$ rpki-client -vvf rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.mft File: -Bj8mI7HAyw-LGpIpVSYq3zVZf0.mft (raw, json) Hash identifier: fznAgy0U4Yhq6ERQYohIhP91Mo3KYPBDAeCU13CqGfA= Subject key identifier: 42:AB:F1:F2:E1:99:B4:97:EA:FD:9E:AA:D8:DA:9D:96:4E:39:75:44 Authority key identifier: F8:18:FC:98:8E:C7:03:2C:3E:2C:6A:48:A5:54:98:AB:7C:D5:65:FD Certificate issuer: /CN=A91B0F3F/serialNumber=F818FC988EC7032C3E2C6A48A55498AB7CD565FD Certificate serial: 0A37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.mft Manifest number: 0A18 Signing time: Tue 10 Jun 2025 19:45:25 +0000 Manifest this update: Tue 10 Jun 2025 19:45:24 +0000 Manifest next update: Tue 17 Jun 2025 19:45:24 +0000 Files and hashes: 1: -Bj8mI7HAyw-LGpIpVSYq3zVZf0.crl (hash: tcr1TW0nfl2BJYymjNpcHepShKMJHEhTmdb8RL8SeyI=) 2: 59E4B0A81B9211F0A5D50649C4F9AE02.roa (hash: 4uAphyYn6AbiifiDtaxCom6jwozyhzmoBVY1cw2irI4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.crl rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 17 Jun 2025 19:45:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2615 (0xa37) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B0F3F, serialNumber=F818FC988EC7032C3E2C6A48A55498AB7CD565FD Validity Not Before: Jun 10 19:45:24 2025 GMT Not After : Jun 17 19:45:24 2025 GMT Subject: CN=68488b55-ace1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:61:23:02:46:5c:3e:09:a3:ee:fa:e0:23:be: 21:3f:03:97:25:3a:ed:9c:c8:1c:f2:50:fa:38:50: 88:84:a8:f5:48:fe:89:9d:83:8d:fd:c0:31:02:35: 69:22:4b:42:16:cd:e5:0c:03:d0:1f:ad:19:6a:0c: 52:a3:47:67:ce:db:22:bc:fe:89:74:d2:49:13:bf: a8:9e:af:3c:10:96:a5:19:c8:35:52:26:3d:84:5e: 09:40:45:ca:da:ff:74:d5:90:7f:8a:fe:ec:a2:f5: cf:b6:89:d1:d5:f2:67:c1:20:9f:87:ac:e6:18:b6: 63:bd:5e:ba:1d:37:16:53:54:43:76:1c:b2:28:16: 94:d0:a5:0d:27:4d:07:b7:52:fe:88:37:e6:91:9f: 29:77:43:44:46:b0:de:e5:a4:91:ca:e1:cc:15:44: f7:6b:c5:be:52:e2:dc:a1:00:45:8c:6a:88:25:3a: f9:f5:0b:bd:87:85:18:67:33:80:cc:8d:06:1f:42: ab:89:06:d3:b5:dd:d5:13:99:d7:73:e5:1f:71:bd: 3b:4c:1f:cd:3c:da:26:63:37:cc:4f:70:83:df:db: c7:67:67:0e:2c:05:ca:79:b8:6b:15:ba:e5:de:fc: 95:91:50:1a:ee:02:d2:00:b0:4c:90:3c:41:3e:15: 1f:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:AB:F1:F2:E1:99:B4:97:EA:FD:9E:AA:D8:DA:9D:96:4E:39:75:44 X509v3 Authority Key Identifier: keyid:F8:18:FC:98:8E:C7:03:2C:3E:2C:6A:48:A5:54:98:AB:7C:D5:65:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B0F3F/09373AD678C211EABD772359C4F9AE02/-Bj8mI7HAyw-LGpIpVSYq3zVZf0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ac:ed:f2:fa:51:82:6a:24:70:fe:2a:9a:f0:b5:47:75:6c:70: fa:3c:45:77:01:bd:d2:f3:08:a7:11:88:e7:65:94:12:f3:f4: f9:22:91:05:8c:50:75:5e:f1:9d:9b:da:93:c8:22:3f:8b:23: b3:f4:0b:ae:03:af:35:1c:2c:86:2e:8f:9e:aa:31:34:a7:fe: 47:b7:2c:8a:39:90:1f:f6:93:b3:13:f5:ed:91:8e:b8:eb:96: 09:1a:a5:b2:d1:98:c7:be:28:c4:8b:4f:04:fb:59:78:ba:b9: c7:3e:02:ac:90:58:07:31:94:40:47:26:a7:1e:15:fb:d8:37: 94:7b:1b:aa:20:02:ca:1c:b9:b4:bb:7c:cc:be:f7:9c:a0:94: 92:84:c9:e4:00:35:f5:ad:13:68:de:c6:b4:3f:dd:5f:30:3c: 35:d2:99:e7:c2:6e:8f:7d:72:eb:e5:bd:75:7d:29:d9:b8:79: f1:34:cc:d4:05:fc:fb:b6:d9:89:60:64:67:bf:2b:f8:42:54: e2:04:81:0b:50:90:63:b9:f3:3f:c8:d9:bf:8c:0c:ca:42:16: 43:80:2a:33:13:c5:0a:2a:f5:78:fb:ef:65:fb:04:07:7d:7e: 40:e9:80:0a:19:c4:10:46:2b:ac:54:4e:2d:13:45:39:62:9f: 7e:20:21:9f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCjcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjBGM0YxMTAvBgNVBAUTKEY4MThGQzk4OEVDNzAzMkMzRTJDNkE0OEE1NTQ5OEFC N0NENTY1RkQwHhcNMjUwNjEwMTk0NTI0WhcNMjUwNjE3MTk0NTI0WjAYMRYwFAYD VQQDEw02ODQ4OGI1NS1hY2UxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAomEjAkZcPgmj7vrgI74hPwOXJTrtnMgc8lD6OFCIhKj1SP6JnYON/cAxAjVp IktCFs3lDAPQH60ZagxSo0dnztsivP6JdNJJE7+onq88EJalGcg1UiY9hF4JQEXK 2v901ZB/iv7sovXPtonR1fJnwSCfh6zmGLZjvV66HTcWU1RDdhyyKBaU0KUNJ00H t1L+iDfmkZ8pd0NERrDe5aSRyuHMFUT3a8W+UuLcoQBFjGqIJTr59Qu9h4UYZzOA zI0GH0KriQbTtd3VE5nXc+Ufcb07TB/NPNomYzfMT3CD39vHZ2cOLAXKebhrFbrl 3vyVkVAa7gLSALBMkDxBPhUfNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEKr8fLh mbSX6v2eqtjanZZOOXVEMB8GA1UdIwQYMBaAFPgY/JiOxwMsPixqSKVUmKt81WX9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMEYzRi8wOTM3M0FENjc4 QzIxMUVBQkQ3NzIzNTlDNEY5QUUwMi8tQmo4bUk3SEF5dy1MR3BJcFZTWXEzelZa ZjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1CajhtSTdIQXl3LUxHcElwVlNZcTN6VlpmMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MEYzRi8wOTM3M0FENjc4QzIxMUVBQkQ3NzIzNTlDNEY5QUUwMi8tQmo4bUk3SEF5 dy1MR3BJcFZTWXEzelZaZjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCs7fL6UYJqJHD+KprwtUd1bHD6PEV3Ab3S8winEYjnZZQS8/T5IpEF jFB1XvGdm9qTyCI/iyOz9AuuA681HCyGLo+eqjE0p/5HtyyKOZAf9pOzE/XtkY64 65YJGqWy0ZjHvijEi08E+1l4urnHPgKskFgHMZRARyanHhX72DeUexuqIALKHLm0 u3zMvvecoJSShMnkADX1rRNo3sa0P91fMDw10pnnwm6PfXLr5b11fSnZuHnxNMzU Bfz7ttmJYGRnvyv4QlTiBIELUJBjufM/yNm/jAzKQhZDgCozE8UKKvV4++9l+wQH fX5A6YAKGcQQRiusVE4tE0U5Yp9+ICGf -----END CERTIFICATE-----Generated at Wed Jun 11 02:11:43 2025 by rpki-client