$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft File: MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft (raw, json) Hash identifier: JHo8qPRclfcWMWMZ0Wce41fK+ZKC5ryVw8RrpuH9WLo= Subject key identifier: 00:38:ED:CD:B8:9D:96:B9:95:1D:04:12:EA:A3:50:2C:03:AF:41:1F Authority key identifier: 30:6E:34:FA:84:DA:09:0C:60:01:B3:54:64:BB:8C:42:63:57:D9:28 Certificate issuer: /CN=A91B9EC7/serialNumber=306E34FA84DA090C6001B35464BB8C426357D928 Certificate serial: 0128 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MG40-oTaCQxgAbNUZLuMQmNX2Sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft Manifest number: 0126 Signing time: Wed 11 Jun 2025 04:02:46 +0000 Manifest this update: Wed 11 Jun 2025 04:02:46 +0000 Manifest next update: Wed 18 Jun 2025 04:02:46 +0000 Files and hashes: 1: MG40-oTaCQxgAbNUZLuMQmNX2Sg.crl (hash: yCCHImW/rvdlk/a8UYXEuhfNO4KlPa9n+JdNSkFKP5Q=) 2: 02FC3E3C82A511EEA1F2710DC4F9AE02.roa (hash: 6W6Gywd7YHiIdjjDyCFNskNZyB3wgY++Ir7hfO/X2TY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.crl rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MG40-oTaCQxgAbNUZLuMQmNX2Sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 04:02:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 296 (0x128) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9EC7, serialNumber=306E34FA84DA090C6001B35464BB8C426357D928 Validity Not Before: Jun 11 04:02:46 2025 GMT Not After : Jun 18 04:02:46 2025 GMT Subject: CN=6848ffe6-2dff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:58:40:09:f0:36:1f:a6:f5:3d:d0:2b:ca:24: 7d:ed:c5:61:8f:1b:12:e2:e7:78:fb:fa:49:ff:4e: 4e:e5:42:65:1a:33:15:b6:35:93:11:54:74:bc:e1: b7:d3:a0:8c:11:a2:f2:7d:0e:eb:31:4c:05:94:7f: 25:b5:d1:fa:db:37:6f:40:fb:70:71:2b:97:76:ec: c7:5f:c0:25:9c:00:31:bd:60:6f:57:09:8e:77:3b: de:6b:7b:87:a0:fb:7a:da:02:78:af:a0:5b:aa:cc: 2d:09:61:3c:60:43:78:37:b9:99:f3:a5:ba:ee:c4: cd:3f:6a:54:78:a6:1d:d3:39:84:24:8d:0c:c4:7f: 6c:02:18:7f:d7:b3:37:79:bf:f0:d2:3e:ea:73:e0: 9f:49:a8:24:70:9f:9d:67:1e:89:75:6f:9c:c5:15: 42:96:52:65:c8:ae:c5:82:74:28:21:83:bb:1e:8b: fa:cb:30:65:d2:6f:34:c0:e0:85:42:37:03:be:4a: 0b:d0:91:c5:7c:09:c2:f1:50:32:33:42:ad:c8:0a: 98:22:a6:b0:41:1b:64:8a:d1:12:a7:35:02:f6:6f: 00:06:61:84:a7:6f:72:94:ee:a8:c4:1d:36:57:92: a8:8f:73:7f:28:4d:89:d2:2a:b1:52:38:4f:cf:99: 57:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:38:ED:CD:B8:9D:96:B9:95:1D:04:12:EA:A3:50:2C:03:AF:41:1F X509v3 Authority Key Identifier: keyid:30:6E:34:FA:84:DA:09:0C:60:01:B3:54:64:BB:8C:42:63:57:D9:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MG40-oTaCQxgAbNUZLuMQmNX2Sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:bc:40:14:dd:22:83:4b:c6:7a:2e:63:9a:fa:be:2d:01:1a: 50:7c:ec:33:53:af:a9:f4:f1:77:ba:81:9d:72:59:f7:f7:3d: 7c:b1:d1:58:be:eb:5a:ca:a1:19:e2:79:f1:53:1f:c5:93:89: c5:d5:41:9a:c8:ea:fe:41:d0:9f:3e:8e:20:96:9a:c1:f7:94: 2b:91:7e:70:40:22:c3:40:c0:7a:c3:01:17:f9:e4:f6:51:57: 11:8a:a6:fd:67:56:57:85:b7:e8:17:38:57:9f:6b:19:1c:01: c1:56:02:8e:c6:04:b2:fb:49:ed:58:45:22:17:46:3a:81:25: e0:72:d0:9a:17:5a:5d:d5:98:ab:5b:06:bb:44:46:db:22:3f: 3b:df:98:17:4c:86:66:02:a1:33:e4:cd:9e:fa:de:ce:40:af: d6:1c:fb:ec:29:6e:12:6f:35:90:4a:24:f9:2d:89:a1:0c:05: a6:63:04:5a:9c:4f:8f:0a:a1:51:f0:c8:4a:c9:8d:f7:6e:a3: 05:28:32:d2:84:ec:2f:c2:9d:e5:7d:16:e9:0b:53:72:d9:24: 47:d1:88:28:2e:10:f9:31:41:61:cb:e1:cd:c6:8e:6d:50:91: 57:bc:e5:d1:27:5b:66:7c:90:6f:ce:0e:a7:7e:b7:24:61:9f: fb:11:37:98 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjlFQzcxMTAvBgNVBAUTKDMwNkUzNEZBODREQTA5MEM2MDAxQjM1NDY0QkI4QzQy NjM1N0Q5MjgwHhcNMjUwNjExMDQwMjQ2WhcNMjUwNjE4MDQwMjQ2WjAYMRYwFAYD VQQDEw02ODQ4ZmZlNi0yZGZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsFhACfA2H6b1PdAryiR97cVhjxsS4ud4+/pJ/05O5UJlGjMVtjWTEVR0vOG3 06CMEaLyfQ7rMUwFlH8ltdH62zdvQPtwcSuXduzHX8AlnAAxvWBvVwmOdzvea3uH oPt62gJ4r6BbqswtCWE8YEN4N7mZ86W67sTNP2pUeKYd0zmEJI0MxH9sAhh/17M3 eb/w0j7qc+CfSagkcJ+dZx6JdW+cxRVCllJlyK7FgnQoIYO7Hov6yzBl0m80wOCF QjcDvkoL0JHFfAnC8VAyM0KtyAqYIqawQRtkitESpzUC9m8ABmGEp29ylO6oxB02 V5Koj3N/KE2J0iqxUjhPz5lXIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAA47c24 nZa5lR0EEuqjUCwDr0EfMB8GA1UdIwQYMBaAFDBuNPqE2gkMYAGzVGS7jEJjV9ko MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUVDNy9FNjNGMkY4QTgy QTMxMUVFOUIxMTczNTdDNEY5QUUwMi9NRzQwLW9UYUNReGdBYk5VWkx1TVFtTlgy U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01HNDAtb1RhQ1F4Z0FiTlVaTHVNUW1OWDJTZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OUVDNy9FNjNGMkY4QTgyQTMxMUVFOUIxMTczNTdDNEY5QUUwMi9NRzQwLW9UYUNR eGdBYk5VWkx1TVFtTlgyU2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnvEAU3SKDS8Z6LmOa+r4tARpQfOwzU6+p9PF3uoGdcln39z18sdFY vutayqEZ4nnxUx/Fk4nF1UGayOr+QdCfPo4glprB95QrkX5wQCLDQMB6wwEX+eT2 UVcRiqb9Z1ZXhbfoFzhXn2sZHAHBVgKOxgSy+0ntWEUiF0Y6gSXgctCaF1pd1Zir Wwa7REbbIj8735gXTIZmAqEz5M2e+t7OQK/WHPvsKW4SbzWQSiT5LYmhDAWmYwRa nE+PCqFR8MhKyY33bqMFKDLShOwvwp3lfRbpC1Ny2SRH0YgoLhD5MUFhy+HNxo5t UJFXvOXRJ1tmfJBvzg6nfrckYZ/7ETeY -----END CERTIFICATE-----Generated at Thu Jun 12 08:34:54 2025 by rpki-client