$ rpki-client -vvf rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/iH4RB6g_EXT_fj54CIjbVyO3kls.mft File: iH4RB6g_EXT_fj54CIjbVyO3kls.mft (raw, json) Hash identifier: QTVotsO14HB8gFxOesqcSrdYC2UsLuWihE+V8Q0JfK0= Subject key identifier: 66:C3:53:F4:E6:B6:08:D9:FB:DA:5C:AB:03:92:AF:34:D1:9B:FF:68 Authority key identifier: 88:7E:11:07:A8:3F:11:74:FF:7E:3E:78:08:88:DB:57:23:B7:92:5B Certificate issuer: /CN=A9155806/serialNumber=887E1107A83F1174FF7E3E780888DB5723B7925B Certificate serial: 96 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iH4RB6g_EXT_fj54CIjbVyO3kls.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/iH4RB6g_EXT_fj54CIjbVyO3kls.mft Manifest number: 90 Signing time: Sun 01 Jun 2025 06:15:57 +0000 Manifest this update: Sun 01 Jun 2025 06:15:56 +0000 Manifest next update: Sun 08 Jun 2025 06:15:56 +0000 Files and hashes: 1: iH4RB6g_EXT_fj54CIjbVyO3kls.crl (hash: TMOKkdTJb69qV9l+JkPPz5oZMB+CD2zbN/pCsPPiUTI=) 2: 10435EE8740511EF93658977C4F9AE02.roa (hash: xmMmx42YHDQ1ahK54oeYt43Mx+x7gEXdRkvJnhnT9V4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/iH4RB6g_EXT_fj54CIjbVyO3kls.crl rsync://rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/iH4RB6g_EXT_fj54CIjbVyO3kls.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iH4RB6g_EXT_fj54CIjbVyO3kls.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 06:15:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 150 (0x96) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9155806, serialNumber=887E1107A83F1174FF7E3E780888DB5723B7925B Validity Not Before: Jun 1 06:15:56 2025 GMT Not After : Jun 8 06:15:56 2025 GMT Subject: CN=683bf01c-c991 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:50:8a:03:3f:f0:f9:96:46:41:bc:86:3a:fa: 8d:a1:ab:88:d4:23:0d:82:eb:fd:39:94:59:94:ce: e7:be:3c:cc:eb:cc:cc:48:f4:c1:55:cb:fd:46:82: 80:39:5b:f7:2a:43:c3:f5:c5:d7:e2:27:24:7d:0a: 07:80:d4:3c:1b:4a:4f:8c:85:ba:0f:ba:31:c2:be: 5a:72:34:cf:04:6e:a2:2c:47:b4:76:b5:ff:9b:8b: 5d:83:6e:7c:be:35:b0:9e:65:38:35:f8:b9:d1:08: ee:e5:15:f3:f4:24:05:bc:ea:93:d5:ed:59:ab:a1: 6f:a8:89:00:64:66:4d:46:94:27:14:08:6c:02:8d: b7:f5:19:5a:79:10:82:4f:b2:16:55:e5:6a:bc:b5: 61:91:75:00:58:82:a3:86:34:a0:8d:08:cc:3f:c1: e8:a3:f7:73:df:35:85:a9:cf:d5:57:46:f6:e1:f3: 25:a1:82:4a:65:f2:10:c9:6a:27:47:e4:c8:ac:60: d9:98:42:da:85:08:d1:04:ce:e9:fd:f5:ad:8f:91: 70:9d:62:a7:a6:bc:29:eb:ec:a1:eb:07:72:44:b0: cf:24:b3:fe:03:5e:56:14:3c:22:d8:a6:a6:ea:02: b0:e3:f7:98:a6:8a:21:fc:7a:02:da:f1:3d:db:60: 7f:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:C3:53:F4:E6:B6:08:D9:FB:DA:5C:AB:03:92:AF:34:D1:9B:FF:68 X509v3 Authority Key Identifier: keyid:88:7E:11:07:A8:3F:11:74:FF:7E:3E:78:08:88:DB:57:23:B7:92:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/iH4RB6g_EXT_fj54CIjbVyO3kls.