$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft File: dNRNlor0Y--xfAgNX60BDErAl6o.mft (raw, json) Hash identifier: NEJ5t99nHEvmWH2W95Gyes8Rh8dpUyYsXT49OjIfPSs= Subject key identifier: 8D:A5:99:D4:62:E7:F2:20:EF:D6:33:3F:BA:60:1A:3E:0B:CE:51:50 Authority key identifier: 74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA Certificate issuer: /CN=A917E0A8/serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA Certificate serial: 0650 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft Manifest number: 0643 Signing time: Sat 31 May 2025 19:45:22 +0000 Manifest this update: Sat 31 May 2025 19:45:21 +0000 Manifest next update: Sat 07 Jun 2025 19:45:21 +0000 Files and hashes: 1: dNRNlor0Y--xfAgNX60BDErAl6o.crl (hash: 3bSO5g82KUDBCg0pxVK+vlpRhon91Y6LvfTVoZF9MTg=) 2: 11C0D5DA9B4011EB9C1BFC4EC4F9AE02.roa (hash: c7+1xl97Qj2WBa7uEaRi3C9ZQy4QYdknXZBQu0sbmag=) 3: F9C23E2A3ACB11EC9FEBB367C4F9AE02.roa (hash: nh7VvVbwlcEI7LPWlEzxHGSM7ZH4CPOm9G5I1MGrFHY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.crl rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 19:45:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1616 (0x650) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA Validity Not Before: May 31 19:45:21 2025 GMT Not After : Jun 7 19:45:21 2025 GMT Subject: CN=683b5c51-bc95 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:17:b9:76:17:a1:39:82:97:97:c1:43:a0:ba: dd:34:af:20:3d:10:fa:c8:a6:af:f1:26:2a:16:77: 19:f7:08:c1:dd:52:25:93:1f:a3:41:d0:f4:6b:a3: f6:a1:d4:8b:fd:42:b8:ba:bc:34:af:6b:21:fa:0d: c4:2a:48:ea:1e:59:02:b3:b1:4d:6d:64:d1:67:e0: fb:89:a8:6a:c3:1b:e3:ef:98:70:c9:4c:ee:cd:1c: 76:14:d7:7c:74:bb:b8:af:59:9f:f8:03:3f:11:21: fb:fe:4c:00:02:3e:12:1b:70:2f:be:9d:54:7a:d0: b7:45:81:64:32:d1:21:9a:de:2c:dd:c0:cf:e0:84: db:8d:da:b3:b2:d9:f3:27:54:e5:4c:07:d7:d7:2d: ee:c6:3b:40:cf:79:49:2e:1f:ee:2a:38:05:e0:92: a9:1b:c1:2b:81:59:28:ad:1f:d3:9f:51:d1:66:db: 51:32:66:2f:37:b6:7e:4b:e6:06:1e:ae:31:1f:36: 83:58:79:b6:eb:40:c4:60:82:04:bc:31:79:ef:3a: 07:77:a1:00:18:cd:95:e7:f9:b8:f6:35:a8:dc:a0: 53:ef:c6:23:2d:8b:f2:7f:1a:e8:74:c9:8a:dd:66: 0f:8a:21:7a:2e:8e:4a:43:82:df:0b:94:09:b7:ac: 0f:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:A5:99:D4:62:E7:F2:20:EF:D6:33:3F:BA:60:1A:3E:0B:CE:51:50 X509v3 Authority Key Identifier: keyid:74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:a2:e5:76:ef:34:d4:d4:d0:6d:f9:1d:8a:7f:f2:f7:c7:01: 