$ rpki-client -vvf rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.mft File: 8lm4rJz0O9fFlFTlyD7PSPn7hxc.mft (raw, json) Hash identifier: 9D2KwoJgiOdiYF+NlBrL9odMtPa1jpRlF/LV6kl+7FQ= Subject key identifier: E5:50:88:E6:AB:64:47:8A:F1:00:60:F6:4C:CF:6B:D2:D9:DD:35:CF Authority key identifier: F2:59:B8:AC:9C:F4:3B:D7:C5:94:54:E5:C8:3E:CF:48:F9:FB:87:17 Certificate issuer: /CN=A91329C1/serialNumber=F259B8AC9CF43BD7C59454E5C83ECF48F9FB8717 Certificate serial: 0294 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8lm4rJz0O9fFlFTlyD7PSPn7hxc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.mft Manifest number: 0290 Signing time: Sat 31 May 2025 01:46:58 +0000 Manifest this update: Sat 31 May 2025 01:46:57 +0000 Manifest next update: Sat 07 Jun 2025 01:46:57 +0000 Files and hashes: 1: 8lm4rJz0O9fFlFTlyD7PSPn7hxc.crl (hash: r0aU6FUT+lTYz2oOgXrkRhBeHOW726SIu8/6hhXEe/s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.crl rsync://rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8lm4rJz0O9fFlFTlyD7PSPn7hxc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:46:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 660 (0x294) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91329C1, serialNumber=F259B8AC9CF43BD7C59454E5C83ECF48F9FB8717 Validity Not Before: May 31 01:46:57 2025 GMT Not After : Jun 7 01:46:57 2025 GMT Subject: CN=683a5f91-4d53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:4a:e8:1c:75:23:38:04:b5:91:c0:4f:5f:2d: e3:f5:a0:89:8a:be:c0:55:55:88:ab:31:9e:6e:69: 81:d7:f3:64:b4:ac:70:71:24:19:5f:a3:de:d9:77: 35:a6:76:5b:22:02:a4:56:2a:53:04:dd:93:c9:38: ff:ac:aa:95:c7:d9:62:9f:42:a9:2a:40:91:44:6d: c2:17:e8:10:ab:4e:a5:91:17:87:cc:55:97:28:3f: 45:6b:ca:f5:4a:d2:29:46:a1:02:1c:e4:d8:05:b2: 29:65:19:17:aa:40:43:d1:5b:2b:30:21:05:ba:ee: d0:51:67:44:31:ca:ec:e6:d7:28:3b:6d:06:cd:aa: b9:f9:88:01:38:4c:00:9b:27:f7:a5:b7:9b:84:5e: f2:c7:ce:45:cf:4c:03:be:d2:f8:f3:3c:7b:7c:e5: a6:9e:20:84:69:3a:04:8e:96:4f:a3:bd:31:7e:2c: fc:7f:b2:36:f2:c3:41:9c:df:4d:93:d2:2c:0e:23: 04:cc:b4:d6:37:ce:46:e3:4c:7b:a3:f5:10:ea:82: 12:d0:2f:66:78:e5:e6:e5:34:82:14:86:09:c1:44: 31:02:b9:25:4c:47:b1:62:f8:68:d7:b1:56:fe:a2: 87:c4:0d:45:31:77:34:14:50:83:76:97:fa:e8:4c: 20:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:50:88:E6:AB:64:47:8A:F1:00:60:F6:4C:CF:6B:D2:D9:DD:35:CF X509v3 Authority Key Identifier: keyid:F2:59:B8:AC:9C:F4:3B:D7:C5:94:54:E5:C8:3E:CF:48:F9:FB:87:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8lm4rJz0O9fFlFTlyD7PSPn7hxc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91329C1/44236F0405BD11EDA00A5F3DC4F9AE02/8lm4rJz0O9fFlFTlyD7PSPn7hxc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:ae:7f:b2:19:0e:0d:73:3d:b3:d6:c7:51:57:7c:64:fd:ff: a4:f5:5b:24:95:b8:fc:e9:60:a9:1e:eb:f6:ce:3d:c3:34:4e: 81:d7:12:bb:3a:26:e6:b6:13:b4:3d:8e:c9:4f:ba:8d:7a:3f: cc:e7:3c:28:12:e3:71:84:5c:67:30:19:e5:45:f2:2f:8c:be: 1b:7c:ee:1f:1b:c9:0c:56:80:2d:cd:b2:49:39:71:cc:b3:00: 57:cd:43:52:36:4b:84:8b:20:2e:fc:a9:aa:3a:f0:b1:fe:13: 3a:c8:f6:24:7e:9d:f2:f5:46:0e:71:0a:8d:20:4d:28:12:46: 50:a7:ef:82:17:bf:8b:87:75:95:4e:17:4a:cc:af:47:e8:94: 00:15:e2:59:a4:30:80:91:17:c3:eb:9d:75:77:6d:69:af:95: f4:ea:3e:e9:79:43:5c:a3:14:5e:4d:03:4b:64:d5:78:77:be: 32:30:d5:e5:c9:d0:e0:c4:93:89:10:31:45:5f:82:f9:86:11: 28:5b:00:c9:b3:bb:fe:61:2c:c6:82:94:98:29:d1:00:6a:75: ac:a6:d2:ea:5e:51:60:3e:89:9e:4e:5a:9a:2c:e4:e2:12:17: 15:12:f9:3b:9c:f2:1f:a4:2c:f8:c9:a8:5d:af:05:5e:ed:23: a8:1b:59:79 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICApQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzI5QzExMTAvBgNVBAUTKEYyNTlCOEFDOUNGNDNCRDdDNTk0NTRFNUM4M0VDRjQ4 RjlGQjg3MTcwHhcNMjUwNTMxMDE0NjU3WhcNMjUwNjA3MDE0NjU3WjAYMRYwFAYD VQQDEw02ODNhNWY5MS00ZDUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo0roHHUjOAS1kcBPXy3j9aCJir7AVVWIqzGebmmB1/NktKxwcSQZX6Pe2Xc1 pnZbIgKkVipTBN2TyTj/rKqVx9lin0KpKkCRRG3CF+gQq06lkReHzFWXKD9Fa8r1 StIpRqECHOTYBbIpZRkXqkBD0VsrMCEFuu7QUWdEMcrs5tcoO20Gzaq5+YgBOEwA myf3pbebhF7yx85Fz0wDvtL48zx7fOWmniCEaToEjpZPo70xfiz8f7I28sNBnN9N k9IsDiMEzLTWN85G40x7o/UQ6oIS0C9meOXm5TSCFIYJwUQxArklTEexYvho17FW /qKHxA1FMXc0FFCDdpf66EwgIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOVQiOar ZEeK8QBg9kzPa9LZ3TXPMB8GA1UdIwQYMBaAFPJZuKyc9DvXxZRU5cg+z0j5+4cX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMjlDMS80NDIzNkYwNDA1 QkQxMUVEQTAwQTVGM0RDNEY5QUUwMi84bG00ckp6ME85ZkZsRlRseUQ3UFNQbjdo eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhsbTRySnowTzlmRmxGVGx5RDdQU1BuN2h4Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MjlDMS80NDIzNkYwNDA1QkQxMUVEQTAwQTVGM0RDNEY5QUUwMi84bG00ckp6ME85 ZkZsRlRseUQ3UFNQbjdoeGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBLrn+yGQ4Ncz2z1sdRV3xk/f+k9Vsklbj86WCpHuv2zj3DNE6B1xK7 OibmthO0PY7JT7qNej/M5zwoEuNxhFxnMBnlRfIvjL4bfO4fG8kMVoAtzbJJOXHM swBXzUNSNkuEiyAu/KmqOvCx/hM6yPYkfp3y9UYOcQqNIE0oEkZQp++CF7+Lh3WV ThdKzK9H6JQAFeJZpDCAkRfD6511d21pr5X06j7peUNcoxReTQNLZNV4d74yMNXl ydDgxJOJEDFFX4L5hhEoWwDJs7v+YSzGgpSYKdEAanWsptLqXlFgPomeTlqaLOTi EhcVEvk7nPIfpCz4yahdrwVe7SOoG1l5 -----END CERTIFICATE-----Generated at Sat May 31 17:24:44 2025 by rpki-client