$ rpki-client -vvf rpki.apnic.net/member_repository/A917AE24/8EC4009430A411EC8BEDB82DC4F9AE02/13OnYxe8qx7vA29fbkx7NMSra3s.mft File: 13OnYxe8qx7vA29fbkx7NMSra3s.mft (raw, json) Hash identifier: oo4en0jx6pUwqz+iIYqN57eB8SImrI+z5QbPCIAcdCg= Subject key identifier: 53:1C:5E:D2:A1:0F:BE:82:B3:3B:6E:39:B4:B8:E7:46:53:D2:63:7C Authority key identifier: D7:73:A7:63:17:BC:AB:1E:EF:03:6F:5F:6E:4C:7B:34:C4:AB:6B:7B Certificate issuer: /CN=A917AE24/serialNumber=D773A76317BCAB1EEF036F5F6E4C7B34C4AB6B7B Certificate serial: 04AB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/13OnYxe8qx7vA29fbkx7NMSra3s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AE24/8EC4009430A411EC8BEDB82DC4F9AE02/13OnYxe8qx7vA29fbkx7NMSra3s.mft Manifest number: 04AB Signing time: Sat 31 May 2025 00:07:05 +0000 Manifest this update: Sat 31 May 2025 00:07:04 +0000 Manifest next update: Sat 07 Jun 2025 00:07:04 +0000 Files and hashes: 1: 13OnYxe8qx7vA29fbkx7NMSra3s.crl (hash: hB4dZrbmDz+pXTOC0GyTROKH2aCnWjuVBrWUbnLqvTw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AE24/8EC4009430A411EC8BEDB82DC4F9AE02/13OnYxe8qx7vA29fbkx7NMSra3s.crl rsync://rpki.apnic.net/member_repository/A917AE24/8EC4009430A411EC8BEDB82DC4F9AE02/13OnYxe8qx7vA29fbkx7NMSra3s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/13OnYxe8qx7vA29fbkx7NMSra3s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:07:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1195 (0x4ab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AE24, serialNumber=D773A76317BCAB1EEF036F5F6E4C7B34C4AB6B7B Validity Not Before: May 31 00:07:04 2025 GMT Not After : Jun 7 00:07:04 2025 GMT Subject: CN=683a4828-0209 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:5e:ca:4f:90:55:74:ff:66:ec:c5:72:4a:e7: 93:d1:cd:b1:8d:4e:10:0e:0a:e8:1e:86:d8:1e:72: 01:ba:9e:38:56:18:a0:57:52:f7:99:ad:4a:b7:e1: d7:be:da:f7:79:ce:8d:8b:cb:ce:9f:8d:85:70:ef: 0e:41:19:8b:ce:76:40:c6:72:13:a3:ce:ee:bd:5d: 86:46:40:1e:88:f8:94:ea:f8:16:a0:35:fc:2f:cf: 3b:5c:c8:54:92:4d:cc:e0:83:55:27:21:3b:18:2b: 33:e3:e9:44:e4:ee:d2:6b:ee:f1:a1:89:5f:80:1b: 20:57:dd:59:d8:9b:68:b9:e6:69:6b:61:2f:ec:2b: 9a:00:76:57:73:12:0a:c6:84:b2:9e:58:a3:62:58: ed:d0:5c:7e:88:cc:87:a1:f3:ee:74:e1:70:48:17: fe:c1:1f:ba:28:8c:c3:e2:65:24:3a:f6:f7:4c:60: 2d:e4:97:cf:44:37:8d:83:66:3d:2e:2b:50:f4:41: cf:58:0a:7b:0c:e1:d0:dd:4d:04:f3:2a:ff:ed:23: 3f:12:83:22:f0:8e:40:52:0e:69:2f:0e:01:2f:74: 49:65:a0:77:4e:78:26:8a:04:cf:da:a6:51:50:9b: c3:3c:b1:f7:37:e4:38:3c:6c:b7:b6:40:9c:d5:ce: 70:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:1C:5E:D2:A1:0F:BE:82:B3:3B:6E:39:B4:B8:E7:46:53:D2:63:7C X509v3 Authority Key Identifier: keyid:D7:73:A7:63:17:BC:AB:1E:EF:03:6F:5F:6E:4C:7B:34:C4:AB:6B:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AE24/8EC4009430A411EC8BEDB82DC4F9AE02/13OnYxe8qx7vA29fbkx7NMSra3s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/13OnYxe8qx7vA29fbkx7NMSra3s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AE24/8EC4009430A411EC8BEDB82DC4F9AE02/13OnYxe8qx7vA29fbkx7NMSra3s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b2:b0:94:34:bf:33:db:79:85:39:9d:b2:65:48:a7:43:26:80: e7:4a:83:83:a2:6d:46:3f:f1:58:41:b6:c4:aa:51:c1:da:7b: ac:d7:e8:41:fe:33:41:27:38:29:96:d3:ac:ce:fb:b4:97:ef: 9b:9e:50:c9:44:82:35:dc:81:29:60:f5:e9:4a:29:21:50:d8: 67:b7:0e:62:51:9a:a3:07:75:19:e5:86:0f:a6:d9:9d:40:84: c8:93:b7:46:32:33:a5:58:21:ee:1a:b7:cf:a5:12:dd:5e:0f: 8d:42:67:a5:80:48:cf:b5:8c:97:8d:63:00:b1:f5:b2:6e:88: c3:ef:0d:25:53:7c:bf:4d:89:65:cc:68:a0:b0:03:b8:01:fb: cb:74:76:41:7f:51:eb:f3:9a:b9:e7:fd:03:d3:e0:6d:74:25: 88:82:f1:f2:e7:d9:b7:76:8b:f9:65:a5:76:ec:7f:c7:61:1c: c2:28:ef:1a:5f:c6:05:dc:72:10:16:3f:fd:3b:d3:2b:9d:7d: 5c:94:61:95:2c:a2:95:f0:a8:bc:a7:52:55:a1:2c:d6:d3:ab: e2:4a:ec:6e:b6:1f:2f:d6:e8:62:0e:7d:26:f1:2b:fe:d6:7c: 53:ba:05:4d:a4:9d:6b:93:09:a2:69:08:17:e4:c8:ec:e6:30: e5:87:10:11 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FFMjQxMTAvBgNVBAUTKEQ3NzNBNzYzMTdCQ0FCMUVFRjAzNkY1RjZFNEM3QjM0 QzRBQjZCN0IwHhcNMjUwNTMxMDAwNzA0WhcNMjUwNjA3MDAwNzA0WjAYMRYwFAYD VQQDEw02ODNhNDgyOC0wMjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApV7KT5BVdP9m7MVySueT0c2xjU4QDgroHobYHnIBup44VhigV1L3ma1Kt+HX vtr3ec6Ni8vOn42FcO8OQRmLznZAxnITo87uvV2GRkAeiPiU6vgWoDX8L887XMhU kk3M4INVJyE7GCsz4+lE5O7Sa+7xoYlfgBsgV91Z2JtoueZpa2Ev7CuaAHZXcxIK xoSynlijYljt0Fx+iMyHofPudOFwSBf+wR+6KIzD4mUkOvb3TGAt5JfPRDeNg2Y9 LitQ9EHPWAp7DOHQ3U0E8yr/7SM/EoMi8I5AUg5pLw4BL3RJZaB3TngmigTP2qZR UJvDPLH3N+Q4PGy3tkCc1c5w7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFMcXtKh D76CsztuObS450ZT0mN8MB8GA1UdIwQYMBaAFNdzp2MXvKse7wNvX25MezTEq2t7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUUyNC84RUM0MDA5NDMw QTQxMUVDOEJFREI4MkRDNEY5QUUwMi8xM09uWXhlOHF4N3ZBMjlmYmt4N05NU3Jh M3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzEzT25ZeGU4cXg3dkEyOWZia3g3Tk1TcmEzcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUUyNC84RUM0MDA5NDMwQTQxMUVDOEJFREI4MkRDNEY5QUUwMi8xM09uWXhlOHF4 N3ZBMjlmYmt4N05NU3JhM3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCysJQ0vzPbeYU5nbJlSKdDJoDnSoODom1GP/FYQbbEqlHB2nus1+hB /jNBJzgpltOszvu0l++bnlDJRII13IEpYPXpSikhUNhntw5iUZqjB3UZ5YYPptmd QITIk7dGMjOlWCHuGrfPpRLdXg+NQmelgEjPtYyXjWMAsfWybojD7w0lU3y/TYll zGigsAO4AfvLdHZBf1Hr85q55/0D0+BtdCWIgvHy59m3dov5ZaV27H/HYRzCKO8a X8YF3HIQFj/9O9MrnX1clGGVLKKV8Ki8p1JVoSzW06viSuxuth8v1uhiDn0m8Sv+ 1nxTugVNpJ1rkwmiaQgX5Mjs5jDlhxAR -----END CERTIFICATE-----Generated at Sat May 31 16:33:07 2025 by rpki-client