$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB055/4ABBC01CF55511EEACF1234BC4F9AE02/mZsvZTnCPq60aeZ1OfstyTPZgEA.mft File: mZsvZTnCPq60aeZ1OfstyTPZgEA.mft (raw, json) Hash identifier: 3agdXS0smvSkThKGCVAkKRQi6n9JxUg4trwlHJdwyBY= Subject key identifier: 71:54:15:89:D1:04:3F:24:DC:7D:FF:F6:4F:81:F6:02:62:35:87:25 Authority key identifier: 99:9B:2F:65:39:C2:3E:AE:B4:69:E6:75:39:FB:2D:C9:33:D9:80:40 Certificate issuer: /CN=A91AB055/serialNumber=999B2F6539C23EAEB469E67539FB2DC933D98040 Certificate serial: DA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mZsvZTnCPq60aeZ1OfstyTPZgEA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB055/4ABBC01CF55511EEACF1234BC4F9AE02/mZsvZTnCPq60aeZ1OfstyTPZgEA.mft Manifest number: D8 Signing time: Thu 05 Jun 2025 04:55:39 +0000 Manifest this update: Thu 05 Jun 2025 04:55:39 +0000 Manifest next update: Thu 12 Jun 2025 04:55:39 +0000 Files and hashes: 1: mZsvZTnCPq60aeZ1OfstyTPZgEA.crl (hash: qoyPgZ2kbe1OOTACmPAJKZDvaO82rKgr1BEvS2kjhsw=) 2: 83CA613CF55611EE8CE6274DC4F9AE02.roa (hash: BonjniXMbmI4yDYc3ynOZLv8pgVSOdRZa/c5jpsq0Ug=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB055/4ABBC01CF55511EEACF1234BC4F9AE02/mZsvZTnCPq60aeZ1OfstyTPZgEA.crl rsync://rpki.apnic.net/member_repository/A91AB055/4ABBC01CF55511EEACF1234BC4F9AE02/mZsvZTnCPq60aeZ1OfstyTPZgEA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mZsvZTnCPq60aeZ1OfstyTPZgEA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 12 Jun 2025 04:55:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 218 (0xda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB055, serialNumber=999B2F6539C23EAEB469E67539FB2DC933D98040 Validity Not Before: Jun 5 04:55:39 2025 GMT Not After : Jun 12 04:55:39 2025 GMT Subject: CN=6841234b-85b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:85:b4:ae:cd:c9:89:2d:11:d2:b9:36:1e:d4: 17:c7:c7:20:c8:e7:7e:6b:84:7d:ac:59:80:71:33: 94:0d:6e:47:75:63:10:c8:74:9e:66:71:0c:7a:2f: be:e1:1f:ef:59:e0:e6:96:6b:14:34:88:63:e8:a1: 87:36:01:8e:be:10:57:51:81:a4:b0:39:73:f0:e5: c4:85:62:d5:a0:d5:65:ad:b2:48:4a:f7:0c:49:0a: 76:3e:65:5f:c1:66:a2:4d:23:9f:a7:a1:5e:61:b2: a1:34:d9:d5:e2:4a:dd:76:50:d1:e7:55:1a:0e:d5: 98:91:a9:26:e4:45:ca:9e:be:a4:6a:2a:99:f3:7b: 3c:41:12:11:e0:80:20:d9:a1:ec:39:8c:df:df:aa: 7a:9f:ce:2b:53:cd:56:ee:6e:4e:16:b4:49:a8:10: 65:b8:c3:11:c0:a4:c3:68:04:87:b7:39:19:ee:49: 98:76:83:8e:17:47:5d:6a:bd:9c:b2:0d:21:b0:41: c2:6b:3e:0c:24:4d:6d:8a:b7:d5:9c:61:2c:69:15: 78:4b:6d:6b:a4:e2:fb:96:bc:be:b3:d0:5d:45:48: 79:54:31:e1:3f:3d:ca:f8:48:81:bd:a7:4b:de:51: 88:20:d3:7b:4d:14:18:be:eb:59:ca:d8:f5:b0:68: e4:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:54:15:89:D1:04:3F:24:DC:7D:FF:F6:4F:81:F6:02:62:35:87:25 X509v3 Authority Key Identifier: keyid:99:9B:2F:65:39:C2:3E:AE:B4:69:E6:75:39:FB:2D:C9:33:D9:80:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB055/4ABBC01CF55511EEACF1234BC4F9AE02/mZsvZTnCPq60aeZ1OfstyTPZgEA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/mZsvZTnCPq60aeZ1OfstyTPZgEA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB055/4ABBC01CF55511EEACF1234BC4F9AE02/mZsvZTnCPq60aeZ1OfstyTPZgEA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:62:e9:14:d5:5e:23:f8:fa:0e:b9:d5:b4:ce:28:c9:ce:ef: 06:8e:7b:af:fa:17:43:d6:ff:82:c5:4f:d6:95:ef:c0:73:5d: f0:37:20:9c:c6:16:69:ae:89:e5:55:5b:22:99:3e:48:bf:fd: bf:55:2e:22:fd:c3:27:10:c4:b7:a8:9c:44:e4:a1:22:bf:63: 2b:4b:e4:4c:fd:dc:4e:4c:01:55:cc:2c:c8:28:a6:5a:4b:e5: b5:ff:5c:20:d8:d1:fa:d1:69:34:1b:7e:93:7e:22:d5:92:68: 14:44:ea:ee:c8:5d:cb:f3:39:50:b3:5e:66:6f:50:d7:d0:78: e2:b0:be:ca:c5:c4:97:28:3e:60:84:95:22:e8:70:e5:ec:cb: 8a:62:ba:07:81:21:6b:d3:07:d1:01:39:f4:45:46:9b:2c:86: 7c:4a:2e:d0:8a:8d:af:02:97:b3:8d:be:ae:67:e7:6f:95:7c: bc:07:8b:3f:c9:39:2b:ba:46:bf:8a:b1:54:b7:02:30:bd:64: be:f2:2a:71:67:ca:81:90:22:d0:0a:b0:db:9a:3d:3c:d6:5c: b3:ea:0d:e2:43:74:29:a9:f2:f0:2a:a4:80:b6:83:a9:0a:14: bb:88:0c:b3:e1:20:1a:fa:45:d1:e6:5c:fa:1e:e7:a5:9f:f8: 07:16:b1:04 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIwNTUxMTAvBgNVBAUTKDk5OUIyRjY1MzlDMjNFQUVCNDY5RTY3NTM5RkIyREM5 MzNEOTgwNDAwHhcNMjUwNjA1MDQ1NTM5WhcNMjUwNjEyMDQ1NTM5WjAYMRYwFAYD VQQDEw02ODQxMjM0Yi04NWI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3IW0rs3JiS0R0rk2HtQXx8cgyOd+a4R9rFmAcTOUDW5HdWMQyHSeZnEMei++ 4R/vWeDmlmsUNIhj6KGHNgGOvhBXUYGksDlz8OXEhWLVoNVlrbJISvcMSQp2PmVf wWaiTSOfp6FeYbKhNNnV4krddlDR51UaDtWYkakm5EXKnr6kaiqZ83s8QRIR4IAg 2aHsOYzf36p6n84rU81W7m5OFrRJqBBluMMRwKTDaASHtzkZ7kmYdoOOF0ddar2c sg0hsEHCaz4MJE1tirfVnGEsaRV4S21rpOL7lry+s9BdRUh5VDHhPz3K+EiBvadL 3lGIINN7TRQYvutZytj1sGjkowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHFUFYnR BD8k3H3/9k+B9gJiNYclMB8GA1UdIwQYMBaAFJmbL2U5wj6utGnmdTn7Lckz2YBA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjA1NS80QUJCQzAxQ0Y1 NTUxMUVFQUNGMTIzNEJDNEY5QUUwMi9tWnN2WlRuQ1BxNjBhZVoxT2ZzdHlUUFpn RUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21ac3ZaVG5DUHE2MGFlWjFPZnN0eVRQWmdFQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjA1NS80QUJCQzAxQ0Y1NTUxMUVFQUNGMTIzNEJDNEY5QUUwMi9tWnN2WlRuQ1Bx NjBhZVoxT2ZzdHlUUFpnRUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAAYukU1V4j+PoOudW0zijJzu8Gjnuv+hdD1v+CxU/Wle/Ac13wNyCc xhZpronlVVsimT5Iv/2/VS4i/cMnEMS3qJxE5KEiv2MrS+RM/dxOTAFVzCzIKKZa S+W1/1wg2NH60Wk0G36TfiLVkmgUROruyF3L8zlQs15mb1DX0HjisL7KxcSXKD5g hJUi6HDl7MuKYroHgSFr0wfRATn0RUabLIZ8Si7Qio2vApezjb6uZ+dvlXy8B4s/ yTkruka/irFUtwIwvWS+8ipxZ8qBkCLQCrDbmj081lyz6g3iQ3QpqfLwKqSAtoOp ChS7iAyz4SAa+kXR5lz6Hueln/gHFrEE -----END CERTIFICATE-----Generated at Thu Jun 5 19:17:51 2025 by rpki-client