$ rpki-client -vvf rpki.apnic.net/member_repository/A91A2BD6/9C585DB0631511ECBA536969C4F9AE02/apjAwIy9NBmpCCuGDSm_qXL98qc.mft File: apjAwIy9NBmpCCuGDSm_qXL98qc.mft (raw, json) Hash identifier: EG3HX5HVb+C/iUJNg8QDvUS7uQEkK9tN47t6FVHiEO4= Subject key identifier: BE:6F:90:EB:C7:47:58:4E:0B:26:40:74:C3:1E:55:22:51:40:F7:29 Authority key identifier: 6A:98:C0:C0:8C:BD:34:19:A9:08:2B:86:0D:29:BF:A9:72:FD:F2:A7 Certificate issuer: /CN=A91A2BD6/serialNumber=6A98C0C08CBD3419A9082B860D29BFA972FDF2A7 Certificate serial: 042E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/apjAwIy9NBmpCCuGDSm_qXL98qc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A2BD6/9C585DB0631511ECBA536969C4F9AE02/apjAwIy9NBmpCCuGDSm_qXL98qc.mft Manifest number: 042A Signing time: Sat 31 May 2025 00:34:08 +0000 Manifest this update: Sat 31 May 2025 00:34:07 +0000 Manifest next update: Sat 07 Jun 2025 00:34:07 +0000 Files and hashes: 1: apjAwIy9NBmpCCuGDSm_qXL98qc.crl (hash: SWEUgAPUtIpal6+WLAAcX/CsIzwX+cLqshqNYv7zo4Y=) 2: 61B3CBDC631911ECAE6AA33DC4F9AE02.roa (hash: /+PqdcGfeQGq1JSsbPZ7utBGw8SAzSRzzxhLFAim1J0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A2BD6/9C585DB0631511ECBA536969C4F9AE02/apjAwIy9NBmpCCuGDSm_qXL98qc.crl rsync://rpki.apnic.net/member_repository/A91A2BD6/9C585DB0631511ECBA536969C4F9AE02/apjAwIy9NBmpCCuGDSm_qXL98qc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/apjAwIy9NBmpCCuGDSm_qXL98qc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:34:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1070 (0x42e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A2BD6, serialNumber=6A98C0C08CBD3419A9082B860D29BFA972FDF2A7 Validity Not Before: May 31 00:34:07 2025 GMT Not After : Jun 7 00:34:07 2025 GMT Subject: CN=683a4e80-1d13 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:7e:42:1c:5e:d1:0a:e2:f9:ce:b4:83:dc:22: 4e:87:86:4b:24:c5:5b:12:e2:9f:0f:24:14:84:80: 39:af:95:e5:79:d7:19:20:20:22:96:e6:37:3e:43: 31:67:b4:6a:b3:24:bb:a8:00:af:f6:99:df:5b:67: 1d:42:bb:76:2a:f1:de:2e:66:c4:a3:c8:6d:95:2b: 88:be:35:08:05:ce:c0:83:af:32:4c:cf:dc:14:44: 72:2c:87:cf:09:84:c8:37:3a:12:8a:77:ee:2c:e4: fa:74:fb:f4:bd:1d:e1:67:3b:2e:17:48:e9:20:0e: 35:61:c6:ea:8a:8f:57:ec:63:dd:2b:e7:c4:07:63: bd:f3:ba:72:90:d3:3b:9b:8b:f6:25:28:96:a8:b3: 3f:af:45:bd:c3:0e:f9:55:49:ea:90:0c:5f:2b:12: 28:d0:eb:62:cd:4e:bb:4f:6c:7e:5c:d2:76:ce:d5: 79:9e:e0:0f:a7:f0:de:0c:03:25:00:c7:4c:a1:6a: 53:51:60:83:a5:ec:6f:2a:af:6c:3c:38:3d:32:55: 17:c2:11:8a:8c:4c:4c:2e:78:b1:15:e7:81:a9:67: ef:3b:32:c3:19:96:8d:12:c0:1b:c2:68:96:4f:61: 68:23:1b:84:a6:43:52:f4:ed:44:7e:3b:9e:9b:9a: aa:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:6F:90:EB:C7:47:58:4E:0B:26:40:74:C3:1E:55:22:51:40:F7:29 X509v3 Authority Key Identifier: keyid:6A:98:C0:C0:8C:BD:34:19:A9:08:2B:86:0D:29:BF:A9:72:FD:F2:A7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A2BD6/9C585DB0631511ECBA536969C4F9AE02/apjAwIy9NBmpCCuGDSm_qXL98qc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/apjAwIy9NBmpCCuGDSm_qXL98qc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A2BD6/9C585DB0631511ECBA536969C4F9AE02/apjAwIy9NBmpCCuGDSm_qXL98qc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:4f:5f:3d:44:6f:a0:6f:df:a5:6e:2c:ae:4d:de:52:e0:13: 74:27:d4:4a:db:4d:3d:0f:f2:4f:a3:c5:56:36:40:9d:e1:78: 22:31:4f:41:fb:d4:54:6b:5b:f3:01:01:df:4f:9a:81:49:db: ac:03:3a:4e:35:49:59:27:68:ba:5c:0d:05:7a:56:d6:6c:6c: 1e:bd:fe:9b:25:9e:ca:e3:67:aa:5e:31:09:55:51:e5:eb:a7: 35:a3:10:86:c4:cc:55:45:eb:35:a7:8d:3c:e0:81:a5:e2:3a: 57:fc:eb:22:21:b2:60:c0:72:db:49:69:9f:73:d3:e8:48:e1: 1a:4d:ec:2a:26:f2:d3:80:87:1f:49:80:c5:68:a2:14:11:3e: e6:51:25:97:1e:43:3f:fe:a5:2a:d1:c9:40:c5:94:3d:1e:cf: 30:a8:64:b6:46:01:09:8b:96:c1:eb:66:ae:a5:c1:71:38:d3: fa:60:bc:56:39:7d:ff:63:c5:20:17:27:1d:2e:47:d5:5c:bc: 54:0f:2e:a8:23:b3:ce:be:9f:19:16:23:e5:b2:39:b0:df:bb: c7:c2:b5:7a:f8:02:ae:82:ca:9f:5c:0e:bc:57:7e:34:9d:d9: 80:b3:eb:03:88:fe:e7:44:1f:d2:e8:dc:54:47:d4:39:f2:8d: 74:db:00:26 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBC4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTJCRDYxMTAvBgNVBAUTKDZBOThDMEMwOENCRDM0MTlBOTA4MkI4NjBEMjlCRkE5 NzJGREYyQTcwHhcNMjUwNTMxMDAzNDA3WhcNMjUwNjA3MDAzNDA3WjAYMRYwFAYD VQQDEw02ODNhNGU4MC0xZDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz35CHF7RCuL5zrSD3CJOh4ZLJMVbEuKfDyQUhIA5r5XledcZICAiluY3PkMx Z7RqsyS7qACv9pnfW2cdQrt2KvHeLmbEo8htlSuIvjUIBc7Ag68yTM/cFERyLIfP CYTINzoSinfuLOT6dPv0vR3hZzsuF0jpIA41Ycbqio9X7GPdK+fEB2O987pykNM7 m4v2JSiWqLM/r0W9ww75VUnqkAxfKxIo0OtizU67T2x+XNJ2ztV5nuAPp/DeDAMl AMdMoWpTUWCDpexvKq9sPDg9MlUXwhGKjExMLnixFeeBqWfvOzLDGZaNEsAbwmiW T2FoIxuEpkNS9O1Efjuem5qquwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL5vkOvH R1hOCyZAdMMeVSJRQPcpMB8GA1UdIwQYMBaAFGqYwMCMvTQZqQgrhg0pv6ly/fKn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMkJENi85QzU4NURCMDYz MTUxMUVDQkE1MzY5NjlDNEY5QUUwMi9hcGpBd0l5OU5CbXBDQ3VHRFNtX3FYTDk4 cWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FwakF3SXk5TkJtcENDdUdEU21fcVhMOThxYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MkJENi85QzU4NURCMDYzMTUxMUVDQkE1MzY5NjlDNEY5QUUwMi9hcGpBd0l5OU5C bXBDQ3VHRFNtX3FYTDk4cWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAyT189RG+gb9+lbiyuTd5S4BN0J9RK2009D/JPo8VWNkCd4XgiMU9B +9RUa1vzAQHfT5qBSdusAzpONUlZJ2i6XA0FelbWbGwevf6bJZ7K42eqXjEJVVHl 66c1oxCGxMxVRes1p4084IGl4jpX/OsiIbJgwHLbSWmfc9PoSOEaTewqJvLTgIcf SYDFaKIUET7mUSWXHkM//qUq0clAxZQ9Hs8wqGS2RgEJi5bB62aupcFxONP6YLxW OX3/Y8UgFycdLkfVXLxUDy6oI7POvp8ZFiPlsjmw37vHwrV6+AKugsqfXA68V340 ndmAs+sDiP7nRB/S6NxUR9Q58o102wAm -----END CERTIFICATE-----Generated at Sat May 31 14:38:09 2025 by rpki-client