$ rpki-client -vvf rpki.apnic.net/member_repository/A91B929F/3BE549CED64E11EB94D4F27DC4F9AE02/i1fdFr2X-1v8IdnMqeK4bVUC4og.mft File: i1fdFr2X-1v8IdnMqeK4bVUC4og.mft (raw, json) Hash identifier: mAbSzl/w/rNWuHfHYAJfTW7DBCMsK9XJ8XP1hgS+b1s= Subject key identifier: A0:6E:0C:DB:4F:7E:5D:4F:04:BF:EA:43:97:23:62:67:40:3B:B5:73 Authority key identifier: 8B:57:DD:16:BD:97:FB:5B:FC:21:D9:CC:A9:E2:B8:6D:55:02:E2:88 Certificate issuer: /CN=A91B929F/serialNumber=8B57DD16BD97FB5BFC21D9CCA9E2B86D5502E288 Certificate serial: 058E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i1fdFr2X-1v8IdnMqeK4bVUC4og.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B929F/3BE549CED64E11EB94D4F27DC4F9AE02/i1fdFr2X-1v8IdnMqeK4bVUC4og.mft Manifest number: 058A Signing time: Fri 30 May 2025 23:26:26 +0000 Manifest this update: Fri 30 May 2025 23:26:25 +0000 Manifest next update: Fri 06 Jun 2025 23:26:25 +0000 Files and hashes: 1: i1fdFr2X-1v8IdnMqeK4bVUC4og.crl (hash: /bpIcG9fIR1N4s3+SmLyppDxgdU6VWF/M1W7Q5CmGsc=) 2: 2EA68D96D65211EB8DAD1886C4F9AE02.roa (hash: QfVYtd7FvBpsR5Tca8bnLg+O7UqwB1xI72oRETrqTpE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B929F/3BE549CED64E11EB94D4F27DC4F9AE02/i1fdFr2X-1v8IdnMqeK4bVUC4og.crl rsync://rpki.apnic.net/member_repository/A91B929F/3BE549CED64E11EB94D4F27DC4F9AE02/i1fdFr2X-1v8IdnMqeK4bVUC4og.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i1fdFr2X-1v8IdnMqeK4bVUC4og.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 23:26:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1422 (0x58e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B929F, serialNumber=8B57DD16BD97FB5BFC21D9CCA9E2B86D5502E288 Validity Not Before: May 30 23:26:25 2025 GMT Not After : Jun 6 23:26:25 2025 GMT Subject: CN=683a3ea2-f519 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:c4:94:42:31:36:1a:64:c2:f2:14:0d:bd:ab: 63:ae:81:13:7e:dc:58:34:51:b0:dd:9f:4e:62:8f: da:25:07:55:be:8e:ac:f2:65:b4:33:63:1b:55:4e: a3:3a:73:c2:66:e5:bb:c0:26:d9:82:cd:27:26:aa: 3b:fe:85:ca:18:3b:4e:9c:d4:70:fd:b1:27:93:6e: 3f:e2:82:d8:28:35:63:31:9b:53:b1:ba:b1:44:77: 35:9a:55:75:0c:33:fc:b4:31:f3:35:cb:bc:03:82: ac:d7:87:e8:32:03:f5:f1:50:be:49:7c:0e:bd:45: b0:11:79:71:01:b8:e7:bf:1f:bc:c8:90:57:05:b6: de:54:52:41:26:d7:ae:04:24:c8:94:fe:e5:a0:22: b1:54:59:fa:e7:0d:ca:98:20:90:3c:fc:be:48:08: d0:d7:a0:bb:44:26:e5:f7:a5:8f:d2:52:79:91:9c: 87:3d:fc:74:38:29:bb:e4:a0:40:8d:38:c7:c9:d3: 93:64:f1:05:df:f3:58:c3:85:56:c5:67:4f:75:58: b4:fa:73:08:a1:dd:f2:df:33:09:33:cd:65:00:71: 6d:ba:51:b4:67:e5:b6:48:b5:a9:df:44:c6:fc:45: 0d:0f:29:d7:72:0b:bb:f2:22:69:9a:bc:b9:7e:67: ad:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:6E:0C:DB:4F:7E:5D:4F:04:BF:EA:43:97:23:62:67:40:3B:B5:73 X509v3 Authority Key Identifier: keyid:8B:57:DD:16:BD:97:FB:5B:FC:21:D9:CC:A9:E2:B8:6D:55:02:E2:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B929F/3BE549CED64E11EB94D4F27DC4F9AE02/i1fdFr2X-1v8IdnMqeK4bVUC4og.