$ rpki-client -vvf rpki.apnic.net/member_repository/A911C3BB/C908879AAB4911ED9FB40B35C4F9AE02/c_u1j1Vx8_TGKmP99a_vnLcOdAM.mft File: c_u1j1Vx8_TGKmP99a_vnLcOdAM.mft (raw, json) Hash identifier: aGKeLL+wbE/2QW1afPxLPZmaRLdlWh0PeyuJacgtHMw= Subject key identifier: 4A:F8:7E:73:77:87:77:8A:0C:83:4F:63:17:BC:C5:DA:0E:D3:E3:4A Authority key identifier: 73:FB:B5:8F:55:71:F3:F4:C6:2A:63:FD:F5:AF:EF:9C:B7:0E:74:03 Certificate issuer: /CN=A911C3BB/serialNumber=73FBB58F5571F3F4C62A63FDF5AFEF9CB70E7403 Certificate serial: 01B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c_u1j1Vx8_TGKmP99a_vnLcOdAM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C3BB/C908879AAB4911ED9FB40B35C4F9AE02/c_u1j1Vx8_TGKmP99a_vnLcOdAM.mft Manifest number: 01AF Signing time: Sat 31 May 2025 02:52:45 +0000 Manifest this update: Sat 31 May 2025 02:52:45 +0000 Manifest next update: Sat 07 Jun 2025 02:52:45 +0000 Files and hashes: 1: c_u1j1Vx8_TGKmP99a_vnLcOdAM.crl (hash: F6NjN4K8m3KysvRZmvzIuCDq4tas3d1xCKMI2N0DWi4=) 2: CB2788CAAB4C11EDB3DC7336C4F9AE02.roa (hash: 5/W5EqvBYrwaBbNXisgVsa/BWjLPbFWwbLiAWCjCMGo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C3BB/C908879AAB4911ED9FB40B35C4F9AE02/c_u1j1Vx8_TGKmP99a_vnLcOdAM.crl rsync://rpki.apnic.net/member_repository/A911C3BB/C908879AAB4911ED9FB40B35C4F9AE02/c_u1j1Vx8_TGKmP99a_vnLcOdAM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c_u1j1Vx8_TGKmP99a_vnLcOdAM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 02:52:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 435 (0x1b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C3BB, serialNumber=73FBB58F5571F3F4C62A63FDF5AFEF9CB70E7403 Validity Not Before: May 31 02:52:45 2025 GMT Not After : Jun 7 02:52:45 2025 GMT Subject: CN=683a6efd-b528 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:ea:b0:85:e9:fb:28:7e:df:bd:91:05:b5:a1: f8:50:76:43:e9:d2:d9:c7:4c:ea:b1:bd:7a:d9:4f: 4f:2f:70:02:10:96:65:81:82:ee:2b:62:04:07:d7: 9a:71:02:e5:3e:27:9c:f9:98:a6:ad:f2:8c:35:ab: 06:32:89:e6:9b:07:2c:74:c6:d5:31:39:d4:ac:7f: 3c:a8:79:28:e7:33:fb:3a:09:aa:0f:d4:1a:fb:21: 46:9e:37:8f:77:b4:48:c7:66:d0:33:8b:9a:21:41: 5e:d4:33:b2:3c:11:2b:4f:1e:08:7a:f0:1d:0d:ff: ca:76:32:06:2d:22:39:bf:60:53:b7:12:bb:e8:a7: 69:52:6b:2e:2b:2f:f2:d0:d3:22:f4:14:f1:a0:91: fe:c1:73:90:25:af:f0:6a:d9:3c:dd:8d:97:5b:5d: b1:59:bf:3b:31:c4:a9:c5:1a:aa:be:9c:57:b5:20: 24:ff:e4:42:a6:26:58:5e:45:bf:d6:ca:50:e7:27: 90:0f:6c:b4:f1:ca:ed:2c:bc:65:6e:1a:85:db:8b: 58:e9:6a:90:5d:ed:85:e7:32:e7:c3:67:76:28:75: de:be:f5:86:74:8d:91:79:2a:54:78:89:a5:38:f3: 70:83:90:35:71:48:3f:10:d9:b2:a4:13:7c:56:f9: 58:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:F8:7E:73:77:87:77:8A:0C:83:4F:63:17:BC:C5:DA:0E:D3:E3:4A X509v3 Authority Key Identifier: