$ rpki-client -vvf rpki.apnic.net/member_repository/A919188A/C96357CAAA9411EDB0774F45C4F9AE02/AoEcMdUMkf_9Xtpoue-Bw_np-xI.mft File: AoEcMdUMkf_9Xtpoue-Bw_np-xI.mft (raw, json) Hash identifier: WlNlyBkKHw2hsbavZ9c39DVX4Dx+WA5HPMQfVLnq1Bk= Subject key identifier: 70:65:54:0E:10:9D:3B:C8:43:2C:8D:E8:AF:F7:9E:E1:42:4E:7A:E2 Authority key identifier: 02:81:1C:31:D5:0C:91:FF:FD:5E:DA:68:B9:EF:81:C3:F9:E9:FB:12 Certificate issuer: /CN=A919188A/serialNumber=02811C31D50C91FFFD5EDA68B9EF81C3F9E9FB12 Certificate serial: 01B5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AoEcMdUMkf_9Xtpoue-Bw_np-xI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919188A/C96357CAAA9411EDB0774F45C4F9AE02/AoEcMdUMkf_9Xtpoue-Bw_np-xI.mft Manifest number: 01AF Signing time: Sat 31 May 2025 02:52:39 +0000 Manifest this update: Sat 31 May 2025 02:52:38 +0000 Manifest next update: Sat 07 Jun 2025 02:52:38 +0000 Files and hashes: 1: AoEcMdUMkf_9Xtpoue-Bw_np-xI.crl (hash: yt3X1np/+RPOSGlgAJfeYS4jBI9fAuiMU017lZhDN+M=) 2: 12AE9E92AA9711EDAAEB8345C4F9AE02.roa (hash: ZbTPGmKh281ymLxinCV1W0SdNG3gcop2OrOUFYRhJy4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919188A/C96357CAAA9411EDB0774F45C4F9AE02/AoEcMdUMkf_9Xtpoue-Bw_np-xI.crl rsync://rpki.apnic.net/member_repository/A919188A/C96357CAAA9411EDB0774F45C4F9AE02/AoEcMdUMkf_9Xtpoue-Bw_np-xI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AoEcMdUMkf_9Xtpoue-Bw_np-xI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 02:52:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 437 (0x1b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919188A, serialNumber=02811C31D50C91FFFD5EDA68B9EF81C3F9E9FB12 Validity Not Before: May 31 02:52:38 2025 GMT Not After : Jun 7 02:52:38 2025 GMT Subject: CN=683a6ef6-c8c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:52:fe:05:02:ec:78:32:cf:6d:5c:8c:43:22: 32:ae:36:ff:15:6d:c0:84:0b:05:a1:c4:e3:7a:9e: 11:c9:ab:4b:7d:2d:00:25:aa:2c:81:7d:1c:9f:cc: 35:ea:d6:93:1b:b3:ef:ca:ed:da:76:8f:b0:47:1f: ea:6a:84:19:56:ba:a1:d3:bb:e4:c7:22:fc:62:9c: b2:b2:3f:42:b9:20:2f:4f:0b:40:e7:1f:21:dd:73: 46:23:2d:0f:e5:80:75:70:42:03:14:09:af:d9:fb: e9:a4:f2:e0:cd:6f:b1:9c:34:28:5f:9c:25:9c:9d: 92:7f:2c:b8:6a:cd:ab:4f:fc:30:96:b4:ad:0d:f4: d7:c5:d2:ca:59:b2:51:5a:ca:9b:92:ca:4e:16:8b: f6:40:fa:50:85:ff:17:1d:64:38:8e:78:f5:9c:6c: e2:37:ad:59:15:c8:ab:a2:21:c0:31:66:ab:ba:2f: c8:15:10:3e:bc:1c:d1:15:bd:ec:3c:91:91:3b:98: e4:44:ba:19:40:84:0d:83:bb:b2:61:9a:e5:90:be: 4b:ec:f8:e0:70:6a:2e:9d:ca:d2:b1:fa:9e:31:5b: cf:26:a5:10:45:11:c7:26:61:7b:d1:cf:0e:30:36: 4b:91:98:0c:1b:52:13:38:c3:2a:ce:b3:c9:91:95: 5f:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:65:54:0E:10:9D:3B:C8:43:2C:8D:E8:AF:F7:9E:E1:42:4E:7A:E2 X509v3 Authority Key Identifier: keyid:02:81:1C:31:D5:0C:91:FF:FD:5E:DA:68:B9:EF:81:C3:F9:E9:FB:12 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919188A/C96357CAAA9411EDB0774F45C4F9AE02/AoEcMdUMkf_9Xtpoue-Bw_np-xI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AoEcMdUMkf_9Xtpoue-Bw_np-xI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919188A/C96357CAAA9411EDB0774F45C4F9AE02/AoEcMdUMkf_9Xtpoue-Bw_np-xI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:a8:95:03:7a:d0:8f:7f:2e:a8:cd:37:c4:2e:8b:cd:23:90: ac:0e:81:3b:9e:e8:2f:84:dd:1a:b5:16:11:7f:5e:08:ee:f0: 0a:8a:18:4c:ee:f3:4e:bd:2f:c8:70:6b:69:49:61:05:19:32: ad:81:b0:08:c2:ce:1e:10:c4:e1:bd:1a:86:d7:20:d7:10:d9: a9:89:70:32:54:31:73:5d:fc:fb:51:bf:c8:72:62:2c:82:ad: 64:ec:df:a8:11:4f:bc:2f:33:09:a0:7f:03:ad:6c:3c:49:bd: 6b:d6:ea:ce:e2:51:27:37:87:f3:68:2b:0a:34:d5:b7:36:2f: b1:cb:13:4d:da:3b:e5:44:b2:6a:16:2e:03:69:0e:9f:44:3b: 4a:d4:ed:a6:2c:10:c1:d7:e7:f6:a7:66:55:4c:11:7f:e6:a2: 09:a4:a7:68:b9:ae:9d:88:ce:fe:63:e4:d9:ca:a8:0a:5d:b2: 07:fd:b6:d7:d1:0f:6d:30:35:60:37:87:47:e4:a9:86:1b:4d: ce:84:56:0c:c9:48:d5:62:1c:72:f3:b4:76:e2:71:93:86:3d: 20:28:bd:bb:4c:a8:09:8e:f9:7f:5e:d6:55:90:0f:b1:49:a9: b2:0e:f2:75:fc:66:78:8d:45:7c:05:ee:88:a8:74:6a:91:5f: d0:1f:2d:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTE4OEExMTAvBgNVBAUTKDAyODExQzMxRDUwQzkxRkZGRDVFREE2OEI5RUY4MUMz RjlFOUZCMTIwHhcNMjUwNTMxMDI1MjM4WhcNMjUwNjA3MDI1MjM4WjAYMRYwFAYD VQQDEw02ODNhNmVmNi1jOGMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtVL+BQLseDLPbVyMQyIyrjb/FW3AhAsFocTjep4RyatLfS0AJaosgX0cn8w1 6taTG7Pvyu3ado+wRx/qaoQZVrqh07vkxyL8Ypyysj9CuSAvTwtA5x8h3XNGIy0P 5YB1cEIDFAmv2fvppPLgzW+xnDQoX5wlnJ2Sfyy4as2rT/wwlrStDfTXxdLKWbJR WsqbkspOFov2QPpQhf8XHWQ4jnj1nGziN61ZFciroiHAMWarui/IFRA+vBzRFb3s PJGRO5jkRLoZQIQNg7uyYZrlkL5L7PjgcGouncrSsfqeMVvPJqUQRRHHJmF70c8O MDZLkZgMG1ITOMMqzrPJkZVflwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHBlVA4Q nTvIQyyN6K/3nuFCTnriMB8GA1UdIwQYMBaAFAKBHDHVDJH//V7aaLnvgcP56fsS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MTg4QS9DOTYzNTdDQUFB OTQxMUVEQjA3NzRGNDVDNEY5QUUwMi9Bb0VjTWRVTWtmXzlYdHBvdWUtQndfbnAt eEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0FvRWNNZFVNa2ZfOVh0cG91ZS1Cd19ucC14SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 MTg4QS9DOTYzNTdDQUFBOTQxMUVEQjA3NzRGNDVDNEY5QUUwMi9Bb0VjTWRVTWtm XzlYdHBvdWUtQndfbnAteEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAaqJUDetCPfy6ozTfELovNI5CsDoE7nugvhN0atRYRf14I7vAKihhM 7vNOvS/IcGtpSWEFGTKtgbAIws4eEMThvRqG1yDXENmpiXAyVDFzXfz7Ub/IcmIs gq1k7N+oEU+8LzMJoH8DrWw8Sb1r1urO4lEnN4fzaCsKNNW3Ni+xyxNN2jvlRLJq Fi4DaQ6fRDtK1O2mLBDB1+f2p2ZVTBF/5qIJpKdoua6diM7+Y+TZyqgKXbIH/bbX 0Q9tMDVgN4dH5KmGG03OhFYMyUjVYhxy87R24nGThj0gKL27TKgJjvl/XtZVkA+x SamyDvJ1/GZ4jUV8Be6IqHRqkV/QHy1E -----END CERTIFICATE-----Generated at Sat May 31 14:51:50 2025 by rpki-client