$ rpki-client -vvf rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/aq89m8Pfo6ElCCll2P8zuBKPKR8.mft File: aq89m8Pfo6ElCCll2P8zuBKPKR8.mft (raw, json) Hash identifier: Gjo9TD1vsBkzmYaSUVVYRykz+6uciKt5A0Sg0UGmvrA= Subject key identifier: 8C:CB:A3:66:FD:62:33:89:A9:65:3A:F3:9B:78:D9:EC:D7:6E:A2:A0 Authority key identifier: 6A:AF:3D:9B:C3:DF:A3:A1:25:08:29:65:D8:FF:33:B8:12:8F:29:1F Certificate issuer: /CN=A91476E2/serialNumber=6AAF3D9BC3DFA3A125082965D8FF33B8128F291F Certificate serial: 57 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aq89m8Pfo6ElCCll2P8zuBKPKR8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/aq89m8Pfo6ElCCll2P8zuBKPKR8.mft Manifest number: 52 Signing time: Sun 01 Jun 2025 07:00:53 +0000 Manifest this update: Sun 01 Jun 2025 07:00:52 +0000 Manifest next update: Sun 08 Jun 2025 07:00:52 +0000 Files and hashes: 1: aq89m8Pfo6ElCCll2P8zuBKPKR8.crl (hash: CgByay17UTKqjuIrXXBEpyiFBQuxGbptf6z0mXvx36s=) 2: 79E40530CB5A11EFA1C64B62C4F9AE02.roa (hash: mbcELb6wZjeLG0BTxotv3DMO41EhI/vPgN4q1POwi8s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/aq89m8Pfo6ElCCll2P8zuBKPKR8.crl rsync://rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/aq89m8Pfo6ElCCll2P8zuBKPKR8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aq89m8Pfo6ElCCll2P8zuBKPKR8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 07:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 87 (0x57) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91476E2, serialNumber=6AAF3D9BC3DFA3A125082965D8FF33B8128F291F Validity Not Before: Jun 1 07:00:52 2025 GMT Not After : Jun 8 07:00:52 2025 GMT Subject: CN=683bfaa4-fd5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:ea:e8:1a:69:71:d1:f0:78:23:e1:dc:99:7a: 67:60:a8:b8:83:e3:1f:b0:57:1e:db:f2:e8:0f:76: 5a:5d:a5:4d:39:e7:c3:5a:c4:7e:4e:a7:d0:b5:2d: b4:1b:66:3d:32:90:88:62:c3:8c:7b:17:ff:ab:65: f3:48:59:28:49:a3:96:42:ec:b0:c6:3f:71:49:ae: 08:0a:3c:b6:56:cb:93:1a:1b:0b:33:d8:7e:75:32: 09:45:d5:b6:c0:33:ee:6a:34:c9:46:04:8a:84:7c: da:69:ed:10:04:90:35:fd:4b:e5:a2:07:4a:12:2d: 96:61:17:b5:69:8f:5a:93:ed:cf:42:94:18:2b:5d: 6f:be:10:c1:50:75:f9:86:38:ed:e3:bf:dc:75:13: b2:c0:7d:ad:a9:58:6d:5c:a5:5b:f7:31:8d:03:26: 78:ad:16:ba:85:ce:a3:59:f0:c6:a1:8a:73:40:84: 3b:ad:27:52:1a:1c:1a:8d:25:66:7c:29:0a:e1:0b: e9:cb:16:79:5d:2d:b6:be:08:f6:c8:b3:18:be:66: 9e:16:46:f2:3e:b4:43:2c:e9:bb:f7:27:2d:16:43: f6:17:3a:c2:f7:71:a7:3b:aa:51:cd:7e:50:d9:eb: b4:b3:83:be:37:96:6d:be:b0:39:28:b0:3f:76:fe: 0e:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:CB:A3:66:FD:62:33:89:A9:65:3A:F3:9B:78:D9:EC:D7:6E:A2:A0 X509v3 Authority Key Identifier: