$ rpki-client -vvf rpki.apnic.net/member_repository/A914E3F5/811B604C763111EA9715F860C4F9AE02/8bck5A2FxU9R1iHHL4lskXXJsRk.mft File: 8bck5A2FxU9R1iHHL4lskXXJsRk.mft (raw, json) Hash identifier: tuQb1TdzUH8aVDD7hVXuGO9BzmocBKABUPQKFuj0xsU= Subject key identifier: 01:1C:9E:73:77:D5:83:A0:16:A3:C8:18:95:CF:D9:2D:A5:A9:35:25 Authority key identifier: F1:B7:24:E4:0D:85:C5:4F:51:D6:21:C7:2F:89:6C:91:75:C9:B1:19 Certificate issuer: /CN=A914E3F5/serialNumber=F1B724E40D85C54F51D621C72F896C9175C9B119 Certificate serial: 0A07 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8bck5A2FxU9R1iHHL4lskXXJsRk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E3F5/811B604C763111EA9715F860C4F9AE02/8bck5A2FxU9R1iHHL4lskXXJsRk.mft Manifest number: 0A00 Signing time: Fri 30 May 2025 20:02:40 +0000 Manifest this update: Fri 30 May 2025 20:02:40 +0000 Manifest next update: Fri 06 Jun 2025 20:02:40 +0000 Files and hashes: 1: 8bck5A2FxU9R1iHHL4lskXXJsRk.crl (hash: bFdXdXcMVOYzKU3YknlD4xOD+ysH7KuB+ExN5ovKiXI=) 2: 354725E6763311EABAE64466C4F9AE02.roa (hash: Cq3lv6Zk0IbD7VRfp29jZdbfC7fvyWbXvi/cd+0Sx0c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E3F5/811B604C763111EA9715F860C4F9AE02/8bck5A2FxU9R1iHHL4lskXXJsRk.crl rsync://rpki.apnic.net/member_repository/A914E3F5/811B604C763111EA9715F860C4F9AE02/8bck5A2FxU9R1iHHL4lskXXJsRk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8bck5A2FxU9R1iHHL4lskXXJsRk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 20:02:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2567 (0xa07) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E3F5, serialNumber=F1B724E40D85C54F51D621C72F896C9175C9B119 Validity Not Before: May 30 20:02:40 2025 GMT Not After : Jun 6 20:02:40 2025 GMT Subject: CN=683a0ee0-b94c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:81:54:f5:9a:f0:c4:49:ef:f6:b8:86:1d:db: 69:dc:8b:49:11:d7:45:5b:82:4a:e3:55:e7:c1:42: fe:63:c5:0e:d3:0c:61:10:34:53:97:a0:27:94:f5: 09:ee:fa:05:5c:83:43:f1:bd:69:a6:7a:5a:d9:27: aa:1c:64:f9:56:11:d1:c6:3f:d3:9d:5e:76:66:e9: c6:a0:7a:65:c4:5a:5d:3c:42:47:14:f6:04:2c:14: 77:cd:13:d0:68:8c:54:e9:11:c8:b6:65:3f:49:b7: 63:69:95:11:3e:7b:32:dc:ae:3b:98:98:9a:22:ed: 31:9c:fd:2a:24:22:b4:d7:40:57:c8:8f:d6:b5:3b: d5:b6:47:a9:eb:4e:47:7e:7e:f9:bb:db:a3:ec:c1: ca:09:5f:08:c0:53:ed:10:40:40:be:0a:8c:b6:ad: e1:e3:2f:5e:a7:7d:ce:7f:a8:6c:1d:f3:34:5d:d8: 90:5e:6f:5b:8f:de:42:bd:ff:ca:1e:70:b5:66:fb: 54:e3:c8:0c:bb:45:fe:cf:97:e9:9e:0d:1a:82:43: 98:46:81:90:3d:6b:55:e4:13:6b:24:b2:5e:65:c5: ee:4f:0a:cd:84:43:19:9a:49:95:c0:3d:2b:b9:cb: 05:9c:66:01:7d:fa:08:3f:50:fb:92:6a:dc:87:6d: 8f:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:1C:9E:73:77:D5:83:A0:16:A3:C8:18:95:CF:D9:2D:A5:A9:35:25 X509v3 Authority Key Identifier: keyid:F1:B7:24:E4:0D:85:C5:4F:51:D6:21:C7:2F:89:6C:91:75:C9:B1:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E3F5/811B604C763111EA9715F860C4F9AE02/8bck5A2FxU9R1iHHL4lskXXJsRk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8bck5A2FxU9R1iHHL4lskXXJsRk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E3F5/811B604C763111EA9715F860C4F9AE02/8bck5A2FxU9R1iHHL4lskXXJsRk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6f:82:6c:5e:ec:25:4a:7a:40:75:4e:50:34:ab:49:20:f9:5c: 7e:52:f0:36:7d:46:b5:b2:49:ee:fd:95:c3:99:38:cd:2d:1e: 96:15:66:0e:80:f0:45:e0:42:9a:bc:af:b4:87:bf:48:4b:f4: c5:e4:20:0c:c3:df:13:b0:fa:fb:cc:e9:65:93:b7:36:46:e4: fd:79:c9:65:79:c5:b1:a5:fc:29:dc:bc:41:91:d3:43:cc:94: 1a:8b:e3:31:70:e2:a1:a3:e5:00:78:f9:e1:99:60:ef:f0:ce: 7b:7b:20:a1:e8:04:a7:30:db:62:44:b2:a0:7f:03:dd:3f:6f: e5:77:f0:da:91:4c:86:45:41:7d:8d:bf:b9:25:54:0e:11:8f: 88:8e:77:b5:58:92:47:11:ff:38:a6:5a:8f:ee:be:df:bc:dd: 46:9c:40:aa:76:22:92:cc:fe:e1:54:fb:09:14:b8:1d:0b:0a: cc:08:3d:a7:05:a1:f1:f0:63:ab:ec:ca:89:57:71:4e:6a:d2: 23:6f:6f:d2:9d:be:70:1c:1d:ae:8d:33:1f:f0:5c:d8:b3:ca: 1e:01:42:38:4f:cf:f5:d9:8d:e2:f1:36:57:88:4f:9b:d5:d4: b8:36:f4:dd:f4:48:95:58:ee:e2:a3:be:8b:e2:9e:74:d6:f7: e1:43:6b:c0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCgcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEUzRjUxMTAvBgNVBAUTKEYxQjcyNEU0MEQ4NUM1NEY1MUQ2MjFDNzJGODk2Qzkx NzVDOUIxMTkwHhcNMjUwNTMwMjAwMjQwWhcNMjUwNjA2MjAwMjQwWjAYMRYwFAYD VQQDEw02ODNhMGVlMC1iOTRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtoFU9ZrwxEnv9riGHdtp3ItJEddFW4JK41XnwUL+Y8UO0wxhEDRTl6AnlPUJ 7voFXIND8b1ppnpa2SeqHGT5VhHRxj/TnV52ZunGoHplxFpdPEJHFPYELBR3zRPQ aIxU6RHItmU/SbdjaZURPnsy3K47mJiaIu0xnP0qJCK010BXyI/WtTvVtkep605H fn75u9uj7MHKCV8IwFPtEEBAvgqMtq3h4y9ep33Of6hsHfM0XdiQXm9bj95Cvf/K HnC1ZvtU48gMu0X+z5fpng0agkOYRoGQPWtV5BNrJLJeZcXuTwrNhEMZmkmVwD0r ucsFnGYBffoIP1D7kmrch22P5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAEcnnN3 1YOgFqPIGJXP2S2lqTUlMB8GA1UdIwQYMBaAFPG3JOQNhcVPUdYhxy+JbJF1ybEZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTNGNS84MTFCNjA0Qzc2 MzExMUVBOTcxNUY4NjBDNEY5QUUwMi84YmNrNUEyRnhVOVIxaUhITDRsc2tYWEpz UmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhiY2s1QTJGeFU5UjFpSEhMNGxza1hYSnNSay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTNGNS84MTFCNjA0Qzc2MzExMUVBOTcxNUY4NjBDNEY5QUUwMi84YmNrNUEyRnhV OVIxaUhITDRsc2tYWEpzUmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBvgmxe7CVKekB1TlA0q0kg+Vx+UvA2fUa1sknu/ZXDmTjNLR6WFWYO gPBF4EKavK+0h79IS/TF5CAMw98TsPr7zOllk7c2RuT9ecllecWxpfwp3LxBkdND zJQai+MxcOKho+UAePnhmWDv8M57eyCh6ASnMNtiRLKgfwPdP2/ld/DakUyGRUF9 jb+5JVQOEY+Ijne1WJJHEf84plqP7r7fvN1GnECqdiKSzP7hVPsJFLgdCwrMCD2n BaHx8GOr7MqJV3FOatIjb2/Snb5wHB2ujTMf8FzYs8oeAUI4T8/12Y3i8TZXiE+b 1dS4NvTd9EiVWO7io76L4p501vfhQ2vA -----END CERTIFICATE-----Generated at Sat May 31 16:45:42 2025 by rpki-client