$ rpki-client -vvf rpki.apnic.net/member_repository/A91319EA/D26C4128F8E811EC8B577271C4F9AE02/fT3bIK_-cUyPNUllHB7oD1VgEbg.mft File: fT3bIK_-cUyPNUllHB7oD1VgEbg.mft (raw, json) Hash identifier: Pq/WOTt8j1dyUf/cj7HssTd8G7QJyWNbHiYnzqncVMU= Subject key identifier: D8:DA:A2:93:24:D6:32:D4:E0:8F:67:48:9C:D3:85:2F:BA:51:C7:7F Authority key identifier: 7D:3D:DB:20:AF:FE:71:4C:8F:35:49:65:1C:1E:E8:0F:55:60:11:B8 Certificate issuer: /CN=A91319EA/serialNumber=7D3DDB20AFFE714C8F3549651C1EE80F556011B8 Certificate serial: 02AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fT3bIK_-cUyPNUllHB7oD1VgEbg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91319EA/D26C4128F8E811EC8B577271C4F9AE02/fT3bIK_-cUyPNUllHB7oD1VgEbg.mft Manifest number: 02AA Signing time: Sat 31 May 2025 01:40:06 +0000 Manifest this update: Sat 31 May 2025 01:40:06 +0000 Manifest next update: Sat 07 Jun 2025 01:40:06 +0000 Files and hashes: 1: fT3bIK_-cUyPNUllHB7oD1VgEbg.crl (hash: 8m6f3JwekiILYUQXfwfvE3IEmCQCmqfbgCskdW0jnWs=) 2: BFD5E8EAF8EB11EC9C39C677C4F9AE02.roa (hash: 81tZME9FAwzO2UIk/WDugs2sSYBMwRpnwSHq/X3xc/Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91319EA/D26C4128F8E811EC8B577271C4F9AE02/fT3bIK_-cUyPNUllHB7oD1VgEbg.crl rsync://rpki.apnic.net/member_repository/A91319EA/D26C4128F8E811EC8B577271C4F9AE02/fT3bIK_-cUyPNUllHB7oD1VgEbg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fT3bIK_-cUyPNUllHB7oD1VgEbg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:40:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 685 (0x2ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91319EA, serialNumber=7D3DDB20AFFE714C8F3549651C1EE80F556011B8 Validity Not Before: May 31 01:40:06 2025 GMT Not After : Jun 7 01:40:06 2025 GMT Subject: CN=683a5df6-bc8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:01:e4:88:fe:e4:9e:e9:24:1c:ad:6d:5b:41: ad:be:49:ea:6f:4e:5d:16:eb:e8:e9:e0:dd:79:ad: b1:4c:af:71:5f:70:ba:85:cc:d5:d7:1c:f6:6d:cc: 6b:13:71:bf:96:7d:59:65:c8:e7:d3:12:a4:e1:8e: 43:da:b8:98:d5:21:3e:a5:d3:f9:46:16:38:20:48: 97:4e:13:e9:1a:e0:c9:3e:a9:10:51:c8:8d:b4:c5: aa:f2:a2:79:9f:58:c4:99:55:4d:dd:68:fc:c3:30: ed:fa:99:57:83:58:29:5e:08:aa:70:70:a1:e7:8e: 83:79:cc:b0:52:c6:66:35:d7:8e:12:96:b5:bd:6d: 6d:b6:01:e8:94:c7:ec:18:b7:0a:7c:d8:55:46:4b: 1c:a0:5e:6f:8f:c0:37:53:ae:7f:2a:6b:c4:d6:76: f0:76:4f:02:bf:ac:06:5a:39:d6:25:84:3d:f4:b8: 3d:56:92:90:c4:d3:a5:c7:c6:d3:25:4d:60:40:35: ed:de:78:7e:5a:47:22:82:ae:93:06:5c:f4:69:7d: bc:92:11:27:e7:99:1c:d7:e9:c1:0d:8d:24:3c:4d: 42:18:74:bb:3f:03:fb:15:1d:45:23:a6:c0:e1:79: e3:76:75:98:a6:22:69:db:c1:63:11:03:bd:01:2a: 8b:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:DA:A2:93:24:D6:32:D4:E0:8F:67:48:9C:D3:85:2F:BA:51:C7:7F X509v3 Authority Key Identifier: