$ rpki-client -vvf rpki.apnic.net/member_repository/A917C0C4/9180C822055711F09C6A8E49C4F9AE02/bpBL4FGCvLH29QXQowWJHm6NEDk.mft File: bpBL4FGCvLH29QXQowWJHm6NEDk.mft (raw, json) Hash identifier: zpYieQtPzMaiyc27y4eHMrTBLKdAM4pSEiohtSseLns= Subject key identifier: 21:45:3E:CE:19:B1:EE:7B:34:EE:EB:41:00:9C:F8:B4:11:85:AB:BB Authority key identifier: 6E:90:4B:E0:51:82:BC:B1:F6:F5:05:D0:A3:05:89:1E:6E:8D:10:39 Certificate issuer: /CN=A917C0C4/serialNumber=6E904BE05182BCB1F6F505D0A305891E6E8D1039 Certificate serial: 28 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bpBL4FGCvLH29QXQowWJHm6NEDk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C0C4/9180C822055711F09C6A8E49C4F9AE02/bpBL4FGCvLH29QXQowWJHm6NEDk.mft Manifest number: 27 Signing time: Sat 31 May 2025 07:22:51 +0000 Manifest this update: Sat 31 May 2025 07:22:51 +0000 Manifest next update: Sat 07 Jun 2025 07:22:51 +0000 Files and hashes: 1: bpBL4FGCvLH29QXQowWJHm6NEDk.crl (hash: 1Kffipa2IqUgL9MI6dLYeEmiamvjCG1p9HU6FWHoti4=) 2: BA22BEB40B3011F0B579B519C4F9AE02.roa (hash: zdEqtGtii43VUXH0g8Jdd0m7uoQgCUcFB8S2j4k//AQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C0C4/9180C822055711F09C6A8E49C4F9AE02/bpBL4FGCvLH29QXQowWJHm6NEDk.crl rsync://rpki.apnic.net/member_repository/A917C0C4/9180C822055711F09C6A8E49C4F9AE02/bpBL4FGCvLH29QXQowWJHm6NEDk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bpBL4FGCvLH29QXQowWJHm6NEDk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:22:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40 (0x28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C0C4, serialNumber=6E904BE05182BCB1F6F505D0A305891E6E8D1039 Validity Not Before: May 31 07:22:51 2025 GMT Not After : Jun 7 07:22:51 2025 GMT Subject: CN=683aae4b-6194 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:72:71:5c:db:e3:6b:07:66:a4:08:ce:26:97: f4:48:ef:4d:3f:df:f7:c2:90:54:87:10:64:19:4d: 22:0c:ea:13:4e:8c:64:58:25:f6:d3:e2:57:35:78: 5a:b0:ee:b1:6c:96:cd:40:51:97:81:8a:45:80:64: 41:32:42:23:5f:c3:65:b8:cc:0f:29:a7:4c:1b:77: 6a:5a:8b:c8:02:9a:cb:85:c5:93:76:cf:27:6f:49: 7a:65:ac:77:32:93:bc:db:c5:b9:b4:11:fb:4f:00: 06:1d:06:24:9d:4a:cb:58:30:c6:9b:07:03:3d:89: 97:bf:f8:94:13:de:c6:be:35:b0:a0:4e:1a:59:13: 6c:f8:d3:4e:49:ca:8c:e8:ee:03:40:4a:db:f6:4c: fc:e8:35:d0:15:2e:0b:e1:13:86:87:be:5b:6e:57: 46:97:8b:9c:1c:e1:1c:a5:0f:e0:93:1f:f8:93:4c: 0e:bf:79:49:46:87:91:01:cb:a4:50:c4:5d:1a:11: d2:a6:40:dd:b0:ee:9f:30:21:05:4a:49:68:49:27: 7c:38:59:7d:7c:ac:c1:db:16:19:69:3e:cc:67:88: f5:dd:a8:a0:d2:42:c0:b0:ae:90:d1:77:60:d6:5a: 3e:4e:09:06:be:30:af:4d:43:a2:71:42:c3:39:a4: 2f:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:45:3E:CE:19:B1:EE:7B:34:EE:EB:41:00:9C:F8:B4:11:85:AB:BB X509v3 Authority Key Identifier: keyid:6E:90:4B:E0:51:82:BC:B1:F6:F5:05:D0:A3:05:89:1E:6E:8D:10:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C0C4/9180C822055711F09C6A8E49C4F9AE02/bpBL4FGCvLH29QXQowWJHm6NEDk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bpBL4FGCvLH29QXQowWJHm6NEDk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C0C4/9180C822055711F09C6A8E49C4F9AE02/bpBL4FGCvLH29QXQowWJHm6NEDk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:47:b0:db:ab:69:42:49:c1:d1:bc:c5:69:ae:c9:f5:7a:c2: ee:6a:d4:3d:3d:7a:f5:7e:cd:67:cd:82:36:86:c0:74:f0:91: 71:e8:7e:65:65:ae:1b:72:08:0a:22:b2:20:7d:52:16:bb:f6: 32:d1:d4:6a:b7:e3:20:82:cc:3e:49:e3:e5:33:19:2b:a6:5e: 77:26:e9:c6:14:31:02:9d:40:46:54:d8:b5:32:05:1d:d4:f5: fa:81:8a:c7:70:f2:75:ed:eb:f0:4a:12:aa:cf:ba:cf:78:2c: 5f:f9:82:99:19:61:ca:2d:c7:c3:b2:66:be:0f:e4:82:7d:6d: 4f:18:c4:27:0c:e0:19:6a:32:4b:e6:94:52:b9:a3:dc:60:46: 26:ae:38:6a:31:12:d4:87:43:13:29:89:d4:3f:ce:2f:8d:8d: 17:a5:6b:ba:ac:d2:37:c0:21:8f:b2:ae:11:f5:49:2e:9d:8f: e0:bc:8e:69:ff:1d:ba:cd:83:a9:da:1e:75:26:26:0a:8c:44: a9:fd:f5:73:d1:e8:1c:34:f5:13:e6:9e:cf:55:b4:53:b5:52: fe:b3:90:36:7d:c7:7b:db:42:be:af:27:a2:96:a9:fb:f2:7a: 29:02:da:f4:f7:40:83:11:1a:03:af:d4:c6:9f:ef:6a:6b:41: 42:f7:41:5b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 QzBDNDExMC8GA1UEBRMoNkU5MDRCRTA1MTgyQkNCMUY2RjUwNUQwQTMwNTg5MUU2 RThEMTAzOTAeFw0yNTA1MzEwNzIyNTFaFw0yNTA2MDcwNzIyNTFaMBgxFjAUBgNV BAMTDTY4M2FhZTRiLTYxOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDscnFc2+NrB2akCM4ml/RI700/3/fCkFSHEGQZTSIM6hNOjGRYJfbT4lc1eFqw 7rFsls1AUZeBikWAZEEyQiNfw2W4zA8pp0wbd2pai8gCmsuFxZN2zydvSXplrHcy k7zbxbm0EftPAAYdBiSdSstYMMabBwM9iZe/+JQT3sa+NbCgThpZE2z4005Jyozo 7gNAStv2TPzoNdAVLgvhE4aHvltuV0aXi5wc4RylD+CTH/iTTA6/eUlGh5EBy6RQ xF0aEdKmQN2w7p8wIQVKSWhJJ3w4WX18rMHbFhlpPsxniPXdqKDSQsCwrpDRd2DW Wj5OCQa+MK9NQ6JxQsM5pC9PAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUIUU+zhmx 7ns07utBAJz4tBGFq7swHwYDVR0jBBgwFoAUbpBL4FGCvLH29QXQowWJHm6NEDkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdDMEM0LzkxODBDODIyMDU1 NzExRjA5QzZBOEU0OUM0RjlBRTAyL2JwQkw0RkdDdkxIMjlRWFFvd1dKSG02TkVE ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvYnBCTDRGR0N2TEgyOVFYUW93V0pIbTZORURrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdD MEM0LzkxODBDODIyMDU1NzExRjA5QzZBOEU0OUM0RjlBRTAyL2JwQkw0RkdDdkxI MjlRWFFvd1dKSG02TkVEay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACRHsNuraUJJwdG8xWmuyfV6wu5q1D09evV+zWfNgjaGwHTwkXHofmVl rhtyCAoisiB9Uha79jLR1Gq34yCCzD5J4+UzGSumXncm6cYUMQKdQEZU2LUyBR3U 9fqBisdw8nXt6/BKEqrPus94LF/5gpkZYcotx8OyZr4P5IJ9bU8YxCcM4BlqMkvm lFK5o9xgRiauOGoxEtSHQxMpidQ/zi+NjRela7qs0jfAIY+yrhH1SS6dj+C8jmn/ HbrNg6naHnUmJgqMRKn99XPR6Bw09RPmns9VtFO1Uv6zkDZ9x3vbQr6vJ6KWqfvy eikC2vT3QIMRGgOv1Maf72prQUL3QVs= -----END CERTIFICATE-----Generated at Sat May 31 15:14:38 2025 by rpki-client