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/i1fdFr2X-1v8IdnMqeK4bVUC4og.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B929F/3BE549CED64E11EB94D4F27DC4F9AE02/i1fdFr2X-1v8IdnMqeK4bVUC4og.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cf:8e:6e:06:9c:96:36:a1:18:f1:1c:2d:db:22:95:1b:cb:08: 10:67:f3:1d:03:ea:da:13:ae:24:80:c3:a0:82:84:8b:35:e4: ec:d0:c8:54:21:eb:df:6a:b0:7b:53:ec:8a:69:43:2f:8d:3a: 57:5f:aa:f8:a5:22:42:09:7b:45:de:4d:48:30:ac:97:76:9d: d0:3f:cf:cd:41:1e:29:89:81:f6:91:fd:59:8e:6c:01:dc:43: 1c:36:2a:bd:bc:1e:78:b4:73:a5:6d:b5:fd:27:f9:fb:d5:d3: 6e:d5:68:54:ab:08:b9:3e:92:3b:29:5e:11:a3:ed:ec:3e:5f: b5:7e:ef:57:93:72:f9:3b:1b:48:8d:80:fc:b0:52:c0:59:ee: b7:8c:71:ab:ec:a5:d0:b6:d6:80:ff:ec:0b:17:da:f5:a2:e2: a7:01:d4:10:d7:e5:80:a7:c1:f2:e7:d6:5e:42:5d:c5:59:03: 11:54:87:7b:e9:3b:d9:dd:af:d4:4c:d7:0f:53:16:74:0f:d7: b6:91:ca:1f:7b:c8:db:f7:90:62:16:c6:8c:56:01:d3:48:50: 42:2f:96:b8:de:1f:d7:b2:49:d7:5e:04:66:4a:d8:03:0b:02: ff:d8:05:7f:a2:73:db:52:e7:56:1a:ca:c3:15:84:01:f5:90: b8:ba:60:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBY4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjkyOUYxMTAvBgNVBAUTKDhCNTdERDE2QkQ5N0ZCNUJGQzIxRDlDQ0E5RTJCODZE NTUwMkUyODgwHhcNMjUwNTMwMjMyNjI1WhcNMjUwNjA2MjMyNjI1WjAYMRYwFAYD VQQDEw02ODNhM2VhMi1mNTE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0MSUQjE2GmTC8hQNvatjroETftxYNFGw3Z9OYo/aJQdVvo6s8mW0M2MbVU6j OnPCZuW7wCbZgs0nJqo7/oXKGDtOnNRw/bEnk24/4oLYKDVjMZtTsbqxRHc1mlV1 DDP8tDHzNcu8A4Ks14foMgP18VC+SXwOvUWwEXlxAbjnvx+8yJBXBbbeVFJBJteu BCTIlP7loCKxVFn65w3KmCCQPPy+SAjQ16C7RCbl96WP0lJ5kZyHPfx0OCm75KBA jTjHydOTZPEF3/NYw4VWxWdPdVi0+nMIod3y3zMJM81lAHFtulG0Z+W2SLWp30TG /EUNDynXcgu78iJpmry5fmetrQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKBuDNtP fl1PBL/qQ5cjYmdAO7VzMB8GA1UdIwQYMBaAFItX3Ra9l/tb/CHZzKniuG1VAuKI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTI5Ri8zQkU1NDlDRUQ2 NEUxMUVCOTRENEYyN0RDNEY5QUUwMi9pMWZkRnIyWC0xdjhJZG5NcWVLNGJWVUM0 b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2kxZmRGcjJYLTF2OElkbk1xZUs0YlZVQzRvZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OTI5Ri8zQkU1NDlDRUQ2NEUxMUVCOTRENEYyN0RDNEY5QUUwMi9pMWZkRnIyWC0x djhJZG5NcWVLNGJWVUM0b2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDPjm4GnJY2oRjxHC3bIpUbywgQZ/MdA+raE64kgMOggoSLNeTs0MhU IevfarB7U+yKaUMvjTpXX6r4pSJCCXtF3k1IMKyXdp3QP8/NQR4piYH2kf1ZjmwB 3EMcNiq9vB54tHOlbbX9J/n71dNu1WhUqwi5PpI7KV4Ro+3sPl+1fu9Xk3L5OxtI jYD8sFLAWe63jHGr7KXQttaA/+wLF9r1ouKnAdQQ1+WAp8Hy59ZeQl3FWQMRVId7 6TvZ3a/UTNcPUxZ0D9e2kcofe8jb95BiFsaMVgHTSFBCL5a43h/XsknXXgRmStgD CwL/2AV/onPbUudWGsrDFYQB9ZC4umBE -----END CERTIFICATE-----Generated at Sat May 31 16:25:56 2025 by rpki-client