$ rpki-client -vvf rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft File: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft (raw, json) Hash identifier: Yh40izRqusQHI/193l2jADDpeeNBNlrAeZrFxJu4t2o= Subject key identifier: B6:D1:38:8C:C7:15:E4:32:0E:C2:A6:1E:44:58:7F:A3:0F:C4:68:C7 Authority key identifier: 91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 Certificate issuer: /CN=A91478C3/serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Certificate serial: 0E59 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft Manifest number: 0E51 Signing time: Fri 30 May 2025 17:54:46 +0000 Manifest this update: Fri 30 May 2025 17:54:45 +0000 Manifest next update: Fri 06 Jun 2025 17:54:45 +0000 Files and hashes: 1: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl (hash: 3oy6OccVALloypL7slJMUcs96t52LeFs6zBDO/1IDRM=) 2: 36477FF69D2E11E99A95DC2AC4F9AE02.roa (hash: ZyYqi6bXWhaxHbfmn8t7NJwcl5ydCuydY4LMtE+EeW4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 17:54:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3673 (0xe59) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91478C3, serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Validity Not Before: May 30 17:54:45 2025 GMT Not After : Jun 6 17:54:45 2025 GMT Subject: CN=6839f0e5-333f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:5c:31:58:5f:34:49:43:6b:c7:44:ff:5e:c7: 00:e9:b5:67:b7:09:1a:18:40:66:b7:1e:80:0e:79: 36:9e:fc:1b:be:48:dd:f3:40:83:bf:27:fa:dd:7d: aa:ad:df:b6:c8:7d:d8:7b:0f:4b:cb:4e:51:67:72: 13:e3:6c:51:6c:09:af:b3:0a:24:f0:31:53:84:d4: 40:60:f2:99:bf:12:c6:ee:81:76:68:b2:0c:ec:e6: 7a:bd:10:96:e0:5c:8a:cb:6e:da:bd:f1:0b:9d:93: e7:24:8f:c6:bc:df:f5:5d:54:a0:03:27:e8:d4:36: 8b:6a:03:3c:fd:a9:6e:96:42:48:9a:6b:38:06:93: 97:a2:8d:92:7f:d9:a4:d9:17:f8:d0:ae:35:48:6d: 4d:f2:1c:95:3f:3f:a7:4a:41:86:84:10:6c:e0:a7: fa:51:14:d2:8a:c0:c0:9a:70:81:b4:40:0d:32:2b: 16:aa:60:d0:fd:46:89:83:17:46:cb:5b:c2:04:2a: 1a:24:e4:2c:15:1d:f1:6c:b7:a1:6b:a6:7a:3d:09: 6b:56:74:14:1e:32:23:e4:31:52:38:43:c2:6f:41: f1:41:85:98:1f:80:54:35:79:a9:b2:90:a6:82:7f: ce:c4:e0:12:bd:28:87:b5:42:c6:26:07:f3:af:49: 4d:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:D1:38:8C:C7:15:E4:32:0E:C2:A6:1E:44:58:7F:A3:0F:C4:68:C7 X509v3 Authority Key Identifier: keyid:91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:64:16:20:b8:26:31:c9:bd:90:d3:34:f6:91:90:a9:6e:5e: 71:60:aa:7c:c6:77:fd:96:96:9a:fd:4c:ab:ef:f6:e3:65:ef: 35:39:42:23:dd:c4:9b:72:ab:b0:d5:0d:ea:68:5b:02:e3:e0: 8a:e1:5a:db:d3:00:f3:30:17:fd:bc:66:aa:6a:a7:43:e6:ce: 43:cf:bd:c9:3f:c8:de:96:ce:26:12:50:7d:fa:9d:ab:e8:11: ed:09:0f:e9:9a:1e:70:e9:ef:b9:78:f6:7b:16:d3:d2:40:96: 75:1a:08:38:22:40:85:7a:e8:84:5c:4c:ec:56:51:0f:12:f3: 69:2e:89:29:4d:c8:36:6d:bc:77:0b:a4:28:de:74:20:ba:0c: e9:c3:a5:fc:ee:fc:9e:5c:13:f8:64:2f:cc:72:b0:28:ed:58: ea:77:6a:02:81:95:32:04:28:aa:b1:96:e3:bf:f8:9b:88:57: b9:70:48:89:6f:a9:2b:9a:f1:40:ee:d6:cf:58:b3:1e:ab:1e: c4:b5:51:69:0c:78:3d:b5:1f:14:cd:94:b7:1d:d0:86:8e:f8: bb:64:78:a0:64:ef:70:e6:81:e5:bc:3d:2f:be:a2:fd:a7:7d: 0d:00:4a:61:ad:15:2f:61:ac:fe:e9:4d:fa:fd:d2:4c:5e:4a: 52:cf:8e:1a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDlkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDc4QzMxMTAvBgNVBAUTKDkxMkFCMzlGQzdCQkNCRUYxQ0YyNjdFOUQzRjcxOUM5 QTRGMEExMTQwHhcNMjUwNTMwMTc1NDQ1WhcNMjUwNjA2MTc1NDQ1WjAYMRYwFAYD VQQDEw02ODM5ZjBlNS0zMzNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyVwxWF80SUNrx0T/XscA6bVntwkaGEBmtx6ADnk2nvwbvkjd80CDvyf63X2q rd+2yH3Yew9Ly05RZ3IT42xRbAmvswok8DFThNRAYPKZvxLG7oF2aLIM7OZ6vRCW 4FyKy27avfELnZPnJI/GvN/1XVSgAyfo1DaLagM8/alulkJImms4BpOXoo2Sf9mk 2Rf40K41SG1N8hyVPz+nSkGGhBBs4Kf6URTSisDAmnCBtEANMisWqmDQ/UaJgxdG y1vCBCoaJOQsFR3xbLeha6Z6PQlrVnQUHjIj5DFSOEPCb0HxQYWYH4BUNXmpspCm gn/OxOASvSiHtULGJgfzr0lNjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLbROIzH FeQyDsKmHkRYf6MPxGjHMB8GA1UdIwQYMBaAFJEqs5/Hu8vvHPJn6dP3Gcmk8KEU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzhDMy9FM0Q5MTk0QzlE MkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3ktOGM4bWZwMF9jWnlhVHdv UlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tTcXpuOGU3eS04YzhtZnAwX2NaeWFUd29SUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzhDMy9FM0Q5MTk0QzlEMkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3kt OGM4bWZwMF9jWnlhVHdvUlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApZBYguCYxyb2Q0zT2kZCpbl5xYKp8xnf9lpaa/Uyr7/bjZe81OUIj 3cSbcquw1Q3qaFsC4+CK4Vrb0wDzMBf9vGaqaqdD5s5Dz73JP8jels4mElB9+p2r 6BHtCQ/pmh5w6e+5ePZ7FtPSQJZ1Ggg4IkCFeuiEXEzsVlEPEvNpLokpTcg2bbx3 C6Qo3nQgugzpw6X87vyeXBP4ZC/McrAo7Vjqd2oCgZUyBCiqsZbjv/ibiFe5cEiJ b6krmvFA7tbPWLMeqx7EtVFpDHg9tR8UzZS3HdCGjvi7ZHigZO9w5oHlvD0vvqL9 p30NAEphrRUvYaz+6U36/dJMXkpSz44a -----END CERTIFICATE-----Generated at Sat May 31 17:42:37 2025 by rpki-client