$ rpki-client -vvf rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.mft File: iCJHhVdMHyPKnEOe2PVTiPamjOI.mft (raw, json) Hash identifier: qvmcxsduc7Pz3C65iWs0ZKG7TVVyIjyA/S8M4Y7D010= Subject key identifier: B0:C7:CC:18:1C:AA:3F:69:07:DA:24:23:FC:E8:19:32:19:93:61:EF Authority key identifier: 88:22:47:85:57:4C:1F:23:CA:9C:43:9E:D8:F5:53:88:F6:A6:8C:E2 Certificate issuer: /CN=A91689B7/serialNumber=88224785574C1F23CA9C439ED8F55388F6A68CE2 Certificate serial: 01EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iCJHhVdMHyPKnEOe2PVTiPamjOI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.mft Manifest number: 01E9 Signing time: Sat 31 May 2025 02:22:01 +0000 Manifest this update: Sat 31 May 2025 02:22:01 +0000 Manifest next update: Sat 07 Jun 2025 02:22:01 +0000 Files and hashes: 1: iCJHhVdMHyPKnEOe2PVTiPamjOI.crl (hash: levKQ3SSM0uwxYX+cjJt7rTmROrn+DQdFiLzuuHfmcI=) 2: 2455276E39B311EEA6DFE66BC4F9AE02.roa (hash: i/snzsv5ugVK5M4wkOzh02txTFh9Vl9HyndyddhSqd8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.crl rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iCJHhVdMHyPKnEOe2PVTiPamjOI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 02:22:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 495 (0x1ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91689B7, serialNumber=88224785574C1F23CA9C439ED8F55388F6A68CE2 Validity Not Before: May 31 02:22:01 2025 GMT Not After : Jun 7 02:22:01 2025 GMT Subject: CN=683a67c9-5eca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:03:77:06:df:13:67:0f:2e:a9:92:e2:d6:80: c6:09:5c:1d:b0:06:ec:19:9d:9d:f4:66:a6:73:a8: a2:3e:94:86:ca:1b:c7:59:2e:b2:94:04:09:c0:8f: e5:c5:78:33:85:d9:fb:11:11:30:e1:aa:ec:e1:83: dd:38:0f:30:20:38:95:a1:29:2a:bf:34:cc:4d:fb: 8b:a5:09:2c:7b:1a:ef:30:ef:1c:26:7a:7a:40:cb: 61:d2:46:98:36:0b:59:0e:ce:da:cb:59:c8:e4:94: 68:9e:ca:60:f6:ef:6e:5b:df:e0:80:ee:ce:7b:00: 62:32:c8:17:4a:6d:14:0e:95:9e:01:f6:10:80:7c: 45:c4:4a:50:d4:1f:61:b0:c3:6f:77:af:51:f5:6b: f5:e6:33:d3:b9:bf:a5:ad:9d:82:30:0e:f7:a3:2d: b2:c1:b6:17:9d:3b:cc:47:45:7e:87:e0:c2:a8:09: 3a:01:c4:df:dc:b4:19:97:e4:e7:a8:5d:1f:11:5e: 19:28:4f:cc:eb:02:3a:25:88:15:f7:22:aa:05:2d: 5b:2b:9c:27:6f:a2:d5:28:fe:e5:78:5f:fc:d3:76: e8:39:bb:1d:f8:c1:1b:e0:3f:8a:f0:24:e8:cb:27: 70:5a:63:21:93:47:18:f8:04:5b:27:50:fa:68:d0: 4b:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:C7:CC:18:1C:AA:3F:69:07:DA:24:23:FC:E8:19:32:19:93:61:EF X509v3 Authority Key Identifier: