$ rpki-client -vvf rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.mft File: bODpSXEbID5KyyK2gPP_9H7RbGE.mft (raw, json) Hash identifier: uz1XXv1so93VzJCVqLGLYzp/rf6uoMpJdDFw5NbmfGo= Subject key identifier: 06:E1:E6:C5:0A:0B:6B:7A:2A:56:BC:47:3E:00:62:E7:36:8D:B2:8B Authority key identifier: 6C:E0:E9:49:71:1B:20:3E:4A:CB:22:B6:80:F3:FF:F4:7E:D1:6C:61 Certificate issuer: /CN=A91BDC3F/serialNumber=6CE0E949711B203E4ACB22B680F3FFF47ED16C61 Certificate serial: DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bODpSXEbID5KyyK2gPP_9H7RbGE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.mft Manifest number: D2 Signing time: Sat 31 May 2025 05:21:54 +0000 Manifest this update: Sat 31 May 2025 05:21:54 +0000 Manifest next update: Sat 07 Jun 2025 05:21:54 +0000 Files and hashes: 1: bODpSXEbID5KyyK2gPP_9H7RbGE.crl (hash: 1oQaxoB37dqokX6aG4BYUHslRlptD3YyjEHjYumJXVw=) 2: 7980C32AA71B11EFA8320136C4F9AE02.roa (hash: svWCFcB6b/XkbZIPeHevXUk9kvL6MAqPQu9nAp05skM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.crl rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bODpSXEbID5KyyK2gPP_9H7RbGE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:21:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 221 (0xdd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BDC3F, serialNumber=6CE0E949711B203E4ACB22B680F3FFF47ED16C61 Validity Not Before: May 31 05:21:54 2025 GMT Not After : Jun 7 05:21:54 2025 GMT Subject: CN=683a91f2-e0c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:8f:09:83:c9:a2:05:52:1b:56:38:76:c5:92: 7b:97:f3:0a:22:46:1d:a4:98:d3:a9:39:5a:59:a9: 17:22:12:49:46:1e:a5:42:51:f4:94:6c:33:d5:6f: 4f:6b:a1:2f:56:a6:ec:ee:6f:e1:ce:9f:fa:f3:8d: 02:e7:49:17:b1:e0:d3:84:b9:84:e0:71:31:02:4c: 02:c7:a4:c3:24:54:e5:93:cf:79:37:65:36:51:77: fb:23:eb:77:17:ea:2c:53:23:6d:8f:4b:7f:1e:d0: 8f:15:4e:12:03:aa:43:9e:c5:ad:7f:25:a8:0f:29: df:ac:d7:4e:06:af:3d:bf:1b:0f:12:49:3d:84:dd: 14:fc:d8:92:96:b7:d6:b6:b1:31:79:e6:63:90:76: a5:da:dd:e3:10:f1:a8:aa:a7:0b:b3:ee:f7:d7:17: 7f:53:00:43:62:b3:08:0b:d5:81:f4:0a:7f:5b:f4: bd:ab:f6:d1:21:2f:0a:9b:54:1e:31:26:47:d3:f0: 8a:80:60:14:36:62:00:ea:ec:68:76:d5:95:1e:df: 83:22:c0:6a:62:41:88:74:22:32:6e:0d:81:12:81: 16:ee:21:1e:8c:78:6d:71:8f:68:ea:05:02:98:d9: ac:8a:7a:9d:49:68:07:be:be:6d:aa:23:42:5d:2a: b5:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:E1:E6:C5:0A:0B:6B:7A:2A:56:BC:47:3E:00:62:E7:36:8D:B2:8B X509v3 Authority Key Identifier: keyid:6C:E0:E9:49:71:1B:20:3E:4A:CB:22:B6:80:F3:FF:F4:7E:D1:6C:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bODpSXEbID5KyyK2gPP_9H7RbGE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BDC3F/5CE810460EB011EF872E8127C4F9AE02/bODpSXEbID5KyyK2gPP_9H7RbGE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:07:49:34:e4:be:50:00:19:56:77:4a:a4:0f:cd:e7:ec:fd: 44:e2:3a:69:6e:8b:b1:0c:36:43:5b:bf:98:08:78:0a:6d:27: 2e:66:5a:a5:d6:53:ff:7f:36:e2:b9:10:e9:f6:ce:be:b4:bd: d1:5d:78:33:72:e6:38:0f:26:1b:03:46:6e:b3:aa:bb:80:1d: db:75:9a:1c:d1:1e:dc:51:12:3e:c9:b0:71:98:2a:39:35:47: a7:5e:68:3a:8b:61:13:79:cf:a2:d8:c0:9d:eb:26:b2:57:7f: f8:6f:7d:1f:6f:e8:1a:2c:6f:e0:07:e7:50:f8:a5:b4:84:66: 9c:48:26:a0:b0:db:be:dc:01:f9:82:a2:aa:54:c3:7c:11:e5: 8e:a8:d2:85:ec:e4:d6:0b:29:b7:27:44:03:69:17:e0:9b:66: d5:fb:a0:16:0f:67:7a:bd:87:1f:7a:79:65:d1:4b:3a:58:03: 0b:ca:9f:2d:52:d6:34:c5:4c:b0:bd:86:ee:67:ac:a6:4d:bb: a7:7b:8e:a6:65:4b:8c:e0:4c:7c:6b:d4:df:9e:d9:bb:70:12: e4:62:48:fe:fe:8d:2c:46:c8:d6:f9:8d:ee:e8:25:b6:fe:cf: 6a:3d:04:64:b5:ec:93:0d:1b:30:d2:2a:7a:e3:d9:14:19:2f: ef:4f:b2:8d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkRDM0YxMTAvBgNVBAUTKDZDRTBFOTQ5NzExQjIwM0U0QUNCMjJCNjgwRjNGRkY0 N0VEMTZDNjEwHhcNMjUwNTMxMDUyMTU0WhcNMjUwNjA3MDUyMTU0WjAYMRYwFAYD VQQDEw02ODNhOTFmMi1lMGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5Y8Jg8miBVIbVjh2xZJ7l/MKIkYdpJjTqTlaWakXIhJJRh6lQlH0lGwz1W9P a6EvVqbs7m/hzp/6840C50kXseDThLmE4HExAkwCx6TDJFTlk895N2U2UXf7I+t3 F+osUyNtj0t/HtCPFU4SA6pDnsWtfyWoDynfrNdOBq89vxsPEkk9hN0U/NiSlrfW trExeeZjkHal2t3jEPGoqqcLs+731xd/UwBDYrMIC9WB9Ap/W/S9q/bRIS8Km1Qe MSZH0/CKgGAUNmIA6uxodtWVHt+DIsBqYkGIdCIybg2BEoEW7iEejHhtcY9o6gUC mNmsinqdSWgHvr5tqiNCXSq1tQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAbh5sUK C2t6Kla8Rz4AYuc2jbKLMB8GA1UdIwQYMBaAFGzg6UlxGyA+SssitoDz//R+0Wxh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCREMzRi81Q0U4MTA0NjBF QjAxMUVGODcyRTgxMjdDNEY5QUUwMi9iT0RwU1hFYklENUt5eUsyZ1BQXzlIN1Ji R0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2JPRHBTWEViSUQ1S3l5SzJnUFBfOUg3UmJHRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC REMzRi81Q0U4MTA0NjBFQjAxMUVGODcyRTgxMjdDNEY5QUUwMi9iT0RwU1hFYklE NUt5eUsyZ1BQXzlIN1JiR0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBYB0k05L5QABlWd0qkD83n7P1E4jppbouxDDZDW7+YCHgKbScuZlql 1lP/fzbiuRDp9s6+tL3RXXgzcuY4DyYbA0Zus6q7gB3bdZoc0R7cURI+ybBxmCo5 NUenXmg6i2ETec+i2MCd6yayV3/4b30fb+gaLG/gB+dQ+KW0hGacSCagsNu+3AH5 gqKqVMN8EeWOqNKF7OTWCym3J0QDaRfgm2bV+6AWD2d6vYcfenll0Us6WAMLyp8t UtY0xUywvYbuZ6ymTbune46mZUuM4Ex8a9Tfntm7cBLkYkj+/o0sRsjW+Y3u6CW2 /s9qPQRkteyTDRsw0ip649kUGS/vT7KN -----END CERTIFICATE-----Generated at Sat May 31 17:08:58 2025 by rpki-client