$ rpki-client -vvf rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.mft File: 5igiDz_QD0F7mXLh1KD2QWlueZk.mft (raw, json) Hash identifier: VPS1rckIsV0iv4MjmXT347hvWzeVkocCs2ODvSAwHx8= Subject key identifier: 14:D1:5A:F7:C0:BA:C3:73:ED:4A:91:DF:3E:63:17:7F:0A:B5:8C:EC Authority key identifier: E6:28:22:0F:3F:D0:0F:41:7B:99:72:E1:D4:A0:F6:41:69:6E:79:99 Certificate issuer: /CN=A912E31D/serialNumber=E628220F3FD00F417B9972E1D4A0F641696E7999 Certificate serial: 32 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5igiDz_QD0F7mXLh1KD2QWlueZk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.mft Manifest number: 30 Signing time: Sat 31 May 2025 07:15:42 +0000 Manifest this update: Sat 31 May 2025 07:15:41 +0000 Manifest next update: Sat 07 Jun 2025 07:15:41 +0000 Files and hashes: 1: 5igiDz_QD0F7mXLh1KD2QWlueZk.crl (hash: PL3PGGEDzQ6E8OFKW9LazKLH+6vqBQz0yXDjw2V2fa8=) 2: 9CDF0C0CFA4311EFAEC6A81AC4F9AE02.roa (hash: A659tR0soBiQRXoeD1FPvGrYfSs+v9kVVN6MSoHXtyU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.crl rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5igiDz_QD0F7mXLh1KD2QWlueZk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:15:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50 (0x32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912E31D, serialNumber=E628220F3FD00F417B9972E1D4A0F641696E7999 Validity Not Before: May 31 07:15:41 2025 GMT Not After : Jun 7 07:15:41 2025 GMT Subject: CN=683aac9e-08a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:25:ff:a5:86:0d:22:76:a9:20:62:12:18:ce: b5:d5:bc:e5:ff:08:fd:60:72:af:a0:ea:9f:d2:3f: 27:76:af:5a:4d:f4:98:40:5b:d1:88:16:ed:e4:b2: 4d:71:3e:be:de:e6:bd:8c:0f:00:9f:d8:00:78:f2: 94:0c:57:a8:df:9f:da:28:6b:70:c8:5c:4f:16:c1: 8e:78:b0:b8:dc:e2:b2:78:49:b3:26:88:42:06:f7: 50:d8:d6:57:28:18:8a:fd:35:16:33:85:1b:ff:20: 89:db:c2:09:7f:0f:9d:3f:60:12:9b:6a:47:aa:6d: cb:78:8c:5c:a4:8a:32:ce:7a:f2:7a:ab:86:cd:40: 49:99:90:64:44:72:35:b8:ce:01:55:ae:cd:7b:86: fe:43:f5:b3:57:a3:ae:a9:5a:cf:c9:d5:32:b2:7e: c6:76:1a:ea:4e:5a:0c:26:54:b7:b7:bd:24:e8:db: 87:f1:8d:23:21:b7:aa:1f:db:45:16:61:85:14:da: 4c:d3:45:80:3f:d7:04:a1:45:1b:fd:56:ee:89:77: 36:06:e1:d0:40:09:f1:71:62:55:8d:f4:16:61:f0: d7:b8:55:61:66:52:60:ae:69:da:48:5b:ef:bb:15: 53:10:58:4b:6b:f6:0e:f6:05:16:27:1e:52:b6:6b: 8c:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:D1:5A:F7:C0:BA:C3:73:ED:4A:91:DF:3E:63:17:7F:0A:B5:8C:EC X509v3 Authority Key Identifier: keyid:E6:28:22:0F:3F:D0:0F:41:7B:99:72:E1:D4:A0:F6:41:69:6E:79:99 