$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9B0D/98B7280E8AB611EB8237D414C4F9AE02/2cZrDkILkTQXPVU9FqoLFGt3R3M.mft File: 2cZrDkILkTQXPVU9FqoLFGt3R3M.mft (raw, json) Hash identifier: L9sSqVnqqyVBXuHXG7UdAAyOQCaYklv+Qad5dPJSJoY= Subject key identifier: 5E:61:A9:C8:D5:C7:A1:98:0E:80:7B:FE:3F:43:72:E3:5C:7E:68:38 Authority key identifier: D9:C6:6B:0E:42:0B:91:34:17:3D:55:3D:16:AA:0B:14:6B:77:47:73 Certificate issuer: /CN=A91B9B0D/serialNumber=D9C66B0E420B9134173D553D16AA0B146B774773 Certificate serial: 0653 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2cZrDkILkTQXPVU9FqoLFGt3R3M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9B0D/98B7280E8AB611EB8237D414C4F9AE02/2cZrDkILkTQXPVU9FqoLFGt3R3M.mft Manifest number: 064E Signing time: Mon 02 Jun 2025 22:49:05 +0000 Manifest this update: Mon 02 Jun 2025 22:49:04 +0000 Manifest next update: Mon 09 Jun 2025 22:49:04 +0000 Files and hashes: 1: 2cZrDkILkTQXPVU9FqoLFGt3R3M.crl (hash: KLggxyo3Ta13xxhsYpZvWz5IeX2tuJ719pMzPD3Nu20=) 2: E0147FC48AB811EB92252D18C4F9AE02.roa (hash: yb9hS/9t+HFAqgotQ9pzr3SSBSrg5s2fRTDoStJTXT8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9B0D/98B7280E8AB611EB8237D414C4F9AE02/2cZrDkILkTQXPVU9FqoLFGt3R3M.crl rsync://rpki.apnic.net/member_repository/A91B9B0D/98B7280E8AB611EB8237D414C4F9AE02/2cZrDkILkTQXPVU9FqoLFGt3R3M.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2cZrDkILkTQXPVU9FqoLFGt3R3M.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 22:49:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1619 (0x653) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9B0D, serialNumber=D9C66B0E420B9134173D553D16AA0B146B774773 Validity Not Before: Jun 2 22:49:04 2025 GMT Not After : Jun 9 22:49:04 2025 GMT Subject: CN=683e2a61-f32e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:1b:4b:a7:90:00:4a:8a:c7:33:4a:19:5b:b1: 72:6e:42:4e:84:92:00:46:fa:82:53:00:aa:28:8a: 28:e5:d5:38:4c:2e:29:21:48:d7:a6:29:ae:51:4a: 80:de:da:d7:0e:7d:89:a2:7d:98:b9:07:d1:61:70: 38:d9:2c:48:b6:1b:4a:c5:db:93:80:7f:a0:81:50: b7:fc:24:36:3e:50:31:39:b3:4a:e4:28:7d:c6:fb: da:5c:15:35:8d:31:09:02:74:13:15:ab:ab:a5:9a: 09:bd:2f:1d:85:af:11:41:ee:56:83:c8:07:65:e2: 2a:50:29:bf:8c:60:d9:2b:f2:44:a6:86:45:f1:21: 10:e8:f6:d8:5b:9d:76:c2:49:df:f6:09:dd:d3:09: 46:0c:77:af:d2:34:fc:35:e9:a3:60:4f:f9:9a:b5: 71:37:fe:f0:c1:96:97:e2:c7:e4:a0:22:a6:21:99: cc:cf:aa:9a:b5:66:07:8c:6c:82:de:8a:96:c9:02: 89:00:f5:6b:ef:af:46:c0:e6:41:20:f0:b6:fe:79: 35:90:24:52:6e:65:09:04:3d:2e:62:09:4f:d1:1f: 62:2c:b7:e0:04:20:cd:7e:34:56:90:db:67:31:9a: 55:e1:cf:ab:bd:3f:70:96:3c:59:4b:04:bc:9e:ed: bd:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:61:A9:C8:D5:C7:A1:98:0E:80:7B:FE:3F:43:72:E3:5C:7E:68:38 X509v3 Authority Key Identifier: keyid:D9:C6:6B:0E:42:0B:91:34:17:3D:55:3D:16:AA:0B:14:6B:77:47:73 