$ rpki-client -vvf rpki.apnic.net/member_repository/A9167FBA/4B6E00FC048F11F0872E8547C4F9AE02/FTyY0zE8xk7bmuFaujtUPkgEWZA.mft File: FTyY0zE8xk7bmuFaujtUPkgEWZA.mft (raw, json) Hash identifier: S5SOCIX4Vcs3Kyx5Ocv7X4IatdkJ1yRZ3yay/t4T0dA= Subject key identifier: A3:F1:B5:7B:B7:8C:3F:B0:21:23:6F:21:F7:4F:9F:9D:15:15:19:C6 Authority key identifier: 15:3C:98:D3:31:3C:C6:4E:DB:9A:E1:5A:BA:3B:54:3E:48:04:59:90 Certificate issuer: /CN=A9167FBA/serialNumber=153C98D3313CC64EDB9AE15ABA3B543E48045990 Certificate serial: 28 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FTyY0zE8xk7bmuFaujtUPkgEWZA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167FBA/4B6E00FC048F11F0872E8547C4F9AE02/FTyY0zE8xk7bmuFaujtUPkgEWZA.mft Manifest number: 27 Signing time: Sat 31 May 2025 07:22:14 +0000 Manifest this update: Sat 31 May 2025 07:22:13 +0000 Manifest next update: Sat 07 Jun 2025 07:22:13 +0000 Files and hashes: 1: FTyY0zE8xk7bmuFaujtUPkgEWZA.crl (hash: q87Qc63Nma1HaE6AcOyUl7oPM1rlvmuwwdsxRwnKKUA=) 2: F552E6BA05A111F082D17325C4F9AE02.roa (hash: IboM73984syJmuqfIfDKvmHL/HfnKXEhHqhYyaPXIGg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167FBA/4B6E00FC048F11F0872E8547C4F9AE02/FTyY0zE8xk7bmuFaujtUPkgEWZA.crl rsync://rpki.apnic.net/member_repository/A9167FBA/4B6E00FC048F11F0872E8547C4F9AE02/FTyY0zE8xk7bmuFaujtUPkgEWZA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FTyY0zE8xk7bmuFaujtUPkgEWZA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:22:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40 (0x28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167FBA, serialNumber=153C98D3313CC64EDB9AE15ABA3B543E48045990 Validity Not Before: May 31 07:22:13 2025 GMT Not After : Jun 7 07:22:13 2025 GMT Subject: CN=683aae25-801d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:03:60:8f:d2:fd:bc:83:db:11:1c:f9:04:41: 8d:45:81:c1:26:54:04:30:c9:0a:3d:1a:6b:2a:e6: 55:7c:00:3e:40:ff:ea:e0:9d:0e:e1:e3:c4:85:ad: 5c:9e:b7:88:94:10:87:24:54:71:3a:1d:36:e7:69: 58:13:02:5a:86:b7:60:80:47:c3:b6:96:2d:f2:a8: 2c:aa:ee:08:39:d1:54:99:2e:11:c2:58:6e:3e:ea: 0a:e4:27:1a:b3:02:cd:f3:14:0f:a2:fc:8e:01:39: f0:69:a0:13:a6:86:5c:71:bf:3f:1f:c1:83:31:9a: c1:c6:1b:0e:fd:68:74:be:f7:91:50:32:a8:54:21: 50:92:57:c5:c8:74:d7:8c:a1:17:bd:87:b6:4d:6c: 57:27:91:f1:d0:29:a4:bc:72:8b:2c:67:cf:af:ba: c7:09:4e:af:28:8c:ac:5b:ba:74:ad:22:91:a6:cb: 2a:0b:d9:5c:5f:54:15:12:85:2d:5a:2c:26:46:b6: 6c:53:e8:8e:6c:d9:0f:15:5c:9b:b2:d4:4c:93:be: da:a8:9a:82:a6:26:16:35:1a:55:e2:d9:49:c5:f0: 14:37:8c:be:36:dc:fe:e8:9c:2b:f6:7e:31:c4:08: af:7a:2c:b0:43:09:90:60:a9:2c:df:1e:ea:67:22: 38:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:F1:B5:7B:B7:8C:3F:B0:21:23:6F:21:F7:4F:9F:9D:15:15:19:C6 X509v3 Authority Key Identifier: keyid:15:3C:98:D3:31:3C:C6:4E:DB:9A:E1:5A:BA:3B:54:3E:48:04:59:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167FBA/4B6E00FC048F11F0872E8547C4F9AE02/FTyY0zE8xk7bmuFaujtUPkgEWZA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FTyY0zE8xk7bmuFaujtUPkgEWZA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167FBA/4B6E00FC048F11F0872E8547C4F9AE02/FTyY0zE8xk7bmuFaujtUPkgEWZA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:05:d7:2d:5a:c8:14:b6:c9:ba:63:0d:8e:53:59:ad:95:0d: c8:00:d0:af:ba:97:fa:d2:3e:54:3c:e3:ad:e7:b6:a2:ef:6f: c4:f7:8a:7f:28:d4:94:cb:bb:3d:1b:c3:01:96:eb:25:b0:96: 26:ca:13:7e:9e:8a:76:46:4c:58:f1:98:b5:3e:f2:bd:c4:6e: 0d:bb:09:f2:ba:39:86:cf:92:2e:52:b1:eb:98:b9:86:2f:ec: 14:41:7a:1c:5a:b8:ce:35:06:92:3f:e4:b8:e7:d2:4a:12:b7: c2:5e:c2:9c:5f:9a:6e:97:3a:3d:05:d3:44:bf:e2:a2:2a:2e: 9e:44:2e:3b:9d:80:c8:07:55:fb:9c:fd:01:85:58:f2:a6:cf: a3:9a:9f:b7:55:49:2e:25:47:52:22:58:24:8c:1b:81:77:f1: 7a:43:3f:8a:8b:a9:05:67:5e:ac:ce:1e:8e:ef:47:bc:36:43: 4f:10:b0:27:c7:9a:b9:82:be:33:80:a5:e1:f4:fc:c5:54:9e: 4e:3c:d8:aa:a3:60:52:d7:ab:4c:1d:92:44:2b:fb:60:09:22: 18:19:92:d9:a1:2c:63:a6:a0:f0:3e:74:d1:a0:61:2e:19:1a: e0:f3:ce:97:ba:65:c0:b2:e1:4c:8d:80:23:47:66:17:c4:91: 88:72:b6:5d -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 N0ZCQTExMC8GA1UEBRMoMTUzQzk4RDMzMTNDQzY0RURCOUFFMTVBQkEzQjU0M0U0 ODA0NTk5MDAeFw0yNTA1MzEwNzIyMTNaFw0yNTA2MDcwNzIyMTNaMBgxFjAUBgNV BAMTDTY4M2FhZTI1LTgwMWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCkA2CP0v28g9sRHPkEQY1FgcEmVAQwyQo9Gmsq5lV8AD5A/+rgnQ7h48SFrVye t4iUEIckVHE6HTbnaVgTAlqGt2CAR8O2li3yqCyq7gg50VSZLhHCWG4+6grkJxqz As3zFA+i/I4BOfBpoBOmhlxxvz8fwYMxmsHGGw79aHS+95FQMqhUIVCSV8XIdNeM oRe9h7ZNbFcnkfHQKaS8cossZ8+vuscJTq8ojKxbunStIpGmyyoL2VxfVBUShS1a LCZGtmxT6I5s2Q8VXJuy1EyTvtqomoKmJhY1GlXi2UnF8BQ3jL423P7onCv2fjHE CK96LLBDCZBgqSzfHupnIjg5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUo/G1e7eM P7AhI28h90+fnRUVGcYwHwYDVR0jBBgwFoAUFTyY0zE8xk7bmuFaujtUPkgEWZAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY3RkJBLzRCNkUwMEZDMDQ4 RjExRjA4NzJFODU0N0M0RjlBRTAyL0ZUeVkwekU4eGs3Ym11RmF1anRVUGtnRVda QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvRlR5WTB6RTh4azdibXVGYXVqdFVQa2dFV1pBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTY3 RkJBLzRCNkUwMEZDMDQ4RjExRjA4NzJFODU0N0M0RjlBRTAyL0ZUeVkwekU4eGs3 Ym11RmF1anRVUGtnRVdaQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADsF1y1ayBS2ybpjDY5TWa2VDcgA0K+6l/rSPlQ8463ntqLvb8T3in8o 1JTLuz0bwwGW6yWwlibKE36einZGTFjxmLU+8r3Ebg27CfK6OYbPki5SseuYuYYv 7BRBehxauM41BpI/5Ljn0koSt8Jewpxfmm6XOj0F00S/4qIqLp5ELjudgMgHVfuc /QGFWPKmz6Oan7dVSS4lR1IiWCSMG4F38XpDP4qLqQVnXqzOHo7vR7w2Q08QsCfH mrmCvjOApeH0/MVUnk482KqjYFLXq0wdkkQr+2AJIhgZktmhLGOmoPA+dNGgYS4Z GuDzzpe6ZcCy4UyNgCNHZhfEkYhytl0= -----END CERTIFICATE-----Generated at Sat May 31 17:56:22 2025 by rpki-client