X+KFDa0qpj6y2sQ3GXailyWr4zb+nE4+vAO+wT2ws6TCBj2o 3B7wxyDVT1rnU9VlphRBDGQxkGZyXBv675teOx56Kn2oY1lonXgZ4Q/nhv/mNQTq zHdJs0t6ViwIrOJH2DJR1iGoowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDKuOsUu xL0z0z7AevBZV+ejHDQCMB8GA1UdIwQYMBaAFA+QaSoe7+fwoaxoteGsCfcCaXHM MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODVCOC9DRkEzNDA5QUJF MzExMUVEQjRGRjdEMzRDNEY5QUUwMi9ENUJwS2g3djVfQ2hyR2kxNGF3Sjl3SnBj Y3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0Q1QnBLaDd2NV9DaHJHaTE0YXdKOXdKcGNjdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx ODVCOC9DRkEzNDA5QUJFMzExMUVEQjRGRjdEMzRDNEY5QUUwMi9ENUJwS2g3djVf Q2hyR2kxNGF3Sjl3SnBjY3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAXlwB/vbjO4NjFHh8n098NCwM4BAOcQka7NRS2PExwE64KGmEv8zXj VR4EQO0BYk62CxB1Qh4rc1M70lX3K94Ka+89npvRQ4c2nDh3PdYi+l0TlL6zsOb8 BcfkeYExqfA4VHs3nMOsUacU7Ysmh8DB1P4SCHJ3CI1fg+8VDvIcSQeaGNo83TYX vZXR5v3G0D5sotwYQpNij7FiDkl1nMMVCmE/GM5uJraokWam/EbZmMt1JXDc3o2G ydyMIp2xEMBQIIhepnuoVZ10UKRZOrV6AH7QQMfH21cEZNIxCZ/VBL9t7wREPUy1 LTA2o3tvkGTXY0sZDtZsbC0careQ9Z9W -----END CERTIFICATE-----Generated at Mon Jun 2 22:20:59 2025 by rpki-client