$ rpki-client -vvf rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.mft File: 23LIuvHa9pOYGFLuAyIwMF7ICRA.mft (raw, json) Hash identifier: u5ly0oNBZROAYTb853sXEgPAGu5qJ7bgbiG7lDKWyIM= Subject key identifier: 1A:79:F0:79:35:4B:52:F9:23:1A:73:D9:4B:60:94:40:AC:7B:0A:B0 Authority key identifier: DB:72:C8:BA:F1:DA:F6:93:98:18:52:EE:03:22:30:30:5E:C8:09:10 Certificate issuer: /CN=A91B289C/serialNumber=DB72C8BAF1DAF693981852EE032230305EC80910 Certificate serial: 089A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/23LIuvHa9pOYGFLuAyIwMF7ICRA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.mft Manifest number: 0893 Signing time: Fri 30 May 2025 20:47:45 +0000 Manifest this update: Fri 30 May 2025 20:47:44 +0000 Manifest next update: Fri 06 Jun 2025 20:47:44 +0000 Files and hashes: 1: 23LIuvHa9pOYGFLuAyIwMF7ICRA.crl (hash: GAWDSfiLzTnXk6JS1SqDIOI3sTQZRABNIQMTNjjXVC8=) 2: E6F3687CBCE711EAACD6466CC4F9AE02.roa (hash: jrXgAGT3lqn2oPe4fiJJc8FiNv+5i0XvozNfLQNBQxY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.crl rsync://rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/23LIuvHa9pOYGFLuAyIwMF7ICRA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 20:47:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2202 (0x89a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B289C, serialNumber=DB72C8BAF1DAF693981852EE032230305EC80910 Validity Not Before: May 30 20:47:44 2025 GMT Not After : Jun 6 20:47:44 2025 GMT Subject: CN=683a1971-06e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:eb:44:e4:35:9d:18:96:11:29:ce:9b:7b:8e: c8:e5:af:82:fa:69:ae:37:c9:5c:51:77:20:d2:9b: 11:a2:cb:81:29:52:a5:ae:19:0c:3b:91:1b:af:bf: e1:8c:a3:e7:f8:98:71:a7:3b:af:43:8c:43:e4:d2: 21:2e:59:9e:11:ac:a4:a4:d1:62:96:78:72:e3:41: 5a:ab:5a:3d:d7:0d:66:47:d0:a0:4c:f1:f8:5c:d3: e6:0b:a1:58:d1:73:b0:87:3c:1a:46:52:a7:5e:f8: 53:c7:c4:ef:97:9a:f6:5c:26:61:9b:93:74:50:81: d7:50:b0:3b:63:d7:98:58:f7:31:b1:28:a3:58:3a: d5:83:ed:6e:d1:fc:19:37:06:0e:30:c6:f0:b1:61: 1b:f3:dd:cb:59:5d:2a:23:f9:ae:9f:f5:61:62:8f: 5a:27:ba:37:f7:1c:ef:9d:b7:ba:40:18:5b:80:ee: c4:18:b8:47:49:a3:23:59:66:8d:a8:e6:01:f1:52: 8b:ec:20:13:f6:10:ab:8f:6c:4b:2e:35:2e:c7:e1: 42:0f:af:6b:bd:be:e7:e8:fa:ac:c0:87:33:36:6c: 1f:5d:6c:1e:74:6b:40:2a:58:2f:a5:80:9c:66:3a: 22:0f:d9:f9:89:c5:75:09:41:1c:c9:8a:1b:f1:04: 26:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:79:F0:79:35:4B:52:F9:23:1A:73:D9:4B:60:94:40:AC:7B:0A:B0 X509v3 Authority Key Identifier: