$ rpki-client -vvf rpki.apnic.net/member_repository/A91565C6/D265B0C6F41F11EF81708868C4F9AE02/zVNcfrMaQKP9uKxNXVd6-dbFiEg.mft File: zVNcfrMaQKP9uKxNXVd6-dbFiEg.mft (raw, json) Hash identifier: 3kARTuLVZr3OYWjFK0idwWNTql/K1uU1j1JPahLoNtU= Subject key identifier: D8:93:DD:29:10:05:FA:1C:73:D0:E9:B8:47:1A:BE:D6:D3:F4:B1:0A Authority key identifier: CD:53:5C:7E:B3:1A:40:A3:FD:B8:AC:4D:5D:57:7A:F9:D6:C5:88:48 Certificate issuer: /CN=A91565C6/serialNumber=CD535C7EB31A40A3FDB8AC4D5D577AF9D6C58848 Certificate serial: 34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zVNcfrMaQKP9uKxNXVd6-dbFiEg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91565C6/D265B0C6F41F11EF81708868C4F9AE02/zVNcfrMaQKP9uKxNXVd6-dbFiEg.mft Manifest number: 32 Signing time: Sat 31 May 2025 07:12:49 +0000 Manifest this update: Sat 31 May 2025 07:12:48 +0000 Manifest next update: Sat 07 Jun 2025 07:12:48 +0000 Files and hashes: 1: zVNcfrMaQKP9uKxNXVd6-dbFiEg.crl (hash: jBTPaQuY+nzNh9fPD683RIBors8Kitlw0lDaEeTzex8=) 2: 296C92D0F5B611EFB7E6426EC4F9AE02.roa (hash: DAG2avo3wM4Iv7tiFSCw0I7iwE7NYk5jbcu93twLDNo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91565C6/D265B0C6F41F11EF81708868C4F9AE02/zVNcfrMaQKP9uKxNXVd6-dbFiEg.crl rsync://rpki.apnic.net/member_repository/A91565C6/D265B0C6F41F11EF81708868C4F9AE02/zVNcfrMaQKP9uKxNXVd6-dbFiEg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zVNcfrMaQKP9uKxNXVd6-dbFiEg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:12:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52 (0x34) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91565C6, serialNumber=CD535C7EB31A40A3FDB8AC4D5D577AF9D6C58848 Validity Not Before: May 31 07:12:48 2025 GMT Not After : Jun 7 07:12:48 2025 GMT Subject: CN=683aabf0-b114 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:84:2c:a9:e3:f0:a8:66:ef:3e:48:73:cf:17: 23:c3:b8:ff:46:06:2c:1a:48:1e:a0:45:fb:b3:51: 10:38:4d:e1:74:52:e5:ab:81:3c:dd:6e:f5:12:60: 91:dc:92:16:8b:d8:65:e8:ac:5a:81:28:b7:92:e8: 94:15:a6:df:94:06:d6:7a:a3:6d:94:8f:76:1e:e2: ca:4a:59:d5:17:68:74:94:d7:9e:b7:84:28:d8:0b: 22:e0:a8:55:ba:15:85:09:d5:be:5d:53:75:58:3d: 3c:b0:24:4a:4a:17:b5:f8:da:1c:ef:93:0d:41:b5: 5d:ab:e4:68:17:c0:83:3c:9a:4e:8c:6e:83:cb:6b: 6c:9c:45:f3:9e:6c:56:30:35:99:a7:0b:ea:05:16: 1a:dd:1b:85:ea:33:f8:97:0f:7e:6e:60:9a:fc:fa: d3:ef:06:b1:68:be:db:88:f0:f5:2b:e0:38:20:4c: 3d:5b:9f:ba:cd:98:c9:e2:1e:9a:19:86:05:c7:aa: ef:fc:72:db:cc:d7:0b:35:82:42:d8:87:2f:33:89: 53:6b:74:49:76:8a:6f:b5:27:da:9c:9f:63:37:b4: 5d:6b:b2:65:8e:62:93:05:1d:0e:4b:32:23:42:de: 31:a9:a9:b2:90:6d:d1:62:a5:5d:89:8c:54:a0:ab: 92:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:93:DD:29:10:05:FA:1C:73:D0:E9:B8:47:1A:BE:D6:D3:F4:B1:0A X509v3 Authority Key Identifier: keyid:CD:53:5C:7E:B3:1A:40:A3:FD:B8:AC:4D:5D:57:7A:F9:D6:C5:88:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91565C6/D265B0C6F41F11EF81708868C4F9AE02/zVNcfrMaQKP9uKxNXVd6-dbFiEg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zVNcfrMaQKP9uKxNXVd6-dbFiEg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91565C6/D265B0C6F41F11EF81708868C4F9AE02/zVNcfrMaQKP9uKxNXVd6-dbFiEg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:1f:38:3b:be:51:61:2c:51:3d:b5:09:15:bf:35:96:fd:35: 32:62:80:4a:c1:e5:1b:dc:cb:7d:c0:63:f8:38:97:d7:11:59: 51:b6:6d:73:31:da:65:5c:18:1f:cb:42:ca:d3:a5:81:6c:86: c7:2e:92:fb:a4:75:33:74:66:d4:28:78:0f:44:6f:8a:73:d1: bb:72:85:a7:0d:3e:ed:a4:b6:5e:b0:8c:4a:12:d3:26:1c:69: dc:f0:da:e7:59:dc:73:17:10:ad:b2:7b:4d:3b:e1:47:d7:b9: 48:e8:47:d2:cf:43:5d:bf:bb:e3:76:27:65:b1:79:dd:49:54: 28:fd:71:ed:2c:ed:77:59:9e:6e:d2:ca:a2:2d:87:a0:0c:df: 27:e3:fc:8f:79:b3:c5:1d:47:d7:ff:14:4d:04:6d:7b:d3:43: ef:6a:c5:1e:43:de:74:99:1d:a3:d0:18:f2:60:2a:0e:8c:b9: 99:4f:76:24:44:72:f0:d9:77:7a:72:c8:48:f4:8b:91:e1:d5: 58:86:9f:8e:e2:ea:04:55:b7:64:ef:9a:86:34:f2:a6:33:37: 41:93:03:89:1e:bb:bc:20:1e:74:53:9e:87:8f:8f:df:52:de: 2d:c3:47:e6:ce:95:8f:b9:e3:14:85:99:ba:be:48:71:50:4b: fc:51:3f:ac -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 NjVDNjExMC8GA1UEBRMoQ0Q1MzVDN0VCMzFBNDBBM0ZEQjhBQzRENUQ1NzdBRjlE NkM1ODg0ODAeFw0yNTA1MzEwNzEyNDhaFw0yNTA2MDcwNzEyNDhaMBgxFjAUBgNV BAMTDTY4M2FhYmYwLWIxMTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDehCyp4/CoZu8+SHPPFyPDuP9GBiwaSB6gRfuzURA4TeF0UuWrgTzdbvUSYJHc khaL2GXorFqBKLeS6JQVpt+UBtZ6o22Uj3Ye4spKWdUXaHSU1563hCjYCyLgqFW6 FYUJ1b5dU3VYPTywJEpKF7X42hzvkw1BtV2r5GgXwIM8mk6MboPLa2ycRfOebFYw NZmnC+oFFhrdG4XqM/iXD35uYJr8+tPvBrFovtuI8PUr4DggTD1bn7rNmMniHpoZ hgXHqu/8ctvM1ws1gkLYhy8ziVNrdEl2im+1J9qcn2M3tF1rsmWOYpMFHQ5LMiNC 3jGpqbKQbdFipV2JjFSgq5KxAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU2JPdKRAF +hxz0Om4Rxq+1tP0sQowHwYDVR0jBBgwFoAUzVNcfrMaQKP9uKxNXVd6+dbFiEgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU2NUM2L0QyNjVCMEM2RjQx RjExRUY4MTcwODg2OEM0RjlBRTAyL3pWTmNmck1hUUtQOXVLeE5YVmQ2LWRiRmlF Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvelZOY2ZyTWFRS1A5dUt4TlhWZDYtZGJGaUVnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU2 NUM2L0QyNjVCMEM2RjQxRjExRUY4MTcwODg2OEM0RjlBRTAyL3pWTmNmck1hUUtQ OXVLeE5YVmQ2LWRiRmlFZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHwfODu+UWEsUT21CRW/NZb9NTJigErB5Rvcy33AY/g4l9cRWVG2bXMx 2mVcGB/LQsrTpYFshscukvukdTN0ZtQoeA9Eb4pz0btyhacNPu2ktl6wjEoS0yYc adzw2udZ3HMXEK2ye0074UfXuUjoR9LPQ12/u+N2J2Wxed1JVCj9ce0s7XdZnm7S yqIth6AM3yfj/I95s8UdR9f/FE0EbXvTQ+9qxR5D3nSZHaPQGPJgKg6MuZlPdiRE cvDZd3pyyEj0i5Hh1ViGn47i6gRVt2TvmoY08qYzN0GTA4keu7wgHnRTnoePj99S 3i3DR+bOlY+54xSFmbq+SHFQS/xRP6w= -----END CERTIFICATE-----Generated at Sat May 31 16:39:49 2025 by rpki-client