keyid:73:FB:B5:8F:55:71:F3:F4:C6:2A:63:FD:F5:AF:EF:9C:B7:0E:74:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C3BB/C908879AAB4911ED9FB40B35C4F9AE02/c_u1j1Vx8_TGKmP99a_vnLcOdAM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c_u1j1Vx8_TGKmP99a_vnLcOdAM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C3BB/C908879AAB4911ED9FB40B35C4F9AE02/c_u1j1Vx8_TGKmP99a_vnLcOdAM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:f6:88:52:4f:d1:48:c3:12:dd:50:7a:ed:b9:ce:1e:c5:66: 58:06:9d:a1:32:82:07:46:b7:11:6a:cb:5e:ff:0e:cc:54:55: a1:63:23:6f:6b:1f:9a:0f:a8:57:4a:58:b6:5d:74:8a:43:49: 6b:f2:db:61:82:ad:33:16:ab:ce:a5:8d:5f:02:41:ba:ac:e9: b3:fd:74:c5:6c:28:e4:7e:96:57:8a:c0:5f:38:8a:56:cf:cc: 18:37:f2:1d:bf:0f:c8:19:96:e9:ae:8a:64:57:32:40:ae:76: 55:b4:61:49:5f:c2:82:83:d4:a6:41:b7:5c:d4:d4:65:6c:8a: a5:35:0f:73:96:44:a8:90:f3:82:1b:43:2b:db:ff:97:83:86: 64:24:ea:5c:0c:95:b6:4d:ec:14:0e:7e:cd:b4:42:a1:c4:fe: 9d:9e:75:12:68:4f:b5:a8:7c:e8:cc:99:33:ff:d8:a8:5d:ca: 7c:ed:71:d2:74:fa:70:8b:66:6e:90:50:7f:4f:de:0f:24:5f: 76:b8:e4:c2:87:9f:37:3c:37:e8:d8:d8:8f:3c:99:b0:dd:4d: bc:a1:bd:47:24:55:e6:d1:2f:23:9c:ff:9d:54:b8:cd:dc:89: 38:c1:c2:72:01:47:99:05:cd:c0:63:44:30:e9:2f:3f:dc:35: fa:a9:80:64 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUMzQkIxMTAvBgNVBAUTKDczRkJCNThGNTU3MUYzRjRDNjJBNjNGREY1QUZFRjlD QjcwRTc0MDMwHhcNMjUwNTMxMDI1MjQ1WhcNMjUwNjA3MDI1MjQ1WjAYMRYwFAYD VQQDEw02ODNhNmVmZC1iNTI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp+qwhen7KH7fvZEFtaH4UHZD6dLZx0zqsb162U9PL3ACEJZlgYLuK2IEB9ea cQLlPiec+ZimrfKMNasGMonmmwcsdMbVMTnUrH88qHko5zP7OgmqD9Qa+yFGnjeP d7RIx2bQM4uaIUFe1DOyPBErTx4IevAdDf/KdjIGLSI5v2BTtxK76KdpUmsuKy/y 0NMi9BTxoJH+wXOQJa/watk83Y2XW12xWb87McSpxRqqvpxXtSAk/+RCpiZYXkW/ 1spQ5yeQD2y08crtLLxlbhqF24tY6WqQXe2F5zLnw2d2KHXevvWGdI2ReSpUeIml OPNwg5A1cUg/ENmypBN8VvlYGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEr4fnN3 h3eKDINPYxe8xdoO0+NKMB8GA1UdIwQYMBaAFHP7tY9VcfP0xipj/fWv75y3DnQD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzNCQi9DOTA4ODc5QUFC NDkxMUVEOUZCNDBCMzVDNEY5QUUwMi9jX3UxajFWeDhfVEdLbVA5OWFfdm5MY09k QU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NfdTFqMVZ4OF9UR0ttUDk5YV92bkxjT2RBTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QzNCQi9DOTA4ODc5QUFCNDkxMUVEOUZCNDBCMzVDNEY5QUUwMi9jX3UxajFWeDhf VEdLbVA5OWFfdm5MY09kQU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBY9ohST9FIwxLdUHrtuc4exWZYBp2hMoIHRrcRaste/w7MVFWhYyNv ax+aD6hXSli2XXSKQ0lr8tthgq0zFqvOpY1fAkG6rOmz/XTFbCjkfpZXisBfOIpW z8wYN/Idvw/IGZbpropkVzJArnZVtGFJX8KCg9SmQbdc1NRlbIqlNQ9zlkSokPOC G0Mr2/+Xg4ZkJOpcDJW2TewUDn7NtEKhxP6dnnUSaE+1qHzozJkz/9ioXcp87XHS dPpwi2ZukFB/T94PJF92uOTCh583PDfo2NiPPJmw3U28ob1HJFXm0S8jnP+dVLjN 3Ik4wcJyAUeZBc3AY0Qw6S8/3DX6qYBk -----END CERTIFICATE-----Generated at Sat May 31 14:43:09 2025 by rpki-client