$ rpki-client -vvf rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft File: REhMnzpz9xlXK4vIoaH9nln6hPY.mft (raw, json) Hash identifier: k67tuZO82ohRA3Sjqf4PIGDxKXbcY1nvPoWT+el++gg= Subject key identifier: B7:E5:4F:80:78:78:FE:5E:0B:DB:E2:D0:63:69:4F:A5:60:E3:EA:C0 Authority key identifier: 44:48:4C:9F:3A:73:F7:19:57:2B:8B:C8:A1:A1:FD:9E:59:FA:84:F6 Certificate issuer: /CN=A91BD73B/serialNumber=44484C9F3A73F719572B8BC8A1A1FD9E59FA84F6 Certificate serial: 3483 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft Manifest number: 3483 Signing time: Sat 31 May 2025 15:16:56 +0000 Manifest this update: Sat 31 May 2025 15:16:56 +0000 Manifest next update: Sat 07 Jun 2025 15:16:56 +0000 Files and hashes: 1: REhMnzpz9xlXK4vIoaH9nln6hPY.crl (hash: rSwvlK815jWsG52t2TOlspSflbc882gXUCCtL1ZhhZA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.crl rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:16:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13443 (0x3483) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BD73B, serialNumber=44484C9F3A73F719572B8BC8A1A1FD9E59FA84F6 Validity Not Before: May 31 15:16:56 2025 GMT Not After : Jun 7 15:16:56 2025 GMT Subject: CN=683b1d68-e06c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:55:a3:bd:62:4d:70:06:67:96:db:e3:94:df: 63:78:1b:62:d4:fb:55:55:36:76:28:ec:d8:97:de: a1:67:cb:99:92:2f:74:0c:0d:45:dc:5e:ff:a3:bc: 6b:ae:cc:53:1a:10:fd:85:2c:7e:f5:79:31:2a:5d: 08:24:41:33:7f:32:42:2c:ec:bf:83:92:9a:24:07: a6:9b:23:8b:48:8e:9d:72:38:dc:9a:4e:79:d9:5f: e4:b8:28:53:1d:56:24:95:95:eb:95:e1:36:81:b5: 30:62:37:1d:52:02:14:7f:36:ec:40:68:7b:cf:a6: 1f:0c:70:e5:e7:9c:81:fb:ab:25:ad:05:f5:06:3d: e1:0f:7e:26:74:74:4f:7a:84:32:b9:d2:be:da:5a: e0:96:3b:0a:51:da:57:67:ec:a0:92:c9:28:a0:09: 88:48:e1:05:c8:f4:20:49:b6:43:eb:82:58:26:8d: 93:bd:c0:b6:75:68:17:67:90:a6:eb:78:3c:af:0c: d4:7c:2f:1c:6d:f4:69:0c:e7:ba:e0:8b:b7:43:0b: 9a:87:31:a0:de:b9:12:a7:01:6d:74:d7:8e:41:88: b0:10:28:9e:b2:4f:30:b6:ab:cb:58:34:58:22:2b: 3d:41:e5:ad:ae:25:d7:9f:af:c8:4f:19:3e:d3:39: bf:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:E5:4F:80:78:78:FE:5E:0B:DB:E2:D0:63:69:4F:A5:60:E3:EA:C0 X509v3 Authority Key Identifier: keyid:44:48:4C:9F:3A:73:F7:19:57:2B:8B:C8:A1:A1:FD:9E:59:FA:84:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/REhMnzpz9xlXK4vIoaH9nln6hPY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BD73B/26BDF32C1DAA11E2BE25A6A508B02CD2/REhMnzpz9xlXK4vIoaH9nln6hPY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:80:06:b1:6f:28:98:55:ae:0f:7e:6d:76:0b:eb:d2:30:7c: 