$ rpki-client -vvf rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft File: epYXaVSeCq0Km_mSVoO673M6Lxo.mft (raw, json) Hash identifier: tIH2ZoW8oOPe9fSeaihQe23hJU8OIE+rDe/vhnyQ1sw= Subject key identifier: 03:E3:FC:88:9B:3B:EA:A2:70:87:ED:54:28:02:F8:C0:95:1C:4B:D5 Authority key identifier: 7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A Certificate issuer: /CN=A911C5B0/serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A Certificate serial: 34E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft Manifest number: 34B8 Signing time: Fri 30 May 2025 14:22:37 +0000 Manifest this update: Fri 30 May 2025 14:22:37 +0000 Manifest next update: Fri 06 Jun 2025 14:22:37 +0000 Files and hashes: 1: epYXaVSeCq0Km_mSVoO673M6Lxo.crl (hash: j0Rvh7mtzwSI/WCBHw2B+nL7pj5vnbWgISDkdSVgEGo=) 2: A9B6556E064311F0BA61C549C4F9AE02.roa (hash: a++99V+BelZ0iNzzfjfyt9kuXC1AHrcrB38W/RxxJBg=) 3: 1F5CD892C35111EE9D744F36C4F9AE02.roa (hash: jIXmhGTsHnOLM/8Oki3QEi8c2FlMLFZ5ltRb0SYd+ig=) 4: 1A83389CC35211EE8CE04C38C4F9AE02.roa (hash: qt+b79qUZeUfV9aMLkK2Vf0knDB1FC/92rGPVNLCE5Y=) 5: DA202262C34F11EE93BC8317C4F9AE02.roa (hash: MRIxoftDwmp6WRJIoO9F8Xfh6zfeqVoYT85Plhiizjg=) 6: 61A65BF2C35011EE95366E18C4F9AE02.roa (hash: lJX0Rj0D2pXCWqSqPGBLqRXobNJsOmj1xve2tbokkqo=) 7: 1EEE3E0AC35111EE9D744F36C4F9AE02.roa (hash: ucV0kVixfHpuy12BVYVN62sGm8utgsjQ/0NVbfikRis=) 8: A50EE218C34D11EEBC95A913C4F9AE02.roa (hash: 1HeD3vEPTet+037gaAO1k2WACoSTrjT1BrLUthDQvck=) 9: 8C9959CE060A11F08CBBE511C4F9AE02.roa (hash: Y12eqR4kENble50Bxruc9jwO/MdOCmjFkivTDaJk12E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 14:22:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13544 (0x34e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C5B0, serialNumber=7A961769549E0AAD0A9BF9925683BAEF733A2F1A Validity Not Before: May 30 14:22:37 2025 GMT Not After : Jun 6 14:22:37 2025 GMT Subject: CN=6839bf2d-6c12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:7f:c5:fe:67:6f:1b:41:6c:54:2b:77:71:d1: 87:fb:ba:6a:cb:24:03:08:86:6a:4f:2c:25:6f:e3: fc:32:5b:56:7d:91:93:9b:80:6c:30:17:68:74:ac: 98:5f:ba:43:bf:0a:99:8a:84:1c:d1:d4:42:f1:76: 43:cf:34:67:77:74:26:8f:c0:db:99:ab:76:5f:26: 1c:c8:3f:54:c1:21:87:11:2b:f1:29:34:e2:7a:83: 42:b3:06:5b:fb:b7:8f:ed:89:eb:54:e8:3f:44:73: db:46:c0:1b:5c:cd:94:5b:87:2a:47:f8:c8:e8:e9: a1:5f:ad:9a:c4:79:76:c8:3f:c5:68:50:ea:a8:8b: 65:b8:67:4e:d8:b5:50:96:f8:87:02:7e:59:cd:23: 56:d4:b1:07:d5:06:5e:6e:8c:7e:a2:29:23:6c:5a: 5a:a0:ee:1c:dd:e3:6d:7e:9b:1c:fc:22:ec:e1:07: 3c:de:09:4c:ba:08:79:e0:84:e8:4e:58:07:95:1e: ec:f2:fe:14:f0:3f:aa:22:fe:4f:a0:03:b7:f2:e9: 04:f1:71:58:8c:76:f4:58:2f:29:7e:9d:26:b2:b3: 0e:2f:63:1b:07:ca:26:f2:d8:29:ce:b1:82:00:f4: 6a:8a:d4:36:01:e2:07:26:6a:d9:05:e4:cc:73:1a: 36:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:E3:FC:88:9B:3B:EA:A2:70:87:ED:54:28:02:F8:C0:95:1C:4B:D5 