$ rpki-client -vvf rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.mft File: b814Gaj5P69A0OOH8htG6E3p1ws.mft (raw, json) Hash identifier: 8nYov4dd9JLe8nq/8KDw6sqPkN4SHH0cMLTfgWU4jh4= Subject key identifier: 2B:F2:B4:AF:87:9C:00:90:22:04:78:6A:42:63:29:50:DA:15:63:E6 Authority key identifier: 6F:CD:78:19:A8:F9:3F:AF:40:D0:E3:87:F2:1B:46:E8:4D:E9:D7:0B Certificate issuer: /CN=A91B02A2/serialNumber=6FCD7819A8F93FAF40D0E387F21B46E84DE9D70B Certificate serial: 0129 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b814Gaj5P69A0OOH8htG6E3p1ws.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.mft Manifest number: 0127 Signing time: Sat 31 May 2025 04:16:56 +0000 Manifest this update: Sat 31 May 2025 04:16:55 +0000 Manifest next update: Sat 07 Jun 2025 04:16:55 +0000 Files and hashes: 1: b814Gaj5P69A0OOH8htG6E3p1ws.crl (hash: hvlIPhLNK6NsMxYeeTKiLXsEvet/udy9bM/yjntjR6s=) 2: 5D98833C77EC11EEA06F373BC4F9AE02.roa (hash: PTNlCaFqxgAXX8dh1a7LSvNmOXF/4erL00o7/e/JlJk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.crl rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b814Gaj5P69A0OOH8htG6E3p1ws.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 04:16:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 297 (0x129) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B02A2, serialNumber=6FCD7819A8F93FAF40D0E387F21B46E84DE9D70B Validity Not Before: May 31 04:16:55 2025 GMT Not After : Jun 7 04:16:55 2025 GMT Subject: CN=683a82b8-e1e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:97:6e:d6:a6:1f:57:03:d1:11:ec:09:f5:ae: e0:c2:42:c2:e6:e0:53:38:c4:c1:fa:a6:0c:c7:ab: ab:92:60:06:de:e9:51:4f:cd:d7:11:e4:c0:2d:ee: 70:16:1e:50:55:41:87:61:e4:78:9a:d3:cd:b7:0b: 75:fc:35:4e:f2:c6:0b:64:e1:c8:8b:51:f4:07:9f: 69:04:d5:7c:fe:dd:b6:09:23:94:a8:5d:3d:18:44: 1e:e0:33:70:11:c2:0c:bd:83:b9:d3:85:04:cb:7e: cf:91:74:5e:ec:d8:99:eb:58:46:49:63:99:96:52: e5:91:f1:10:90:5b:b2:45:91:6a:6c:31:08:fc:65: 37:af:e1:44:09:05:a6:bb:f3:52:59:e0:83:5b:89: 09:dc:17:71:98:06:8f:64:e9:5e:06:a5:27:13:43: 05:7b:b1:8b:32:ac:df:08:8c:2c:12:bb:c4:48:ac: 0e:0a:75:b3:6e:09:7d:27:4e:dd:0f:7a:10:fd:97: f1:a8:5d:34:d2:a7:94:00:cd:42:97:41:b6:03:c1: de:6b:a5:28:46:49:27:1f:a9:5f:45:1d:ce:1f:af: 6c:13:c3:dc:dd:58:3e:bc:3b:26:6c:f5:02:63:02: 75:d2:b8:80:17:e3:1c:25:3d:85:73:d0:47:76:73: 26:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:F2:B4:AF:87:9C:00:90:22:04:78:6A:42:63:29:50:DA:15:63:E6 X509v3 Authority Key Identifier: keyid:6F:CD:78:19:A8:F9:3F:AF:40:D0:E3:87:F2:1B:46:E8:4D:E9:D7:0B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b814Gaj5P69A0OOH8htG6E3p1ws.