$ rpki-client -vvf rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.mft File: BXtTd0A4JnigePW_KExyZ5S50TQ.mft (raw, json) Hash identifier: OGCnhfl3taLGaVxpJLSjUAOoal3VDxeJX7JrN0YGaWk= Subject key identifier: 45:84:6A:9C:40:98:CA:A6:E9:8B:34:59:C0:6F:D8:14:A7:0A:0A:F9 Authority key identifier: 05:7B:53:77:40:38:26:78:A0:78:F5:BF:28:4C:72:67:94:B9:D1:34 Certificate issuer: /CN=A91992FA/serialNumber=057B537740382678A078F5BF284C726794B9D134 Certificate serial: 36 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXtTd0A4JnigePW_KExyZ5S50TQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.mft Manifest number: 35 Signing time: Sat 31 May 2025 07:10:43 +0000 Manifest this update: Sat 31 May 2025 07:10:43 +0000 Manifest next update: Sat 07 Jun 2025 07:10:43 +0000 Files and hashes: 1: BXtTd0A4JnigePW_KExyZ5S50TQ.crl (hash: 0pmuh9eHolzhQVSe0hXGom/LpnruCvfelN8r5oMtBOo=) 2: 44A28FACEFEC11EF80EC123DC4F9AE02.roa (hash: kIHtM5yk/7E77z9qFDfBUJpQm2RMukSPxAc1zKCnuxc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.crl rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXtTd0A4JnigePW_KExyZ5S50TQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:10:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54 (0x36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91992FA, serialNumber=057B537740382678A078F5BF284C726794B9D134 Validity Not Before: May 31 07:10:43 2025 GMT Not After : Jun 7 07:10:43 2025 GMT Subject: CN=683aab73-80ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:e5:39:39:f0:bb:a9:13:4d:05:06:26:00:dc: c6:44:27:44:97:28:17:be:1d:a6:09:31:54:e3:e5: 81:6f:a9:90:60:34:6b:c4:cd:f6:33:90:44:2f:a0: 69:52:04:89:21:94:a6:f0:b4:3a:34:9b:18:69:75: 9a:a6:78:77:4f:ca:6e:df:76:d5:ee:2c:d1:0a:8a: 0f:10:18:64:8f:60:4f:55:00:aa:43:a8:42:7a:dd: 83:94:d7:57:44:de:f3:c7:53:2c:23:ab:46:10:23: ab:ad:9b:c6:0d:23:4a:8a:21:b5:5b:7f:db:3e:51: 1d:68:22:21:97:41:cd:10:d9:0c:12:6b:aa:87:d3: 6d:f6:04:9d:4f:67:f1:61:b6:54:3c:23:b2:b6:b7: 16:3c:35:66:e3:5a:fc:3e:9f:e6:ba:e7:3b:5f:03: 63:58:e3:51:bf:cf:8c:7a:a3:1f:5d:7f:25:dd:f8: 31:8b:e2:27:8d:bf:84:6f:0b:04:31:26:09:ba:6c: c3:f3:cf:fa:c9:1a:58:29:e0:5e:b5:5c:5a:df:d1: 9c:d5:74:86:7d:69:7d:a2:52:ab:d2:57:8f:15:92: d5:ba:51:0e:3f:7a:da:7c:9f:7d:1f:b8:11:f4:48: a5:e2:c7:a4:e5:f7:55:f0:bc:09:e0:8b:ed:76:3c: e8:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:84:6A:9C:40:98:CA:A6:E9:8B:34:59:C0:6F:D8:14:A7:0A:0A:F9 X509v3 Authority Key Identifier: keyid:05:7B:53:77:40:38:26:78:A0:78:F5:BF:28:4C:72:67:94:B9:D1:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BXtTd0A4JnigePW_KExyZ5S50TQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91992FA/FA46E0D2EE0311EF9C2B8A49C4F9AE02/BXtTd0A4JnigePW_KExyZ5S50TQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:14:b5:3c:b6:f4:81:d9:01:eb:7a:aa:76:56:4e:fb:34:b4: a9:fa:97:ec:2b:d9:42:76:a7:32:ee:9d:94:fd:68:b2:30:8c: 8a:68:c9:60:54:3c:a6:79:cb:19:79:ac:46:7d:49:96:2b:57: f0:b4:49:06:54:32:85:d1:e8:ae:1c:b2:0e:aa:ef:17:41:cb: b8:09:f4:c8:5e:f4:b2:b3:db:41:38:9f:35:a4:e8:f2:95:36: 1a:43:f9:a6:54:f7:41:d0:fd:e0:6b:76:40:3e:07:d0:7d:54: e4:e9:87:37:ff:df:e3:31:a1:cf:a1:d2:0f:40:d4:05:e6:89: 92:ba:8b:06:c9:3c:e9:ce:b1:1a:80:d2:81:9b:39:86:dc:6f: a2:79:77:87:4e:88:4b:3b:69:76:5b:83:f7:ea:cc:8d:3f:da: bb:40:3d:27:e4:3e:bb:ba:7d:2a:46:e7:b9:b9:f7:d6:58:d6: 81:f9:38:69:d9:98:3e:9b:8d:43:a3:18:b7:c4:ab:99:c8:70: fd:98:7e:12:b7:1e:27:85:a4:6b:97:5c:f9:8a:e7:53:8a:32: ab:12:17:c2:4a:85:1a:50:4f:6e:8e:43:2b:1b:6a:e3:6e:f4: dd:c0:1a:86:9a:65:73:17:62:5d:e4:3a:cf:58:a8:78:0d:ac: 21:29:94:80 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 OTJGQTExMC8GA1UEBRMoMDU3QjUzNzc0MDM4MjY3OEEwNzhGNUJGMjg0QzcyNjc5 NEI5RDEzNDAeFw0yNTA1MzEwNzEwNDNaFw0yNTA2MDcwNzEwNDNaMBgxFjAUBgNV BAMTDTY4M2FhYjczLTgwY2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDF5Tk58LupE00FBiYA3MZEJ0SXKBe+HaYJMVTj5YFvqZBgNGvEzfYzkEQvoGlS BIkhlKbwtDo0mxhpdZqmeHdPym7fdtXuLNEKig8QGGSPYE9VAKpDqEJ63YOU11dE 3vPHUywjq0YQI6utm8YNI0qKIbVbf9s+UR1oIiGXQc0Q2QwSa6qH0232BJ1PZ/Fh tlQ8I7K2txY8NWbjWvw+n+a65ztfA2NY41G/z4x6ox9dfyXd+DGL4ieNv4RvCwQx Jgm6bMPzz/rJGlgp4F61XFrf0ZzVdIZ9aX2iUqvSV48VktW6UQ4/etp8n30fuBH0 SKXix6Tl91XwvAngi+12POjtAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQURYRqnECY yqbpizRZwG/YFKcKCvkwHwYDVR0jBBgwFoAUBXtTd0A4JnigePW/KExyZ5S50TQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk5MkZBL0ZBNDZFMEQyRUUw MzExRUY5QzJCOEE0OUM0RjlBRTAyL0JYdFRkMEE0Sm5pZ2VQV19LRXh5WjVTNTBU US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQlh0VGQwQTRKbmlnZVBXX0tFeHlaNVM1MFRRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk5 MkZBL0ZBNDZFMEQyRUUwMzExRUY5QzJCOEE0OUM0RjlBRTAyL0JYdFRkMEE0Sm5p Z2VQV19LRXh5WjVTNTBUUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADoUtTy29IHZAet6qnZWTvs0tKn6l+wr2UJ2pzLunZT9aLIwjIpoyWBU PKZ5yxl5rEZ9SZYrV/C0SQZUMoXR6K4csg6q7xdBy7gJ9Mhe9LKz20E4nzWk6PKV NhpD+aZU90HQ/eBrdkA+B9B9VOTphzf/3+Mxoc+h0g9A1AXmiZK6iwbJPOnOsRqA 0oGbOYbcb6J5d4dOiEs7aXZbg/fqzI0/2rtAPSfkPru6fSpG57m599ZY1oH5OGnZ mD6bjUOjGLfEq5nIcP2YfhK3HieFpGuXXPmK51OKMqsSF8JKhRpQT26OQysbauNu 9N3AGoaaZXMXYl3kOs9YqHgNrCEplIA= -----END CERTIFICATE-----Generated at Sat May 31 17:58:46 2025 by rpki-client