$ rpki-client -vvf rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.mft File: rT2HA4ULEnHo8xrgPjzJrEZg2UI.mft (raw, json) Hash identifier: Gi+IGJyWvncLi5l+ZPhp/IcxtTlsBdPROKDh9siuBUc= Subject key identifier: 82:45:44:E0:8B:B2:22:13:99:78:D4:93:78:82:FE:6E:5B:89:45:71 Authority key identifier: AD:3D:87:03:85:0B:12:71:E8:F3:1A:E0:3E:3C:C9:AC:46:60:D9:42 Certificate issuer: /CN=A91B97DB/serialNumber=AD3D8703850B1271E8F31AE03E3CC9AC4660D942 Certificate serial: 0C16 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rT2HA4ULEnHo8xrgPjzJrEZg2UI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.mft Manifest number: 0C0D Signing time: Fri 30 May 2025 18:52:42 +0000 Manifest this update: Fri 30 May 2025 18:52:42 +0000 Manifest next update: Fri 06 Jun 2025 18:52:42 +0000 Files and hashes: 1: rT2HA4ULEnHo8xrgPjzJrEZg2UI.crl (hash: 5Oj5W2q7TIzNBnlKTKQEkNFuz8Du220CYZAy/b1wG8o=) 2: 5A0FAE220F7011EAB8E21167C4F9AE02.roa (hash: TQZLfyrNNm4rH/joKuV/c0LtGb3rqWKsaid6lV6en3Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.crl rsync://rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rT2HA4ULEnHo8xrgPjzJrEZg2UI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 18:52:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3094 (0xc16) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B97DB, serialNumber=AD3D8703850B1271E8F31AE03E3CC9AC4660D942 Validity Not Before: May 30 18:52:42 2025 GMT Not After : Jun 6 18:52:42 2025 GMT Subject: CN=6839fe7a-cf5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:94:99:74:c1:1b:4f:1f:37:4d:8a:31:90:10: 11:9d:d5:38:b7:dd:94:98:72:ee:c4:78:d3:e6:a9: c2:ef:46:5d:01:3a:11:fa:70:45:8e:92:47:3c:37: 78:96:f4:c8:57:65:a7:95:a4:07:26:98:6c:4a:1f: 11:61:06:a8:73:f3:cf:72:59:9b:e4:ad:6f:fd:c7: 1c:e5:43:07:b3:27:fb:e7:c7:f4:db:31:6a:62:f3: d9:ef:ee:81:41:01:bd:1f:b8:f6:ba:47:67:9d:4b: d4:82:b1:dd:8a:ec:2c:b6:d1:e3:89:3f:85:bb:41: 59:bf:c5:34:95:9a:7e:11:9c:7b:88:b3:1f:68:52: 06:23:ac:cd:e8:1d:32:89:c2:46:9a:74:cc:43:ef: e8:5c:02:d8:a1:30:93:47:74:b0:a5:4d:57:99:8c: 21:19:69:b2:76:9b:45:06:a9:60:30:bb:5f:b5:b3: db:d3:d8:72:f9:b5:ea:e5:13:e6:9e:66:66:ca:a0: 2e:82:a8:ef:38:e4:0b:ab:3e:26:4a:c9:f3:e3:c0: 89:ce:aa:b4:25:55:58:e0:e3:4b:f5:52:76:98:8e: 05:37:87:15:f9:28:a2:89:bf:6f:1c:61:ba:46:43: f0:a5:3d:a1:4c:24:0d:88:59:dd:e6:33:fa:87:22: 17:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:45:44:E0:8B:B2:22:13:99:78:D4:93:78:82:FE:6E:5B:89:45:71 X509v3 Authority Key Identifier: keyid:AD:3D:87:03:85:0B:12:71:E8:F3:1A:E0:3E:3C:C9:AC:46:60:D9:42 