$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft File: 0hsNWsWvkZAPUK2WADMT5R7WChA.mft (raw, json) Hash identifier: m8aaav0RZIzq/7DdkTnux76yF8WJ/mhNAWuzFKd12qg= Subject key identifier: 68:0B:F9:EC:52:C4:DB:03:26:26:70:ED:C9:99:06:D6:8F:7E:F1:DE Authority key identifier: D2:1B:0D:5A:C5:AF:91:90:0F:50:AD:96:00:33:13:E5:1E:D6:0A:10 Certificate issuer: /CN=A91A0E9D/serialNumber=D21B0D5AC5AF91900F50AD96003313E51ED60A10 Certificate serial: 81 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft Manifest number: 78 Signing time: Sat 31 May 2025 06:27:51 +0000 Manifest this update: Sat 31 May 2025 06:27:51 +0000 Manifest next update: Sat 07 Jun 2025 06:27:50 +0000 Files and hashes: 1: 0hsNWsWvkZAPUK2WADMT5R7WChA.crl (hash: ptBKBEMcJAT78rLAUoBFqOnCVGPFK7+f31HMoiQk9ao=) 2: 3996C94896D211EF924C486FC4F9AE02.roa (hash: jPKROmghkPyJWap1Ck0b+pE8AGKhobQAaRNerFhIWOA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.crl rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 06:27:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 129 (0x81) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A0E9D, serialNumber=D21B0D5AC5AF91900F50AD96003313E51ED60A10 Validity Not Before: May 31 06:27:51 2025 GMT Not After : Jun 7 06:27:50 2025 GMT Subject: CN=683aa167-b4e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:0b:80:ba:b5:e8:8f:15:d2:8d:ce:70:eb:94: f9:5e:1d:cd:0c:5c:79:86:6f:25:cc:3e:f7:97:ac: 81:6a:fa:9f:34:31:17:ff:6f:f5:33:7f:4f:22:36: 72:a8:a7:7b:e6:ff:08:59:8b:de:17:35:6c:45:56: 20:ea:01:52:d4:be:2e:3d:21:61:95:94:10:f4:9c: 2e:8f:db:81:14:dc:a5:8e:28:d5:ce:7e:b2:3b:37: 09:0d:19:4a:74:c9:aa:64:71:28:11:af:e9:7f:98: a2:1b:99:17:e7:a0:68:7f:00:cd:18:56:6e:af:60: b8:f4:9b:ce:d3:30:89:6b:31:bf:b2:ed:07:85:ee: 98:dc:bc:ae:bb:a5:6f:ff:52:a1:35:1b:06:9b:1c: 0e:c9:f9:d9:e3:7c:f8:bd:82:26:77:ee:81:2d:86: 0c:a6:f0:73:ac:7f:8f:8a:40:4d:10:64:fb:37:3c: 2e:f2:64:3f:35:a9:3e:b6:e7:ab:52:4a:e7:1f:7b: a8:f3:42:79:93:fb:d1:8e:c6:96:de:24:43:68:7c: 0d:86:02:ae:dc:2b:ee:06:0a:c3:8b:07:eb:3a:61: 29:5e:ee:7e:7f:9c:c9:b7:f0:3f:67:e8:a1:cf:f7: 27:18:c3:50:49:5e:81:c8:50:25:40:d4:49:63:99: 15:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:0B:F9:EC:52:C4:DB:03:26:26:70:ED:C9:99:06:D6:8F:7E:F1:DE X509v3 Authority Key Identifier: keyid:D2:1B:0D:5A:C5:AF:91:90:0F:50:AD:96:00:33:13:E5:1E:D6:0A:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:b7:3a:49:23:6a:14:07:ef:39:89:d9:1d:bb:7c:7c:43:0e: 