keyid:7D:3D:DB:20:AF:FE:71:4C:8F:35:49:65:1C:1E:E8:0F:55:60:11:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91319EA/D26C4128F8E811EC8B577271C4F9AE02/fT3bIK_-cUyPNUllHB7oD1VgEbg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fT3bIK_-cUyPNUllHB7oD1VgEbg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91319EA/D26C4128F8E811EC8B577271C4F9AE02/fT3bIK_-cUyPNUllHB7oD1VgEbg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:32:8f:8f:e6:dc:57:9c:bc:cd:5e:ec:1f:3f:f6:9e:9d:d2: 38:b9:86:57:ec:b0:3c:f5:b1:06:cd:f6:46:17:8e:da:57:ce: 9e:40:2d:11:0e:ab:01:34:6d:6a:e7:e9:87:b7:31:90:ab:91: 4b:2e:72:f2:f8:3c:ea:cb:67:25:aa:c1:06:3c:51:26:13:b5: 73:de:f2:8c:5b:cd:d1:f0:d5:90:4c:51:05:e1:3e:b3:81:9d: e1:de:be:e1:9c:b8:4e:d1:79:c6:ac:a6:5f:7f:3b:d5:4e:1f: 8a:84:e7:f3:16:8a:1f:fb:67:ce:93:73:b7:27:bd:1b:02:f6: 3f:d3:a3:60:7b:80:0d:0c:0a:b2:99:fd:5d:cc:6a:31:11:4b: 91:2b:78:13:a1:29:d8:ff:05:b1:e5:65:c7:db:fa:ee:67:bf: 8a:2a:28:12:07:c8:8c:fb:31:79:96:2b:d0:36:95:98:af:9c: 9e:46:e5:75:ea:6e:84:d7:c8:da:e8:5a:6a:a5:66:1a:24:9c: 69:d4:e7:7a:35:4c:d9:7d:6c:15:bb:1c:6f:2e:b6:23:bb:e3: be:64:17:3b:f9:16:98:ca:0a:9d:d7:93:a2:fd:4e:63:fd:38: 18:e7:e8:01:0c:63:ec:b1:40:ff:66:0d:5a:24:4c:a1:66:ab: 13:91:50:4b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAq0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzE5RUExMTAvBgNVBAUTKDdEM0REQjIwQUZGRTcxNEM4RjM1NDk2NTFDMUVFODBG NTU2MDExQjgwHhcNMjUwNTMxMDE0MDA2WhcNMjUwNjA3MDE0MDA2WjAYMRYwFAYD VQQDEw02ODNhNWRmNi1iYzhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtgHkiP7knukkHK1tW0Gtvknqb05dFuvo6eDdea2xTK9xX3C6hczV1xz2bcxr E3G/ln1ZZcjn0xKk4Y5D2riY1SE+pdP5RhY4IEiXThPpGuDJPqkQUciNtMWq8qJ5 n1jEmVVN3Wj8wzDt+plXg1gpXgiqcHCh546DecywUsZmNdeOEpa1vW1ttgHolMfs GLcKfNhVRkscoF5vj8A3U65/KmvE1nbwdk8Cv6wGWjnWJYQ99Lg9VpKQxNOlx8bT JU1gQDXt3nh+Wkcigq6TBlz0aX28khEn55kc1+nBDY0kPE1CGHS7PwP7FR1FI6bA 4XnjdnWYpiJp28FjEQO9ASqLIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNjaopMk 1jLU4I9nSJzThS+6Ucd/MB8GA1UdIwQYMBaAFH092yCv/nFMjzVJZRwe6A9VYBG4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMTlFQS9EMjZDNDEyOEY4 RTgxMUVDOEI1NzcyNzFDNEY5QUUwMi9mVDNiSUtfLWNVeVBOVWxsSEI3b0QxVmdF YmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZUM2JJS18tY1V5UE5VbGxIQjdvRDFWZ0ViZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MTlFQS9EMjZDNDEyOEY4RTgxMUVDOEI1NzcyNzFDNEY5QUUwMi9mVDNiSUtfLWNV eVBOVWxsSEI3b0QxVmdFYmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBIMo+P5txXnLzNXuwfP/aendI4uYZX7LA89bEGzfZGF47aV86eQC0R DqsBNG1q5+mHtzGQq5FLLnLy+Dzqy2clqsEGPFEmE7Vz3vKMW83R8NWQTFEF4T6z gZ3h3r7hnLhO0XnGrKZffzvVTh+KhOfzFoof+2fOk3O3J70bAvY/06Nge4ANDAqy mf1dzGoxEUuRK3gToSnY/wWx5WXH2/ruZ7+KKigSB8iM+zF5livQNpWYr5yeRuV1 6m6E18ja6FpqpWYaJJxp1Od6NUzZfWwVuxxvLrYju+O+ZBc7+RaYygqd15Oi/U5j /TgY5+gBDGPssUD/Zg1aJEyhZqsTkVBL -----END CERTIFICATE-----Generated at Sat May 31 17:57:49 2025 by rpki-client