$ rpki-client -vvf rpki.apnic.net/member_repository/A919A3CA/57D238028FA211EA8EC06E1CC4F9AE02/ips7kjmTluj8a4YwntVzMMlOEX0.mft File: ips7kjmTluj8a4YwntVzMMlOEX0.mft (raw, json) Hash identifier: oUu+tlyXuAXOy7N83NnucEsmZUqmcyunWGJryrfyeZI= Subject key identifier: 60:93:FF:9F:14:5A:72:9C:68:DD:56:46:C5:CC:9E:58:72:49:6C:A4 Authority key identifier: 8A:9B:3B:92:39:93:96:E8:FC:6B:86:30:9E:D5:73:30:C9:4E:11:7D Certificate issuer: /CN=A919A3CA/serialNumber=8A9B3B92399396E8FC6B86309ED57330C94E117D Certificate serial: 098C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ips7kjmTluj8a4YwntVzMMlOEX0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A3CA/57D238028FA211EA8EC06E1CC4F9AE02/ips7kjmTluj8a4YwntVzMMlOEX0.mft Manifest number: 0983 Signing time: Fri 30 May 2025 21:01:10 +0000 Manifest this update: Fri 30 May 2025 21:01:10 +0000 Manifest next update: Fri 06 Jun 2025 21:01:10 +0000 Files and hashes: 1: ips7kjmTluj8a4YwntVzMMlOEX0.crl (hash: 04eF/rjvXifCdOcncQaBxX8mO+efMB2Ci7sYuzfofR8=) 2: B972C58C8FA611EAB095C928C4F9AE02.roa (hash: pd0z6Py0ljyQXcBSw2555Qfaeo+rQ0qMyZ2LLvuE2Pc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A3CA/57D238028FA211EA8EC06E1CC4F9AE02/ips7kjmTluj8a4YwntVzMMlOEX0.crl rsync://rpki.apnic.net/member_repository/A919A3CA/57D238028FA211EA8EC06E1CC4F9AE02/ips7kjmTluj8a4YwntVzMMlOEX0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ips7kjmTluj8a4YwntVzMMlOEX0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2444 (0x98c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A3CA, serialNumber=8A9B3B92399396E8FC6B86309ED57330C94E117D Validity Not Before: May 30 21:01:10 2025 GMT Not After : Jun 6 21:01:10 2025 GMT Subject: CN=683a1c96-3738 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:47:cf:ae:0f:f3:95:90:40:cc:bc:dd:a7:c3: 66:91:50:0a:19:75:eb:0d:cd:d0:45:63:01:e4:1e: 4a:eb:69:4f:89:50:20:13:f2:d2:94:e2:e6:3c:3a: 1c:1e:ad:2c:26:02:bf:e0:ca:5a:9a:3f:ba:11:38: 60:f5:31:7a:c8:59:3c:c7:99:33:25:d8:f5:d9:21: ed:b6:54:97:38:7a:d5:01:2d:1a:e8:fc:07:0c:9a: 34:27:73:6a:89:f5:5d:f8:32:b8:13:fe:02:a9:ec: fd:cc:8c:fb:e4:d4:2d:bf:44:ad:38:b6:d3:73:06: 09:b3:3b:2f:15:05:1a:06:67:bc:12:9a:25:a0:af: 41:a9:29:c0:9c:15:62:61:cf:9d:2e:81:a5:34:f8: a5:a5:68:24:93:ed:66:48:04:ae:a1:c3:2b:ad:e0: 81:96:2b:e8:19:45:07:9a:68:ca:bf:90:61:04:e0: 70:5b:cb:41:7a:1c:25:c1:ea:0a:0a:9a:ec:95:1c: 71:ff:66:27:5a:c4:8a:3d:b9:71:86:7e:88:df:e7: 88:1c:b3:c4:d9:cc:bb:5d:80:c9:f0:15:eb:16:20: f6:1e:67:e0:0a:a2:7a:8c:6a:28:00:21:a2:43:14: 5f:b2:ff:a9:bd:21:0a:2e:20:f1:5f:c4:cc:12:dc: 8e:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:93:FF:9F:14:5A:72:9C:68:DD:56:46:C5:CC:9E:58:72:49:6C:A4 X509v3 Authority Key Identifier: keyid:8A:9B:3B:92:39:93:96:E8:FC:6B:86:30:9E:D5:73:30:C9:4E:11:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A3CA/57D238028FA211EA8EC06E1CC4F9AE02/ips7kjmTluj8a4YwntVzMMlOEX0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ips7kjmTluj8a4YwntVzMMlOEX0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A3CA/57D238028FA211EA8EC06E1CC4F9AE02/ips7kjmTluj8a4YwntVzMMlOEX0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c2:f6:0f:31:ea:7b:3a:fb:f8:6e:c4:f5:15:4f:10:26:1d:77: e1:26:72:7d:66:78:32:13:55:f0:3d:79:19:77:88:57:0a:25: 66:84:09:33:2e:76:bb:85:51:2f:13:5b:00:73:25:9e:7a:a3: be:b6:30:90:ac:91:2f:6c:be:78:b1:cc:18:ce:2d:aa:b2:1b: 06:29:d7:61:f0:da:78:13:c8:e7:27:46:3e:47:8b:6f:f5:e9: aa:03:6a:e9:8e:17:b6:d7:b3:de:f6:a8:5f:fb:d3:ea:80:85: 39:43:f1:5d:dc:8f:8b:ad:77:cc:c6:c0:e6:ec:eb:97:dc:13: de:2f:45:0e:3a:2b:ff:1e:b9:fa:61:e5:ce:1b:c1:68:f9:19: 6d:ab:ca:5c:7e:89:05:ab:1e:17:02:82:1e:93:a4:18:41:c8: 08:20:b4:cf:8b:92:1f:27:71:1e:83:b0:52:b7:e9:70:3f:e7: eb:fe:d9:b1:97:bf:e4:b8:bc:ff:3d:f0:91:98:67:af:a9:be: 01:20:9b:9c:b2:9a:5d:d4:76:f9:95:35:bb:c5:af:9d:d7:62: 9c:51:c2:a3:49:ff:c7:d2:9e:ee:7a:4a:a9:ab:f2:e2:1f:ac: 21:ed:84:05:f2:c4:a2:d9:3c:f2:45:e0:ad:42:ab:11:58:f1: ff:78:4e:25 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCYwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUEzQ0ExMTAvBgNVBAUTKDhBOUIzQjkyMzk5Mzk2RThGQzZCODYzMDlFRDU3MzMw Qzk0RTExN0QwHhcNMjUwNTMwMjEwMTEwWhcNMjUwNjA2MjEwMTEwWjAYMRYwFAYD VQQDEw02ODNhMWM5Ni0zNzM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw0fPrg/zlZBAzLzdp8NmkVAKGXXrDc3QRWMB5B5K62lPiVAgE/LSlOLmPDoc Hq0sJgK/4Mpamj+6EThg9TF6yFk8x5kzJdj12SHttlSXOHrVAS0a6PwHDJo0J3Nq ifVd+DK4E/4Cqez9zIz75NQtv0StOLbTcwYJszsvFQUaBme8EpoloK9BqSnAnBVi Yc+dLoGlNPilpWgkk+1mSASuocMrreCBlivoGUUHmmjKv5BhBOBwW8tBehwlweoK CprslRxx/2YnWsSKPblxhn6I3+eIHLPE2cy7XYDJ8BXrFiD2HmfgCqJ6jGooACGi QxRfsv+pvSEKLiDxX8TMEtyOowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGCT/58U WnKcaN1WRsXMnlhySWykMB8GA1UdIwQYMBaAFIqbO5I5k5bo/GuGMJ7VczDJThF9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTNDQS81N0QyMzgwMjhG QTIxMUVBOEVDMDZFMUNDNEY5QUUwMi9pcHM3a2ptVGx1ajhhNFl3bnRWek1NbE9F WDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lwczdram1UbHVqOGE0WXdudFZ6TU1sT0VYMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QTNDQS81N0QyMzgwMjhGQTIxMUVBOEVDMDZFMUNDNEY5QUUwMi9pcHM3a2ptVGx1 ajhhNFl3bnRWek1NbE9FWDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDC9g8x6ns6+/huxPUVTxAmHXfhJnJ9ZngyE1XwPXkZd4hXCiVmhAkz Lna7hVEvE1sAcyWeeqO+tjCQrJEvbL54scwYzi2qshsGKddh8Np4E8jnJ0Y+R4tv 9emqA2rpjhe217Pe9qhf+9PqgIU5Q/Fd3I+LrXfMxsDm7OuX3BPeL0UOOiv/Hrn6 YeXOG8Fo+Rltq8pcfokFqx4XAoIek6QYQcgIILTPi5IfJ3Eeg7BSt+lwP+fr/tmx l7/kuLz/PfCRmGevqb4BIJucsppd1Hb5lTW7xa+d12KcUcKjSf/H0p7uekqpq/Li H6wh7YQF8sSi2TzyReCtQqsRWPH/eE4l -----END CERTIFICATE-----Generated at Sat May 31 16:14:25 2025 by rpki-client