$ rpki-client -vvf rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft File: 9ES43awaKuycmNiYFhxzSCwu1Ig.mft (raw, json) Hash identifier: nkDnd1F22KXUNchDyQ18H4yGtsqXXneKsD15w0HJ4Jc= Subject key identifier: 11:3A:68:B5:AF:04:96:F3:2D:AB:1D:0B:19:4B:B3:49:FA:AB:36:B9 Authority key identifier: F4:44:B8:DD:AC:1A:2A:EC:9C:98:D8:98:16:1C:73:48:2C:2E:D4:88 Certificate issuer: /CN=A91427E2/serialNumber=F444B8DDAC1A2AEC9C98D898161C73482C2ED488 Certificate serial: 73 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/9ES43awaKuycmNiYFhxzSCwu1Ig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft Manifest number: 72 Signing time: Sun 01 Jun 2025 06:34:33 +0000 Manifest this update: Sun 01 Jun 2025 06:34:32 +0000 Manifest next update: Sun 08 Jun 2025 06:34:32 +0000 Files and hashes: 1: 9ES43awaKuycmNiYFhxzSCwu1Ig.crl (hash: qx+g36SmSE/jKF/1P7ZLG9LOA+BnvrmJPLOwDTJRUBo=) 2: 52EADE54935111EF98AA8C86C4F9AE02.roa (hash: 0fdxeAEBe9WDBbNHH1E08sqfA2VEHdavddZ4/AMBK2M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.crl rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/9ES43awaKuycmNiYFhxzSCwu1Ig.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 06:34:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 115 (0x73) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91427E2, serialNumber=F444B8DDAC1A2AEC9C98D898161C73482C2ED488 Validity Not Before: Jun 1 06:34:32 2025 GMT Not After : Jun 8 06:34:32 2025 GMT Subject: CN=683bf478-2893 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:c8:04:c2:07:59:d6:d4:e4:25:96:80:ea:7c: 69:56:23:d6:a3:33:8f:4a:a4:3b:d4:09:a9:e7:ba: df:26:48:f6:75:d9:7c:33:c6:11:47:26:0b:0d:20: 32:d9:30:80:43:e7:a7:fb:2e:e6:ec:d5:c2:6e:21: f5:f6:4c:66:a9:e9:f4:e2:96:75:97:e2:01:7c:61: 61:7e:ed:af:fe:05:ce:b1:5a:5d:24:b8:60:8a:6b: c1:1a:d2:f8:36:62:75:be:f2:a3:b6:08:3e:3b:9e: 99:84:69:5e:67:d6:98:f6:d2:0d:93:bf:94:2c:e7: f4:d3:f1:92:f9:ec:cc:35:70:d6:de:74:97:3b:25: ee:5c:56:b5:1e:56:ca:a1:b8:79:d0:99:f1:35:cd: 40:27:33:c0:b2:a0:5a:1b:e6:a6:b5:55:aa:df:6c: 12:fd:c3:6b:89:12:15:fc:06:81:cb:5e:88:8c:d9: 31:cb:7a:4f:e6:7e:49:5f:02:6f:9b:47:13:84:bb: 8d:0c:7a:dd:8f:2d:87:94:a5:b9:5d:ca:af:99:99: b0:f5:ed:cd:20:03:fe:a6:c2:f2:f3:c7:23:29:71: 70:34:8f:d1:f1:35:a6:9c:5c:ca:e8:f0:3c:d0:2b: 99:4c:a2:1b:6b:8f:71:10:4b:c3:f2:ae:f8:6d:54: 73:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:3A:68:B5:AF:04:96:F3:2D:AB:1D:0B:19:4B:B3:49:FA:AB:36:B9 X509v3 Authority Key Identifier: keyid:F4:44:B8:DD:AC:1A:2A:EC:9C:98:D8:98:16:1C:73:48:2C:2E:D4:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/9ES43awaKuycmNiYFhxzSCwu1Ig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c5:a8:19:a8:96:ca:f8:1a:e9:16:b2:d6:ed:e9:b0:7b:d6:1d: a6:70:a9:e0:db:27:60:c0:73:11:f3:e1:cd:70:13:9a:5a:3f: 54:5b:c2:e9:37:dd:2a:65:4f:b6:54:8e:3c:e5:86:14:8e:be: e6:11:51:7e:71:2d:a6:dd:eb:ef:da:6b:02:28:37:51:15:11: 00:09:a2:eb:99:4d:65:46:b2:a6:9e:e1:7b:31:7d:9b:6b:4f: 9c:d7:39:08:a8:de:ec:ee:64:72:fb:c3:c9:f9:14:f5:4a:70: 0d:41:82:27:b3:f0:a6:72:94:ba:4d:4c:9e:28:3d:07:61:01: 52:9b:f8:b6:25:88:06:e3:ef:5a:70:26:3a:2b:a6:0b:12:65: 70:23:e3:03:00:7c:14:97:60:16:4c:fa:d1:0a:4c:d1:7c:09: f7:67:41:8f:18:08:8f:0d:3f:da:10:2d:1e:28:e9:5b:66:41: 6d:18:82:9f:99:b1:3a:3b:43:cf:be:34:71:3d:bc:1a:66:18: e4:79:60:b1:dd:68:d2:47:09:17:c7:d9:aa:60:7f:ef:e1:7d: 44:95:19:bb:c6:82:2b:f5:77:54:33:bc:77:b0:4a:e1:21:59: 57:a0:e3:e2:99:35:87:ac:f5:dd:0f:49:a4:ce:0d:1a:95:05: 25:4e:92:51 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBczANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MjdFMjExMC8GA1UEBRMoRjQ0NEI4RERBQzFBMkFFQzlDOThEODk4MTYxQzczNDgy QzJFRDQ4ODAeFw0yNTA2MDEwNjM0MzJaFw0yNTA2MDgwNjM0MzJaMBgxFjAUBgNV BAMTDTY4M2JmNDc4LTI4OTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDJyATCB1nW1OQlloDqfGlWI9ajM49KpDvUCannut8mSPZ12XwzxhFHJgsNIDLZ MIBD56f7Lubs1cJuIfX2TGap6fTilnWX4gF8YWF+7a/+Bc6xWl0kuGCKa8Ea0vg2 YnW+8qO2CD47npmEaV5n1pj20g2Tv5Qs5/TT8ZL57Mw1cNbedJc7Je5cVrUeVsqh uHnQmfE1zUAnM8CyoFob5qa1VarfbBL9w2uJEhX8BoHLXoiM2THLek/mfklfAm+b RxOEu40Met2PLYeUpbldyq+ZmbD17c0gA/6mwvLzxyMpcXA0j9HxNaacXMro8DzQ K5lMohtrj3EQS8PyrvhtVHNdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUETpota8E lvMtqx0LGUuzSfqrNrkwHwYDVR0jBBgwFoAU9ES43awaKuycmNiYFhxzSCwu1Igw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyN0UyLzcwMzFBMUVDOTM1 MDExRUZCQUNFMDA0Q0M0RjlBRTAyLzlFUzQzYXdhS3V5Y21OaVlGaHh6U0N3dTFJ Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvOUVTNDNhd2FLdXljbU5pWUZoeHpTQ3d1MUlnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQy N0UyLzcwMzFBMUVDOTM1MDExRUZCQUNFMDA0Q0M0RjlBRTAyLzlFUzQzYXdhS3V5 Y21OaVlGaHh6U0N3dTFJZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMWoGaiWyvga6Ray1u3psHvWHaZwqeDbJ2DAcxHz4c1wE5paP1Rbwuk3 3SplT7ZUjjzlhhSOvuYRUX5xLabd6+/aawIoN1EVEQAJouuZTWVGsqae4XsxfZtr T5zXOQio3uzuZHL7w8n5FPVKcA1Bgiez8KZylLpNTJ4oPQdhAVKb+LYliAbj71pw JjorpgsSZXAj4wMAfBSXYBZM+tEKTNF8CfdnQY8YCI8NP9oQLR4o6VtmQW0Ygp+Z sTo7Q8++NHE9vBpmGOR5YLHdaNJHCRfH2apgf+/hfUSVGbvGgiv1d1QzvHewSuEh WVeg4+KZNYes9d0PSaTODRqVBSVOklE= -----END CERTIFICATE-----Generated at Mon Jun 2 20:07:30 2025 by rpki-client