$ rpki-client -vvf rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/2o28OwmXQtOr0qiV3RM5iTuaj18.mft File: 2o28OwmXQtOr0qiV3RM5iTuaj18.mft (raw, json) Hash identifier: of3Sr6B5pgG0beHYYxG3/Lke+xzZbZTF0e+KUvIF+H0= Subject key identifier: E5:7B:C5:8C:D4:C1:19:2E:81:89:37:0A:69:38:00:A1:88:74:70:9D Authority key identifier: DA:8D:BC:3B:09:97:42:D3:AB:D2:A8:95:DD:13:39:89:3B:9A:8F:5F Certificate issuer: /CN=A916B0A3/serialNumber=DA8DBC3B099742D3ABD2A895DD1339893B9A8F5F Certificate serial: 0B7B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2o28OwmXQtOr0qiV3RM5iTuaj18.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/2o28OwmXQtOr0qiV3RM5iTuaj18.mft Manifest number: 3221 Signing time: Fri 30 May 2025 15:50:35 +0000 Manifest this update: Fri 30 May 2025 15:50:34 +0000 Manifest next update: Fri 06 Jun 2025 15:50:34 +0000 Files and hashes: 1: 2o28OwmXQtOr0qiV3RM5iTuaj18.crl (hash: LEyJh5UiFvy2YRhSUixjH7TZDKhn/6rnWKA7we2LG1E=) 2: 0B6054BA851E11EA86E0DF24C4F9AE02.roa (hash: MgTUngCCzikGCV51wBox1XfJC+wHmw6xDYqUAEuxnEk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/2o28OwmXQtOr0qiV3RM5iTuaj18.crl rsync://rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/2o28OwmXQtOr0qiV3RM5iTuaj18.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2o28OwmXQtOr0qiV3RM5iTuaj18.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 15:50:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2939 (0xb7b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916B0A3, serialNumber=DA8DBC3B099742D3ABD2A895DD1339893B9A8F5F Validity Not Before: May 30 15:50:34 2025 GMT Not After : Jun 6 15:50:34 2025 GMT Subject: CN=6839d3cb-eb54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:93:a2:62:0b:a6:bc:5b:08:7c:5e:f0:34:45: ab:ad:cb:f7:eb:8b:99:67:10:ff:1a:cb:f2:3e:fa: 9e:ec:63:d0:fa:39:37:4d:f8:48:41:f2:cf:49:98: 32:2c:94:3c:41:52:fe:e6:5b:73:e6:44:b5:4f:c7: 65:e6:f3:df:61:04:d8:35:3c:68:40:d1:8a:9f:d4: da:5e:ad:39:e4:ab:a3:cb:04:42:9a:f3:e9:cf:be: 0d:7d:3d:c7:03:28:f9:d8:9e:fa:fe:08:50:79:a5: 1e:c3:59:a0:57:5f:23:dd:0f:48:59:6f:7c:e0:19: 53:0a:eb:d2:06:1c:16:a4:7f:84:ff:c3:82:7f:a3: c3:37:64:77:b2:63:65:d6:fa:de:4e:1e:0c:3a:5d: 4f:28:b1:17:ac:3d:4c:27:a7:fa:3c:d1:4c:8a:78: ea:7b:6d:34:6e:21:1e:5f:e6:db:79:55:7d:0b:fd: 77:b0:2b:a2:37:e1:0d:64:f6:4a:46:8e:f2:1c:1b: b5:12:de:7b:87:b7:8a:ed:e7:cb:d1:17:0f:23:c2: 12:3d:89:9f:ba:db:2d:19:55:eb:97:1c:55:b1:af: 3a:a5:12:bd:f7:a4:92:ae:e9:62:ad:fe:fe:b0:08: 88:ee:8a:28:46:63:cd:db:56:4f:13:25:53:a1:b1: f6:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:7B:C5:8C:D4:C1:19:2E:81:89:37:0A:69:38:00:A1:88:74:70:9D X509v3 Authority Key Identifier: keyid:DA:8D:BC:3B:09:97:42:D3:AB:D2:A8:95:DD:13:39:89:3B:9A:8F:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/2o28OwmXQtOr0qiV3RM5iTuaj18.