$ rpki-client -vvf rpki.apnic.net/member_repository/A91836C4/9D4B10688FCA11EDB7911254C4F9AE02/fDPCHh829n5MagTrI5AZrXcryyo.mft File: fDPCHh829n5MagTrI5AZrXcryyo.mft (raw, json) Hash identifier: UtuxX6SHqul2epjNJrbrKbpgaR58kIIcW7219WozKzA= Subject key identifier: F0:FC:C3:CE:09:3A:E0:54:0C:47:DB:17:B6:1E:B9:00:BF:4A:2E:9D Authority key identifier: 7C:33:C2:1E:1F:36:F6:7E:4C:6A:04:EB:23:90:19:AD:77:2B:CB:2A Certificate issuer: /CN=A91836C4/serialNumber=7C33C21E1F36F67E4C6A04EB239019AD772BCB2A Certificate serial: 01C0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fDPCHh829n5MagTrI5AZrXcryyo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91836C4/9D4B10688FCA11EDB7911254C4F9AE02/fDPCHh829n5MagTrI5AZrXcryyo.mft Manifest number: 01BD Signing time: Sat 31 May 2025 02:44:49 +0000 Manifest this update: Sat 31 May 2025 02:44:48 +0000 Manifest next update: Sat 07 Jun 2025 02:44:48 +0000 Files and hashes: 1: fDPCHh829n5MagTrI5AZrXcryyo.crl (hash: ynjmfKjpSgWkfsNj7xqhO1LMZwSaTNK19YcHHdcz6HE=) 2: 37A0ACFC8FCD11EDB4772D55C4F9AE02.roa (hash: OVe6KSw+7kYYiHPF4YI7Y6sSZ8QGj8mE1P0YOqWt/tI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91836C4/9D4B10688FCA11EDB7911254C4F9AE02/fDPCHh829n5MagTrI5AZrXcryyo.crl rsync://rpki.apnic.net/member_repository/A91836C4/9D4B10688FCA11EDB7911254C4F9AE02/fDPCHh829n5MagTrI5AZrXcryyo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fDPCHh829n5MagTrI5AZrXcryyo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 02:44:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 448 (0x1c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91836C4, serialNumber=7C33C21E1F36F67E4C6A04EB239019AD772BCB2A Validity Not Before: May 31 02:44:48 2025 GMT Not After : Jun 7 02:44:48 2025 GMT Subject: CN=683a6d21-b443 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:b5:b0:d0:cf:93:88:23:05:9b:d2:0e:ed:78: 22:0c:8e:c5:b0:60:e8:a5:1a:90:d9:00:ef:e7:74: 66:2a:fe:4f:25:52:c4:87:19:d9:81:51:28:ae:24: ef:41:23:6a:78:7e:5e:70:41:e4:2a:86:e7:2f:d3: 69:68:dd:35:a8:86:4c:a2:c3:cc:5a:29:5d:04:f4: c9:61:aa:21:10:42:60:25:4f:1a:09:44:fa:ec:09: fa:16:f6:9b:1b:16:ec:2d:96:71:38:b3:cb:ad:88: e4:a1:3a:6d:19:ec:ad:69:50:8d:9a:db:b3:f9:0b: b8:a3:81:32:60:6b:81:20:c4:97:c7:f3:4b:0e:8e: 34:64:5d:5b:b3:f7:d0:7a:27:37:28:1a:52:86:fc: 2e:9f:ad:13:57:89:4e:69:e7:3c:d2:6c:c8:0d:01: 3b:04:b2:25:1f:eb:60:a7:96:eb:7f:7a:f5:11:f7: ab:61:54:82:be:ca:12:2d:96:9b:1d:95:7c:f9:9d: f0:22:a2:7f:18:93:e7:e4:80:91:9e:2e:3d:37:3c: a3:0d:42:c2:28:2c:62:c9:13:31:18:54:65:b5:d2: 62:64:59:53:46:6b:bb:c0:a3:61:84:31:13:fd:bd: 4c:fd:b8:f1:13:85:8f:56:d8:7e:e8:b5:02:8a:47: 3c:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:FC:C3:CE:09:3A:E0:54:0C:47:DB:17:B6:1E:B9:00:BF:4A:2E:9D X509v3 Authority Key Identifier: keyid:7C:33:C2:1E:1F:36:F6:7E:4C:6A:04:EB:23:90:19:AD:77:2B:CB:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91836C4/9D4B10688FCA11EDB7911254C4F9AE02/fDPCHh829n5MagTrI5AZrXcryyo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fDPCHh829n5MagTrI5AZrXcryyo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91836C4/9D4B10688FCA11EDB7911254C4F9AE02/fDPCHh829n5MagTrI5AZrXcryyo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:ff:00:dc:6c:ae:92:c7:61:c4:5b:01:1e:45:5e:92:c6:cb: 47:7d:59:d4:ea:f7:20:ba:87:2a:97:96:6b:73:6a:8a:78:11: 11:7a:30:b2:a5:af:9d:00:55:1f:43:1a:09:f3:87:89:1e:7d: a5:39:b0:39:58:c3:79:f6:b5:76:58:0a:46:03:30:64:bd:ca: 34:cb:8b:a8:9a:93:93:26:a1:4c:1d:17:16:c0:1c:8f:c9:9f: 67:05:f9:05:f5:53:ea:e7:7e:0c:04:a7:fd:81:fd:1c:f4:fd: 0b:cb:8d:e4:bd:db:ab:72:01:91:c4:f9:96:3e:86:9f:72:10: 90:9b:85:ae:47:01:22:2a:40:c3:4c:a1:27:52:39:54:12:b2: d0:26:4a:70:f9:be:9f:12:57:fe:9e:07:38:59:ac:f6:d0:b6: a1:88:f5:20:60:00:13:78:22:b9:77:ef:6f:12:91:ef:68:bf: d8:2d:db:77:72:e6:7e:cf:ff:3c:4b:e4:87:20:05:9c:6a:47: f1:b9:f4:58:ad:36:fa:10:a3:7b:2a:bd:46:61:63:7d:ff:64: 76:70:85:6b:86:ed:ae:b1:4a:ec:83:43:8d:5b:76:33:cf:1b: d3:ca:57:0c:2b:0b:1c:15:a4:1e:76:9c:d2:e2:b6:4c:21:d7: 15:43:b3:94 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODM2QzQxMTAvBgNVBAUTKDdDMzNDMjFFMUYzNkY2N0U0QzZBMDRFQjIzOTAxOUFE NzcyQkNCMkEwHhcNMjUwNTMxMDI0NDQ4WhcNMjUwNjA3MDI0NDQ4WjAYMRYwFAYD VQQDEw02ODNhNmQyMS1iNDQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmLWw0M+TiCMFm9IO7XgiDI7FsGDopRqQ2QDv53RmKv5PJVLEhxnZgVEoriTv QSNqeH5ecEHkKobnL9NpaN01qIZMosPMWildBPTJYaohEEJgJU8aCUT67An6Fvab GxbsLZZxOLPLrYjkoTptGeytaVCNmtuz+Qu4o4EyYGuBIMSXx/NLDo40ZF1bs/fQ eic3KBpShvwun60TV4lOaec80mzIDQE7BLIlH+tgp5brf3r1EferYVSCvsoSLZab HZV8+Z3wIqJ/GJPn5ICRni49NzyjDULCKCxiyRMxGFRltdJiZFlTRmu7wKNhhDET /b1M/bjxE4WPVth+6LUCikc8AQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPD8w84J OuBUDEfbF7YeuQC/Si6dMB8GA1UdIwQYMBaAFHwzwh4fNvZ+TGoE6yOQGa13K8sq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4MzZDNC85RDRCMTA2ODhG Q0ExMUVEQjc5MTEyNTRDNEY5QUUwMi9mRFBDSGg4MjluNU1hZ1RySTVBWnJYY3J5 eW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZEUENIaDgyOW41TWFnVHJJNUFaclhjcnl5by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 MzZDNC85RDRCMTA2ODhGQ0ExMUVEQjc5MTEyNTRDNEY5QUUwMi9mRFBDSGg4Mjlu NU1hZ1RySTVBWnJYY3J5eW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCj/wDcbK6Sx2HEWwEeRV6SxstHfVnU6vcguocql5Zrc2qKeBERejCy pa+dAFUfQxoJ84eJHn2lObA5WMN59rV2WApGAzBkvco0y4uompOTJqFMHRcWwByP yZ9nBfkF9VPq534MBKf9gf0c9P0Ly43kvdurcgGRxPmWPoafchCQm4WuRwEiKkDD TKEnUjlUErLQJkpw+b6fElf+ngc4Waz20LahiPUgYAATeCK5d+9vEpHvaL/YLdt3 cuZ+z/88S+SHIAWcakfxufRYrTb6EKN7Kr1GYWN9/2R2cIVrhu2usUrsg0ONW3Yz zxvTylcMKwscFaQedpzS4rZMIdcVQ7OU -----END CERTIFICATE-----Generated at Sat May 31 17:06:26 2025 by rpki-client