$ rpki-client -vvf rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft File: FION2NTh_gMXFCZnF24W4KW2hlE.mft (raw, json) Hash identifier: VJKKtbLBxlqlTda3hd3N4pDe0wdRt7s003jKhCSDgnM= Subject key identifier: 9B:6C:B4:15:B1:B6:9F:22:35:D9:44:9D:D6:51:A6:B9:F8:D5:A0:C5 Authority key identifier: 14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 Certificate issuer: /CN=A91991D9/serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Certificate serial: 0DE8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft Manifest number: 0DE1 Signing time: Wed 04 Jun 2025 17:52:47 +0000 Manifest this update: Wed 04 Jun 2025 17:52:47 +0000 Manifest next update: Wed 11 Jun 2025 17:52:47 +0000 Files and hashes: 1: FION2NTh_gMXFCZnF24W4KW2hlE.crl (hash: CELQDh/EuZFiTCmtRTjljtVbnaAjn+dlsN6qDNOrWjA=) 2: 14E68648B42D11E9A44FF25BC4F9AE02.roa (hash: +BalFw2CiL7uapLNj20tx3YBjmyA4tVc26LM7UMELNs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 17:52:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3560 (0xde8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91991D9, serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Validity Not Before: Jun 4 17:52:47 2025 GMT Not After : Jun 11 17:52:47 2025 GMT Subject: CN=684087ef-84f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:a8:9e:47:29:eb:c4:e5:34:e0:05:22:8f:44: ae:60:50:f7:ce:d5:46:8a:71:a1:0a:d2:33:a5:a7: 8f:5d:c9:ee:a3:53:08:8a:b3:c7:ac:eb:bc:84:46: 74:c0:b0:3a:98:5f:93:9d:6d:93:01:36:ca:5e:d1: a0:b6:e2:b5:d7:67:17:c4:25:c6:43:bd:11:8f:41: f7:d9:7e:26:4c:c5:99:f5:9f:09:31:58:8a:b3:3e: 4e:4a:68:b1:ab:bf:2c:f7:40:85:af:4c:e3:b1:eb: 7a:7b:f1:60:10:9e:d5:c7:d2:71:59:b4:de:a6:4f: ef:c8:e6:1f:f2:64:90:4b:45:39:d1:e2:e8:a2:42: 38:ea:c4:4f:96:e9:fe:1b:bf:ce:53:bd:1c:12:c3: db:fd:16:f5:9e:20:ac:9e:55:4c:d2:e5:9b:6f:58: 43:a7:9a:ab:44:b9:2d:d0:2f:b6:4a:65:37:c2:1b: 48:4e:1f:91:90:af:be:fd:d9:69:cd:b4:5e:a4:d1: 8b:3d:9e:ca:ac:c1:a2:ca:f5:dd:ac:a0:59:51:06: 05:8d:9b:6c:64:0a:0b:bd:c0:19:b4:0d:a9:c8:69: 14:c7:e3:d8:44:07:bc:a0:b1:fe:91:64:87:ea:a3: 30:0d:04:b9:3f:26:7d:d3:97:9d:b9:bf:9b:81:26: 23:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:6C:B4:15:B1:B6:9F:22:35:D9:44:9D:D6:51:A6:B9:F8:D5:A0:C5 X509v3 Authority Key Identifier: keyid:14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:83:64:54:f2:19:d1:e0:ec:0d:3e:ff:48:29:7e:be:54:7c: cb:35:15:5a:75:16:44:bc:93:0a:64:34:e1:20:a8:45:ac:28: c4:a8:04:26:d7:08:4e:08:aa:bf:b0:84:47:d9:e9:13:b6:10: 37:56:f3:c4:77:8c:6f:ed:54:f3:ee:34:e3:1b:ed:a3:23:48: e4:ec:41:0e:14:ad:dd:e6:49:e5:f2:42:4c:ae:0c:1c:73:30: 3d:3c:ca:8a:7e:1c:4a:d2:59:66:c9:0f:06:eb:68:01:ad:2d: 16:a4:52:4b:b3:22:ca:c8:0b:6b:93:4f:b1:b8:ee:74:70:99: cd:df:00:8c:34:23:7f:ec:11:10:f7:8c:83:65:1e:f7:e1:e5: 1f:82:9e:3f:0a:5f:01:2d:e1:dd:d4:ab:10:5d:e2:c5:3e:b7: 39:4e:5c:5d:ad:e7:63:9e:4e:99:ea:cb:e6:38:26:1d:4b:2b: 76:47:9e:d0:5f:c0:95:88:ca:53:3b:d8:13:bb:b7:e6:c1:7b: 0c:03:e4:40:98:61:30:46:61:a0:32:30:35:92:16:3a:a7:76: 13:da:2e:36:ea:75:b0:42:d5:2a:5f:8d:1b:cf:26:31:f3:c4: e3:55:19:3f:e8:df:3e:60:25:37:86:0a:f9:7b:46:2b:d1:07: f1:22:dd:90 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDegwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTkxRDkxMTAvBgNVBAUTKDE0ODM4REQ4RDRFMUZFMDMxNzE0MjY2NzE3NkUxNkUw QTVCNjg2NTEwHhcNMjUwNjA0MTc1MjQ3WhcNMjUwNjExMTc1MjQ3WjAYMRYwFAYD VQQDEw02ODQwODdlZi04NGY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApqieRynrxOU04AUij0SuYFD3ztVGinGhCtIzpaePXcnuo1MIirPHrOu8hEZ0 wLA6mF+TnW2TATbKXtGgtuK112cXxCXGQ70Rj0H32X4mTMWZ9Z8JMViKsz5OSmix q78s90CFr0zjset6e/FgEJ7Vx9JxWbTepk/vyOYf8mSQS0U50eLookI46sRPlun+ G7/OU70cEsPb/Rb1niCsnlVM0uWbb1hDp5qrRLkt0C+2SmU3whtITh+RkK++/dlp zbRepNGLPZ7KrMGiyvXdrKBZUQYFjZtsZAoLvcAZtA2pyGkUx+PYRAe8oLH+kWSH 6qMwDQS5PyZ905edub+bgSYjZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJtstBWx tp8iNdlEndZRprn41aDFMB8GA1UdIwQYMBaAFBSDjdjU4f4DFxQmZxduFuCltoZR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTFEOS8xQzNERDk2NkI0 MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9nTVhGQ1puRjI0VzRLVzJo bEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZJT04yTlRoX2dNWEZDWm5GMjRXNEtXMmhsRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OTFEOS8xQzNERDk2NkI0MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9n TVhGQ1puRjI0VzRLVzJobEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC6g2RU8hnR4OwNPv9IKX6+VHzLNRVadRZEvJMKZDThIKhFrCjEqAQm 1whOCKq/sIRH2ekTthA3VvPEd4xv7VTz7jTjG+2jI0jk7EEOFK3d5knl8kJMrgwc czA9PMqKfhxK0llmyQ8G62gBrS0WpFJLsyLKyAtrk0+xuO50cJnN3wCMNCN/7BEQ 94yDZR734eUfgp4/Cl8BLeHd1KsQXeLFPrc5Tlxdredjnk6Z6svmOCYdSyt2R57Q X8CViMpTO9gTu7fmwXsMA+RAmGEwRmGgMjA1khY6p3YT2i426nWwQtUqX40bzyYx 88TjVRk/6N8+YCU3hgr5e0Yr0QfxIt2Q -----END CERTIFICATE-----Generated at Thu Jun 5 19:52:40 2025 by rpki-client