$ rpki-client -vvf rpki.apnic.net/member_repository/A91B758E/DDEC8124D53D11EE8F1E8A85C4F9AE02/07yEKALa0i1cMMKCZffRCL1HjnA.mft File: 07yEKALa0i1cMMKCZffRCL1HjnA.mft (raw, json) Hash identifier: 4OCTXyEhc6G7Q/+M/G3yKMzuzEI4P3otw1ZjExz0m6Q= Subject key identifier: A5:89:EA:20:F5:51:8E:1B:17:49:A1:36:83:DE:35:2B:CA:43:36:CF Authority key identifier: D3:BC:84:28:02:DA:D2:2D:5C:30:C2:82:65:F7:D1:08:BD:47:8E:70 Certificate issuer: /CN=A91B758E/serialNumber=D3BC842802DAD22D5C30C28265F7D108BD478E70 Certificate serial: FA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/07yEKALa0i1cMMKCZffRCL1HjnA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B758E/DDEC8124D53D11EE8F1E8A85C4F9AE02/07yEKALa0i1cMMKCZffRCL1HjnA.mft Manifest number: F2 Signing time: Tue 03 Jun 2025 05:03:57 +0000 Manifest this update: Tue 03 Jun 2025 05:03:56 +0000 Manifest next update: Tue 10 Jun 2025 05:03:56 +0000 Files and hashes: 1: 07yEKALa0i1cMMKCZffRCL1HjnA.crl (hash: eF0/5guWT9hVoU6XZIHsEE4XCiSpW0uKKleLFE3xGLI=) 2: 675CAE1C097B11F089FAE77FC4F9AE02.roa (hash: g8goRa5uN0098PK1vnqVTndrxAdY1S5JKnq752ZsLOQ=) 3: C63D0814097B11F0B1329480C4F9AE02.roa (hash: BxZpcifR3l7qhnt+56VpPmZ3hTQmgPYYxX/h3b9rorE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B758E/DDEC8124D53D11EE8F1E8A85C4F9AE02/07yEKALa0i1cMMKCZffRCL1HjnA.crl rsync://rpki.apnic.net/member_repository/A91B758E/DDEC8124D53D11EE8F1E8A85C4F9AE02/07yEKALa0i1cMMKCZffRCL1HjnA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/07yEKALa0i1cMMKCZffRCL1HjnA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 05:03:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 250 (0xfa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B758E, serialNumber=D3BC842802DAD22D5C30C28265F7D108BD478E70 Validity Not Before: Jun 3 05:03:56 2025 GMT Not After : Jun 10 05:03:56 2025 GMT Subject: CN=683e823d-934f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:f1:73:47:74:c8:f3:99:1f:25:a6:76:73:8a: b6:fe:6c:1c:ea:a4:8e:78:47:dd:15:63:35:a9:8d: ab:4a:7d:66:72:d9:b4:0f:8d:ae:75:25:a0:53:df: 62:d8:39:06:3a:ff:f8:ac:6d:e0:3d:ae:91:d9:4d: ec:c7:78:32:0e:fd:72:4a:35:17:50:66:d5:97:3d: ca:2c:ec:ce:b7:91:be:1a:ac:d1:e3:b4:31:5a:d1: f2:34:cc:b1:fd:32:7a:25:1d:7e:63:65:86:70:c0: 4d:9a:ee:17:47:7a:df:bb:40:9b:83:1f:f1:aa:c2: b9:0f:8c:fe:4d:b8:65:bf:4f:00:f2:78:7c:1d:57: 43:8d:51:a8:83:d8:08:a2:61:a8:bd:ba:39:f5:af: 86:7a:b6:43:fe:c7:c8:f2:d3:f3:ef:bd:73:6f:e6: b4:75:56:c5:1b:3b:ad:5e:a7:1d:ff:5f:a4:46:08: 71:b3:7b:ee:5b:e5:3c:46:35:04:af:45:0c:3e:69: 5f:bc:dd:1c:cb:ff:c9:f6:72:bc:79:ce:69:9d:0f: b2:40:63:17:03:19:10:3d:dc:44:82:2b:24:1e:ec: f3:1c:5d:87:44:9e:8a:ec:dc:f8:fc:73:31:25:aa: 34:d5:62:27:82:68:f8:eb:d8:14:04:33:8c:7c:d5: 0b:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:89:EA:20:F5:51:8E:1B:17:49:A1:36:83:DE:35:2B:CA:43:36:CF X509v3 Authority Key