$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft File: lKlQswO0aQDdWjBhAwyJpIloA68.mft (raw, json) Hash identifier: bN6WVnFZXBIB/XvyrA0eG2I4oEnggOojIV42+vP36Z4= Subject key identifier: 13:7D:08:74:3C:9D:30:0E:20:10:10:3C:D9:2A:42:A8:E3:D4:5A:70 Authority key identifier: 94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF Certificate issuer: /CN=A91BAD2D/serialNumber=94A950B303B46900DD5A3061030C89A4896803AF Certificate serial: E6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft Manifest number: E3 Signing time: Sat 31 May 2025 05:06:52 +0000 Manifest this update: Sat 31 May 2025 05:06:51 +0000 Manifest next update: Sat 07 Jun 2025 05:06:51 +0000 Files and hashes: 1: lKlQswO0aQDdWjBhAwyJpIloA68.crl (hash: Mab7eyff3907gR2XkVVE7ePZtYYueHAKw/uVjD6DmHY=) 2: 33B566F2E80811EEB4888B0FC4F9AE02.roa (hash: ZSDoXQLk70kw9Tv9vuIwvYTULilf6nNLQq+LER2jQIQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.crl rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:06:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 230 (0xe6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BAD2D, serialNumber=94A950B303B46900DD5A3061030C89A4896803AF Validity Not Before: May 31 05:06:51 2025 GMT Not After : Jun 7 05:06:51 2025 GMT Subject: CN=683a8e6c-ea06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:e5:03:6c:1f:15:e0:0d:6b:db:9d:ad:9f:7a: 3a:1e:d6:e7:28:e2:71:e5:45:33:79:3f:b1:54:b2: 65:b8:f5:73:5f:ed:21:b3:3e:1d:1a:06:47:71:16: ba:f3:0d:74:3f:8a:79:76:ea:ea:a0:7d:be:22:48: fb:98:f6:a3:06:ee:b1:d6:40:66:45:e9:e8:ae:9d: 24:78:1b:9f:2c:ab:58:7a:8a:ef:25:08:39:07:47: 0e:a7:0b:ac:12:aa:55:f5:0d:49:fa:09:af:bd:b5: 31:15:f2:41:fe:cd:b0:2a:0d:a9:65:30:f4:67:e0: 2a:d7:ac:5f:ec:83:91:ec:7f:bc:f5:00:bb:85:9d: 4e:04:c1:ec:c2:6c:17:b3:70:4c:cd:ee:2e:05:bd: 87:0c:b1:a0:f3:6c:2e:e3:7b:7e:cb:60:56:28:5d: 3b:3c:ef:b0:ea:99:9d:48:1f:06:1a:4c:eb:39:59: 6a:e4:a3:26:4b:3b:29:78:62:cb:d3:94:aa:93:a5: 84:71:f3:af:35:da:58:94:3a:0a:41:e3:10:0e:f1: 1f:35:77:d6:ae:cd:cc:ed:cf:c0:10:2d:ea:09:c7: c5:ac:f2:fa:6b:b1:e8:9b:b3:66:e8:eb:d3:59:9a: 26:cd:87:a9:eb:08:8f:17:61:06:18:fc:d4:69:4e: ff:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:7D:08:74:3C:9D:30:0E:20:10:10:3C:D9:2A:42:A8:E3:D4:5A:70 X509v3 Authority Key Identifier: keyid:94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6f:e4:35:03:5d:79:e1:6e:e3:b5:18:78:6b:6a:54:e6:38:cf: 