$ rpki-client -vvf rpki.apnic.net/member_repository/A917C156/142E64DE1C0311F0A5DC1556C4F9AE02/rIf9aQzGskx4_D9x0y3eDbookNs.mft File: rIf9aQzGskx4_D9x0y3eDbookNs.mft (raw, json) Hash identifier: zgw7EwOC12boxLfQ7AgRoulmXq8nXKZ/teV4sDbyDo8= Subject key identifier: F7:27:29:36:56:CD:B0:8D:F7:B0:BA:D3:80:43:DA:24:68:1E:F8:92 Authority key identifier: AC:87:FD:69:0C:C6:B2:4C:78:FC:3F:71:D3:2D:DE:0D:BA:28:90:DB Certificate issuer: /CN=A917C156/serialNumber=AC87FD690CC6B24C78FC3F71D32DDE0DBA2890DB Certificate serial: 1E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rIf9aQzGskx4_D9x0y3eDbookNs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C156/142E64DE1C0311F0A5DC1556C4F9AE02/rIf9aQzGskx4_D9x0y3eDbookNs.mft Manifest number: 1A Signing time: Sat 31 May 2025 07:32:40 +0000 Manifest this update: Sat 31 May 2025 07:32:39 +0000 Manifest next update: Sat 07 Jun 2025 07:32:39 +0000 Files and hashes: 1: rIf9aQzGskx4_D9x0y3eDbookNs.crl (hash: 0veIAl1fL7jKZIn6QPZHxniRqz0sFul9OhhrVBVZR1w=) 2: 82B7AD281C2811F0AF6EDC47C4F9AE02.roa (hash: TOct4YZ3x0uVg6PIqVFGhW7Pj8+y8nCLAaZLvcpqBvw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C156/142E64DE1C0311F0A5DC1556C4F9AE02/rIf9aQzGskx4_D9x0y3eDbookNs.crl rsync://rpki.apnic.net/member_repository/A917C156/142E64DE1C0311F0A5DC1556C4F9AE02/rIf9aQzGskx4_D9x0y3eDbookNs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rIf9aQzGskx4_D9x0y3eDbookNs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:32:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30 (0x1e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C156, serialNumber=AC87FD690CC6B24C78FC3F71D32DDE0DBA2890DB Validity Not Before: May 31 07:32:39 2025 GMT Not After : Jun 7 07:32:39 2025 GMT Subject: CN=683ab097-0d12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:36:cc:18:3e:4a:b2:21:69:7a:ef:a6:42:42: 79:32:b3:06:27:4b:53:27:59:6f:4c:35:47:ab:57: 45:3b:39:5d:6f:cd:bc:16:b3:39:ab:71:46:60:76: cc:2d:4e:27:9a:a2:bf:be:ac:0e:7e:48:13:bd:7c: 79:59:1a:91:fa:1f:0f:15:c5:4f:09:c9:6e:35:6b: 9f:1d:f8:f2:10:dc:dd:4e:58:b9:da:10:2d:36:cd: cc:6f:26:9b:f0:83:5c:23:c9:ff:5e:c6:bd:48:5c: e3:dc:b4:e2:87:a2:82:0c:cf:5e:8c:55:05:39:c4: 73:ba:81:53:8d:6a:28:4d:61:eb:ad:9a:9e:7a:36: 80:98:ff:1c:16:4b:8e:86:7f:ff:17:d1:ad:fc:c9: b4:4e:c8:0a:5b:7c:8c:16:94:48:7c:fd:28:eb:67: 71:39:ab:0e:82:84:c0:5f:ac:21:95:5c:78:c6:4b: 44:92:7a:32:60:e9:10:0d:c0:7a:98:ce:a4:29:96: 78:9a:f1:ce:3b:3e:72:01:ef:f2:21:41:7a:b7:53: 90:be:09:f7:f9:cb:6e:cc:6c:2a:91:fe:80:24:e8: 1b:6e:1d:c0:2f:56:6d:c8:b1:66:56:05:de:a1:2c: 3b:f2:6b:9b:48:f1:ae:e8:35:30:7d:d8:0a:39:2b: 3f:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:27:29:36:56:CD:B0:8D:F7:B0:BA:D3:80:43:DA:24:68:1E:F8:92 X509v3 Authority Key Identifier: keyid:AC:87:FD:69:0C:C6:B2:4C:78:FC:3F:71:D3:2D:DE:0D:BA:28:90:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C156/142E64DE1C0311F0A5DC1556C4F9AE02/rIf9aQzGskx4_D9x0y3eDbookNs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rIf9aQzGskx4_D9x0y3eDbookNs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C156/142E64DE1C0311F0A5DC1556C4F9AE02/rIf9aQzGskx4_D9x0y3eDbookNs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:a7:d7:31:18:0a:d8:24:fc:2c:c9:68:9a:af:34:dc:67:ce: ce:01:2d:b1:b5:e2:2d:39:ba:c2:84:2b:eb:d9:5d:cd:bd:fa: 06:f9:54:b0:d6:14:e6:46:c9:2c:25:a7:3c:e9:b6:16:81:1b: 69:ca:08:f8:01:57:d9:38:f9:ae:24:ab:e4:b8:05:6c:41:e9: d3:a6:9b:a0:0d:ca:05:bb:17:fe:92:1e:d1:6a:87:63:ac:3e: 1a:7e:91:a2:02:cf:59:df:1b:99:2a:c4:16:08:b2:85:f6:08: ad:b5:4d:53:68:8e:60:a0:81:1b:1b:f4:66:51:53:cc:1c:be: 70:66:6e:2a:e2:f3:b8:20:ae:08:5d:f1:e7:e4:80:5e:65:85: b2:98:c1:7c:dc:3a:24:c2:7e:aa:2a:c3:60:46:03:79:bc:37: 90:cd:90:f5:5a:4a:6c:7c:f8:ed:b4:0b:0f:19:64:1a:cf:48: 34:f2:07:03:43:79:21:25:4d:14:db:ce:03:1a:db:e2:c4:cd: d7:e4:5c:8c:f3:b6:0c:82:70:08:04:85:69:ac:06:ee:d0:8f: 87:4d:d0:34:2e:44:24:cc:be:c7:16:75:78:5e:35:2f:47:84: 94:47:84:49:48:81:1b:1b:ad:e1:c5:e4:9b:24:08:69:72:fd: a7:e2:c3:10 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 QzE1NjExMC8GA1UEBRMoQUM4N0ZENjkwQ0M2QjI0Qzc4RkMzRjcxRDMyRERFMERC QTI4OTBEQjAeFw0yNTA1MzEwNzMyMzlaFw0yNTA2MDcwNzMyMzlaMBgxFjAUBgNV BAMTDTY4M2FiMDk3LTBkMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDENswYPkqyIWl676ZCQnkyswYnS1MnWW9MNUerV0U7OV1vzbwWszmrcUZgdswt Tieaor++rA5+SBO9fHlZGpH6Hw8VxU8JyW41a58d+PIQ3N1OWLnaEC02zcxvJpvw g1wjyf9exr1IXOPctOKHooIMz16MVQU5xHO6gVONaihNYeutmp56NoCY/xwWS46G f/8X0a38ybROyApbfIwWlEh8/SjrZ3E5qw6ChMBfrCGVXHjGS0SSejJg6RANwHqY zqQplnia8c47PnIB7/IhQXq3U5C+Cff5y27MbCqR/oAk6BtuHcAvVm3IsWZWBd6h LDvya5tI8a7oNTB92Ao5Kz+hAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU9ycpNlbN sI33sLrTgEPaJGge+JIwHwYDVR0jBBgwFoAUrIf9aQzGskx4/D9x0y3eDbookNsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdDMTU2LzE0MkU2NERFMUMw MzExRjBBNURDMTU1NkM0RjlBRTAyL3JJZjlhUXpHc2t4NF9EOXgweTNlRGJvb2tO cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcklmOWFRekdza3g0X0Q5eDB5M2VEYm9va05zLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdD MTU2LzE0MkU2NERFMUMwMzExRjBBNURDMTU1NkM0RjlBRTAyL3JJZjlhUXpHc2t4 NF9EOXgweTNlRGJvb2tOcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACKn1zEYCtgk/CzJaJqvNNxnzs4BLbG14i05usKEK+vZXc29+gb5VLDW FOZGySwlpzzpthaBG2nKCPgBV9k4+a4kq+S4BWxB6dOmm6ANygW7F/6SHtFqh2Os Php+kaICz1nfG5kqxBYIsoX2CK21TVNojmCggRsb9GZRU8wcvnBmbiri87ggrghd 8efkgF5lhbKYwXzcOiTCfqoqw2BGA3m8N5DNkPVaSmx8+O20Cw8ZZBrPSDTyBwND eSElTRTbzgMa2+LEzdfkXIzztgyCcAgEhWmsBu7Qj4dN0DQuRCTMvscWdXheNS9H hJRHhElIgRsbreHF5JskCGly/afiwxA= -----END CERTIFICATE-----Generated at Sat May 31 17:56:25 2025 by rpki-client