$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft File: US3AbkHAiZokofyIXrNG5FMH80c.mft (raw, json) Hash identifier: ofHqRiwTuFK+gbF/Y0AgHthVVFpN4h3GF0BVoqnvnL4= Subject key identifier: BF:32:68:E8:BD:54:9C:31:13:1F:90:D0:D0:3E:23:71:D6:0E:52:C7 Authority key identifier: 51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 Certificate issuer: /CN=A91BA4F2/serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Certificate serial: 0958 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft Manifest number: 0952 Signing time: Fri 30 May 2025 21:01:39 +0000 Manifest this update: Fri 30 May 2025 21:01:39 +0000 Manifest next update: Fri 06 Jun 2025 21:01:39 +0000 Files and hashes: 1: US3AbkHAiZokofyIXrNG5FMH80c.crl (hash: mpKt28JWBlIIu3ND8pnECy3y8o+r7uG5qa3kMTRcOlc=) 2: 9EEA3006979411EA8C6FC25AC4F9AE02.roa (hash: S4ZaaJwKZSnUQdUJjzEBewIqlA4hqhU0xKL1nfod00M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 21:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2392 (0x958) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA4F2, serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Validity Not Before: May 30 21:01:39 2025 GMT Not After : Jun 6 21:01:39 2025 GMT Subject: CN=683a1cb3-06cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:e8:f8:e7:1a:b6:5d:45:06:d8:7f:84:a0:f3: 75:23:a5:ab:18:c5:2f:88:6b:9e:32:ec:4b:ef:29: 8c:5c:f1:d5:5e:e0:eb:70:0a:bb:e6:e8:a8:f2:d6: 82:52:1b:29:7c:8d:4c:ed:07:c3:9e:4c:86:0c:19: e7:e7:cc:dd:83:03:ce:31:db:b0:bf:21:ec:8e:c1: a7:f0:24:c1:0f:59:3f:0a:29:34:53:d9:0b:cb:6e: 02:22:85:f8:cb:a3:0e:11:4d:bf:f5:93:5b:b9:c9: 0c:8d:c1:75:06:cd:1e:d6:db:e8:af:2d:57:42:db: 42:16:34:86:80:3a:83:d5:86:1c:27:b9:4e:df:a1: 61:71:24:58:fb:c9:07:f1:ad:4f:85:47:6a:7d:49: bc:89:0a:81:2f:91:50:6a:10:99:eb:e5:b2:46:98: 8b:c4:d1:59:8e:e9:27:a2:a3:fd:a5:52:4c:2b:2c: 91:2c:c1:27:19:16:08:1f:49:bf:70:5a:76:2b:da: 2a:c2:d1:00:1c:da:49:6f:c6:b8:e1:f8:11:0c:a4: 82:8e:d5:34:93:89:01:96:82:68:ad:95:06:01:4f: d8:7c:da:b4:63:ac:a1:e3:48:cd:89:19:06:09:26: 46:93:46:54:72:51:e0:63:4a:30:e9:53:08:03:0f: 34:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:32:68:E8:BD:54:9C:31:13:1F:90:D0:D0:3E:23:71:D6:0E:52:C7 X509v3 Authority Key Identifier: keyid:51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:04:a3:ce:dd:f7:d1:72:d1:e0:c5:b0:f7:57:2e:80:21:82: b2:4d:ae:29:f6:5e:bb:00:57:d7:ea:3b:33:30:1d:da:67:0c: f7:38:a2:9c:d5:64:ca:b1:ec:58:0c:08:c0:f9:63:2b:ac:3c: 57:22:35:f9:80:21:a0:aa:01:2c:2b:6b:bb:26:57:00:3a:3b: 03:49:78:71:71:2c:2b:31:75:b0:ef:f2:38:51:d0:e7:54:f0: a5:26:69:64:1c:9d:9c:8a:04:d2:5b:6c:6b:63:cb:ca:68:25: e0:0e:7e:f4:5e:01:a4:2e:cf:83:f6:4a:3f:7d:0c:54:f2:ab: d0:3c:32:87:9c:ca:cd:22:d6:25:b9:90:c5:42:59:fd:3c:91: 6a:9a:6d:7f:c7:fb:92:12:a8:74:d0:d1:59:c9:eb:f7:c8:53: 9b:5c:a5:39:ef:ad:31:72:68:4c:4f:cc:31:92:22:a9:d2:7d: f5:5a:e2:2d:3f:77:ba:6d:3b:1c:7e:14:3a:4f:19:29:5b:bc: 62:0d:2a:25:34:b9:8a:d8:15:0c:70:a8:72:28:c3:7d:b0:29: 8a:a2:90:7e:eb:61:e6:24:2b:da:f8:7e:79:b2:a7:e7:eb:0a: af:5c:a0:ed:01:0a:a5:17:6c:0a:8c:39:c4:55:d9:3c:81:68: 12:0e:c5:aa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCVgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkE0RjIxMTAvBgNVBAUTKDUxMkRDMDZFNDFDMDg5OUEyNEExRkM4ODVFQjM0NkU0 NTMwN0YzNDcwHhcNMjUwNTMwMjEwMTM5WhcNMjUwNjA2MjEwMTM5WjAYMRYwFAYD VQQDEw02ODNhMWNiMy0wNmNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1uj45xq2XUUG2H+EoPN1I6WrGMUviGueMuxL7ymMXPHVXuDrcAq75uio8taC UhspfI1M7QfDnkyGDBnn58zdgwPOMduwvyHsjsGn8CTBD1k/Cik0U9kLy24CIoX4 y6MOEU2/9ZNbuckMjcF1Bs0e1tvory1XQttCFjSGgDqD1YYcJ7lO36FhcSRY+8kH 8a1PhUdqfUm8iQqBL5FQahCZ6+WyRpiLxNFZjuknoqP9pVJMKyyRLMEnGRYIH0m/ cFp2K9oqwtEAHNpJb8a44fgRDKSCjtU0k4kBloJorZUGAU/YfNq0Y6yh40jNiRkG CSZGk0ZUclHgY0ow6VMIAw80cQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL8yaOi9 VJwxEx+Q0NA+I3HWDlLHMB8GA1UdIwQYMBaAFFEtwG5BwImaJKH8iF6zRuRTB/NH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTRGMi8yQUVERUY5QTk3 OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWlab2tvZnlJWHJORzVGTUg4 MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VTM0Fia0hBaVpva29meUlYck5HNUZNSDgwYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QTRGMi8yQUVERUY5QTk3OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWla b2tvZnlJWHJORzVGTUg4MGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCRBKPO3ffRctHgxbD3Vy6AIYKyTa4p9l67AFfX6jszMB3aZwz3OKKc 1WTKsexYDAjA+WMrrDxXIjX5gCGgqgEsK2u7JlcAOjsDSXhxcSwrMXWw7/I4UdDn VPClJmlkHJ2cigTSW2xrY8vKaCXgDn70XgGkLs+D9ko/fQxU8qvQPDKHnMrNItYl uZDFQln9PJFqmm1/x/uSEqh00NFZyev3yFObXKU5760xcmhMT8wxkiKp0n31WuIt P3e6bTscfhQ6TxkpW7xiDSolNLmK2BUMcKhyKMN9sCmKopB+62HmJCva+H55sqfn 6wqvXKDtAQqlF2wKjDnEVdk8gWgSDsWq -----END CERTIFICATE-----Generated at Sat May 31 16:35:52 2025 by rpki-client