keyid:DB:72:C8:BA:F1:DA:F6:93:98:18:52:EE:03:22:30:30:5E:C8:09:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/23LIuvHa9pOYGFLuAyIwMF7ICRA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B289C/3AB1E2DCBCE711EABE972C6CC4F9AE02/23LIuvHa9pOYGFLuAyIwMF7ICRA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:78:87:8d:8f:e3:dc:08:bd:45:a6:7c:ed:a6:22:be:f7:55: d7:18:4a:9a:61:2f:7b:51:2c:ea:20:f9:8a:98:dc:d9:48:f0: d9:f8:b2:30:33:34:7b:24:e3:2c:ff:7c:0c:c7:cd:03:48:5d: 00:2b:86:41:f1:6c:2b:27:4e:c5:40:2d:81:ef:bb:99:49:9e: ca:c6:9c:3c:10:a8:57:c2:5b:df:5e:47:c8:33:c4:29:77:c3: fe:5c:1a:bb:a7:30:b7:8f:30:f4:15:1a:e0:ef:83:3a:0a:f6: ef:55:67:9e:e4:56:b0:30:5d:96:81:0d:8e:70:32:1d:4e:40: 15:93:d1:0e:5c:dc:2d:73:bf:88:08:da:60:bd:8b:6f:72:d4: 57:c6:d8:27:1e:fd:a9:ae:20:9f:72:11:e0:26:4d:09:f4:d8: 10:cf:2a:dc:5f:ee:a5:56:59:19:45:f7:8b:64:6b:9a:c9:c0: ca:54:90:a5:92:f8:88:97:22:17:49:70:09:64:14:15:46:8d: 7b:9a:78:cd:55:bb:89:49:35:04:36:0f:b7:2f:cc:00:09:98: 7f:b7:c0:46:ee:7d:a8:ae:a6:2f:9c:2d:b0:d5:28:d9:08:16: 7f:58:13:e4:52:87:95:d3:9b:cc:65:8c:4c:f5:4c:ec:ef:54: 06:37:72:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjI4OUMxMTAvBgNVBAUTKERCNzJDOEJBRjFEQUY2OTM5ODE4NTJFRTAzMjIzMDMw NUVDODA5MTAwHhcNMjUwNTMwMjA0NzQ0WhcNMjUwNjA2MjA0NzQ0WjAYMRYwFAYD VQQDEw02ODNhMTk3MS0wNmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt+tE5DWdGJYRKc6be47I5a+C+mmuN8lcUXcg0psRosuBKVKlrhkMO5Ebr7/h jKPn+JhxpzuvQ4xD5NIhLlmeEaykpNFilnhy40Faq1o91w1mR9CgTPH4XNPmC6FY 0XOwhzwaRlKnXvhTx8Tvl5r2XCZhm5N0UIHXULA7Y9eYWPcxsSijWDrVg+1u0fwZ NwYOMMbwsWEb893LWV0qI/mun/VhYo9aJ7o39xzvnbe6QBhbgO7EGLhHSaMjWWaN qOYB8VKL7CAT9hCrj2xLLjUux+FCD69rvb7n6PqswIczNmwfXWwedGtAKlgvpYCc ZjoiD9n5icV1CUEcyYob8QQmRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBp58Hk1 S1L5Ixpz2UtglECsewqwMB8GA1UdIwQYMBaAFNtyyLrx2vaTmBhS7gMiMDBeyAkQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjg5Qy8zQUIxRTJEQ0JD RTcxMUVBQkU5NzJDNkNDNEY5QUUwMi8yM0xJdXZIYTlwT1lHRkx1QXlJd01GN0lD UkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzIzTEl1dkhhOXBPWUdGTHVBeUl3TUY3SUNSQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC Mjg5Qy8zQUIxRTJEQ0JDRTcxMUVBQkU5NzJDNkNDNEY5QUUwMi8yM0xJdXZIYTlw T1lHRkx1QXlJd01GN0lDUkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAceIeNj+PcCL1FpnztpiK+91XXGEqaYS97USzqIPmKmNzZSPDZ+LIw MzR7JOMs/3wMx80DSF0AK4ZB8WwrJ07FQC2B77uZSZ7Kxpw8EKhXwlvfXkfIM8Qp d8P+XBq7pzC3jzD0FRrg74M6CvbvVWee5FawMF2WgQ2OcDIdTkAVk9EOXNwtc7+I CNpgvYtvctRXxtgnHv2priCfchHgJk0J9NgQzyrcX+6lVlkZRfeLZGuaycDKVJCl kviIlyIXSXAJZBQVRo17mnjNVbuJSTUENg+3L8wACZh/t8BG7n2orqYvnC2w1SjZ CBZ/WBPkUoeV05vMZYxM9Uzs71QGN3KT -----END CERTIFICATE-----Generated at Sat May 31 16:38:04 2025 by rpki-client