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iH4RB6g_EXT_fj54CIjbVyO3kls.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9155806/C739BAEE6E9111EFA62B4C3FC4F9AE02/iH4RB6g_EXT_fj54CIjbVyO3kls.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 57:72:5a:85:c2:e1:c7:b4:24:ce:5a:c2:5a:a8:f1:8a:8b:e2: 65:4d:80:0e:db:f9:10:71:cc:33:a1:63:d9:f9:2e:35:a9:b5: 1a:b9:f0:38:11:51:44:a0:d7:0b:f5:ba:32:d3:31:2c:09:d5: ae:5d:fa:77:fe:fa:4a:7a:14:8f:b4:a5:c9:8c:b1:62:d9:41: ae:7f:d3:d8:b9:ce:6f:e4:a2:45:57:3e:ff:f7:bf:9e:b5:99: 17:4d:e5:55:c9:2c:75:62:bf:20:01:a3:93:8a:85:69:c0:ed: 89:7c:ad:45:ac:3b:1c:cd:58:be:11:db:c5:96:e4:09:0a:c9: 7b:29:3e:e4:dd:1a:c2:96:a4:5b:0e:95:6f:a2:e9:fc:c2:f9: 1d:dd:10:53:cc:f6:a6:a2:8b:e4:c6:ef:a7:01:2e:c0:2a:bc: 65:76:aa:2f:be:87:ae:6e:06:50:22:e5:0f:3f:83:33:f3:f8: 64:d2:d0:41:af:c7:52:bb:ff:52:5c:6f:01:d4:75:ca:ec:4a: 5d:eb:bf:f1:73:bc:58:fa:6b:8d:2f:fb:45:35:ef:9a:3f:45: 86:e7:b6:1a:8c:af:50:7f:54:f2:e6:e8:89:7d:99:fe:92:1f: 51:52:de:f6:ea:36:5a:3e:66:45:9a:fd:e9:d8:b2:d3:91:5b: b7:7d:ba:78 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTU4MDYxMTAvBgNVBAUTKDg4N0UxMTA3QTgzRjExNzRGRjdFM0U3ODA4ODhEQjU3 MjNCNzkyNUIwHhcNMjUwNjAxMDYxNTU2WhcNMjUwNjA4MDYxNTU2WjAYMRYwFAYD VQQDEw02ODNiZjAxYy1jOTkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4lCKAz/w+ZZGQbyGOvqNoauI1CMNguv9OZRZlM7nvjzM68zMSPTBVcv9RoKA OVv3KkPD9cXX4ickfQoHgNQ8G0pPjIW6D7oxwr5acjTPBG6iLEe0drX/m4tdg258 vjWwnmU4Nfi50Qju5RXz9CQFvOqT1e1Zq6FvqIkAZGZNRpQnFAhsAo239RlaeRCC T7IWVeVqvLVhkXUAWIKjhjSgjQjMP8Hoo/dz3zWFqc/VV0b24fMloYJKZfIQyWon R+TIrGDZmELahQjRBM7p/fWtj5FwnWKnprwp6+yh6wdyRLDPJLP+A15WFDwi2Kam 6gKw4/eYpooh/HoC2vE922B/XQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGbDU/Tm tgjZ+9pcqwOSrzTRm/9oMB8GA1UdIwQYMBaAFIh+EQeoPxF0/34+eAiI21cjt5Jb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTgwNi9DNzM5QkFFRTZF OTExMUVGQTYyQjRDM0ZDNEY5QUUwMi9pSDRSQjZnX0VYVF9majU0Q0lqYlZ5TzNr bHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2lINFJCNmdfRVhUX2ZqNTRDSWpiVnlPM2tscy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NTgwNi9DNzM5QkFFRTZFOTExMUVGQTYyQjRDM0ZDNEY5QUUwMi9pSDRSQjZnX0VY VF9majU0Q0lqYlZ5TzNrbHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBXclqFwuHHtCTOWsJaqPGKi+JlTYAO2/kQccwzoWPZ+S41qbUaufA4 EVFEoNcL9boy0zEsCdWuXfp3/vpKehSPtKXJjLFi2UGuf9PYuc5v5KJFVz7/97+e tZkXTeVVySx1Yr8gAaOTioVpwO2JfK1FrDsczVi+EdvFluQJCsl7KT7k3RrClqRb DpVvoun8wvkd3RBTzPamoovkxu+nAS7AKrxldqovvoeubgZQIuUPP4Mz8/hk0tBB r8dSu/9SXG8B1HXK7Epd67/xc7xY+muNL/tFNe+aP0WG57YajK9Qf1Ty5uiJfZn+ kh9RUt726jZaPmZFmv3p2LLTkVu3fbp4 -----END CERTIFICATE-----Generated at Mon Jun 2 20:07:29 2025 by rpki-client