$ rpki-client -vvf rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft File: iOe1QfQimNbptRZdllJGzBzB9aI.mft (raw, json) Hash identifier: LO67XYv0QP4/4hwhOEUwla+Gv9DqYPy5d72iXwWntYQ= Subject key identifier: 2F:4E:CE:DB:C2:B5:CC:76:7F:BA:48:D6:4A:5D:6E:EE:F0:99:B0:1C Authority key identifier: 88:E7:B5:41:F4:22:98:D6:E9:B5:16:5D:96:52:46:CC:1C:C1:F5:A2 Certificate issuer: /CN=A91A9D0F/serialNumber=88E7B541F42298D6E9B5165D965246CC1CC1F5A2 Certificate serial: 0F63 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iOe1QfQimNbptRZdllJGzBzB9aI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft Manifest number: 0F28 Signing time: Mon 02 Jun 2025 17:49:58 +0000 Manifest this update: Mon 02 Jun 2025 17:49:57 +0000 Manifest next update: Mon 09 Jun 2025 17:49:57 +0000 Files and hashes: 1: iOe1QfQimNbptRZdllJGzBzB9aI.crl (hash: 6iPl3mi6/WFlIRLPlA+pOXeolA6ohQnnCfliWBzER5c=) 2: 13C1EDA8767911EE9A957930C4F9AE02.roa (hash: rMgdKojSnMQn5zP9ArOeE344pCaixcohoQsewhOoy54=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.crl rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iOe1QfQimNbptRZdllJGzBzB9aI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 17:49:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3939 (0xf63) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A9D0F, serialNumber=88E7B541F42298D6E9B5165D965246CC1CC1F5A2 Validity Not Before: Jun 2 17:49:57 2025 GMT Not After : Jun 9 17:49:57 2025 GMT Subject: CN=683de446-0a0e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:98:5f:28:98:d3:35:6f:a2:b5:22:5d:46:75: 28:56:61:13:8e:a7:2b:9f:98:84:92:ef:ee:b4:1c: 67:34:8e:0f:7a:ec:9b:83:92:a7:4e:00:35:17:b7: a6:3d:6f:08:b7:23:f3:55:93:41:89:bf:b2:c8:aa: 0d:44:6d:cd:f7:be:2e:ed:4b:78:9b:3a:b5:f2:21: d6:d7:ad:4c:ec:18:a7:d7:c2:1f:91:a4:0c:a5:27: 17:ce:55:67:d7:0b:ab:42:77:35:7e:b5:fb:06:f2: 38:16:b0:66:52:d2:8f:d0:1a:20:59:fe:92:22:c2: a3:0f:83:c5:e5:34:5b:02:3a:13:6a:cc:14:91:0a: 4b:59:93:80:08:a8:42:76:18:2c:83:13:69:ba:e5: c1:e3:3d:9e:f4:fe:64:47:48:f7:88:29:e5:f1:d1: a6:6a:8c:52:c9:dd:46:75:c5:0d:ff:f8:a2:66:bd: 05:15:63:6d:0a:bf:67:2c:e5:74:cf:c2:dd:d3:3f: ca:28:55:29:67:80:de:98:a3:ed:33:cc:80:1a:a6: d8:59:73:99:d9:7e:ef:39:17:62:93:6e:26:7d:ae: e1:dd:01:43:42:e3:65:72:08:37:64:cb:34:a2:56: 3d:b2:90:bc:e3:21:39:a1:7d:1b:83:af:2f:f7:d6: 0d:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:4E:CE:DB:C2:B5:CC:76:7F:BA:48:D6:4A:5D:6E:EE:F0:99:B0:1C X509v3 Authority Key Identifier: keyid:88:E7:B5:41:F4:22:98:D6:E9:B5:16:5D:96:52:46:CC:1C:C1:F5:A2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iOe1QfQimNbptRZdllJGzBzB9aI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A9D0F/74BE38D680CF11E9ACD71B50C4F9AE02/iOe1QfQimNbptRZdllJGzBzB9aI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:f2:60:b9:ae:c4:8f:d7:f9:c2:1f:dc:32:d7:f7:d2:d4:5b: 04:a2:9c:60:d4:db:18:da:b9:46:17:6e:25:f7:32:48:a3:8b: a6:c6:70:99:3b:d2:79:a5:03:5e:08:d4:f3:d4:bb:3f:d9:37: 86:7e:d1:64:af:cc:0a:02:d7:d6:d5:c2:61:4b:22:1d:51:f6: 8e:f1:6b:b0:d8:35:20:1a:ba:5d:ef:8d:1a:4c:1b:75:ac:43: 69:27:76:65:b4:4d:29:92:d2:cc:8e:43:50:34:7e:5c:97:7d: 36:11:aa:a6:43:b1:11:4a:f2:b5:ea:02:bc:96:b4:90:50:3e: 34:95:24:da:b1:68:05:52:ab:ad:5e:23:de:7d:42:d2:13:a0: 2c:3d:5b:ba:58:0c:45:c4:42:03:ef:51:ea:84:08:b4:2d:b2: e8:01:34:22:23:f8:4e:9d:a4:ee:6d:ce:22:97:fe:6b:46:75: 71:22:0a:66:84:36:9a:20:75:86:5f:f1:92:27:4d:bc:37:6c: d4:e8:cb:e6:cb:8d:83:bd:bd:4e:40:32:38:a5:05:c4:7d:6e: 2d:0a:0b:d8:3f:11:a8:a9:e5:fc:ea:30:87:f8:25:60:ba:6e: ea:8f:4e:bf:d4:63:6e:f2:81:e4:da:b5:c5:d3:8e:95:52:4c: c6:05:cf:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTlEMEYxMTAvBgNVBAUTKDg4RTdCNTQxRjQyMjk4RDZFOUI1MTY1RDk2NTI0NkND MUNDMUY1QTIwHhcNMjUwNjAyMTc0OTU3WhcNMjUwNjA5MTc0OTU3WjAYMRYwFAYD VQQDEw02ODNkZTQ0Ni0wYTBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuphfKJjTNW+itSJdRnUoVmETjqcrn5iEku/utBxnNI4Peuybg5KnTgA1F7em PW8ItyPzVZNBib+yyKoNRG3N974u7Ut4mzq18iHW161M7Bin18IfkaQMpScXzlVn 1wurQnc1frX7BvI4FrBmUtKP0BogWf6SIsKjD4PF5TRbAjoTaswUkQpLWZOACKhC dhgsgxNpuuXB4z2e9P5kR0j3iCnl8dGmaoxSyd1GdcUN//iiZr0FFWNtCr9nLOV0 z8Ld0z/KKFUpZ4DemKPtM8yAGqbYWXOZ2X7vORdik24mfa7h3QFDQuNlcgg3ZMs0 olY9spC84yE5oX0bg68v99YN7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC9OztvC tcx2f7pI1kpdbu7wmbAcMB8GA1UdIwQYMBaAFIjntUH0IpjW6bUWXZZSRswcwfWi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOUQwRi83NEJFMzhENjgw Q0YxMUU5QUNENzFCNTBDNEY5QUUwMi9pT2UxUWZRaW1OYnB0UlpkbGxKR3pCekI5 YUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lPZTFRZlFpbU5icHRSWmRsbEpHekJ6QjlhSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB OUQwRi83NEJFMzhENjgwQ0YxMUU5QUNENzFCNTBDNEY5QUUwMi9pT2UxUWZRaW1O YnB0UlpkbGxKR3pCekI5YUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAA8mC5rsSP1/nCH9wy1/fS1FsEopxg1NsY2rlGF24l9zJIo4umxnCZ O9J5pQNeCNTz1Ls/2TeGftFkr8wKAtfW1cJhSyIdUfaO8Wuw2DUgGrpd740aTBt1 rENpJ3ZltE0pktLMjkNQNH5cl302EaqmQ7ERSvK16gK8lrSQUD40lSTasWgFUqut XiPefULSE6AsPVu6WAxFxEID71HqhAi0LbLoATQiI/hOnaTubc4il/5rRnVxIgpm hDaaIHWGX/GSJ028N2zU6Mvmy42Dvb1OQDI4pQXEfW4tCgvYPxGoqeX86jCH+CVg um7qj06/1GNu8oHk2rXF046VUkzGBc9G -----END CERTIFICATE-----Generated at Wed Jun 4 00:02:33 2025 by rpki-client