$ rpki-client -vvf rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft File: 2en59z7k9bHN8XYsLfODKVCja30.mft (raw, json) Hash identifier: 6llUa5V2H2lQPzIpjxnB4lF1qPvhixXrfw8FDCKJWWg= Subject key identifier: E3:F9:F9:70:07:C5:4F:38:FA:81:9F:2B:C8:50:1F:1D:B3:B6:4D:D8 Authority key identifier: D9:E9:F9:F7:3E:E4:F5:B1:CD:F1:76:2C:2D:F3:83:29:50:A3:6B:7D Certificate issuer: /CN=A91AACB2/serialNumber=D9E9F9F73EE4F5B1CDF1762C2DF3832950A36B7D Certificate serial: 3492 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft Manifest number: 348C Signing time: Sat 31 May 2025 14:58:09 +0000 Manifest this update: Sat 31 May 2025 14:58:08 +0000 Manifest next update: Sat 07 Jun 2025 14:58:08 +0000 Files and hashes: 1: 2en59z7k9bHN8XYsLfODKVCja30.crl (hash: Ay+UwewwyVoUvwSd0WeF94nS4YvDRqz/EBPH6DYnF9Y=) 2: 76B5C744B45E11EAB71DF94AC4F9AE02.roa (hash: RzsyMG8grNRl/TU/HKZlXJ7ZiLnl0fu14E8Z0lJpa0Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.crl rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 14:58:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13458 (0x3492) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AACB2, serialNumber=D9E9F9F73EE4F5B1CDF1762C2DF3832950A36B7D Validity Not Before: May 31 14:58:08 2025 GMT Not After : Jun 7 14:58:08 2025 GMT Subject: CN=683b1900-36fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:95:c8:aa:e3:47:7f:3f:bf:1c:14:4f:c3:d8: 5b:a2:6d:16:6b:a4:05:b4:42:29:07:f1:cb:27:15: ee:2a:96:e3:31:23:bb:45:b5:8d:b8:5e:90:51:9c: 4c:ad:c5:55:a3:12:98:94:b5:46:82:24:5a:8f:aa: 9b:2a:55:7d:b2:3c:db:bd:e6:9d:86:35:4f:31:f9: 6d:d0:72:67:8d:b7:00:bb:b7:5a:55:88:37:c6:db: 36:82:e7:8a:3f:ff:ff:f4:c7:0e:73:05:8b:2e:09: 57:15:70:84:5f:fa:e2:74:b5:c7:5d:37:1b:e6:52: 91:a6:8e:5a:0f:dc:62:1d:7c:f8:be:24:2e:66:ac: c1:3b:00:1d:a1:bb:3b:54:cf:5e:bf:fe:0f:4f:b7: 86:e1:ef:56:06:c4:0e:92:ea:7b:d4:28:65:fb:cf: 19:49:d7:1c:54:55:c8:23:a0:fb:1e:b1:b9:34:ea: 65:c2:5f:66:4d:de:c6:66:3b:90:9b:5a:5a:e0:90: 69:97:77:0f:97:59:3e:7b:88:c7:fe:1f:7b:1a:6b: 89:a2:e4:7e:e8:1c:b0:44:aa:a2:7f:3c:0a:0c:7a: 26:ee:87:40:90:7f:5d:74:f2:79:50:a0:21:b6:d4: 90:7a:7b:92:88:dd:62:6c:f0:ae:11:4a:c3:d5:03: 45:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:F9:F9:70:07:C5:4F:38:FA:81:9F:2B:C8:50:1F:1D:B3:B6:4D:D8 X509v3 Authority Key Identifier: keyid:D9:E9:F9:F7:3E:E4:F5:B1:CD:F1:76:2C:2D:F3:83:29:50:A3:6B:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2en59z7k9bHN8XYsLfODKVCja30.