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2o28OwmXQtOr0qiV3RM5iTuaj18.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B0A3/71ADE1FED82811E4AA7C8A47C4F9AE02/2o28OwmXQtOr0qiV3RM5iTuaj18.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:b0:5e:48:a8:11:0e:a3:58:b8:e7:48:a9:7e:42:55:62:77: aa:15:0a:a9:69:ba:29:5e:35:2a:54:e3:a6:40:f7:f4:2f:a7: b4:34:2d:83:7e:8f:4b:b2:46:11:b9:97:dd:06:74:92:8f:8d: ba:8b:70:64:60:77:b4:50:1d:fd:7b:15:91:bc:f4:61:00:1a: e9:f1:80:39:35:1b:63:96:26:c3:ff:dc:28:96:d4:24:76:c7: 52:31:bb:ee:6b:f4:af:dd:d0:5c:52:02:74:91:18:86:c1:88: 2d:bc:d7:53:a7:48:96:90:6e:f8:f7:70:86:8a:d4:e6:4d:5f: 67:56:6b:e3:c4:0c:88:12:e9:f2:87:3b:e9:36:33:95:a4:b8: 52:de:4b:c9:ed:d3:93:10:18:8f:4e:1d:7a:7d:8d:69:78:52: 6d:2a:4f:c2:67:fd:89:d2:d0:43:79:be:c7:d1:d8:b6:63:7b: 63:ae:c5:2b:34:c6:5f:e4:31:c8:ba:36:b7:6b:26:f0:62:24: 27:9e:b9:80:85:22:1f:56:6a:46:44:3a:a5:33:78:f1:bc:fb: cd:37:c6:e7:e1:3e:5a:9e:ea:41:31:4a:7d:bb:6e:a4:69:6b: 3a:f3:97:0a:6c:4c:56:79:4d:46:3f:56:9d:27:dc:c0:85:41: 9f:28:40:a2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC3swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkIwQTMxMTAvBgNVBAUTKERBOERCQzNCMDk5NzQyRDNBQkQyQTg5NUREMTMzOTg5 M0I5QThGNUYwHhcNMjUwNTMwMTU1MDM0WhcNMjUwNjA2MTU1MDM0WjAYMRYwFAYD VQQDEw02ODM5ZDNjYi1lYjU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs5OiYgumvFsIfF7wNEWrrcv364uZZxD/GsvyPvqe7GPQ+jk3TfhIQfLPSZgy LJQ8QVL+5ltz5kS1T8dl5vPfYQTYNTxoQNGKn9TaXq055KujywRCmvPpz74NfT3H Ayj52J76/ghQeaUew1mgV18j3Q9IWW984BlTCuvSBhwWpH+E/8OCf6PDN2R3smNl 1vreTh4MOl1PKLEXrD1MJ6f6PNFMinjqe200biEeX+bbeVV9C/13sCuiN+ENZPZK Ro7yHBu1Et57h7eK7efL0RcPI8ISPYmfutstGVXrlxxVsa86pRK996SSrulirf7+ sAiI7oooRmPN21ZPEyVTobH2KwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOV7xYzU wRkugYk3Cmk4AKGIdHCdMB8GA1UdIwQYMBaAFNqNvDsJl0LTq9Kold0TOYk7mo9f MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjBBMy83MUFERTFGRUQ4 MjgxMUU0QUE3QzhBNDdDNEY5QUUwMi8ybzI4T3dtWFF0T3IwcWlWM1JNNWlUdWFq MTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJvMjhPd21YUXRPcjBxaVYzUk01aVR1YWoxOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QjBBMy83MUFERTFGRUQ4MjgxMUU0QUE3QzhBNDdDNEY5QUUwMi8ybzI4T3dtWFF0 T3IwcWlWM1JNNWlUdWFqMTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBUsF5IqBEOo1i450ipfkJVYneqFQqpabopXjUqVOOmQPf0L6e0NC2D fo9LskYRuZfdBnSSj426i3BkYHe0UB39exWRvPRhABrp8YA5NRtjlibD/9woltQk dsdSMbvua/Sv3dBcUgJ0kRiGwYgtvNdTp0iWkG7493CGitTmTV9nVmvjxAyIEuny hzvpNjOVpLhS3kvJ7dOTEBiPTh16fY1peFJtKk/CZ/2J0tBDeb7H0di2Y3tjrsUr NMZf5DHIuja3aybwYiQnnrmAhSIfVmpGRDqlM3jxvPvNN8bn4T5anupBMUp9u26k aWs685cKbExWeU1GP1adJ9zAhUGfKECi -----END CERTIFICATE-----Generated at Sat May 31 17:00:17 2025 by rpki-client