3c:e4:b1:20:42:54:9f:df:e7:81:10:f2:19:18:26:00:6d:b3: 35:61:41:06:0b:b5:95:78:08:5a:dc:36:4c:1f:04:2f:15:00: f2:fa:ca:f3:a9:6c:b2:e1:3e:db:34:71:42:18:d4:69:75:4f: 15:97:44:28:6c:38:8e:74:88:e9:59:99:e0:94:d2:af:0f:2a: 14:98:65:a4:3c:41:db:d3:26:2c:f4:ca:ea:36:0a:65:e3:1c: 9f:06:10:28:80:6c:28:04:03:13:94:0b:30:5f:98:3f:fb:5c: f9:08:2b:06:6d:ca:5f:e3:37:8e:ee:bb:e2:a9:23:cd:d0:d2: 22:a8:73:3f:bd:1c:89:ed:d4:76:e4:e3:de:88:b3:eb:88:b2: 5d:b5:31:76:cd:e8:38:94:8f:7e:bc:81:20:d0:9d:38:57:ed: 36:48:52:e3:3c:db:c8:92:be:75:1e:ff:58:53:53:85:e6:2e: 13:77:0f:6c:04:64:79:22:0d:89:59:19:98:d8:d3:c5:ec:87: bb:8a:37:b2:d5:4c:b1:c3:f2:e5:52:06:19:79:de:06:32:c0: 7d:fa:5f:45:59:e1:2f:57:d7:6b:f5:f5:a5:1c:60:8f:fc:c9: 81:fa:c4:7c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNIMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkQ3M0IxMTAvBgNVBAUTKDQ0NDg0QzlGM0E3M0Y3MTk1NzJCOEJDOEExQTFGRDlF NTlGQTg0RjYwHhcNMjUwNTMxMTUxNjU2WhcNMjUwNjA3MTUxNjU2WjAYMRYwFAYD VQQDEw02ODNiMWQ2OC1lMDZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA01WjvWJNcAZnltvjlN9jeBti1PtVVTZ2KOzYl96hZ8uZki90DA1F3F7/o7xr rsxTGhD9hSx+9XkxKl0IJEEzfzJCLOy/g5KaJAemmyOLSI6dcjjcmk552V/kuChT HVYklZXrleE2gbUwYjcdUgIUfzbsQGh7z6YfDHDl55yB+6slrQX1Bj3hD34mdHRP eoQyudK+2lrgljsKUdpXZ+ygkskooAmISOEFyPQgSbZD64JYJo2TvcC2dWgXZ5Cm 63g8rwzUfC8cbfRpDOe64Iu3QwuahzGg3rkSpwFtdNeOQYiwECiesk8wtqvLWDRY Iis9QeWtriXXn6/ITxk+0zm/AQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLflT4B4 eP5eC9vi0GNpT6Vg4+rAMB8GA1UdIwQYMBaAFERITJ86c/cZVyuLyKGh/Z5Z+oT2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRDczQi8yNkJERjMyQzFE QUExMUUyQkUyNUE2QTUwOEIwMkNEMi9SRWhNbnpwejl4bFhLNHZJb2FIOW5sbjZo UFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1JFaE1uenB6OXhsWEs0dklvYUg5bmxuNmhQWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RDczQi8yNkJERjMyQzFEQUExMUUyQkUyNUE2QTUwOEIwMkNEMi9SRWhNbnpwejl4 bFhLNHZJb2FIOW5sbjZoUFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB+gAaxbyiYVa4Pfm12C+vSMHw85LEgQlSf3+eBEPIZGCYAbbM1YUEG C7WVeAha3DZMHwQvFQDy+srzqWyy4T7bNHFCGNRpdU8Vl0QobDiOdIjpWZnglNKv DyoUmGWkPEHb0yYs9MrqNgpl4xyfBhAogGwoBAMTlAswX5g/+1z5CCsGbcpf4zeO 7rviqSPN0NIiqHM/vRyJ7dR25OPeiLPriLJdtTF2zeg4lI9+vIEg0J04V+02SFLj PNvIkr51Hv9YU1OF5i4Tdw9sBGR5Ig2JWRmY2NPF7Ie7ijey1Uyxw/LlUgYZed4G MsB9+l9FWeEvV9dr9fWlHGCP/MmB+sR8 -----END CERTIFICATE-----Generated at Sat May 31 17:49:34 2025 by rpki-client