X509v3 Authority Key Identifier: keyid:7A:96:17:69:54:9E:0A:AD:0A:9B:F9:92:56:83:BA:EF:73:3A:2F:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/epYXaVSeCq0Km_mSVoO673M6Lxo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C5B0/40C8D5A61D8311E2823A5FD808B02CD2/epYXaVSeCq0Km_mSVoO673M6Lxo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ac:7a:52:52:9d:dd:ef:06:1f:cb:4b:d9:07:8e:9d:ba:24:92: 4b:ac:e0:c4:25:ac:91:1e:18:75:f4:71:92:ee:54:9c:04:65: a5:ef:92:22:4a:7b:66:c4:7e:0b:01:0a:4a:56:73:43:f9:b7: bf:d5:3b:49:f1:93:3f:d7:42:e1:bd:a6:ae:33:89:b6:d4:e6: dc:34:84:d5:8f:26:e9:66:fa:e1:b7:ca:03:56:20:fd:0d:24: f2:21:80:d5:62:f0:1e:66:6f:8d:6f:a7:f7:97:3c:e4:c7:1d: c8:26:65:8f:00:e6:18:ca:a3:b6:99:7b:c7:1d:27:86:2e:98: bc:e7:41:4b:4f:a1:5f:b9:00:97:69:b2:b6:33:f5:71:db:96: 90:42:0f:9e:61:47:23:00:36:34:d4:23:f9:58:2c:fa:e9:84: b4:26:7c:0d:21:a2:a5:ac:e3:2e:f7:a2:b6:01:b1:d0:a8:7d: 52:72:48:6e:08:49:36:2e:dc:63:fa:f9:df:11:d6:e7:73:cd: 17:a6:16:94:46:32:44:40:b3:88:07:93:dc:06:34:b2:9d:1e: a4:dc:97:fc:c2:87:18:3a:da:ef:b7:b6:f3:97:2d:2c:b5:43: b4:29:78:61:db:24:56:0a:da:82:04:09:97:5a:6b:23:16:23: d3:07:76:37 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNOgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM1QjAxMTAvBgNVBAUTKDdBOTYxNzY5NTQ5RTBBQUQwQTlCRjk5MjU2ODNCQUVG NzMzQTJGMUEwHhcNMjUwNTMwMTQyMjM3WhcNMjUwNjA2MTQyMjM3WjAYMRYwFAYD VQQDEw02ODM5YmYyZC02YzEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2n/F/mdvG0FsVCt3cdGH+7pqyyQDCIZqTywlb+P8MltWfZGTm4BsMBdodKyY X7pDvwqZioQc0dRC8XZDzzRnd3Qmj8Dbmat2XyYcyD9UwSGHESvxKTTieoNCswZb +7eP7YnrVOg/RHPbRsAbXM2UW4cqR/jI6OmhX62axHl2yD/FaFDqqItluGdO2LVQ lviHAn5ZzSNW1LEH1QZebox+oikjbFpaoO4c3eNtfpsc/CLs4Qc83glMugh54ITo TlgHlR7s8v4U8D+qIv5PoAO38ukE8XFYjHb0WC8pfp0msrMOL2MbB8om8tgpzrGC APRqitQ2AeIHJmrZBeTMcxo2nQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAPj/Iib O+qicIftVCgC+MCVHEvVMB8GA1UdIwQYMBaAFHqWF2lUngqtCpv5klaDuu9zOi8a MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzVCMC80MEM4RDVBNjFE ODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNxMEttX21TVm9PNjczTTZM eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VwWVhhVlNlQ3EwS21fbVNWb082NzNNNkx4by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QzVCMC80MEM4RDVBNjFEODMxMUUyODIzQTVGRDgwOEIwMkNEMi9lcFlYYVZTZUNx MEttX21TVm9PNjczTTZMeG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCselJSnd3vBh/LS9kHjp26JJJLrODEJayRHhh19HGS7lScBGWl75Ii SntmxH4LAQpKVnND+be/1TtJ8ZM/10LhvaauM4m21ObcNITVjybpZvrht8oDViD9 DSTyIYDVYvAeZm+Nb6f3lzzkxx3IJmWPAOYYyqO2mXvHHSeGLpi850FLT6FfuQCX abK2M/Vx25aQQg+eYUcjADY01CP5WCz66YS0JnwNIaKlrOMu96K2AbHQqH1Sckhu CEk2Ltxj+vnfEdbnc80XphaURjJEQLOIB5PcBjSynR6k3Jf8wocYOtrvt7bzly0s tUO0KXhh2yRWCtqCBAmXWmsjFiPTB3Y3 -----END CERTIFICATE-----Generated at Sat May 31 14:56:24 2025 by rpki-client