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rT2HA4ULEnHo8xrgPjzJrEZg2UI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B97DB/4E410ACE0F6F11EAAB0ADB64C4F9AE02/rT2HA4ULEnHo8xrgPjzJrEZg2UI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 87:07:76:98:23:02:d5:f8:15:1a:35:67:7b:10:09:e3:b2:c2: 24:8b:76:72:b7:af:12:9a:76:0e:36:e4:84:cb:37:0a:bc:63: f8:e8:37:e1:ad:85:b2:7d:96:39:38:3b:2f:12:a8:6e:d2:ba: af:61:52:7e:5d:ed:0c:6a:10:21:25:54:6a:0a:41:24:e4:4d: 38:ad:18:6c:a4:6f:49:ef:c2:ef:b3:98:0a:60:bf:75:02:19: 8f:3c:a0:72:a1:e0:38:ab:83:96:84:4e:f9:f8:9b:18:b4:58: f2:93:b9:76:43:81:8e:1c:aa:0a:54:32:dc:46:81:64:a4:a4: 82:50:7d:00:ab:b4:67:de:19:93:c4:68:b4:66:ee:ff:43:9b: 40:ae:06:d1:00:8e:f9:75:28:a9:2c:51:bd:d2:58:bf:7b:56: ae:06:be:92:0e:e1:4a:2b:42:7d:87:f1:5d:3f:80:8f:ce:25: aa:37:88:e2:38:5c:6e:3b:69:90:e1:0c:72:4b:7d:52:b3:24: d8:db:6b:7d:3e:25:2d:44:f1:66:5c:65:8f:9f:9d:54:d9:83: cf:87:21:32:f9:50:b2:a0:6e:ad:a0:93:a9:c6:60:98:e1:0a: c6:72:6d:67:b3:e5:4a:a8:98:24:6a:4e:de:cd:22:5d:97:c4: 84:ee:af:c1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDBYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjk3REIxMTAvBgNVBAUTKEFEM0Q4NzAzODUwQjEyNzFFOEYzMUFFMDNFM0NDOUFD NDY2MEQ5NDIwHhcNMjUwNTMwMTg1MjQyWhcNMjUwNjA2MTg1MjQyWjAYMRYwFAYD VQQDEw02ODM5ZmU3YS1jZjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo5SZdMEbTx83TYoxkBARndU4t92UmHLuxHjT5qnC70ZdAToR+nBFjpJHPDd4 lvTIV2WnlaQHJphsSh8RYQaoc/PPclmb5K1v/ccc5UMHsyf758f02zFqYvPZ7+6B QQG9H7j2ukdnnUvUgrHdiuwsttHjiT+Fu0FZv8U0lZp+EZx7iLMfaFIGI6zN6B0y icJGmnTMQ+/oXALYoTCTR3SwpU1XmYwhGWmydptFBqlgMLtftbPb09hy+bXq5RPm nmZmyqAugqjvOOQLqz4mSsnz48CJzqq0JVVY4ONL9VJ2mI4FN4cV+Siiib9vHGG6 RkPwpT2hTCQNiFnd5jP6hyIXpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIJFROCL siITmXjUk3iC/m5biUVxMB8GA1UdIwQYMBaAFK09hwOFCxJx6PMa4D48yaxGYNlC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTdEQi80RTQxMEFDRTBG NkYxMUVBQUIwQURCNjRDNEY5QUUwMi9yVDJIQTRVTEVuSG84eHJnUGp6SnJFWmcy VUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JUMkhBNFVMRW5Ibzh4cmdQanpKckVaZzJVSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OTdEQi80RTQxMEFDRTBGNkYxMUVBQUIwQURCNjRDNEY5QUUwMi9yVDJIQTRVTEVu SG84eHJnUGp6SnJFWmcyVUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCHB3aYIwLV+BUaNWd7EAnjssIki3Zyt68SmnYONuSEyzcKvGP46Dfh rYWyfZY5ODsvEqhu0rqvYVJ+Xe0MahAhJVRqCkEk5E04rRhspG9J78Lvs5gKYL91 AhmPPKByoeA4q4OWhE75+JsYtFjyk7l2Q4GOHKoKVDLcRoFkpKSCUH0Aq7Rn3hmT xGi0Zu7/Q5tArgbRAI75dSipLFG90li/e1auBr6SDuFKK0J9h/FdP4CPziWqN4ji OFxuO2mQ4QxyS31SsyTY22t9PiUtRPFmXGWPn51U2YPPhyEy+VCyoG6toJOpxmCY 4QrGcm1ns+VKqJgkak7ezSJdl8SE7q/B -----END CERTIFICATE-----Generated at Sat May 31 14:56:23 2025 by rpki-client