$ rpki-client -vvf rpki.apnic.net/member_repository/A911DB66/806597ACE09A11EFB63A8130C4F9AE02/8p8VNXR1uHRvrXiTag_NhSbi1hM.mft File: 8p8VNXR1uHRvrXiTag_NhSbi1hM.mft (raw, json) Hash identifier: R1oo2qznMfOBSI3D6MIfZ7iUl8pJa+Vvwo4oBnE4sKw= Subject key identifier: AB:97:B1:22:8F:5F:C8:F5:F9:BB:BA:2B:8A:4F:53:F6:E2:77:CF:B0 Authority key identifier: F2:9F:15:35:74:75:B8:74:6F:AD:78:93:6A:0F:CD:85:26:E2:D6:13 Certificate issuer: /CN=A911DB66/serialNumber=F29F15357475B8746FAD78936A0FCD8526E2D613 Certificate serial: 3E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8p8VNXR1uHRvrXiTag_NhSbi1hM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911DB66/806597ACE09A11EFB63A8130C4F9AE02/8p8VNXR1uHRvrXiTag_NhSbi1hM.mft Manifest number: 3D Signing time: Sat 31 May 2025 07:04:05 +0000 Manifest this update: Sat 31 May 2025 07:04:04 +0000 Manifest next update: Sat 07 Jun 2025 07:04:04 +0000 Files and hashes: 1: 8p8VNXR1uHRvrXiTag_NhSbi1hM.crl (hash: gPphWJnk0OzSey1GSTNPSd810QQt3CE9hR0tfDC4BUE=) 2: 879CFF8EE09E11EFAB364253C4F9AE02.roa (hash: kCo0wcr5hL64P6FXIbDjXCO02F9fPfzca6P+P/sgaPo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911DB66/806597ACE09A11EFB63A8130C4F9AE02/8p8VNXR1uHRvrXiTag_NhSbi1hM.crl rsync://rpki.apnic.net/member_repository/A911DB66/806597ACE09A11EFB63A8130C4F9AE02/8p8VNXR1uHRvrXiTag_NhSbi1hM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8p8VNXR1uHRvrXiTag_NhSbi1hM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:04:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62 (0x3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911DB66, serialNumber=F29F15357475B8746FAD78936A0FCD8526E2D613 Validity Not Before: May 31 07:04:04 2025 GMT Not After : Jun 7 07:04:04 2025 GMT Subject: CN=683aa9e4-d953 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:53:09:e9:86:f8:50:8d:12:b1:9f:19:17:6e: e1:96:5d:48:34:b1:cf:1d:bd:82:0e:44:05:ca:c0: cf:d2:4d:ce:8c:c6:1d:32:8a:8d:38:aa:4a:79:f7: 1b:32:10:3a:4e:b2:c8:0f:52:5d:a2:24:e7:68:94: 7c:ee:9d:8f:83:d2:8c:a0:98:2e:2b:03:93:0a:7a: 60:b1:04:7f:63:0d:b1:ed:85:cc:82:83:48:a8:cc: 8e:0b:68:df:9d:a1:f0:77:74:e0:54:f1:eb:5c:08: ae:01:ee:ea:d0:74:f4:b2:a1:c1:c7:73:af:a3:56: 3b:63:1e:ff:f4:3b:56:b7:7a:a4:f6:5b:e1:87:24: 2e:23:a3:a6:32:af:d7:75:93:7a:e5:ba:1a:24:74: a1:92:bb:f0:14:51:2b:ee:3d:38:bb:67:56:40:56: 04:c7:af:a2:70:df:20:ed:0d:1c:5d:1f:6a:2f:27: 78:73:14:e6:5f:3e:bc:b1:72:92:a5:68:ec:8f:54: b6:e4:b6:c9:d8:2c:7c:f9:26:9f:d5:90:bd:bd:ab: f6:44:84:9a:df:87:62:a3:68:86:2a:dd:95:fe:f9: 4c:94:9c:e5:c5:93:e7:89:2e:da:66:d3:4a:2d:c1: 29:59:17:45:36:20:89:bb:fb:86:d9:47:28:07:4e: 62:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:97:B1:22:8F:5F:C8:F5:F9:BB:BA:2B:8A:4F:53:F6:E2:77:CF:B0 X509v3 Authority Key Identifier: keyid:F2:9F:15:35:74:75:B8:74:6F:AD:78:93:6A:0F:CD:85:26:E2:D6:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911DB66/806597ACE09A11EFB63A8130C4F9AE02/8p8VNXR1uHRvrXiTag_NhSbi1hM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8p8VNXR1uHRvrXiTag_NhSbi1hM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DB66/806597ACE09A11EFB63A8130C4F9AE02/8p8VNXR1uHRvrXiTag_NhSbi1hM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:8e:9a:b8:4b:0e:78:53:35:eb:d2:94:45:3f:3f:ac:93:1f: f4:d6:55:5a:19:c2:62:bb:e9:00:b2:53:74:6b:eb:d5:62:76: 6e:c9:8a:b6:4a:9b:e7:1a:58:41:66:76:cb:38:7d:b6:a9:32: c8:05:d1:c3:a0:29:b3:f8:27:79:30:41:7b:c5:a9:ca:fd:ba: 6c:6d:5e:a7:bb:48:ed:09:75:be:0a:4b:90:a8:97:66:0b:88: a3:c3:72:85:a5:3c:56:f2:b3:e8:b7:5b:50:8f:5e:1c:b2:f9: 27:64:8a:48:1c:2a:ee:96:fa:90:56:70:ea:8b:96:53:17:28: 4e:66:b8:b6:48:51:f6:77:19:58:b4:64:66:1b:86:68:48:5f: 46:da:77:0c:3b:88:0a:ef:84:5f:a4:e4:a2:3f:03:92:07:89: 6e:03:80:87:d0:46:1e:44:49:82:54:96:e0:9f:99:73:52:78: 6a:4c:64:d9:0d:21:6a:bd:a8:29:13:2c:31:ee:6a:84:bc:f1: cd:a4:00:4b:ea:b1:c8:4f:79:55:ff:4a:f7:4b:82:0f:d8:b4: 21:ea:9e:64:be:a2:a9:61:bd:28:41:cf:36:a5:65:35:c1:a1: fa:5c:c6:29:1f:18:c5:02:bf:fc:c1:e4:73:d6:f0:6e:c4:79: a5:2e:36:6d -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx REI2NjExMC8GA1UEBRMoRjI5RjE1MzU3NDc1Qjg3NDZGQUQ3ODkzNkEwRkNEODUy NkUyRDYxMzAeFw0yNTA1MzEwNzA0MDRaFw0yNTA2MDcwNzA0MDRaMBgxFjAUBgNV BAMTDTY4M2FhOWU0LWQ5NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCoUwnphvhQjRKxnxkXbuGWXUg0sc8dvYIORAXKwM/STc6Mxh0yio04qkp59xsy EDpOssgPUl2iJOdolHzunY+D0oygmC4rA5MKemCxBH9jDbHthcyCg0iozI4LaN+d ofB3dOBU8etcCK4B7urQdPSyocHHc6+jVjtjHv/0O1a3eqT2W+GHJC4jo6Yyr9d1 k3rluhokdKGSu/AUUSvuPTi7Z1ZAVgTHr6Jw3yDtDRxdH2ovJ3hzFOZfPryxcpKl aOyPVLbktsnYLHz5Jp/VkL29q/ZEhJrfh2KjaIYq3ZX++UyUnOXFk+eJLtpm00ot wSlZF0U2IIm7+4bZRygHTmKFAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUq5exIo9f yPX5u7orik9T9uJ3z7AwHwYDVR0jBBgwFoAU8p8VNXR1uHRvrXiTag/NhSbi1hMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFEQjY2LzgwNjU5N0FDRTA5 QTExRUZCNjNBODEzMEM0RjlBRTAyLzhwOFZOWFIxdUhSdnJYaVRhZ19OaFNiaTFo TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvOHA4Vk5YUjF1SFJ2clhpVGFnX05oU2JpMWhNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFE QjY2LzgwNjU5N0FDRTA5QTExRUZCNjNBODEzMEM0RjlBRTAyLzhwOFZOWFIxdUhS dnJYaVRhZ19OaFNiaTFoTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGGOmrhLDnhTNevSlEU/P6yTH/TWVVoZwmK76QCyU3Rr69Vidm7JirZK m+caWEFmdss4fbapMsgF0cOgKbP4J3kwQXvFqcr9umxtXqe7SO0Jdb4KS5Col2YL iKPDcoWlPFbys+i3W1CPXhyy+SdkikgcKu6W+pBWcOqLllMXKE5muLZIUfZ3GVi0 ZGYbhmhIX0badww7iArvhF+k5KI/A5IHiW4DgIfQRh5ESYJUluCfmXNSeGpMZNkN IWq9qCkTLDHuaoS88c2kAEvqschPeVX/SvdLgg/YtCHqnmS+oqlhvShBzzalZTXB ofpcxikfGMUCv/zB5HPW8G7EeaUuNm0= -----END CERTIFICATE-----Generated at Sat May 31 16:52:14 2025 by rpki-client