78:1b:23:eb:95:d6:a1:3c:c8:6c:f1:af:c9:a4:25:d2:5e:14: 46:18:5c:11:0d:c4:a1:76:cd:1e:5d:78:13:33:16:0d:75:7b: f7:5b:a2:08:22:7b:c9:25:85:8c:b3:3c:7c:e9:76:22:6d:7e: b7:84:88:eb:80:3e:a0:5b:91:47:20:72:96:29:07:7b:d4:0e: 46:3d:fb:b6:b4:1c:0b:b9:54:29:ab:18:de:18:e4:a9:b5:63: 0d:b6:56:35:56:74:7c:86:c0:47:98:9c:7d:e9:0d:be:c9:fe: cb:41:de:be:8a:41:64:fa:fd:a2:80:9c:b4:f1:eb:ea:6f:4d: 47:c4:57:69:11:4d:a6:f0:3d:62:e3:5f:00:dd:f8:1e:5b:e0: 7a:44:98:ad:c1:58:14:e5:9b:46:60:72:fa:68:0a:4a:85:bb: 86:31:6b:59:f0:cb:f4:29:ef:48:98:68:d4:6d:be:2e:9b:f9: 10:e0:c9:aa:7f:8f:8c:f5:b5:11:df:70:28:a9:e6:09:98:ba: 96:87:10:4d:8f:df:83:de:e7:e3:96:2d:29:31:4b:12:3a:cd: 8b:1b:c1:d0:af:3c:62:ee:c8:00:87:79:fe:df:96:6d:48:1d: b5:3d:cb:ec -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBlAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDc0RDQ0RDk2OEFGNDYzRUZCMTdDMDgwRDVGQUQwMTBD NEFDMDk3QUEwHhcNMjUwNTMxMTk0NTIxWhcNMjUwNjA3MTk0NTIxWjAYMRYwFAYD VQQDEw02ODNiNWM1MS1iYzk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4xe5dhehOYKXl8FDoLrdNK8gPRD6yKav8SYqFncZ9wjB3VIlkx+jQdD0a6P2 odSL/UK4urw0r2sh+g3EKkjqHlkCs7FNbWTRZ+D7iahqwxvj75hwyUzuzRx2FNd8 dLu4r1mf+AM/ESH7/kwAAj4SG3Avvp1UetC3RYFkMtEhmt4s3cDP4ITbjdqzstnz J1TlTAfX1y3uxjtAz3lJLh/uKjgF4JKpG8ErgVkorR/Tn1HRZttRMmYvN7Z+S+YG Hq4xHzaDWHm260DEYIIEvDF57zoHd6EAGM2V5/m49jWo3KBT78YjLYvyfxrodMmK 3WYPiiF6Lo5KQ4LfC5QJt6wPSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI2lmdRi 5/Ig79YzP7pgGj4LzlFQMB8GA1UdIwQYMBaAFHTUTZaK9GPvsXwIDV+tAQxKwJeq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC82RUZDMEJFRTk4 NEMxMUVCOEE0MUZBMjBDNEY5QUUwMi9kTlJObG9yMFktLXhmQWdOWDYwQkRFckFs Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ROUk5sb3IwWS0teGZBZ05YNjBCREVyQWw2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC82RUZDMEJFRTk4NEMxMUVCOEE0MUZBMjBDNEY5QUUwMi9kTlJObG9yMFkt LXhmQWdOWDYwQkRFckFsNm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCzouV27zTU1NBt+R2Kf/L3xwF4GyPrldahPMhs8a/JpCXSXhRGGFwR DcShds0eXXgTMxYNdXv3W6IIInvJJYWMszx86XYibX63hIjrgD6gW5FHIHKWKQd7 1A5GPfu2tBwLuVQpqxjeGOSptWMNtlY1VnR8hsBHmJx96Q2+yf7LQd6+ikFk+v2i gJy08evqb01HxFdpEU2m8D1i418A3fgeW+B6RJitwVgU5ZtGYHL6aApKhbuGMWtZ 8Mv0Ke9ImGjUbb4um/kQ4Mmqf4+M9bUR33AoqeYJmLqWhxBNj9+D3ufjli0pMUsS Os2LG8HQrzxi7sgAh3n+35ZtSB21Pcvs -----END CERTIFICATE-----Generated at Mon Jun 2 20:43:55 2025 by rpki-client