54:7a:b9:3f:b6:39:70:cf:67:d6:28:b8:26:27:d3:77:71:bc: 88:3e:dc:57:f2:79:14:0d:0b:97:27:96:3f:6e:0b:92:68:63: bd:9e:fa:6c:36:b0:5d:b3:12:4f:5e:f8:29:06:c3:f8:04:f1: 48:82:fb:e7:d0:be:40:29:af:0e:aa:75:6f:2e:b9:43:cc:60: e9:b9:a4:ab:54:c0:75:98:8d:f4:cf:2e:1c:cf:14:0d:26:d2: 0b:82:ae:26:0c:f7:ff:87:9a:09:1b:e1:f0:72:e5:4c:6e:b0: cc:6d:8b:aa:d4:95:57:cb:e5:59:3a:c8:24:f1:9b:8c:ae:d1: a3:df:87:e8:81:f7:bc:a6:14:d9:90:35:e8:f9:86:cf:0d:1b: 67:a5:51:40:bb:8c:64:96:73:ef:c9:92:4c:01:0f:b5:bb:2d: ae:2a:65:35:f6:27:05:bd:05:62:29:a7:8f:bb:2a:47:a5:91: 36:0e:70:50:81:22:de:22:a6:bd:51:2c:19:bc:c3:4c:3f:54: 4d:bf:1c:54:07:8c:e4:69:5c:bf:91:66:1c:4f:54:69:51:05: 55:15:fc:64:59:49:3c:e9:e4:d4:e4:5f:1c:bb:e4:a8:c1:63: 80:a3:81:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkFEMkQxMTAvBgNVBAUTKDk0QTk1MEIzMDNCNDY5MDBERDVBMzA2MTAzMEM4OUE0 ODk2ODAzQUYwHhcNMjUwNTMxMDUwNjUxWhcNMjUwNjA3MDUwNjUxWjAYMRYwFAYD VQQDEw02ODNhOGU2Yy1lYTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxOUDbB8V4A1r252tn3o6HtbnKOJx5UUzeT+xVLJluPVzX+0hsz4dGgZHcRa6 8w10P4p5durqoH2+Ikj7mPajBu6x1kBmRenorp0keBufLKtYeorvJQg5B0cOpwus EqpV9Q1J+gmvvbUxFfJB/s2wKg2pZTD0Z+Aq16xf7IOR7H+89QC7hZ1OBMHswmwX s3BMze4uBb2HDLGg82wu43t+y2BWKF07PO+w6pmdSB8GGkzrOVlq5KMmSzspeGLL 05Sqk6WEcfOvNdpYlDoKQeMQDvEfNXfWrs3M7c/AEC3qCcfFrPL6a7Hom7Nm6OvT WZomzYep6wiPF2EGGPzUaU7/GwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBN9CHQ8 nTAOIBAQPNkqQqjj1FpwMB8GA1UdIwQYMBaAFJSpULMDtGkA3VowYQMMiaSJaAOv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQUQyRC85MDg4RUU1QUU4 MDExMUVFQUQ2QzUwMzBDNEY5QUUwMi9sS2xRc3dPMGFRRGRXakJoQXd5SnBJbG9B NjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xLbFFzd08wYVFEZFdqQmhBd3lKcElsb0E2OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QUQyRC85MDg4RUU1QUU4MDExMUVFQUQ2QzUwMzBDNEY5QUUwMi9sS2xRc3dPMGFR RGRXakJoQXd5SnBJbG9BNjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBv5DUDXXnhbuO1GHhralTmOM9Uerk/tjlwz2fWKLgmJ9N3cbyIPtxX 8nkUDQuXJ5Y/bguSaGO9nvpsNrBdsxJPXvgpBsP4BPFIgvvn0L5AKa8OqnVvLrlD zGDpuaSrVMB1mI30zy4czxQNJtILgq4mDPf/h5oJG+HwcuVMbrDMbYuq1JVXy+VZ Osgk8ZuMrtGj34fogfe8phTZkDXo+YbPDRtnpVFAu4xklnPvyZJMAQ+1uy2uKmU1 9icFvQViKaePuypHpZE2DnBQgSLeIqa9USwZvMNMP1RNvxxUB4zkaVy/kWYcT1Rp UQVVFfxkWUk86eTU5F8cu+SowWOAo4EH -----END CERTIFICATE-----Generated at Sat May 31 17:40:56 2025 by rpki-client