$ rpki-client -vvf rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft File: 68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft (raw, json) Hash identifier: TUFklHPjDQhCFhf4yqQi+CX4Vw4g4q1gem4x2Ukm8g4= Subject key identifier: 4D:81:74:24:F2:A1:A7:58:68:75:FB:B0:BF:D3:FD:A8:B2:C9:60:56 Authority key identifier: EB:C3:D7:FC:FB:13:4F:53:8F:C1:9F:98:AD:89:8C:0F:3F:07:4F:20 Certificate issuer: /CN=A91525A9/serialNumber=EBC3D7FCFB134F538FC19F98AD898C0F3F074F20 Certificate serial: 01BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/68PX_PsTT1OPwZ-YrYmMDz8HTyA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft Manifest number: 01B2 Signing time: Sat 31 May 2025 02:55:22 +0000 Manifest this update: Sat 31 May 2025 02:55:22 +0000 Manifest next update: Sat 07 Jun 2025 02:55:21 +0000 Files and hashes: 1: 68PX_PsTT1OPwZ-YrYmMDz8HTyA.crl (hash: VFoMGV97LdMuUnBeJAsi+php6BOdPfztc5lZ1zTS4Dk=) 2: 98152E6C480111EFB2976238C4F9AE02.roa (hash: gp0c0TAvNcGzlWuq4DB/NpWsaDumiulUkd34eH+poTQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.crl rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/68PX_PsTT1OPwZ-YrYmMDz8HTyA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 02:55:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 445 (0x1bd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91525A9, serialNumber=EBC3D7FCFB134F538FC19F98AD898C0F3F074F20 Validity Not Before: May 31 02:55:22 2025 GMT Not After : Jun 7 02:55:21 2025 GMT Subject: CN=683a6f9a-9ded Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:83:c6:38:78:a0:1a:55:5e:82:0b:36:7d:20: 6c:3c:02:af:11:c6:05:39:fc:1a:b7:39:5d:8a:80: 68:73:61:e2:f4:79:8f:17:ef:56:5b:e8:9e:52:50: ce:aa:00:38:0a:a8:f4:0e:08:36:6c:01:da:5b:ff: 26:2f:ca:dd:38:db:73:82:ac:de:d2:ce:35:0e:ff: 63:39:c8:c3:7d:4a:6c:38:3d:27:81:74:85:a5:cd: c2:11:6c:02:74:b5:26:2e:33:21:03:5b:8b:42:4a: 00:84:11:d1:50:b6:9c:28:d0:ac:72:09:08:d4:29: 43:4f:8c:38:ba:47:75:31:ac:d9:cb:b7:52:f4:1d: 0d:98:6e:6d:0c:5f:2c:36:9b:1c:91:f4:ce:58:29: 3b:d1:61:a0:d1:09:8f:69:67:52:a1:37:18:0c:bb: 01:b0:7b:a8:af:b9:08:90:09:de:01:57:1a:de:b6: 0e:4e:e5:0b:a1:cf:2c:51:0d:62:d8:38:34:60:f2: 59:c7:62:be:dc:d8:57:f2:64:6c:a8:84:6e:c3:57: f9:04:52:23:0d:be:c8:7e:87:e2:af:5e:3f:dc:bd: 35:7c:0d:18:46:c9:8a:91:af:00:ce:25:28:ef:33: 61:54:62:0d:d7:da:77:0e:18:20:3d:c3:15:1c:21: 4f:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:81:74:24:F2:A1:A7:58:68:75:FB:B0:BF:D3:FD:A8:B2:C9:60:56 X509v3 Authority Key Identifier: keyid:EB:C3:D7:FC:FB:13:4F:53:8F:C1:9F:98:AD:89:8C:0F:3F:07:4F:20 