Identifier: keyid:D3:BC:84:28:02:DA:D2:2D:5C:30:C2:82:65:F7:D1:08:BD:47:8E:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B758E/DDEC8124D53D11EE8F1E8A85C4F9AE02/07yEKALa0i1cMMKCZffRCL1HjnA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/07yEKALa0i1cMMKCZffRCL1HjnA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B758E/DDEC8124D53D11EE8F1E8A85C4F9AE02/07yEKALa0i1cMMKCZffRCL1HjnA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bf:7b:e6:7f:90:a4:c1:21:bc:43:27:81:f8:f6:3c:63:11:16: 6b:95:75:92:f5:01:73:66:46:cd:05:51:d1:39:5c:42:4c:bc: 8a:ca:d4:ec:92:b4:6c:1b:e1:38:49:9d:72:9b:19:d8:98:47: 45:02:04:53:b5:e4:74:58:52:78:aa:b6:67:42:ba:63:cd:e9: 8f:e1:5e:92:97:90:61:04:ce:1e:53:d0:9c:42:6f:a3:ad:8e: e9:dd:58:f1:2e:ca:e7:bc:8e:6d:88:bc:3f:5d:f2:2d:d8:7a: 19:41:52:53:47:6d:c7:bc:05:08:de:5c:75:85:a8:c6:d6:2a: e3:9b:a0:8a:e5:f7:cb:d8:cb:22:9b:99:bb:89:40:ff:46:f5: f0:c7:b1:db:33:4e:ba:6d:a9:ff:7f:75:a6:50:31:bc:7b:0e: 0a:64:2e:d7:43:44:60:90:da:dd:e4:b4:56:45:b6:b7:27:76: 6e:69:34:dd:55:05:f0:53:02:e2:2b:40:db:02:2e:2d:2b:c3: 30:3c:54:48:82:e0:e3:f0:da:99:59:b8:1e:f8:d8:cf:c1:f8: f5:c8:c0:11:d8:78:b3:f0:51:f9:e4:65:c7:21:97:d2:6a:1e: 93:f6:6f:25:37:40:8f:c2:52:ca:af:13:ba:7d:59:ce:ca:cb: 87:0a:18:80 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjc1OEUxMTAvBgNVBAUTKEQzQkM4NDI4MDJEQUQyMkQ1QzMwQzI4MjY1RjdEMTA4 QkQ0NzhFNzAwHhcNMjUwNjAzMDUwMzU2WhcNMjUwNjEwMDUwMzU2WjAYMRYwFAYD VQQDEw02ODNlODIzZC05MzRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuvFzR3TI85kfJaZ2c4q2/mwc6qSOeEfdFWM1qY2rSn1mctm0D42udSWgU99i 2DkGOv/4rG3gPa6R2U3sx3gyDv1ySjUXUGbVlz3KLOzOt5G+GqzR47QxWtHyNMyx /TJ6JR1+Y2WGcMBNmu4XR3rfu0Cbgx/xqsK5D4z+Tbhlv08A8nh8HVdDjVGog9gI omGovbo59a+GerZD/sfI8tPz771zb+a0dVbFGzutXqcd/1+kRghxs3vuW+U8RjUE r0UMPmlfvN0cy//J9nK8ec5pnQ+yQGMXAxkQPdxEgiskHuzzHF2HRJ6K7Nz4/HMx Jao01WIngmj469gUBDOMfNULXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKWJ6iD1 UY4bF0mhNoPeNSvKQzbPMB8GA1UdIwQYMBaAFNO8hCgC2tItXDDCgmX30Qi9R45w MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzU4RS9EREVDODEyNEQ1 M0QxMUVFOEYxRThBODVDNEY5QUUwMi8wN3lFS0FMYTBpMWNNTUtDWmZmUkNMMUhq bkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzA3eUVLQUxhMGkxY01NS0NaZmZSQ0wxSGpuQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NzU4RS9EREVDODEyNEQ1M0QxMUVFOEYxRThBODVDNEY5QUUwMi8wN3lFS0FMYTBp MWNNTUtDWmZmUkNMMUhqbkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC/e+Z/kKTBIbxDJ4H49jxjERZrlXWS9QFzZkbNBVHROVxCTLyKytTs krRsG+E4SZ1ymxnYmEdFAgRTteR0WFJ4qrZnQrpjzemP4V6Sl5BhBM4eU9CcQm+j rY7p3VjxLsrnvI5tiLw/XfIt2HoZQVJTR23HvAUI3lx1hajG1irjm6CK5ffL2Msi m5m7iUD/RvXwx7HbM066ban/f3WmUDG8ew4KZC7XQ0RgkNrd5LRWRba3J3ZuaTTd VQXwUwLiK0DbAi4tK8MwPFRIguDj8NqZWbge+NjPwfj1yMAR2Hiz8FH55GXHIZfS ah6T9m8lN0CPwlLKrxO6fVnOysuHChiA -----END CERTIFICATE-----Generated at Tue Jun 3 23:45:03 2025 by rpki-client