$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft File: CB6icKn0s2sOyJai0hSO5Ok-Xys.mft (raw, json) Hash identifier: i+AXxv7ms5rJwutNUKSiGjn8D7250Z6oxUjgigFJE9k= Subject key identifier: AA:C2:80:C9:4B:73:DA:33:18:C2:1C:F1:2D:EF:44:44:2D:26:5E:B0 Authority key identifier: 08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B Certificate issuer: /CN=A91BB921/serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Certificate serial: 012B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft Manifest number: 0129 Signing time: Sat 31 May 2025 04:16:14 +0000 Manifest this update: Sat 31 May 2025 04:16:13 +0000 Manifest next update: Sat 07 Jun 2025 04:16:13 +0000 Files and hashes: 1: CB6icKn0s2sOyJai0hSO5Ok-Xys.crl (hash: H1oLdk9iyIi/oCxMb4yG/CxYxgDA1aEJixS7oUGH0gE=) 2: 5A387584756311EEA256FD57C4F9AE02.roa (hash: UFjrfeuvHWS1oxtfXr6IVRfPvTnGzzV9TdVJHu2o8cI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 04:16:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 299 (0x12b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB921, serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Validity Not Before: May 31 04:16:13 2025 GMT Not After : Jun 7 04:16:13 2025 GMT Subject: CN=683a828e-6375 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:4a:83:18:86:25:8b:a5:6c:ab:a9:7c:ed:af: dd:0f:44:5b:36:db:5e:cd:a8:14:26:b0:3a:f9:16: 18:d0:dc:fd:d5:ca:c8:d8:6c:da:46:15:b2:06:c2: 87:3d:23:f9:25:f5:6f:68:6a:d7:19:70:67:9b:ea: e0:33:bd:d2:07:9c:c1:c3:11:69:0c:d3:3a:3b:2d: 2d:7a:b9:b7:3e:cf:ce:a7:38:ed:9c:5d:7b:8d:9b: 26:e1:2f:e2:16:84:14:2d:83:e2:88:e5:eb:ec:04: fe:2a:74:35:c3:b6:c0:bd:ff:88:7b:dd:75:7c:bc: 63:a3:c5:7d:04:fe:53:f4:c8:78:c5:d4:fd:15:b2: cf:bf:eb:78:6f:25:bc:d0:ad:87:9a:6e:69:94:01: 61:96:5f:80:ff:92:0f:fa:ec:16:28:8c:4d:c1:71: a2:9c:9d:11:37:1c:a1:34:2b:01:cb:39:a1:2c:6e: 3d:9f:69:27:88:fe:d8:c1:c3:b9:42:39:c1:13:46: 3d:f7:b3:57:83:2f:6d:66:86:cf:bf:14:80:41:46: 4c:d6:8c:04:18:64:f6:50:ec:49:a3:25:1b:73:3d: 81:35:80:37:97:96:33:d4:c0:26:f3:6e:3d:14:3c: 76:cf:b1:8a:67:8c:dd:ec:d2:94:63:c2:55:93:fc: dc:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:C2:80:C9:4B:73:DA:33:18:C2:1C:F1:2D:EF:44:44:2D:26:5E:B0 X509v3 Authority Key Identifier: keyid:08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:75:02:fc:11:31:ed:4e:08:65:fd:ff:25:67:ff:bc:4f:11: 2b:e2:e6:3e:04:94:be:4c:bc:82:50:ea:db:17:1e:3f:bf:d7: 5e:16:86:74:b6:c1:e0:dd:da:e2:c4:f1:9f:ea:45:83:28:2c: c4:fe:e1:59:15:21:e3:cf:6a:04:1b:ca:f5:6a:0a:c8:a0:cd: ae:8b:fd:92:08:c9:52:18:4c:d5:82:20:74:f6:3c:50:c3:a9: 4f:6f:bc:9c:c0:29:83:f5:84:92:8c:d7:54:6c:d3:51:42:20: 10:be:2e:a8:85:df:1f:4a:90:67:96:7e:a2:45:7c:52:77:68: fd:a4:72:d6:ff:ab:24:78:96:7e:01:63:7f:ad:15:81:ee:06: f1:5d:50:68:cb:b2:cb:52:42:f3:d0:14:8a:2d:21:44:c6:d9: 89:a0:b7:45:82:4f:86:81:7e:3a:f3:77:58:92:5c:28:2f:57: 41:cf:37:18:2e:60:d1:fa:32:5c:51:9b:93:31:0c:c5:22:fc: 70:35:6f:11:8d:ff:ac:dc:63:51:26:a1:21:0a:14:4c:1a:50: 69:71:38:3a:3c:da:f1:d9:52:50:58:21:53:0a:50:11:99:82: 44:03:41:0a:10:a1:be:e0:45:51:b2:8f:b8:87:80:27:da:02: ba:7e:c3:ba -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI5MjExMTAvBgNVBAUTKDA4MUVBMjcwQTlGNEIzNkIwRUM4OTZBMkQyMTQ4RUU0 RTkzRTVGMkIwHhcNMjUwNTMxMDQxNjEzWhcNMjUwNjA3MDQxNjEzWjAYMRYwFAYD VQQDEw02ODNhODI4ZS02Mzc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp0qDGIYli6Vsq6l87a/dD0RbNttezagUJrA6+RYY0Nz91crI2GzaRhWyBsKH PSP5JfVvaGrXGXBnm+rgM73SB5zBwxFpDNM6Oy0term3Ps/OpzjtnF17jZsm4S/i FoQULYPiiOXr7AT+KnQ1w7bAvf+Ie911fLxjo8V9BP5T9Mh4xdT9FbLPv+t4byW8 0K2Hmm5plAFhll+A/5IP+uwWKIxNwXGinJ0RNxyhNCsByzmhLG49n2kniP7YwcO5 QjnBE0Y997NXgy9tZobPvxSAQUZM1owEGGT2UOxJoyUbcz2BNYA3l5Yz1MAm8249 FDx2z7GKZ4zd7NKUY8JVk/zcdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKrCgMlL c9ozGMIc8S3vREQtJl6wMB8GA1UdIwQYMBaAFAgeonCp9LNrDsiWotIUjuTpPl8r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjkyMS9EREI4RTE0Qzc1 NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMyc095SmFpMGhTTzVPay1Y eXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NCNmljS24wczJzT3lKYWkwaFNPNU9rLVh5cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjkyMS9EREI4RTE0Qzc1NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMy c095SmFpMGhTTzVPay1YeXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAadQL8ETHtTghl/f8lZ/+8TxEr4uY+BJS+TLyCUOrbFx4/v9deFoZ0 tsHg3drixPGf6kWDKCzE/uFZFSHjz2oEG8r1agrIoM2ui/2SCMlSGEzVgiB09jxQ w6lPb7ycwCmD9YSSjNdUbNNRQiAQvi6ohd8fSpBnln6iRXxSd2j9pHLW/6skeJZ+ AWN/rRWB7gbxXVBoy7LLUkLz0BSKLSFExtmJoLdFgk+GgX4683dYklwoL1dBzzcY LmDR+jJcUZuTMQzFIvxwNW8Rjf+s3GNRJqEhChRMGlBpcTg6PNrx2VJQWCFTClAR mYJEA0EKEKG+4EVRso+4h4An2gK6fsO6 -----END CERTIFICATE-----Generated at Sat May 31 17:07:44 2025 by rpki-client