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AACB2/37D5A3DE1D9C11E2892E8B8A08B02CD2/2en59z7k9bHN8XYsLfODKVCja30.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:7b:07:e8:82:06:52:6a:8a:50:02:94:78:13:fa:ed:3b:38: 77:43:ee:34:29:b2:ba:d8:df:2c:53:45:7d:9d:7a:37:44:be: 90:e0:36:fd:d2:5b:53:63:f8:ff:2a:15:48:70:08:f4:ab:75: 79:a1:00:82:aa:24:c5:92:6c:f4:1a:87:05:1b:c8:4b:be:ec: 87:2b:27:96:03:e4:c2:54:10:1e:3d:b9:75:8e:22:60:b4:62: 18:62:53:0d:f8:f0:8c:37:b0:b8:7b:7c:07:5f:77:06:e5:cf: bb:67:1f:ef:28:af:b4:69:bb:d4:cc:7f:6c:9d:9d:3a:00:6d: 90:5a:f7:ef:92:e6:4f:ab:5c:80:2f:11:9f:87:ae:b9:fc:d0: 42:d0:12:7f:ee:ff:f0:a4:90:5c:05:6b:15:c2:b5:87:f4:aa: 5d:a8:44:72:76:91:99:50:a0:e1:e7:a4:57:37:6a:99:3c:8d: 29:83:59:06:39:ed:50:e8:27:38:a9:cd:a9:6e:a8:a7:0a:a2: ef:da:ed:81:80:0f:fd:44:8d:99:1b:3f:41:3e:00:26:cc:37: 18:ee:e7:85:03:38:e8:bc:c2:84:c0:f5:5e:65:dd:6b:49:54: e0:42:0f:55:e5:f0:e0:db:4e:1d:16:7f:61:6f:30:bc:45:f0: c3:d4:32:7a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUFDQjIxMTAvBgNVBAUTKEQ5RTlGOUY3M0VFNEY1QjFDREYxNzYyQzJERjM4MzI5 NTBBMzZCN0QwHhcNMjUwNTMxMTQ1ODA4WhcNMjUwNjA3MTQ1ODA4WjAYMRYwFAYD VQQDEw02ODNiMTkwMC0zNmZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArJXIquNHfz+/HBRPw9hbom0Wa6QFtEIpB/HLJxXuKpbjMSO7RbWNuF6QUZxM rcVVoxKYlLVGgiRaj6qbKlV9sjzbveadhjVPMflt0HJnjbcAu7daVYg3xts2gueK P///9McOcwWLLglXFXCEX/ridLXHXTcb5lKRpo5aD9xiHXz4viQuZqzBOwAdobs7 VM9ev/4PT7eG4e9WBsQOkup71Chl+88ZSdccVFXII6D7HrG5NOplwl9mTd7GZjuQ m1pa4JBpl3cPl1k+e4jH/h97GmuJouR+6BywRKqifzwKDHom7odAkH9ddPJ5UKAh ttSQenuSiN1ibPCuEUrD1QNFhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOP5+XAH xU84+oGfK8hQHx2ztk3YMB8GA1UdIwQYMBaAFNnp+fc+5PWxzfF2LC3zgylQo2t9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQUNCMi8zN0Q1QTNERTFE OUMxMUUyODkyRThCOEEwOEIwMkNEMi8yZW41OXo3azliSE44WFlzTGZPREtWQ2ph MzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJlbjU5ejdrOWJITjhYWXNMZk9ES1ZDamEzMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QUNCMi8zN0Q1QTNERTFEOUMxMUUyODkyRThCOEEwOEIwMkNEMi8yZW41OXo3azli SE44WFlzTGZPREtWQ2phMzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVewfoggZSaopQApR4E/rtOzh3Q+40KbK62N8sU0V9nXo3RL6Q4Db9 0ltTY/j/KhVIcAj0q3V5oQCCqiTFkmz0GocFG8hLvuyHKyeWA+TCVBAePbl1jiJg tGIYYlMN+PCMN7C4e3wHX3cG5c+7Zx/vKK+0abvUzH9snZ06AG2QWvfvkuZPq1yA LxGfh665/NBC0BJ/7v/wpJBcBWsVwrWH9KpdqERydpGZUKDh56RXN2qZPI0pg1kG Oe1Q6Cc4qc2pbqinCqLv2u2BgA/9RI2ZGz9BPgAmzDcY7ueFAzjovMKEwPVeZd1r SVTgQg9V5fDg204dFn9hbzC8RfDD1DJ6 -----END CERTIFICATE-----Generated at Sat May 31 17:32:56 2025 by rpki-client