$ rpki-client -vvf rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.mft File: ctZbs8rUoJjzb0E3WUzH_sL6KKM.mft (raw, json) Hash identifier: AkWxSErAvA38UqILliaHl9rZtacsy6XZsVXrOu7RJ7o= Subject key identifier: 63:02:DE:2E:B0:6B:38:A2:54:FC:07:01:F2:9E:FD:3E:5E:4B:E9:F5 Authority key identifier: 72:D6:5B:B3:CA:D4:A0:98:F3:6F:41:37:59:4C:C7:FE:C2:FA:28:A3 Certificate issuer: /CN=A913C91D/serialNumber=72D65BB3CAD4A098F36F4137594CC7FEC2FA28A3 Certificate serial: 1070 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ctZbs8rUoJjzb0E3WUzH_sL6KKM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.mft Manifest number: 1067 Signing time: Fri 30 May 2025 17:32:56 +0000 Manifest this update: Fri 30 May 2025 17:32:55 +0000 Manifest next update: Fri 06 Jun 2025 17:32:55 +0000 Files and hashes: 1: ctZbs8rUoJjzb0E3WUzH_sL6KKM.crl (hash: 8GM58y4K9PNEvZAWnl1z+w69tGTIMoVf1reZTjBTEPQ=) 2: 39C6EF3688BF11EABC04973FC4F9AE02.roa (hash: E3ZTe2bEAycjBIVFstyPiPS8lw3hN6h/g285ab56Ew4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.crl rsync://rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ctZbs8rUoJjzb0E3WUzH_sL6KKM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 17:32:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4208 (0x1070) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913C91D, serialNumber=72D65BB3CAD4A098F36F4137594CC7FEC2FA28A3 Validity Not Before: May 30 17:32:55 2025 GMT Not After : Jun 6 17:32:55 2025 GMT Subject: CN=6839ebc7-640a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:af:66:7b:dd:96:85:39:c3:9d:63:cb:66:a8: 8a:bf:c1:3e:c9:13:a7:aa:a3:49:bb:0d:44:fa:5b: 90:f2:bd:45:79:69:6d:0c:bc:49:55:7d:26:ba:03: 5a:f5:b6:e2:18:80:28:3e:e2:3b:4a:16:4b:81:da: 3b:5d:01:fc:a0:17:53:87:d7:db:2e:ac:b5:5d:a1: 86:39:a2:c7:13:aa:55:38:f7:4c:c3:2b:ad:4d:07: 66:1b:67:b6:6e:39:b1:76:58:3c:e7:0c:7e:d9:31: 99:cd:ac:36:b3:d5:a7:31:b7:d5:c1:0f:fc:32:7c: 45:b8:cb:c0:a5:2e:9c:d5:48:f1:d8:9a:b9:5b:2c: 7f:e6:b7:df:b9:20:93:bb:42:9f:56:33:e7:2f:c5: 45:c6:f0:12:3f:09:4e:48:eb:69:37:b2:35:ea:ea: ab:b1:a0:16:5a:15:60:e4:17:c0:45:1f:68:87:dc: fc:d9:a3:27:5d:bc:a1:ed:03:31:14:cb:a9:e5:7a: e5:97:98:36:e9:24:4e:11:45:65:d8:30:e8:19:71: 35:a3:16:cc:8e:58:5b:2f:e7:c1:ea:7b:ee:51:49: 13:8e:3b:5a:9a:bc:5b:73:0b:2a:cb:8f:a9:bb:b9: 9d:ac:67:23:e2:97:61:e4:c4:fd:91:4c:23:4d:8c: ee:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:02:DE:2E:B0:6B:38:A2:54:FC:07:01:F2:9E:FD:3E:5E:4B:E9:F5 X509v3 Authority Key Identifier: keyid:72:D6:5B:B3:CA:D4:A0:98:F3:6F:41:37:59:4C:C7:FE:C2:FA:28:A3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ctZbs8rUoJjzb0E3WUzH_sL6KKM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913C91D/D90CD874358411E99A990228C4F9AE02/ctZbs8rUoJjzb0E3WUzH_sL6KKM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3a:b9:38:bf:f2:fc:85:1f:c8:c5:9b:42:7d:e1:00:41:63:86: 52:16:fe:24:2b:81:af:de:d3:4a:95:d3:51:0e:a6:21:92:1f: 50:84:55:c7:98:cc:4d:72:d7:43:5d:28:4f:9d:c9:04:93:0a: 26:00:c0:86:e8:59:34:7d:af:64:1d:7c:76:1e:71:c5:f4:a8: f1:06:34:11:6a:b6:1e:97:f3:eb:82:b7:38:30:57:dd:cb:ef: 87:a1:0a:8e:2a:f5:4f:ad:0e:c9:85:0d:26:34:ab:14:fb:10: 4e:44:a4:d5:0b:a1:d6:5d:27:7f:b5:ba:aa:20:77:9f:e6:f2: 94:a4:bd:e1:c8:27:fb:97:eb:ad:c4:a0:42:43:65:34:ab:2b: 86:10:8a:23:88:6e:ae:b7:5d:49:93:27:a7:de:b0:76:1c:cc: 97:1e:e9:17:7d:e3:b6:7c:81:71:e8:ca:99:23:68:73:f1:1b: c3:53:fd:59:a6:5c:4a:c0:ac:12:28:47:df:8e:e0:6e:67:48: 39:0f:32:82:a3:2f:17:db:6d:5f:40:25:43:22:d1:00:98:86: e7:6f:d3:92:80:a9:31:8b:5d:75:78:94:8e:f2:0e:73:31:01: a9:9a:ad:ee:d4:fe:29:78:35:78:44:b1:1e:08:cc:5f:86:a1: 5e:f6:4a:61 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEHAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0M5MUQxMTAvBgNVBAUTKDcyRDY1QkIzQ0FENEEwOThGMzZGNDEzNzU5NENDN0ZF QzJGQTI4QTMwHhcNMjUwNTMwMTczMjU1WhcNMjUwNjA2MTczMjU1WjAYMRYwFAYD VQQDEw02ODM5ZWJjNy02NDBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu69me92WhTnDnWPLZqiKv8E+yROnqqNJuw1E+luQ8r1FeWltDLxJVX0mugNa 9bbiGIAoPuI7ShZLgdo7XQH8oBdTh9fbLqy1XaGGOaLHE6pVOPdMwyutTQdmG2e2 bjmxdlg85wx+2TGZzaw2s9WnMbfVwQ/8MnxFuMvApS6c1Ujx2Jq5Wyx/5rffuSCT u0KfVjPnL8VFxvASPwlOSOtpN7I16uqrsaAWWhVg5BfARR9oh9z82aMnXbyh7QMx FMup5Xrll5g26SROEUVl2DDoGXE1oxbMjlhbL+fB6nvuUUkTjjtamrxbcwsqy4+p u7mdrGcj4pdh5MT9kUwjTYzu5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGMC3i6w aziiVPwHAfKe/T5eS+n1MB8GA1UdIwQYMBaAFHLWW7PK1KCY829BN1lMx/7C+iij MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQzkxRC9EOTBDRDg3NDM1 ODQxMUU5OUE5OTAyMjhDNEY5QUUwMi9jdFpiczhyVW9KanpiMEUzV1V6SF9zTDZL S00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2N0WmJzOHJVb0pqemIwRTNXVXpIX3NMNktLTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QzkxRC9EOTBDRDg3NDM1ODQxMUU5OUE5OTAyMjhDNEY5QUUwMi9jdFpiczhyVW9K anpiMEUzV1V6SF9zTDZLS00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA6uTi/8vyFH8jFm0J94QBBY4ZSFv4kK4Gv3tNKldNRDqYhkh9QhFXH mMxNctdDXShPnckEkwomAMCG6Fk0fa9kHXx2HnHF9KjxBjQRarYel/Prgrc4MFfd y++HoQqOKvVPrQ7JhQ0mNKsU+xBORKTVC6HWXSd/tbqqIHef5vKUpL3hyCf7l+ut xKBCQ2U0qyuGEIojiG6ut11Jkyen3rB2HMyXHukXfeO2fIFx6MqZI2hz8RvDU/1Z plxKwKwSKEffjuBuZ0g5DzKCoy8X221fQCVDItEAmIbnb9OSgKkxi111eJSO8g5z MQGpmq3u1P4peDV4RLEeCMxfhqFe9kph -----END CERTIFICATE-----Generated at Sat May 31 17:14:45 2025 by rpki-client