$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft File: 5bsti54YaXwBWe2BMuXzS4axN7E.mft (raw, json) Hash identifier: 184/Orb5NW2aWBN6gczL8+4IziBPLiru3N2Q8N5Y1sY= Subject key identifier: 19:CA:A7:C1:C5:BA:20:57:A2:8A:13:03:77:3B:26:F0:05:E8:96:C6 Authority key identifier: E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 Certificate issuer: /CN=A91E0C2B/serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Certificate serial: 019F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft Manifest number: 019B Signing time: Sat 31 May 2025 03:06:21 +0000 Manifest this update: Sat 31 May 2025 03:06:21 +0000 Manifest next update: Sat 07 Jun 2025 03:06:21 +0000 Files and hashes: 1: 5bsti54YaXwBWe2BMuXzS4axN7E.crl (hash: 14rE6W9DTkbK/CRSza4x/6cO4kRfjY52pdVOQfGhm7A=) 2: 12B9A5DECBC211EDB6F09516C4F9AE02.roa (hash: GC2+Qt2m2cOxU2MSwTfp+OhWSqEwAQ14izm/J1/ZU5o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:06:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 415 (0x19f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0C2B, serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Validity Not Before: May 31 03:06:21 2025 GMT Not After : Jun 7 03:06:21 2025 GMT Subject: CN=683a722d-0f80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:a5:ef:39:b7:77:52:d5:c4:97:c4:97:25:cb: a7:a1:18:6c:e3:fd:96:62:11:e3:c0:a3:9c:e9:b7: f4:77:ba:f0:93:1d:bd:7b:9e:3c:37:28:4b:1f:51: 7c:d4:b8:2e:ef:f9:82:d1:3c:5c:cb:2f:95:7f:86: f0:05:ad:3f:05:62:00:b7:f2:40:eb:0a:c0:e6:fa: 7e:c7:a1:f4:70:58:81:65:76:21:cd:47:60:a5:0d: c4:7e:4f:f1:9b:f3:a9:82:af:3e:c7:c5:05:03:97: 9e:a3:99:d8:b6:03:05:76:a5:67:cd:7d:15:36:93: c7:e5:0c:c5:8b:7e:dd:b6:a8:d0:b6:71:f7:4b:14: 15:07:17:c7:e4:a1:cf:d3:f3:c4:82:45:f0:60:4c: e0:2e:4d:22:13:a5:f1:d5:f9:5f:6c:52:ed:65:52: d0:e3:b3:d4:a6:f4:7f:43:55:df:75:c7:01:f7:f2: 10:7f:12:0e:af:12:96:53:c4:6d:83:58:cb:72:39: b1:d2:b0:20:a0:f1:16:cc:0d:68:3d:ba:b5:cf:44: 7c:b1:a0:d8:af:f0:6f:9a:7a:75:37:6f:90:c2:a1: 87:0a:b1:88:b4:eb:31:85:75:f3:dc:0d:02:56:0a: 72:a3:68:d7:23:77:8d:91:4d:fc:42:8a:47:a5:e9: f9:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:CA:A7:C1:C5:BA:20:57:A2:8A:13:03:77:3B:26:F0:05:E8:96:C6 X509v3 Authority Key Identifier: keyid:E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:da:29:b8:dc:06:80:93:92:b9:5a:f9:04:f5:55:be:1a:87: 97:c3:0b:2a:00:26:8b:a1:07:3f:51:40:97:41:1c:b3:df:61: d9:c5:88:d1:8b:cc:0c:1c:65:f8:9d:64:c8:e0:a0:a4:67:b6: d5:61:13:c2:b2:8d:6d:fc:ca:b2:b4:28:5a:b4:ec:29:a0:b1: b4:c4:da:1f:45:59:ac:15:09:52:95:ef:76:82:bf:96:94:6a: 2c:d0:71:55:29:e0:07:44:53:2a:de:76:4c:eb:6b:45:cc:e5: 7a:07:81:6c:c5:1d:7e:5a:ab:d4:b8:19:ac:c0:f8:36:1d:8f: 62:e0:72:82:8e:07:48:f3:d5:f1:83:5e:2b:29:40:78:7a:bb: 54:ed:c2:fe:b1:79:6a:38:c2:10:ea:f4:86:b2:97:b2:82:1c: 37:58:35:a4:df:4e:eb:df:76:56:ca:a9:a8:3b:75:0e:1e:2c: 3c:ba:e1:51:a8:c3:65:11:24:c6:b9:cf:25:d5:fe:e1:8e:97: 36:69:77:49:62:3b:c6:d3:b7:39:f1:30:66:16:5c:48:0f:ad: 02:7b:ea:d2:35:77:83:fa:ea:77:3c:d7:f3:84:cb:ee:8f:33: 5a:27:4c:fa:be:f2:0e:d9:8a:43:c5:73:4b:8f:25:c8:fd:2b: a1:18:22:9e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZ8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTBDMkIxMTAvBgNVBAUTKEU1QkIyRDhCOUUxODY5N0MwMTU5RUQ4MTMyRTVGMzRC ODZCMTM3QjEwHhcNMjUwNTMxMDMwNjIxWhcNMjUwNjA3MDMwNjIxWjAYMRYwFAYD VQQDEw02ODNhNzIyZC0wZjgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyKXvObd3UtXEl8SXJcunoRhs4/2WYhHjwKOc6bf0d7rwkx29e548NyhLH1F8 1Lgu7/mC0Txcyy+Vf4bwBa0/BWIAt/JA6wrA5vp+x6H0cFiBZXYhzUdgpQ3Efk/x m/Opgq8+x8UFA5eeo5nYtgMFdqVnzX0VNpPH5QzFi37dtqjQtnH3SxQVBxfH5KHP 0/PEgkXwYEzgLk0iE6Xx1flfbFLtZVLQ47PUpvR/Q1XfdccB9/IQfxIOrxKWU8Rt g1jLcjmx0rAgoPEWzA1oPbq1z0R8saDYr/Bvmnp1N2+QwqGHCrGItOsxhXXz3A0C Vgpyo2jXI3eNkU38QopHpen5JwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBnKp8HF uiBXoooTA3c7JvAF6JbGMB8GA1UdIwQYMBaAFOW7LYueGGl8AVntgTLl80uGsTex MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMEMyQi9EMjdFNkVEMENC OTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFYd0JXZTJCTXVYelM0YXhO N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVic3RpNTRZYVh3QldlMkJNdVh6UzRheE43RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MEMyQi9EMjdFNkVEMENCOTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFY d0JXZTJCTXVYelM0YXhON0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBY2im43AaAk5K5WvkE9VW+GoeXwwsqACaLoQc/UUCXQRyz32HZxYjR i8wMHGX4nWTI4KCkZ7bVYRPCso1t/MqytChatOwpoLG0xNofRVmsFQlSle92gr+W lGos0HFVKeAHRFMq3nZM62tFzOV6B4FsxR1+WqvUuBmswPg2HY9i4HKCjgdI89Xx g14rKUB4ertU7cL+sXlqOMIQ6vSGspeyghw3WDWk307r33ZWyqmoO3UOHiw8uuFR qMNlESTGuc8l1f7hjpc2aXdJYjvG07c58TBmFlxID60Ce+rSNXeD+up3PNfzhMvu jzNaJ0z6vvIO2YpDxXNLjyXI/SuhGCKe -----END CERTIFICATE-----Generated at Sat May 31 17:30:15 2025 by rpki-client