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/68PX_PsTT1OPwZ-YrYmMDz8HTyA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91525A9/2618840EB14311ED87D07678C4F9AE02/68PX_PsTT1OPwZ-YrYmMDz8HTyA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:9c:88:82:9c:72:f0:94:96:93:9d:a3:bc:86:3d:a2:5c:46: 4f:49:ce:22:ca:3e:0e:22:16:8c:c8:72:fd:55:f0:fb:e6:a8: d0:f8:24:da:91:dc:6a:a8:9c:f7:62:ca:8c:de:c0:c9:1b:76: 48:54:6e:ba:b4:45:5d:e8:6c:07:44:e0:b9:04:90:d5:68:5a: b0:04:7f:ce:ce:09:a4:46:8f:31:5f:f0:8e:0c:e8:06:ca:23: f2:9e:27:e3:4b:30:7f:0e:f7:e1:ae:7b:e2:12:0f:6a:3d:03: 46:00:b4:1e:a9:fc:cc:5f:3b:2a:1c:83:b0:4e:19:46:19:31: 4a:e8:4a:94:14:ad:a2:81:7e:ab:17:d3:5d:a6:dc:10:a5:d8: bf:4c:7e:d6:bc:90:19:e2:94:ad:a3:15:50:20:49:5e:6c:b7: c2:bc:9d:c1:2c:3a:11:90:a9:ce:48:4b:44:ed:94:28:6b:0a: 14:ab:3d:f2:1f:f4:c7:5e:be:37:96:cd:c8:9b:4d:53:ee:9a: 6a:8e:79:bc:8d:d5:02:e5:90:2d:28:3a:e0:66:8d:8e:7b:f8: d2:c8:0d:c3:6f:9c:fc:86:20:01:9d:94:8f:d2:5c:d6:4d:f4: 35:5a:4f:ec:e3:0d:38:cf:46:d6:e5:53:73:f3:c1:30:5e:69: ad:39:aa:78 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAb0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTI1QTkxMTAvBgNVBAUTKEVCQzNEN0ZDRkIxMzRGNTM4RkMxOUY5OEFEODk4QzBG M0YwNzRGMjAwHhcNMjUwNTMxMDI1NTIyWhcNMjUwNjA3MDI1NTIxWjAYMRYwFAYD VQQDEw02ODNhNmY5YS05ZGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1YPGOHigGlVeggs2fSBsPAKvEcYFOfwatzldioBoc2Hi9HmPF+9WW+ieUlDO qgA4Cqj0Dgg2bAHaW/8mL8rdONtzgqze0s41Dv9jOcjDfUpsOD0ngXSFpc3CEWwC dLUmLjMhA1uLQkoAhBHRULacKNCscgkI1ClDT4w4ukd1MazZy7dS9B0NmG5tDF8s NpsckfTOWCk70WGg0QmPaWdSoTcYDLsBsHuor7kIkAneAVca3rYOTuULoc8sUQ1i 2Dg0YPJZx2K+3NhX8mRsqIRuw1f5BFIjDb7Ifofir14/3L01fA0YRsmKka8AziUo 7zNhVGIN19p3DhggPcMVHCFPawIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE2BdCTy oadYaHX7sL/T/aiyyWBWMB8GA1UdIwQYMBaAFOvD1/z7E09Tj8GfmK2JjA8/B08g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjVBOS8yNjE4ODQwRUIx NDMxMUVEODdEMDc2NzhDNEY5QUUwMi82OFBYX1BzVFQxT1B3Wi1ZclltTUR6OEhU eUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzY4UFhfUHNUVDFPUHdaLVlyWW1NRHo4SFR5QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MjVBOS8yNjE4ODQwRUIxNDMxMUVEODdEMDc2NzhDNEY5QUUwMi82OFBYX1BzVFQx T1B3Wi1ZclltTUR6OEhUeUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBznIiCnHLwlJaTnaO8hj2iXEZPSc4iyj4OIhaMyHL9VfD75qjQ+CTa kdxqqJz3YsqM3sDJG3ZIVG66tEVd6GwHROC5BJDVaFqwBH/OzgmkRo8xX/CODOgG yiPynifjSzB/DvfhrnviEg9qPQNGALQeqfzMXzsqHIOwThlGGTFK6EqUFK2igX6r F9NdptwQpdi/TH7WvJAZ4pStoxVQIElebLfCvJ3BLDoRkKnOSEtE7ZQoawoUqz3y H/THXr43ls3Im01T7ppqjnm8jdUC5ZAtKDrgZo2Oe/jSyA3Db5z8hiABnZSP0lzW TfQ1Wk/s4w04z0bW5VNz88EwXmmtOap4 -----END CERTIFICATE-----Generated at Sat May 31 17:42:42 2025 by rpki-client