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5igiDz_QD0F7mXLh1KD2QWlueZk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E31D/2CF6B8B0F9C911EFA54F762AC4F9AE02/5igiDz_QD0F7mXLh1KD2QWlueZk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:86:e4:64:85:32:ee:d4:62:fc:54:c4:77:c1:8c:e3:59:cc: 3c:60:60:28:99:da:ba:3e:b7:58:da:67:9d:da:83:b4:05:df: b3:5a:ff:60:fe:bd:9a:c3:42:24:24:4e:5e:84:97:f7:55:51: 40:6d:f5:f2:71:18:56:da:19:70:ab:40:2b:5b:08:80:57:af: 15:a4:5c:5c:67:37:3a:be:d8:4e:fd:c3:25:19:f9:3a:a1:65: ac:42:ce:15:a8:b4:02:57:9f:62:a0:6f:e5:3d:96:64:09:e2: 52:33:96:ab:94:02:6b:d7:ab:25:a3:cf:84:8c:be:0c:ab:68: 6a:56:e7:a5:14:5c:24:dc:0f:a6:7f:2f:2e:25:f6:59:ea:2c: 0b:24:f9:1b:51:7e:e0:a1:8d:6e:0a:f2:3f:0d:33:88:d4:9d: 6f:c5:5c:53:fd:0e:4d:84:3b:f8:40:9c:fd:9d:8d:a8:08:bc: 9e:7e:9a:70:df:58:d1:7b:bc:b0:4d:42:bd:0b:82:33:a7:1a: 12:84:3d:fd:e0:e2:e1:cd:49:df:5d:be:8b:b5:ca:65:fb:ec: 47:d7:39:50:00:de:7f:56:58:c2:cc:33:a0:2c:ab:5b:f0:73: da:88:e3:d3:f9:d0:81:da:e8:27:35:55:39:ae:e4:47:f4:1f: 97:4e:c2:2f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy RTMxRDExMC8GA1UEBRMoRTYyODIyMEYzRkQwMEY0MTdCOTk3MkUxRDRBMEY2NDE2 OTZFNzk5OTAeFw0yNTA1MzEwNzE1NDFaFw0yNTA2MDcwNzE1NDFaMBgxFjAUBgNV BAMTDTY4M2FhYzllLTA4YTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDaJf+lhg0idqkgYhIYzrXVvOX/CP1gcq+g6p/SPyd2r1pN9JhAW9GIFu3ksk1x Pr7e5r2MDwCf2AB48pQMV6jfn9ooa3DIXE8WwY54sLjc4rJ4SbMmiEIG91DY1lco GIr9NRYzhRv/IInbwgl/D50/YBKbakeqbct4jFykijLOevJ6q4bNQEmZkGREcjW4 zgFVrs17hv5D9bNXo66pWs/J1TKyfsZ2GupOWgwmVLe3vSTo24fxjSMht6of20UW YYUU2kzTRYA/1wShRRv9Vu6JdzYG4dBACfFxYlWN9BZh8Ne4VWFmUmCuadpIW++7 FVMQWEtr9g72BRYnHlK2a4xfAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUFNFa98C6 w3PtSpHfPmMXfwq1jOwwHwYDVR0jBBgwFoAU5igiDz/QD0F7mXLh1KD2QWlueZkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJFMzFELzJDRjZCOEIwRjlD OTExRUZBNTRGNzYyQUM0RjlBRTAyLzVpZ2lEel9RRDBGN21YTGgxS0QyUVdsdWVa ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNWlnaUR6X1FEMEY3bVhMaDFLRDJRV2x1ZVprLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJF MzFELzJDRjZCOEIwRjlDOTExRUZBNTRGNzYyQUM0RjlBRTAyLzVpZ2lEel9RRDBG N21YTGgxS0QyUVdsdWVaay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIyG5GSFMu7UYvxUxHfBjONZzDxgYCiZ2ro+t1jaZ53ag7QF37Na/2D+ vZrDQiQkTl6El/dVUUBt9fJxGFbaGXCrQCtbCIBXrxWkXFxnNzq+2E79wyUZ+Tqh ZaxCzhWotAJXn2Kgb+U9lmQJ4lIzlquUAmvXqyWjz4SMvgyraGpW56UUXCTcD6Z/ Ly4l9lnqLAsk+RtRfuChjW4K8j8NM4jUnW/FXFP9Dk2EO/hAnP2djagIvJ5+mnDf WNF7vLBNQr0LgjOnGhKEPf3g4uHNSd9dvou1ymX77EfXOVAA3n9WWMLMM6Asq1vw c9qI49P50IHa6Cc1VTmu5Ef0H5dOwi8= -----END CERTIFICATE-----Generated at Sat May 31 17:48:47 2025 by rpki-client