$ rpki-client -vvf rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/rSHioIh9gBBYg2nxR4WWAoR3zb4.mft File: rSHioIh9gBBYg2nxR4WWAoR3zb4.mft (raw, json) Hash identifier: fUJlcxiLaGqlCzgklbnJMLdsm1knY484J8DUx7Fcilg= Subject key identifier: 1B:CB:C4:F5:5C:F7:A6:10:71:1B:D8:DC:B8:40:8C:C6:12:FB:F4:FD Authority key identifier: AD:21:E2:A0:88:7D:80:10:58:83:69:F1:47:85:96:02:84:77:CD:BE Certificate issuer: /CN=A913344F/serialNumber=AD21E2A0887D8010588369F1478596028477CDBE Certificate serial: 10BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rSHioIh9gBBYg2nxR4WWAoR3zb4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/rSHioIh9gBBYg2nxR4WWAoR3zb4.mft Manifest number: 10B5 Signing time: Fri 30 May 2025 17:29:37 +0000 Manifest this update: Fri 30 May 2025 17:29:36 +0000 Manifest next update: Fri 06 Jun 2025 17:29:36 +0000 Files and hashes: 1: rSHioIh9gBBYg2nxR4WWAoR3zb4.crl (hash: VQBPjhz4Q8uRGd9zLbAGPzJH71RJoihBgIrGdmG1wSw=) 2: 2CDBC1B0251111E997B74770C4F9AE02.roa (hash: /+y+JZvdgDvleCapwUXYIThVyUcKdFkPONIIfNbMybY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/rSHioIh9gBBYg2nxR4WWAoR3zb4.crl rsync://rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/rSHioIh9gBBYg2nxR4WWAoR3zb4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rSHioIh9gBBYg2nxR4WWAoR3zb4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 17:29:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4284 (0x10bc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913344F, serialNumber=AD21E2A0887D8010588369F1478596028477CDBE Validity Not Before: May 30 17:29:36 2025 GMT Not After : Jun 6 17:29:36 2025 GMT Subject: CN=6839eb01-db67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:b8:ea:dc:f8:bd:2f:4a:52:33:58:bd:d2:95: 65:13:be:d4:2c:f5:a3:7d:8c:8b:f6:48:b1:47:d4: ee:70:e0:22:51:75:90:bd:10:b1:c7:15:77:94:6f: 05:3e:28:d7:a3:ba:d8:b0:b6:12:47:2b:b0:c2:0b: 9a:65:49:ca:51:ff:41:a6:22:33:57:0d:eb:a4:eb: ed:01:95:05:99:65:99:f3:49:bc:dd:b4:25:55:cd: 0b:5f:58:f2:fb:b5:e6:16:c5:11:25:9d:c4:e2:45: 72:7f:56:04:c1:02:68:f3:d3:d4:63:71:94:74:98: 98:04:df:d7:b8:a7:19:bf:d1:06:6e:55:62:f3:8f: 3f:5a:ca:c1:4f:12:d3:70:0e:83:ef:29:d3:18:06: 8b:a2:6b:55:48:cc:80:58:10:bd:68:2a:ef:b9:83: 7f:07:8d:10:26:f9:a0:38:9a:24:c1:cb:81:c7:1a: c4:df:fe:a5:17:be:31:f2:86:7d:c5:7e:c1:7a:c7: 01:0d:70:4e:d3:ec:75:ed:3f:6e:a9:d8:f0:64:a0: 72:fe:c4:b3:fc:30:b2:dd:1c:2d:db:5b:29:7f:35: f1:e5:fe:87:40:af:2e:b4:dc:3e:27:16:22:7d:0c: fb:84:1c:a2:0b:6b:3c:ec:95:63:05:bb:2b:0f:b3: 20:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:CB:C4:F5:5C:F7:A6:10:71:1B:D8:DC:B8:40:8C:C6:12:FB:F4:FD X509v3 Authority Key Identifier: keyid:AD:21:E2:A0:88:7D:80:10:58:83:69:F1:47:85:96:02:84:77:CD:BE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/rSHioIh9gBBYg2nxR4WWAoR3zb4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rSHioIh9gBBYg2nxR4WWAoR3zb4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913344F/94FFBAA0250F11E990DDE36CC4F9AE02/rSHioIh9gBBYg2nxR4WWAoR3zb4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:16:58:75:08:26:25:b0:fa:65:ed:f8:c8:e6:55:10:7a:4b: 02:2d:d4:9c:b6:15:23:17:e4:5c:14:d9:e1:35:a9:8b:2f:46: a7:da:ac:89:33:bf:79:c1:94:06:e5:cc:21:e0:41:18:d5:96: a5:ed:bd:d3:fd:6f:00:03:ab:cd:c8:42:3e:04:64:4d:b7:44: 3b:7c:04:bd:1c:1d:68:bb:53:fa:18:34:c4:6a:68:d0:bb:a5: 28:bf:2d:db:ca:d6:85:63:60:e6:2f:db:19:9a:d2:eb:7e:cc: 16:72:43:82:0d:08:65:0d:96:fd:f3:b0:07:29:1e:bc:e5:ae: 12:81:2a:e0:0c:07:9f:72:25:7b:51:75:f0:37:4e:fe:81:11: 94:78:04:e1:5c:1a:6e:7f:4c:89:37:a4:12:5f:56:ed:9f:c9: 80:9b:95:d1:63:80:a7:8d:c9:11:b8:78:7f:04:97:22:0e:a9: 60:f4:4a:dd:16:7f:5a:fe:cf:fd:85:c9:42:7f:37:e2:e8:6f: 2a:d4:bf:35:fd:9b:6f:d8:49:28:8b:e6:51:da:e7:28:d2:5e: 6e:d5:9c:cf:f1:d0:0c:63:e0:bc:79:21:ca:ca:7f:03:4e:50: cc:ec:14:ff:41:6b:35:92:1b:94:46:62:4e:e9:f1:56:77:8c: 75:91:4a:14 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICELwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzM0NEYxMTAvBgNVBAUTKEFEMjFFMkEwODg3RDgwMTA1ODgzNjlGMTQ3ODU5NjAy ODQ3N0NEQkUwHhcNMjUwNTMwMTcyOTM2WhcNMjUwNjA2MTcyOTM2WjAYMRYwFAYD VQQDEw02ODM5ZWIwMS1kYjY3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn7jq3Pi9L0pSM1i90pVlE77ULPWjfYyL9kixR9TucOAiUXWQvRCxxxV3lG8F PijXo7rYsLYSRyuwwguaZUnKUf9BpiIzVw3rpOvtAZUFmWWZ80m83bQlVc0LX1jy +7XmFsURJZ3E4kVyf1YEwQJo89PUY3GUdJiYBN/XuKcZv9EGblVi848/WsrBTxLT cA6D7ynTGAaLomtVSMyAWBC9aCrvuYN/B40QJvmgOJokwcuBxxrE3/6lF74x8oZ9 xX7BescBDXBO0+x17T9uqdjwZKBy/sSz/DCy3Rwt21spfzXx5f6HQK8utNw+JxYi fQz7hByiC2s87JVjBbsrD7MgFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBvLxPVc 96YQcRvY3LhAjMYS+/T9MB8GA1UdIwQYMBaAFK0h4qCIfYAQWINp8UeFlgKEd82+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMzQ0Ri85NEZGQkFBMDI1 MEYxMUU5OTBEREUzNkNDNEY5QUUwMi9yU0hpb0loOWdCQllnMm54UjRXV0FvUjN6 YjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JTSGlvSWg5Z0JCWWcybnhSNFdXQW9SM3piNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MzQ0Ri85NEZGQkFBMDI1MEYxMUU5OTBEREUzNkNDNEY5QUUwMi9yU0hpb0loOWdC QllnMm54UjRXV0FvUjN6YjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAxFlh1CCYlsPpl7fjI5lUQeksCLdScthUjF+RcFNnhNamLL0an2qyJ M795wZQG5cwh4EEY1Zal7b3T/W8AA6vNyEI+BGRNt0Q7fAS9HB1ou1P6GDTEamjQ u6Uovy3bytaFY2DmL9sZmtLrfswWckOCDQhlDZb987AHKR685a4SgSrgDAefciV7 UXXwN07+gRGUeAThXBpuf0yJN6QSX1btn8mAm5XRY4CnjckRuHh/BJciDqlg9Erd Fn9a/s/9hclCfzfi6G8q1L81/Ztv2Ekoi+ZR2uco0l5u1ZzP8dAMY+C8eSHKyn8D TlDM7BT/QWs1khuURmJO6fFWd4x1kUoU -----END CERTIFICATE-----Generated at Sat May 31 17:03:35 2025 by rpki-client