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B02A2/EFD2158477EB11EE93B68B3AC4F9AE02/b814Gaj5P69A0OOH8htG6E3p1ws.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:3a:f6:04:3e:16:06:94:bf:79:2a:3b:79:54:d8:a6:de:58: df:61:3a:57:be:50:3f:a3:a2:3d:40:f9:d2:1c:5e:ce:cf:23: ef:8e:cd:5d:e9:41:2e:d8:8b:f7:9e:44:69:16:07:c9:e8:fa: 3c:39:c9:df:d7:0a:6c:e0:f4:48:e8:d0:93:ca:88:f0:4c:8b: 21:a2:26:7c:28:4d:cb:d9:b6:8b:32:24:6d:34:7e:f2:54:25: 5b:5f:52:90:b5:ae:d4:b3:12:01:21:e1:22:22:eb:fe:b0:b2: a5:c4:3e:f7:e4:33:3b:6c:95:56:4f:d4:14:e1:4d:23:b8:c7: dc:56:d9:0d:68:d0:9c:16:6d:dd:2d:ea:6a:aa:ca:76:6e:27: 55:dc:a6:66:5c:b6:cb:fe:f5:61:24:7e:bc:19:24:96:8f:c9: 55:9b:28:0e:e5:40:ab:14:4a:3d:78:01:7b:1a:82:07:b7:9b: 3d:1c:ee:61:1a:a3:c8:a1:f4:96:f6:1d:0e:dc:56:20:81:a6: 03:bf:23:e5:67:7c:2b:aa:9b:53:23:80:05:b5:08:7d:46:28: b3:5c:a0:a7:73:0f:83:39:99:84:0a:63:62:a2:05:17:37:77: e7:ac:a0:ed:c7:0e:6e:75:f5:95:90:da:02:37:52:ac:08:98: 5c:91:90:dc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjAyQTIxMTAvBgNVBAUTKDZGQ0Q3ODE5QThGOTNGQUY0MEQwRTM4N0YyMUI0NkU4 NERFOUQ3MEIwHhcNMjUwNTMxMDQxNjU1WhcNMjUwNjA3MDQxNjU1WjAYMRYwFAYD VQQDEw02ODNhODJiOC1lMWUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwJdu1qYfVwPREewJ9a7gwkLC5uBTOMTB+qYMx6urkmAG3ulRT83XEeTALe5w Fh5QVUGHYeR4mtPNtwt1/DVO8sYLZOHIi1H0B59pBNV8/t22CSOUqF09GEQe4DNw EcIMvYO504UEy37PkXRe7NiZ61hGSWOZllLlkfEQkFuyRZFqbDEI/GU3r+FECQWm u/NSWeCDW4kJ3BdxmAaPZOleBqUnE0MFe7GLMqzfCIwsErvESKwOCnWzbgl9J07d D3oQ/ZfxqF000qeUAM1Cl0G2A8Hea6UoRkknH6lfRR3OH69sE8Pc3Vg+vDsmbPUC YwJ10riAF+McJT2Fc9BHdnMmIQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCvytK+H nACQIgR4akJjKVDaFWPmMB8GA1UdIwQYMBaAFG/NeBmo+T+vQNDjh/IbRuhN6dcL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDJBMi9FRkQyMTU4NDc3 RUIxMUVFOTNCNjhCM0FDNEY5QUUwMi9iODE0R2FqNVA2OUEwT09IOGh0RzZFM3Ax d3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I4MTRHYWo1UDY5QTBPT0g4aHRHNkUzcDF3cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MDJBMi9FRkQyMTU4NDc3RUIxMUVFOTNCNjhCM0FDNEY5QUUwMi9iODE0R2FqNVA2 OUEwT09IOGh0RzZFM3Axd3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAAOvYEPhYGlL95Kjt5VNim3ljfYTpXvlA/o6I9QPnSHF7OzyPvjs1d 6UEu2Iv3nkRpFgfJ6Po8Ocnf1wps4PRI6NCTyojwTIshoiZ8KE3L2baLMiRtNH7y VCVbX1KQta7UsxIBIeEiIuv+sLKlxD735DM7bJVWT9QU4U0juMfcVtkNaNCcFm3d Lepqqsp2bidV3KZmXLbL/vVhJH68GSSWj8lVmygO5UCrFEo9eAF7GoIHt5s9HO5h GqPIofSW9h0O3FYggaYDvyPlZ3wrqptTI4AFtQh9RiizXKCncw+DOZmECmNiogUX N3fnrKDtxw5udfWVkNoCN1KsCJhckZDc -----END CERTIFICATE-----Generated at Sat May 31 16:36:53 2025 by rpki-client