6f:74:d5:fe:77:8a:9a:70:83:d8:64:0f:4d:57:77:b0:dd:cf: ea:06:70:77:d8:5e:e4:3d:43:71:e7:99:21:14:9b:f3:93:1e: 1a:c1:2e:24:1b:ad:49:05:8f:ac:6d:32:48:3c:e0:92:21:4c: df:9b:73:0d:e5:d0:8b:30:67:0c:90:c5:ed:24:18:f0:6a:74: 45:02:06:76:36:ec:f3:e5:cb:39:b6:bc:f7:2a:76:ec:a7:17: 9d:62:1a:81:09:cd:e3:18:df:5a:41:e7:93:13:3d:1c:5d:5c: 47:5e:1d:a8:88:60:fe:e2:a3:e6:04:0b:7d:9a:bd:b6:d9:77: a9:d8:cc:72:99:b5:8f:f5:c3:5b:e4:1a:73:0e:8b:9b:ad:fa: c4:5e:bc:cd:88:dd:5b:aa:b5:45:be:88:2e:57:8c:ab:2e:5f: cb:cf:d0:a6:5a:b1:3b:9a:41:08:a2:78:06:b6:83:07:f9:3c: 09:c2:a6:9b:93:ce:a8:ba:c6:61:bc:e9:93:75:50:0f:af:e8: 7d:ac:47:a4:f1:0b:29:b6:a0:cf:b6:8e:52:fd:6d:17:ad:f4: 4c:40:dd:ea:f8:ab:42:16:40:31:ec:68:5d:70:73:22:58:d1: 65:da:c5:9f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTBFOUQxMTAvBgNVBAUTKEQyMUIwRDVBQzVBRjkxOTAwRjUwQUQ5NjAwMzMxM0U1 MUVENjBBMTAwHhcNMjUwNTMxMDYyNzUxWhcNMjUwNjA3MDYyNzUwWjAYMRYwFAYD VQQDEw02ODNhYTE2Ny1iNGU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuAuAurXojxXSjc5w65T5Xh3NDFx5hm8lzD73l6yBavqfNDEX/2/1M39PIjZy qKd75v8IWYveFzVsRVYg6gFS1L4uPSFhlZQQ9Jwuj9uBFNyljijVzn6yOzcJDRlK dMmqZHEoEa/pf5iiG5kX56BofwDNGFZur2C49JvO0zCJazG/su0Hhe6Y3Lyuu6Vv /1KhNRsGmxwOyfnZ43z4vYImd+6BLYYMpvBzrH+PikBNEGT7Nzwu8mQ/Nak+tuer UkrnH3uo80J5k/vRjsaW3iRDaHwNhgKu3CvuBgrDiwfrOmEpXu5+f5zJt/A/Z+ih z/cnGMNQSV6ByFAlQNRJY5kVrwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGgL+exS xNsDJiZw7cmZBtaPfvHeMB8GA1UdIwQYMBaAFNIbDVrFr5GQD1CtlgAzE+Ue1goQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMEU5RC85NTY5QURCNDk1 REIxMUVGQTRFMkZCNDVDNEY5QUUwMi8waHNOV3NXdmtaQVBVSzJXQURNVDVSN1dD aEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzBoc05Xc1d2a1pBUFVLMldBRE1UNVI3V0NoQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MEU5RC85NTY5QURCNDk1REIxMUVGQTRFMkZCNDVDNEY5QUUwMi8waHNOV3NXdmta QVBVSzJXQURNVDVSN1dDaEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFtzpJI2oUB+85idkdu3x8Qw5vdNX+d4qacIPYZA9NV3ew3c/qBnB3 2F7kPUNx55khFJvzkx4awS4kG61JBY+sbTJIPOCSIUzfm3MN5dCLMGcMkMXtJBjw anRFAgZ2Nuzz5cs5trz3KnbspxedYhqBCc3jGN9aQeeTEz0cXVxHXh2oiGD+4qPm BAt9mr222Xep2MxymbWP9cNb5BpzDoubrfrEXrzNiN1bqrVFvoguV4yrLl/Lz9Cm WrE7mkEIongGtoMH+TwJwqabk86ousZhvOmTdVAPr+h9rEek8QsptqDPto5S/W0X rfRMQN3q+KtCFkAx7GhdcHMiWNFl2sWf -----END CERTIFICATE-----Generated at Sat May 31 16:55:00 2025 by rpki-client