keyid:88:22:47:85:57:4C:1F:23:CA:9C:43:9E:D8:F5:53:88:F6:A6:8C:E2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iCJHhVdMHyPKnEOe2PVTiPamjOI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91689B7/B1E54AB856A211EDB4A1B225C4F9AE02/iCJHhVdMHyPKnEOe2PVTiPamjOI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:2a:05:42:c4:f3:2d:ce:8e:29:d8:0c:93:7c:e8:59:01:28: 2a:68:04:94:c9:e5:b6:5b:ba:99:94:39:51:32:93:28:ac:79: 0a:1f:24:50:d5:bc:be:d6:83:6d:77:80:ba:97:dc:96:ad:43: cd:7a:d3:27:ce:61:7c:3d:8d:2f:eb:eb:87:a7:84:73:3b:3d: 7d:45:1f:fb:c5:39:9d:b3:ce:00:fd:cb:d2:bd:b4:5e:d9:fc: 2c:41:86:4c:77:a9:45:59:cd:c3:38:6e:25:e6:a4:3c:e4:b8: d4:6d:c4:4f:4a:dc:bc:99:3c:78:02:25:44:a0:fa:87:07:47: fa:12:23:bf:38:fb:a4:8b:40:5f:9a:2f:56:3a:20:eb:4e:36: 1a:f2:d1:e7:73:01:6f:4b:45:2c:b8:2f:5f:64:8b:4c:7b:d0: b6:8a:49:0e:a5:e6:2b:ee:45:2b:88:33:00:df:e1:28:b8:97: 21:05:8a:ec:f0:51:2f:68:e4:80:ce:bd:50:eb:24:ec:36:95: 53:a9:93:7d:04:42:bd:5b:c1:af:7d:7c:ee:9e:65:12:77:28: 23:b8:bf:a7:0e:fc:af:db:48:77:ec:8f:50:23:a8:5f:57:aa: ce:45:a3:f7:6e:c2:58:81:ee:5d:20:c9:2b:7d:35:73:9b:91: e1:d8:3e:be -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAe8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Njg5QjcxMTAvBgNVBAUTKDg4MjI0Nzg1NTc0QzFGMjNDQTlDNDM5RUQ4RjU1Mzg4 RjZBNjhDRTIwHhcNMjUwNTMxMDIyMjAxWhcNMjUwNjA3MDIyMjAxWjAYMRYwFAYD VQQDEw02ODNhNjdjOS01ZWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqwN3Bt8TZw8uqZLi1oDGCVwdsAbsGZ2d9Gamc6iiPpSGyhvHWS6ylAQJwI/l xXgzhdn7EREw4ars4YPdOA8wIDiVoSkqvzTMTfuLpQksexrvMO8cJnp6QMth0kaY NgtZDs7ay1nI5JRonspg9u9uW9/ggO7OewBiMsgXSm0UDpWeAfYQgHxFxEpQ1B9h sMNvd69R9Wv15jPTub+lrZ2CMA73oy2ywbYXnTvMR0V+h+DCqAk6AcTf3LQZl+Tn qF0fEV4ZKE/M6wI6JYgV9yKqBS1bK5wnb6LVKP7leF/803boObsd+MEb4D+K8CTo yydwWmMhk0cY+ARbJ1D6aNBLzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLDHzBgc qj9pB9okI/zoGTIZk2HvMB8GA1UdIwQYMBaAFIgiR4VXTB8jypxDntj1U4j2pozi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2ODlCNy9CMUU1NEFCODU2 QTIxMUVEQjRBMUIyMjVDNEY5QUUwMi9pQ0pIaFZkTUh5UEtuRU9lMlBWVGlQYW1q T0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lDSkhoVmRNSHlQS25FT2UyUFZUaVBhbWpPSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 ODlCNy9CMUU1NEFCODU2QTIxMUVEQjRBMUIyMjVDNEY5QUUwMi9pQ0pIaFZkTUh5 UEtuRU9lMlBWVGlQYW1qT0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAzKgVCxPMtzo4p2AyTfOhZASgqaASUyeW2W7qZlDlRMpMorHkKHyRQ 1by+1oNtd4C6l9yWrUPNetMnzmF8PY0v6+uHp4RzOz19RR/7xTmds84A/cvSvbRe 2fwsQYZMd6lFWc3DOG4l5qQ85LjUbcRPSty8mTx4AiVEoPqHB0f6EiO/OPuki0Bf mi9WOiDrTjYa8tHncwFvS0UsuC9fZItMe9C2ikkOpeYr7kUriDMA3+EouJchBYrs 8FEvaOSAzr1Q6yTsNpVTqZN9BEK9W8GvfXzunmUSdygjuL+nDvyv20h37I9QI6hf V6rORaP3bsJYge5dIMkrfTVzm5Hh2D6+ -----END CERTIFICATE-----Generated at Sat May 31 15:29:57 2025 by rpki-client