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9B0D/98B7280E8AB611EB8237D414C4F9AE02/2cZrDkILkTQXPVU9FqoLFGt3R3M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2cZrDkILkTQXPVU9FqoLFGt3R3M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9B0D/98B7280E8AB611EB8237D414C4F9AE02/2cZrDkILkTQXPVU9FqoLFGt3R3M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:0e:86:84:ee:4e:cd:d4:58:43:37:50:85:48:3f:a6:20:0e: 0f:69:15:c0:4f:a0:ea:2d:d6:bd:86:42:65:99:aa:48:17:1e: 85:4a:5d:9f:dc:20:9c:8b:e5:b7:4b:d5:4e:0e:17:66:e6:5e: 86:e9:dc:e8:50:32:87:3a:ef:a0:08:84:fb:23:8a:e6:6e:62: 04:33:0f:ac:7d:10:16:cf:c1:ef:ad:ee:7c:d6:d8:02:68:3b: bc:dd:74:9f:0d:f0:5e:46:fe:b0:a2:ef:2a:45:48:7c:ba:1c: 81:47:23:b3:11:19:b8:16:84:79:1b:bc:b3:c2:f1:2e:2b:41: d8:81:90:2f:a3:94:1a:1e:6c:ab:03:fa:9c:bb:4d:65:ae:fb: 59:74:a7:39:02:2c:57:86:a2:db:43:a9:23:54:46:87:01:f7: e4:4d:7c:4d:ee:1f:8d:aa:df:e5:71:1a:24:42:f9:93:c8:ba: e3:b1:24:27:e8:9f:98:fb:69:ca:e0:43:30:dd:02:e6:2c:64: 70:1a:b1:c4:c2:86:b4:34:83:6b:e1:ff:9d:1f:b2:8b:d2:54: 96:bf:c6:7a:a9:67:4a:da:d3:44:40:3d:f9:6d:ea:4e:57:90: db:7b:27:54:97:75:56:42:86:15:c8:9b:83:55:21:25:6d:5b: df:64:de:87 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBlMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjlCMEQxMTAvBgNVBAUTKEQ5QzY2QjBFNDIwQjkxMzQxNzNENTUzRDE2QUEwQjE0 NkI3NzQ3NzMwHhcNMjUwNjAyMjI0OTA0WhcNMjUwNjA5MjI0OTA0WjAYMRYwFAYD VQQDEw02ODNlMmE2MS1mMzJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyxtLp5AASorHM0oZW7FybkJOhJIARvqCUwCqKIoo5dU4TC4pIUjXpimuUUqA 3trXDn2Jon2YuQfRYXA42SxIthtKxduTgH+ggVC3/CQ2PlAxObNK5Ch9xvvaXBU1 jTEJAnQTFaurpZoJvS8dha8RQe5Wg8gHZeIqUCm/jGDZK/JEpoZF8SEQ6PbYW512 wknf9gnd0wlGDHev0jT8NemjYE/5mrVxN/7wwZaX4sfkoCKmIZnMz6qatWYHjGyC 3oqWyQKJAPVr769GwOZBIPC2/nk1kCRSbmUJBD0uYglP0R9iLLfgBCDNfjRWkNtn MZpV4c+rvT9wljxZSwS8nu29LQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF5hqcjV x6GYDoB7/j9DcuNcfmg4MB8GA1UdIwQYMBaAFNnGaw5CC5E0Fz1VPRaqCxRrd0dz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUIwRC85OEI3MjgwRThB QjYxMUVCODIzN0Q0MTRDNEY5QUUwMi8yY1pyRGtJTGtUUVhQVlU5RnFvTEZHdDNS M00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzJjWnJEa0lMa1RRWFBWVTlGcW9MRkd0M1IzTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OUIwRC85OEI3MjgwRThBQjYxMUVCODIzN0Q0MTRDNEY5QUUwMi8yY1pyRGtJTGtU UVhQVlU5RnFvTEZHdDNSM00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWDoaE7k7N1FhDN1CFSD+mIA4PaRXAT6DqLda9hkJlmapIFx6FSl2f 3CCci+W3S9VODhdm5l6G6dzoUDKHOu+gCIT7I4rmbmIEMw+sfRAWz8Hvre581tgC aDu83XSfDfBeRv6wou8qRUh8uhyBRyOzERm4FoR5G7yzwvEuK0HYgZAvo5QaHmyr A/qcu01lrvtZdKc5AixXhqLbQ6kjVEaHAffkTXxN7h+Nqt/lcRokQvmTyLrjsSQn 6J+Y+2nK4EMw3QLmLGRwGrHEwoa0NINr4f+dH7KL0lSWv8Z6qWdK2tNEQD35bepO V5DbeydUl3VWQoYVyJuDVSElbVvfZN6H -----END CERTIFICATE-----Generated at Tue Jun 3 23:45:25 2025 by rpki-client