keyid:6A:AF:3D:9B:C3:DF:A3:A1:25:08:29:65:D8:FF:33:B8:12:8F:29:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/aq89m8Pfo6ElCCll2P8zuBKPKR8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/aq89m8Pfo6ElCCll2P8zuBKPKR8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91476E2/3B541F20CB3D11EF8703F75AC4F9AE02/aq89m8Pfo6ElCCll2P8zuBKPKR8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:b9:f5:cc:6c:cc:08:5c:45:73:2c:d6:f5:24:f7:41:5f:46: fb:25:1f:38:ce:75:e8:63:49:20:bd:ff:93:78:20:b1:b3:17: 31:6d:05:12:35:1b:27:24:bd:46:10:34:d0:97:0d:50:59:a6: 6a:14:c7:96:ab:21:a2:f3:6b:69:62:63:ae:c8:4a:57:e0:85: 3a:f0:b7:16:c6:b5:12:8b:b6:13:25:25:77:71:45:02:3f:fc: d9:e9:d2:34:50:fa:cb:f0:87:f7:fe:01:0a:34:9c:7e:c3:6b: be:01:56:f6:ca:19:f7:27:39:2b:8a:5f:d9:82:57:41:8d:09: 9d:e4:e4:33:03:5c:85:20:e8:d5:34:f6:24:6c:c9:a4:93:8c: 1f:67:31:4a:1e:cd:0f:0b:14:af:12:63:03:10:e3:0d:8c:1a: 29:99:69:3e:37:da:b0:7f:f9:6a:8a:06:b1:9f:92:30:1b:e5: 2d:66:9e:d6:46:14:99:e0:ce:65:65:62:24:9d:c8:be:d5:29: 66:6d:4c:ad:f1:df:5b:fd:0a:dc:07:e8:37:23:db:59:22:a1: 6d:fd:25:64:45:75:af:b1:b3:0a:1c:d5:ae:4a:80:b7:d3:53: 05:27:fe:43:23:06:17:cd:a2:a1:bb:17:70:85:29:57:63:6a: 94:32:d9:f4 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBVzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 NzZFMjExMC8GA1UEBRMoNkFBRjNEOUJDM0RGQTNBMTI1MDgyOTY1RDhGRjMzQjgx MjhGMjkxRjAeFw0yNTA2MDEwNzAwNTJaFw0yNTA2MDgwNzAwNTJaMBgxFjAUBgNV BAMTDTY4M2JmYWE0LWZkNWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC76ugaaXHR8Hgj4dyZemdgqLiD4x+wVx7b8ugPdlpdpU0558NaxH5Op9C1LbQb Zj0ykIhiw4x7F/+rZfNIWShJo5ZC7LDGP3FJrggKPLZWy5MaGwsz2H51MglF1bbA M+5qNMlGBIqEfNpp7RAEkDX9S+WiB0oSLZZhF7Vpj1qT7c9ClBgrXW++EMFQdfmG OO3jv9x1E7LAfa2pWG1cpVv3MY0DJnitFrqFzqNZ8MahinNAhDutJ1IaHBqNJWZ8 KQrhC+nLFnldLba+CPbIsxi+Zp4WRvI+tEMs6bv3Jy0WQ/YXOsL3cac7qlHNflDZ 67Szg743lm2+sDkosD92/g4hAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUjMujZv1i M4mpZTrzm3jZ7NduoqAwHwYDVR0jBBgwFoAUaq89m8Pfo6ElCCll2P8zuBKPKR8w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3NkUyLzNCNTQxRjIwQ0Iz RDExRUY4NzAzRjc1QUM0RjlBRTAyL2FxODltOFBmbzZFbENDbGwyUDh6dUJLUEtS OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvYXE4OW04UGZvNkVsQ0NsbDJQOHp1QktQS1I4LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3 NkUyLzNCNTQxRjIwQ0IzRDExRUY4NzAzRjc1QUM0RjlBRTAyL2FxODltOFBmbzZF bENDbGwyUDh6dUJLUEtSOC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAC59cxszAhcRXMs1vUk90FfRvslHzjOdehjSSC9/5N4ILGzFzFtBRI1 GyckvUYQNNCXDVBZpmoUx5arIaLza2liY67ISlfghTrwtxbGtRKLthMlJXdxRQI/ /Nnp0jRQ+svwh/f+AQo0nH7Da74BVvbKGfcnOSuKX9mCV0GNCZ3k5DMDXIUg6NU0 9iRsyaSTjB9nMUoezQ8LFK8SYwMQ4w2MGimZaT432rB/+WqKBrGfkjAb5S1mntZG FJngzmVlYiSdyL7VKWZtTK3x31v9CtwH6Dcj21kioW39JWRFda+xswoc1a5KgLfT UwUn/kMjBhfNoqG7F3CFKVdjapQy2fQ= -----END CERTIFICATE-----Generated at Mon Jun 2 20:24:34 2025 by rpki-client