$ rpki-client -vvf rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.mft File: FF-_nuMXN-kcPNSE7AFq48jzgDw.mft (raw, json) Hash identifier: XIRi8ZKjUfj2vWZTosOeSNrkihKhYCFSKA80C1TfFL0= Subject key identifier: 09:B4:0B:97:4B:4C:00:C8:6D:84:BA:AB:C4:24:F7:02:DE:18:04:59 Authority key identifier: 14:5F:BF:9E:E3:17:37:E9:1C:3C:D4:84:EC:01:6A:E3:C8:F3:80:3C Certificate issuer: /CN=A91B978D/serialNumber=145FBF9EE31737E91C3CD484EC016AE3C8F3803C Certificate serial: 02AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FF-_nuMXN-kcPNSE7AFq48jzgDw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.mft Manifest number: 02AA Signing time: Sat 31 May 2025 01:40:52 +0000 Manifest this update: Sat 31 May 2025 01:40:51 +0000 Manifest next update: Sat 07 Jun 2025 01:40:51 +0000 Files and hashes: 1: FF-_nuMXN-kcPNSE7AFq48jzgDw.crl (hash: TjE/xlIEfhFRpqYdXsYNZan6oqcxoTXm5RcGkH6iPxc=) 2: D5D64BB0FB6811EC863B8150C4F9AE02.roa (hash: QqynXUFn2t2DwRQgssbkvYUHxaAcBlMuvOzz1OFVxaQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.crl rsync://rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FF-_nuMXN-kcPNSE7AFq48jzgDw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:40:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 687 (0x2af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B978D, serialNumber=145FBF9EE31737E91C3CD484EC016AE3C8F3803C Validity Not Before: May 31 01:40:51 2025 GMT Not After : Jun 7 01:40:51 2025 GMT Subject: CN=683a5e24-b9cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:66:8a:7c:99:e5:03:4a:45:24:c9:82:c8:b7: 9c:37:08:ff:e0:e5:2f:c5:48:3c:36:df:af:34:83: bd:c3:93:a2:01:f4:83:98:8e:d1:b3:24:e2:4e:26: fd:62:d4:7e:77:c6:42:b0:8a:e6:5f:c8:16:4a:93: 67:fb:29:0e:91:d3:88:8d:42:37:3d:ab:62:e2:64: 5e:a6:91:3a:b3:57:e9:b2:e8:57:18:c0:51:30:3a: 67:9d:cc:86:f0:63:6f:a1:de:be:0c:c8:cd:34:31: a2:63:f5:08:ce:39:de:60:65:34:ba:7a:16:2e:f1: bd:b8:4b:cd:43:57:63:b9:bf:08:6c:f5:3d:ef:6f: 9b:a8:22:12:7e:6b:65:ab:fe:45:c1:33:84:27:82: 9c:d6:00:f7:75:50:e9:72:59:b3:3c:b0:21:3d:a6: 89:40:01:c3:d4:52:c8:51:3f:74:83:8d:e6:3f:20: 3b:6a:4d:50:61:df:65:36:55:b1:f0:e3:5f:64:24: f2:5d:00:22:db:49:ba:22:c9:f3:7d:75:b7:c9:59: 7b:1a:ce:99:40:67:85:24:b2:ca:f8:07:26:9e:13: 74:b3:3a:a9:b2:a7:01:a3:41:e6:ab:f9:34:2f:ea: 61:d0:e5:21:97:0e:90:ab:14:a1:1c:2e:ff:ee:8a: ad:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:B4:0B:97:4B:4C:00:C8:6D:84:BA:AB:C4:24:F7:02:DE:18:04:59 X509v3 Authority Key Identifier: keyid:14:5F:BF:9E:E3:17:37:E9:1C:3C:D4:84:EC:01:6A:E3:C8:F3:80:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FF-_nuMXN-kcPNSE7AFq48jzgDw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B978D/67B44828FB6611ECABA1014FC4F9AE02/FF-_nuMXN-kcPNSE7AFq48jzgDw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:2f:92:32:22:79:9d:35:8f:f5:ac:09:44:b9:1b:17:6e:3a: 46:b0:22:9a:66:d8:eb:b9:13:07:c5:40:71:b3:99:66:c9:f8: a9:54:93:6a:b2:53:87:c0:fa:5d:7c:10:49:8a:e6:9f:ba:38: 9c:c6:13:f4:62:dd:46:db:fd:7c:61:e9:84:4d:b2:a4:9d:fa: db:a3:52:ed:27:0e:b9:cb:74:7f:21:35:ac:6b:62:45:32:48: 28:32:b4:9d:02:4c:03:b6:3b:f0:f5:c4:f0:a6:ca:e5:87:88: 3c:fd:02:78:a8:6c:06:ad:d2:be:63:56:dd:61:a2:55:4f:d7: 86:d2:c8:54:84:26:cd:03:71:9f:52:87:9f:1a:e5:20:08:e8: 8a:65:e7:cf:58:e9:ac:fe:a3:ce:92:5f:fc:d2:87:6f:46:04: 10:cd:20:6f:a7:27:9a:9f:f2:c3:4a:b4:95:6c:6d:39:ea:f4: ba:f4:41:63:3b:8b:ea:19:06:47:b4:45:4e:16:b2:cb:44:0b: 91:38:a7:02:e8:c3:92:ea:1f:d3:9c:bc:cf:b0:fe:51:23:7e: 7c:35:80:ed:7f:fb:88:44:bd:b0:cd:b8:50:df:db:98:ec:de: 34:65:e7:1f:03:33:10:43:03:ef:f3:51:4b:1b:0b:c5:ed:bc: 20:20:d1:d0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAq8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjk3OEQxMTAvBgNVBAUTKDE0NUZCRjlFRTMxNzM3RTkxQzNDRDQ4NEVDMDE2QUUz QzhGMzgwM0MwHhcNMjUwNTMxMDE0MDUxWhcNMjUwNjA3MDE0MDUxWjAYMRYwFAYD VQQDEw02ODNhNWUyNC1iOWNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwmaKfJnlA0pFJMmCyLecNwj/4OUvxUg8Nt+vNIO9w5OiAfSDmI7RsyTiTib9 YtR+d8ZCsIrmX8gWSpNn+ykOkdOIjUI3Pati4mReppE6s1fpsuhXGMBRMDpnncyG 8GNvod6+DMjNNDGiY/UIzjneYGU0unoWLvG9uEvNQ1djub8IbPU972+bqCISfmtl q/5FwTOEJ4Kc1gD3dVDpclmzPLAhPaaJQAHD1FLIUT90g43mPyA7ak1QYd9lNlWx 8ONfZCTyXQAi20m6IsnzfXW3yVl7Gs6ZQGeFJLLK+AcmnhN0szqpsqcBo0Hmq/k0 L+ph0OUhlw6QqxShHC7/7oqt1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAm0C5dL TADIbYS6q8Qk9wLeGARZMB8GA1UdIwQYMBaAFBRfv57jFzfpHDzUhOwBauPI84A8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTc4RC82N0I0NDgyOEZC NjYxMUVDQUJBMTAxNEZDNEY5QUUwMi9GRi1fbnVNWE4ta2NQTlNFN0FGcTQ4anpn RHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZGLV9udU1YTi1rY1BOU0U3QUZxNDhqemdEdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OTc4RC82N0I0NDgyOEZCNjYxMUVDQUJBMTAxNEZDNEY5QUUwMi9GRi1fbnVNWE4t a2NQTlNFN0FGcTQ4anpnRHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBeL5IyInmdNY/1rAlEuRsXbjpGsCKaZtjruRMHxUBxs5lmyfipVJNq slOHwPpdfBBJiuafujicxhP0Yt1G2/18YemETbKknfrbo1LtJw65y3R/ITWsa2JF MkgoMrSdAkwDtjvw9cTwpsrlh4g8/QJ4qGwGrdK+Y1bdYaJVT9eG0shUhCbNA3Gf UoefGuUgCOiKZefPWOms/qPOkl/80odvRgQQzSBvpyean/LDSrSVbG056vS69EFj O4vqGQZHtEVOFrLLRAuROKcC6MOS6h/TnLzPsP5RI358NYDtf/uIRL2wzbhQ39uY 7N40ZecfAzMQQwPv81FLGwvF7bwgINHQ -----END CERTIFICATE-----Generated at Sat May 31 17:12:57 2025 by rpki-client