$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft File: IHitW73x1MW5cLvik02aNV2zHOg.mft (raw, json) Hash identifier: L70pVJzOB4sl9tIlCyzWcz5/Z4yCVDPf8i/QUMrE3EA= Subject key identifier: 45:30:0B:44:B4:6A:2E:C2:7A:C1:C6:E3:CC:2B:BC:15:69:41:06:5B Authority key identifier: 20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 Certificate issuer: /CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Certificate serial: 04F5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft Manifest number: 04EB Signing time: Fri 30 May 2025 23:57:19 +0000 Manifest this update: Fri 30 May 2025 23:57:18 +0000 Manifest next update: Fri 06 Jun 2025 23:57:18 +0000 Files and hashes: 1: IHitW73x1MW5cLvik02aNV2zHOg.crl (hash: /jQ8ic86lF3Ut2x7GZ5V5dyyG+f23lkA272GdxKUuZw=) 2: 5EAA75CC28E511F0BE4DF317C4F9AE02.roa (hash: aZ97R0qET0w8nFTTAAMLi629/SQxZPM4icyK4OVkGiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 23:57:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1269 (0x4f5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4DFA, serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Validity Not Before: May 30 23:57:18 2025 GMT Not After : Jun 6 23:57:18 2025 GMT Subject: CN=683a45df-82fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:29:9f:07:e0:c8:c9:1c:b8:34:ce:d9:95:9e: 3a:35:99:8f:00:a9:53:20:98:94:e0:7f:3f:0d:40: a9:88:be:51:72:b1:54:1e:19:fc:f3:6f:28:89:d4: b8:f1:db:bc:66:7a:9d:fc:1e:8f:20:ae:d0:6b:45: 02:82:73:55:05:0a:b0:75:52:2d:93:da:e5:5e:10: a4:38:77:a3:22:55:f1:e8:c6:e7:08:40:bc:3e:89: 9f:34:5e:05:84:a6:ec:3c:0a:8c:30:51:98:da:fa: 44:1a:22:75:89:a1:9e:29:91:be:fc:4d:2b:cd:48: 9c:c3:7c:16:1f:59:19:05:f9:df:2f:71:a1:a2:7d: 6a:ca:02:9e:8e:ea:f8:9b:7a:e3:f7:16:7c:e5:0b: 40:b6:c2:9c:b7:e4:07:01:0b:a3:d8:47:96:85:bf: 65:74:38:f3:c4:1d:5e:b1:6c:ae:b1:35:5c:19:87: 1a:4c:2d:39:d3:18:7b:6b:7b:a6:46:e0:70:9b:2b: ed:cf:1c:72:82:ff:76:5d:f0:08:09:6f:9f:6d:90: be:d8:6b:f8:f7:f5:31:c6:88:44:49:f7:a6:d6:70: 96:23:a0:bf:dd:11:f4:09:48:a9:80:6e:28:15:75: 53:d0:19:24:4a:3a:cc:c9:62:ec:7e:60:f8:31:81: 6a:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:30:0B:44:B4:6A:2E:C2:7A:C1:C6:E3:CC:2B:BC:15:69:41:06:5B X509v3 Authority Key Identifier: keyid:20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:71:45:db:96:b9:83:73:93:6b:73:93:52:49:45:23:e3:f6: 85:69:cf:c4:4e:ec:1d:e2:18:1b:d2:0b:d6:20:3a:ad:3f:a4: 6b:50:99:4c:94:7a:46:f6:09:31:86:20:84:45:7e:e6:db:a9: 42:59:cc:4c:89:0a:55:36:7a:d8:64:c1:9c:64:cc:85:05:ed: d3:a8:9e:69:07:82:31:6c:fb:0f:72:2e:93:d1:fb:00:a1:62: d7:79:44:2f:cb:cb:b6:d2:f5:4e:d9:5a:92:90:70:8e:02:74: ef:12:41:48:8f:95:a7:c1:2a:da:c6:99:44:85:da:c1:eb:87: 24:40:8b:ca:60:7c:df:6f:ee:3a:71:f7:e1:86:ea:50:69:ed: 5d:f8:b5:e3:c7:ee:8f:1b:0f:81:0d:de:43:38:6c:91:2d:d7: 9a:c8:70:19:69:b6:94:6c:68:d9:d0:d0:08:9f:b9:80:15:12: 9b:f7:4e:2d:85:5e:7b:7b:aa:fa:31:0b:dd:c3:6e:71:71:8f: 2c:60:16:f5:37:c2:c0:9e:86:72:81:f8:4c:1d:e5:a2:43:7d: fc:8f:b7:c3:22:08:1f:c4:92:f8:60:eb:31:ae:22:0f:36:94: 37:43:bb:3a:0f:4b:ad:b0:9d:13:67:3d:52:73:41:93:d9:24: 8d:dc:be:1e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBPUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTRERkExMTAvBgNVBAUTKDIwNzhBRDVCQkRGMUQ0QzVCOTcwQkJFMjkzNEQ5QTM1 NURCMzFDRTgwHhcNMjUwNTMwMjM1NzE4WhcNMjUwNjA2MjM1NzE4WjAYMRYwFAYD VQQDEw02ODNhNDVkZi04MmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsimfB+DIyRy4NM7ZlZ46NZmPAKlTIJiU4H8/DUCpiL5RcrFUHhn8828oidS4 8du8Znqd/B6PIK7Qa0UCgnNVBQqwdVItk9rlXhCkOHejIlXx6MbnCEC8PomfNF4F hKbsPAqMMFGY2vpEGiJ1iaGeKZG+/E0rzUicw3wWH1kZBfnfL3Ghon1qygKejur4 m3rj9xZ85QtAtsKct+QHAQuj2EeWhb9ldDjzxB1esWyusTVcGYcaTC050xh7a3um RuBwmyvtzxxygv92XfAICW+fbZC+2Gv49/UxxohESfem1nCWI6C/3RH0CUipgG4o FXVT0BkkSjrMyWLsfmD4MYFqPwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEUwC0S0 ai7CesHG48wrvBVpQQZbMB8GA1UdIwQYMBaAFCB4rVu98dTFuXC74pNNmjVdsxzo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNERGQS84NDU5ODRDRTFB ODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFNVzVjTHZpazAyYU5WMnpI T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lIaXRXNzN4MU1XNWNMdmlrMDJhTlYyekhPZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NERGQS84NDU5ODRDRTFBODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFN VzVjTHZpazAyYU5WMnpIT2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBxcUXblrmDc5Nrc5NSSUUj4/aFac/ETuwd4hgb0gvWIDqtP6RrUJlM lHpG9gkxhiCERX7m26lCWcxMiQpVNnrYZMGcZMyFBe3TqJ5pB4IxbPsPci6T0fsA oWLXeUQvy8u20vVO2VqSkHCOAnTvEkFIj5WnwSraxplEhdrB64ckQIvKYHzfb+46 cffhhupQae1d+LXjx+6PGw+BDd5DOGyRLdeayHAZabaUbGjZ0NAIn7mAFRKb904t hV57e6r6MQvdw25xcY8sYBb1N8LAnoZygfhMHeWiQ338j7fDIggfxJL4YOsxriIP NpQ3Q7s6D0utsJ0TZz1Sc0GT2SSN3L4e -----END CERTIFICATE-----Generated at Sat May 31 16:35:04 2025 by rpki-client