$ rpki-client -vvf rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft File: kDfAsp43CSqDhSzkuIW3dqfB47Y.mft (raw, json) Hash identifier: h3W3ZhYYlW/ZWAPEo6l7NzsZ6tWFZd0pVRjI0GxupBY= Subject key identifier: 93:2F:34:DF:0C:42:23:B4:F5:19:A8:38:A5:D9:F4:40:4C:EF:1C:EA Authority key identifier: 90:37:C0:B2:9E:37:09:2A:83:85:2C:E4:B8:85:B7:76:A7:C1:E3:B6 Certificate issuer: /CN=A91957D1/serialNumber=9037C0B29E37092A83852CE4B885B776A7C1E3B6 Certificate serial: 011A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDfAsp43CSqDhSzkuIW3dqfB47Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft Manifest number: 0117 Signing time: Sat 31 May 2025 04:30:05 +0000 Manifest this update: Sat 31 May 2025 04:30:04 +0000 Manifest next update: Sat 07 Jun 2025 04:30:04 +0000 Files and hashes: 1: kDfAsp43CSqDhSzkuIW3dqfB47Y.crl (hash: RPhNqJPpzQQKsVCkt6b6ZBer/7LEJYNvoH2YBqpx50k=) 2: 72CE4D80958411EEB3748B58C4F9AE02.roa (hash: iKey44OboTB8NilxUb2DzRzq18OyDEY6fi5JIxPzxK0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.crl rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDfAsp43CSqDhSzkuIW3dqfB47Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 04:30:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 282 (0x11a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91957D1, serialNumber=9037C0B29E37092A83852CE4B885B776A7C1E3B6 Validity Not Before: May 31 04:30:04 2025 GMT Not After : Jun 7 04:30:04 2025 GMT Subject: CN=683a85cd-9cb7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:9b:24:b6:db:e4:2d:fa:ef:00:d9:71:34:91: 2f:72:6a:6b:99:67:ef:29:5d:72:bd:bb:bf:e1:b6: 52:d6:75:0a:19:ae:88:ca:92:32:40:8d:12:8b:e5: 12:a3:50:07:19:cc:5a:e0:06:25:74:83:eb:9e:20: 5a:e6:96:50:08:d3:ef:de:58:a6:60:d3:6a:e0:e7: be:86:9e:1e:15:6f:37:db:1b:c9:ab:11:18:bc:d6: 9f:a5:16:7e:68:42:74:9d:7f:a2:87:5b:02:ad:23: d9:d4:39:f4:7b:be:0b:e3:d5:c6:d3:42:b0:2d:ac: 68:f0:db:6d:86:0b:40:57:65:11:45:0a:29:e4:fe: 01:87:23:b8:84:91:ad:5e:b5:17:f7:f1:3e:36:15: 4c:d7:b7:ed:a6:f7:01:c3:be:30:26:41:1f:bd:f8: 56:15:cd:2a:58:7c:a5:74:bf:21:da:e2:79:8f:1d: 62:66:64:75:23:ac:e9:5c:21:9e:8e:ad:29:13:c1: 93:43:cb:fc:5e:86:ee:eb:eb:21:59:d4:c2:4c:74: c2:c6:75:3d:e0:7a:53:43:d9:97:ad:49:0f:cc:1d: 56:d4:7b:2b:b4:fa:a2:5d:4d:4d:f0:cf:27:62:ce: 51:49:31:de:cf:03:49:6a:1a:54:e4:f0:5c:ee:45: 31:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:2F:34:DF:0C:42:23:B4:F5:19:A8:38:A5:D9:F4:40:4C:EF:1C:EA X509v3 Authority Key Identifier: keyid:90:37:C0:B2:9E:37:09:2A:83:85:2C:E4:B8:85:B7:76:A7:C1:E3:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDfAsp43CSqDhSzkuIW3dqfB47Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:84:d5:44:f0:26:54:d9:23:dd:b3:47:49:eb:82:e9:2a:ef: 09:56:5e:8c:64:f7:14:15:87:fb:e4:5c:36:28:27:01:af:54: 53:66:51:20:1c:d0:4b:21:0e:fb:75:b6:62:8e:5a:a2:e4:7b: 70:b7:89:87:93:5e:8e:78:01:15:71:a4:dc:f6:de:39:95:74: 51:f1:ae:85:63:42:62:6d:fb:db:ea:1c:29:50:4e:3a:6b:c2: 92:c5:fe:85:0d:73:3d:4b:81:fc:ae:9c:04:da:13:0c:44:83: 9b:54:8d:a0:26:92:3a:ba:27:66:98:e8:77:bd:aa:c5:0b:1c: 56:96:22:fe:6c:e0:b7:55:22:32:f5:6a:58:89:03:2c:bf:e2: 7a:8f:e8:46:a1:25:74:c2:9c:9e:7a:d7:13:e1:25:f9:13:c0: cf:54:f0:ca:0a:05:93:25:d4:6f:78:cf:52:89:06:fc:81:92: 68:d3:45:3d:d1:2b:8d:9b:a8:02:c7:9a:87:0b:da:40:28:e6: ee:e9:6f:a0:0d:0c:64:e1:7f:f1:c2:f0:1c:d9:31:db:9b:60: 76:75:b2:73:f2:9d:70:d4:07:5e:a2:5d:a8:fe:a1:7c:b0:ea: a0:7b:8e:02:f7:88:6c:d6:6e:ae:0b:50:55:cb:e1:35:92:52: 3a:f1:84:08 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICARowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTU3RDExMTAvBgNVBAUTKDkwMzdDMEIyOUUzNzA5MkE4Mzg1MkNFNEI4ODVCNzc2 QTdDMUUzQjYwHhcNMjUwNTMxMDQzMDA0WhcNMjUwNjA3MDQzMDA0WjAYMRYwFAYD VQQDEw02ODNhODVjZC05Y2I3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAppskttvkLfrvANlxNJEvcmprmWfvKV1yvbu/4bZS1nUKGa6IypIyQI0Si+US o1AHGcxa4AYldIPrniBa5pZQCNPv3limYNNq4Oe+hp4eFW832xvJqxEYvNafpRZ+ aEJ0nX+ih1sCrSPZ1Dn0e74L49XG00KwLaxo8NtthgtAV2URRQop5P4BhyO4hJGt XrUX9/E+NhVM17ftpvcBw74wJkEfvfhWFc0qWHyldL8h2uJ5jx1iZmR1I6zpXCGe jq0pE8GTQ8v8Xobu6+shWdTCTHTCxnU94HpTQ9mXrUkPzB1W1HsrtPqiXU1N8M8n Ys5RSTHezwNJahpU5PBc7kUxiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJMvNN8M QiO09RmoOKXZ9EBM7xzqMB8GA1UdIwQYMBaAFJA3wLKeNwkqg4Us5LiFt3anweO2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTdEMS9GMDUzNzc5NDkz QkQxMUVFODFGODBBNTJDNEY5QUUwMi9rRGZBc3A0M0NTcURoU3prdUlXM2RxZkI0 N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tEZkFzcDQzQ1NxRGhTemt1SVczZHFmQjQ3WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NTdEMS9GMDUzNzc5NDkzQkQxMUVFODFGODBBNTJDNEY5QUUwMi9rRGZBc3A0M0NT cURoU3prdUlXM2RxZkI0N1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCqhNVE8CZU2SPds0dJ64LpKu8JVl6MZPcUFYf75Fw2KCcBr1RTZlEg HNBLIQ77dbZijlqi5Htwt4mHk16OeAEVcaTc9t45lXRR8a6FY0Jibfvb6hwpUE46 a8KSxf6FDXM9S4H8rpwE2hMMRIObVI2gJpI6uidmmOh3varFCxxWliL+bOC3VSIy 9WpYiQMsv+J6j+hGoSV0wpyeetcT4SX5E8DPVPDKCgWTJdRveM9SiQb8gZJo00U9 0SuNm6gCx5qHC9pAKObu6W+gDQxk4X/xwvAc2THbm2B2dbJz8p1w1Adeol2o/qF8 sOqge44C94hs1m6uC1BVy+E1klI68YQI -----END CERTIFICATE-----Generated at Sat May 31 17:39:16 2025 by rpki-client