$ rpki-client -vvf rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.mft File: aBQMFYJe1QoDeBBSrd4uyhpv6jo.mft (raw, json) Hash identifier: GukX8Rzkvd/fMZokjibX0SbYb33Hcg6yjsMyGeTaO5A= Subject key identifier: 1F:17:64:69:E7:5D:F5:BA:F9:6B:59:CF:81:F0:96:C1:BC:C4:FF:7F Authority key identifier: 68:14:0C:15:82:5E:D5:0A:03:78:10:52:AD:DE:2E:CA:1A:6F:EA:3A Certificate issuer: /CN=A91289A2/serialNumber=68140C15825ED50A03781052ADDE2ECA1A6FEA3A Certificate serial: 03CE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aBQMFYJe1QoDeBBSrd4uyhpv6jo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.mft Manifest number: 03C7 Signing time: Sat 31 May 2025 00:51:32 +0000 Manifest this update: Sat 31 May 2025 00:51:32 +0000 Manifest next update: Sat 07 Jun 2025 00:51:32 +0000 Files and hashes: 1: aBQMFYJe1QoDeBBSrd4uyhpv6jo.crl (hash: NWR9+VlVVOSBexhw2SgcqBlsHMTedtgHcqUh6m9Ry3Q=) 2: 97E8ACD68E6611EC9EBE626FC4F9AE02.roa (hash: 3IMIlDIIJ2OW6DDbM2+fc2GlxtLv0j04UxGtHanf/68=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.crl rsync://rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aBQMFYJe1QoDeBBSrd4uyhpv6jo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:51:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 974 (0x3ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91289A2, serialNumber=68140C15825ED50A03781052ADDE2ECA1A6FEA3A Validity Not Before: May 31 00:51:32 2025 GMT Not After : Jun 7 00:51:32 2025 GMT Subject: CN=683a5294-8b54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:27:11:e2:17:2b:10:ce:06:eb:b7:f9:b8:1a: 4a:36:d9:0a:17:5d:fb:80:92:0e:89:47:bb:ac:e0: f8:06:f2:73:63:65:c8:61:4b:09:97:f0:ab:c9:f3: 31:2a:ba:22:ec:ac:00:82:fc:cd:aa:a1:0c:d9:cb: a3:ba:5c:36:2a:f0:75:9c:c8:4a:3e:65:4e:a3:3e: d2:c8:a3:58:69:d2:f0:df:f1:0e:25:1f:c6:12:3c: 72:e1:67:ff:18:b8:29:0c:42:fc:a0:e4:c8:c0:18: 6e:6a:b7:7a:57:30:ac:39:13:24:a2:55:61:f5:b7: 4d:af:46:d5:55:b1:2c:cf:7c:39:29:56:42:a3:1a: 90:78:a5:20:c0:99:b9:7e:47:05:3a:71:02:d3:61: 08:2f:19:85:48:e5:a7:85:b0:f9:a7:3d:db:89:97: a2:d0:ab:95:5a:4a:cf:a7:62:b6:02:09:cb:7d:0d: 2c:9f:31:0a:78:d6:65:ac:11:bb:09:9c:1b:84:f5: 9b:c0:b1:b3:db:24:d0:d0:51:04:0f:5b:e1:7d:7c: 40:9e:ee:c4:8d:97:35:f5:c1:f0:d5:17:7b:06:a4: 50:0b:2b:6c:4c:02:d3:da:cf:02:68:3b:a0:ff:08: 9a:24:52:9a:f1:fa:9e:8b:27:08:96:87:55:00:40: ce:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:17:64:69:E7:5D:F5:BA:F9:6B:59:CF:81:F0:96:C1:BC:C4:FF:7F X509v3 Authority Key Identifier: keyid:68:14:0C:15:82:5E:D5:0A:03:78:10:52:AD:DE:2E:CA:1A:6F:EA:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aBQMFYJe1QoDeBBSrd4uyhpv6jo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91289A2/FB52F64E8E6311EC9E015D6DC4F9AE02/aBQMFYJe1QoDeBBSrd4uyhpv6jo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 66:e4:73:2e:a2:3b:a9:7c:70:c2:9c:26:50:f1:46:5b:78:5e: e5:9b:33:13:cb:2a:bc:1c:dd:07:68:f9:57:bc:0d:0d:29:04: a2:ab:bc:09:3d:e3:50:96:db:b8:d0:35:53:9a:29:ed:71:6e: e7:5c:91:25:02:9f:6d:42:28:71:2d:5b:11:10:a9:33:88:b9: 9c:1c:d8:ce:ec:b0:2b:4a:23:84:8a:ca:02:72:73:15:a0:7b: 51:96:e3:70:76:66:8e:64:91:01:21:f4:19:44:83:31:39:7f: 96:93:7e:61:70:24:0d:3b:be:b4:ee:dd:db:e8:9a:f2:95:99: e5:6b:62:02:57:91:da:5d:18:51:a1:54:24:fc:e6:ec:f1:85: 70:20:8d:3b:32:7d:13:f8:a2:6c:39:ae:4a:36:9a:0d:cc:83: 9d:d7:c6:26:e2:e8:4f:a4:cc:d2:be:64:22:c8:cd:48:03:f8: 6b:11:3f:7f:d4:a7:2c:03:a5:61:77:ab:3f:8d:14:80:f1:72: 6a:db:4f:9b:50:f5:c2:6f:a6:0a:80:db:e8:0a:db:f1:c1:5c: 88:2a:2d:a0:c6:fa:d0:9e:23:5d:fb:47:ef:9b:b4:82:36:2b: 24:43:8f:dd:81:33:8a:cf:85:d0:e3:32:13:86:1c:fc:13:d6: 32:09:6e:d3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA84wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjg5QTIxMTAvBgNVBAUTKDY4MTQwQzE1ODI1RUQ1MEEwMzc4MTA1MkFEREUyRUNB MUE2RkVBM0EwHhcNMjUwNTMxMDA1MTMyWhcNMjUwNjA3MDA1MTMyWjAYMRYwFAYD VQQDEw02ODNhNTI5NC04YjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6icR4hcrEM4G67f5uBpKNtkKF137gJIOiUe7rOD4BvJzY2XIYUsJl/CryfMx Kroi7KwAgvzNqqEM2cujulw2KvB1nMhKPmVOoz7SyKNYadLw3/EOJR/GEjxy4Wf/ GLgpDEL8oOTIwBhuard6VzCsORMkolVh9bdNr0bVVbEsz3w5KVZCoxqQeKUgwJm5 fkcFOnEC02EILxmFSOWnhbD5pz3biZei0KuVWkrPp2K2AgnLfQ0snzEKeNZlrBG7 CZwbhPWbwLGz2yTQ0FEED1vhfXxAnu7EjZc19cHw1Rd7BqRQCytsTALT2s8CaDug /wiaJFKa8fqeiycIlodVAEDOpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB8XZGnn XfW6+WtZz4HwlsG8xP9/MB8GA1UdIwQYMBaAFGgUDBWCXtUKA3gQUq3eLsoab+o6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODlBMi9GQjUyRjY0RThF NjMxMUVDOUUwMTVENkRDNEY5QUUwMi9hQlFNRllKZTFRb0RlQkJTcmQ0dXlocHY2 am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FCUU1GWUplMVFvRGVCQlNyZDR1eWhwdjZqby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy ODlBMi9GQjUyRjY0RThFNjMxMUVDOUUwMTVENkRDNEY5QUUwMi9hQlFNRllKZTFR b0RlQkJTcmQ0dXlocHY2am8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBm5HMuojupfHDCnCZQ8UZbeF7lmzMTyyq8HN0HaPlXvA0NKQSiq7wJ PeNQltu40DVTmintcW7nXJElAp9tQihxLVsREKkziLmcHNjO7LArSiOEisoCcnMV oHtRluNwdmaOZJEBIfQZRIMxOX+Wk35hcCQNO7607t3b6JrylZnla2ICV5HaXRhR oVQk/Obs8YVwII07Mn0T+KJsOa5KNpoNzIOd18Ym4uhPpMzSvmQiyM1IA/hrET9/ 1KcsA6Vhd6s/jRSA8XJq20+bUPXCb6YKgNvoCtvxwVyIKi2gxvrQniNd+0fvm7SC NiskQ4/dgTOKz4XQ4zIThhz8E9YyCW7T -----END CERTIFICATE-----Generated at Sat May 31 16:29:33 2025 by rpki-client