$ rpki-client -vvf rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft File: L9JLb9eYBEVzVDhmYs4w3aOyALU.mft (raw, json) Hash identifier: buK4yHkS8xKmycQtlspItBhrx4O935PPV8hhSxCmewY= Subject key identifier: F1:93:2A:E8:A4:75:AB:FF:B7:1E:95:15:CD:C1:2E:6A:43:1E:D8:A7 Authority key identifier: 2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5 Certificate issuer: /CN=A91A29DA/serialNumber=2FD24B6FD79804457354386662CE30DDA3B200B5 Certificate serial: EB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft Manifest number: E9 Signing time: Tue 03 Jun 2025 05:05:38 +0000 Manifest this update: Tue 03 Jun 2025 05:05:38 +0000 Manifest next update: Tue 10 Jun 2025 05:05:38 +0000 Files and hashes: 1: L9JLb9eYBEVzVDhmYs4w3aOyALU.crl (hash: gCkNCV5fInCvyfhAmsdNoLp4b1l8papfT+r0Hrn2BHQ=) 2: AE2FD9C4DA5411EE83E9E67EC4F9AE02.roa (hash: tK5HTPbAj/ZNMX+j7tcaCGQxo/xqwq0UKtlHWscWUVg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.crl rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 05:05:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 235 (0xeb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A29DA, serialNumber=2FD24B6FD79804457354386662CE30DDA3B200B5 Validity Not Before: Jun 3 05:05:38 2025 GMT Not After : Jun 10 05:05:38 2025 GMT Subject: CN=683e82a2-7d76 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:ab:88:93:d8:d2:0b:68:e7:01:34:70:b3:f6: b6:6c:81:7e:24:43:a7:d7:a7:76:fa:ba:be:f0:4f: 13:e8:2a:b0:72:54:4f:e7:02:1f:dd:a4:46:3e:c0: 1e:3b:57:9e:53:e0:3c:26:95:b4:16:cb:18:ad:bb: b0:92:c3:17:85:36:80:90:c1:f4:1a:c8:a0:17:0d: f7:ee:d3:ce:f8:1e:66:89:25:85:dd:c6:a4:55:be: 2e:45:71:ed:d5:b0:eb:a9:5d:e9:cd:a4:0c:2f:7a: d8:e7:d4:e2:fb:e7:3b:d1:36:69:93:20:f8:3b:db: 31:d9:eb:8f:8b:fc:a6:60:59:e2:5a:fe:22:f4:f9: 9c:00:62:dd:6d:fe:e0:e0:01:1b:fc:36:bf:76:ab: 26:c2:2c:82:1d:ab:3f:bc:54:2b:c5:37:21:8f:16: c5:3c:9c:e0:1d:f2:a7:75:12:00:25:48:92:82:21: f4:dc:ce:d1:30:4f:aa:68:d1:b4:41:3a:af:45:7d: 99:74:db:3b:d5:1a:f2:d4:3d:66:96:cd:b9:f6:4b: ac:72:6c:e3:d3:df:f4:1b:a8:1f:22:c6:cd:74:d7: 7a:84:a1:e4:8e:ff:6a:c9:62:56:c1:00:2c:a6:8f: 1f:45:cd:1d:48:41:71:56:a3:71:58:8b:a3:55:fd: a5:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:93:2A:E8:A4:75:AB:FF:B7:1E:95:15:CD:C1:2E:6A:43:1E:D8:A7 X509v3 Authority Key Identifier: keyid:2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:1e:f2:89:ca:b7:90:28:ed:c7:00:d5:1e:a1:6f:1e:67:35: d1:7c:73:7f:ef:73:ce:1c:35:1f:6f:5a:af:b5:b2:e2:da:55: e7:9e:f8:8b:6b:93:5d:8d:90:15:82:95:85:b5:c9:f6:31:08: ce:ce:c1:56:8f:99:46:6a:a1:3a:3f:a8:f1:02:00:c5:c0:3d: 8d:2b:ae:c5:1f:8d:d5:b7:8f:ef:2f:61:c4:5b:de:4a:87:cc: 56:36:41:22:3e:de:fc:d4:72:e8:24:36:2e:4c:c7:36:48:eb: ae:1d:9e:94:c9:e0:cb:1a:70:ce:3c:e5:d3:a3:48:40:c9:60: 25:85:71:28:6f:89:1f:83:02:e8:d9:cb:7e:d6:19:99:a7:34: 4d:ec:9a:b8:4e:0e:6a:78:15:6f:39:ff:25:78:99:5e:88:1d: 31:bf:43:ce:79:c3:8a:f9:ec:f3:65:d6:c1:1e:90:66:06:b3: 81:88:4e:14:cc:6a:02:8a:25:1b:00:0e:5a:6c:29:a4:64:8b: e4:d2:e4:4f:2f:aa:16:dd:c8:56:da:c7:83:82:8d:9a:7e:37: bb:60:f6:f7:2d:6e:df:8e:29:21:4a:6f:aa:0d:c1:74:ff:e2: ad:28:6b:2e:60:43:8d:2c:8f:04:43:88:cc:3b:ed:2b:bd:84: 11:21:50:e2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTI5REExMTAvBgNVBAUTKDJGRDI0QjZGRDc5ODA0NDU3MzU0Mzg2NjYyQ0UzMERE QTNCMjAwQjUwHhcNMjUwNjAzMDUwNTM4WhcNMjUwNjEwMDUwNTM4WjAYMRYwFAYD VQQDEw02ODNlODJhMi03ZDc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1quIk9jSC2jnATRws/a2bIF+JEOn16d2+rq+8E8T6CqwclRP5wIf3aRGPsAe O1eeU+A8JpW0FssYrbuwksMXhTaAkMH0GsigFw337tPO+B5miSWF3cakVb4uRXHt 1bDrqV3pzaQML3rY59Ti++c70TZpkyD4O9sx2euPi/ymYFniWv4i9PmcAGLdbf7g 4AEb/Da/dqsmwiyCHas/vFQrxTchjxbFPJzgHfKndRIAJUiSgiH03M7RME+qaNG0 QTqvRX2ZdNs71Rry1D1mls259kuscmzj09/0G6gfIsbNdNd6hKHkjv9qyWJWwQAs po8fRc0dSEFxVqNxWIujVf2lvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPGTKuik dav/tx6VFc3BLmpDHtinMB8GA1UdIwQYMBaAFC/SS2/XmARFc1Q4ZmLOMN2jsgC1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMjlEQS8zNEI1QjUxNERB NTQxMUVFODI3Q0E1N0RDNEY5QUUwMi9MOUpMYjllWUJFVnpWRGhtWXM0dzNhT3lB TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0w5SkxiOWVZQkVWelZEaG1ZczR3M2FPeUFMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MjlEQS8zNEI1QjUxNERBNTQxMUVFODI3Q0E1N0RDNEY5QUUwMi9MOUpMYjllWUJF VnpWRGhtWXM0dzNhT3lBTFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB0HvKJyreQKO3HANUeoW8eZzXRfHN/73POHDUfb1qvtbLi2lXnnviL a5NdjZAVgpWFtcn2MQjOzsFWj5lGaqE6P6jxAgDFwD2NK67FH43Vt4/vL2HEW95K h8xWNkEiPt781HLoJDYuTMc2SOuuHZ6UyeDLGnDOPOXTo0hAyWAlhXEob4kfgwLo 2ct+1hmZpzRN7Jq4Tg5qeBVvOf8leJleiB0xv0POecOK+ezzZdbBHpBmBrOBiE4U zGoCiiUbAA5abCmkZIvk0uRPL6oW3chW2seDgo2afje7YPb3LW7fjikhSm+qDcF0 /+KtKGsuYEONLI8EQ4jMO+0rvYQRIVDi -----END CERTIFICATE-----Generated at Tue Jun 3 23:44:35 2025 by rpki-client