$ rpki-client -vvf rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/7AffwfGIh38OvP3gtIHMAiw0NrI.mft File: 7AffwfGIh38OvP3gtIHMAiw0NrI.mft (raw, json) Hash identifier: hZznBrPwhmLIx3vfO1susFfVuGbB+GGUGawLj0dJEz4= Subject key identifier: 1D:D0:B5:6C:7E:EB:BC:4C:1B:05:86:02:D3:AB:5A:48:A1:BC:9C:EE Authority key identifier: EC:07:DF:C1:F1:88:87:7F:0E:BC:FD:E0:B4:81:CC:02:2C:34:36:B2 Certificate issuer: /CN=A91BEE1D/serialNumber=EC07DFC1F188877F0EBCFDE0B481CC022C3436B2 Certificate serial: 4F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/7AffwfGIh38OvP3gtIHMAiw0NrI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/7AffwfGIh38OvP3gtIHMAiw0NrI.mft Manifest number: 4F Signing time: Sun 01 Jun 2025 06:59:29 +0000 Manifest this update: Sun 01 Jun 2025 06:59:29 +0000 Manifest next update: Sun 08 Jun 2025 06:59:29 +0000 Files and hashes: 1: 7AffwfGIh38OvP3gtIHMAiw0NrI.crl (hash: R0J3LH+1rJR/XGKGumY1v4RUewTsT8Z44Bo1Xlh5DKY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/7AffwfGIh38OvP3gtIHMAiw0NrI.crl rsync://rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/7AffwfGIh38OvP3gtIHMAiw0NrI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/7AffwfGIh38OvP3gtIHMAiw0NrI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 06:59:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 79 (0x4f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BEE1D, serialNumber=EC07DFC1F188877F0EBCFDE0B481CC022C3436B2 Validity Not Before: Jun 1 06:59:29 2025 GMT Not After : Jun 8 06:59:29 2025 GMT Subject: CN=683bfa51-9aaf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:a6:d6:86:9d:05:3f:07:f5:5b:1e:01:04:ce: 91:29:7c:9e:52:60:2e:c8:c5:8a:43:5d:8a:4d:b5: 6b:28:95:6e:12:8c:fc:20:7c:bc:21:bb:aa:51:d9: 08:64:db:34:5f:c8:cd:6c:76:d5:29:ac:1c:11:62: e9:ad:a1:ea:7a:1f:53:6f:71:e8:53:2c:08:a0:60: a6:ba:63:9f:d0:b0:63:95:b1:a5:ac:fd:cd:19:aa: b2:d1:b5:44:22:2a:f7:40:4f:63:ca:d7:aa:b7:a8: 01:5b:b7:6a:94:f0:4b:64:bb:dc:73:79:6b:ad:06: 42:d2:cc:48:db:bc:64:cb:ab:d0:e8:98:a4:9c:d9: c9:77:44:6c:d0:41:f1:e9:2d:d4:0f:fa:19:8c:28: 05:22:db:d6:5a:97:11:c7:ec:3c:60:b0:52:c5:67: 83:dd:4f:25:a6:e5:da:c6:4e:0d:0d:20:81:1b:50: 79:df:62:40:a6:81:02:51:c4:3c:0b:b4:78:9e:fa: 81:e2:1c:ca:71:0d:54:0b:ff:cb:37:14:c3:f9:23: 26:38:49:5e:66:17:b9:eb:f6:0e:d1:49:53:13:21: 3d:12:68:22:a2:6c:38:58:d0:94:7b:b5:fa:dc:bc: 83:91:4e:2e:d9:60:f7:d6:37:0f:c8:78:87:2f:6d: bd:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:D0:B5:6C:7E:EB:BC:4C:1B:05:86:02:D3:AB:5A:48:A1:BC:9C:EE X509v3 Authority Key Identifier: keyid:EC:07:DF:C1:F1:88:87:7F:0E:BC:FD:E0:B4:81:CC:02:2C:34:36:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/7AffwfGIh38OvP3gtIHMAiw0NrI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/7AffwfGIh38OvP3gtIHMAiw0NrI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BEE1D/92782234C70E11EF8067C466C4F9AE02/7AffwfGIh38OvP3gtIHMAiw0NrI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:4b:8a:8e:36:16:09:82:56:0e:cb:92:f5:49:e0:27:46:c2: a8:a6:8f:fe:61:78:6d:97:0b:8e:2c:f6:d9:a4:73:40:a6:c5: 9a:db:85:3a:3e:fa:e3:4d:4e:d3:12:ef:1d:1c:16:09:77:ad: 57:ea:7b:6d:33:87:b2:19:59:76:7b:20:06:14:8f:fc:54:ee: c3:98:6c:2c:38:9e:3d:4d:3f:b0:7f:f4:98:9c:d3:9a:0f:7e: bb:71:4c:9b:92:d5:44:9a:fa:91:a4:60:c4:61:ba:47:68:d6: 1b:75:68:16:b0:b4:e8:9b:9d:58:73:17:08:f1:c1:5f:ac:18: d2:1b:63:88:c6:54:92:fc:8e:42:1b:28:24:85:b2:88:4f:33: 9e:ce:8e:18:57:50:3f:e6:66:66:51:5f:d8:76:46:14:30:c9: 9f:74:99:d4:33:60:08:7b:47:8b:8a:39:5d:4a:b7:4e:02:a0: a1:5b:4e:9f:f0:9b:b4:d9:ef:41:1c:40:19:f4:e7:7d:85:79: a9:d8:62:46:3d:a7:25:f2:31:7d:02:95:cd:32:b8:a4:6f:3e: d1:81:c3:84:30:1c:db:72:da:c8:2a:69:7d:0a:f2:d9:57:47: d4:cb:9c:6a:ba:81:ad:18:c3:38:7a:62:1d:cd:92:0c:94:b1: a8:91:d9:12 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBTzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC RUUxRDExMC8GA1UEBRMoRUMwN0RGQzFGMTg4ODc3RjBFQkNGREUwQjQ4MUNDMDIy QzM0MzZCMjAeFw0yNTA2MDEwNjU5MjlaFw0yNTA2MDgwNjU5MjlaMBgxFjAUBgNV BAMTDTY4M2JmYTUxLTlhYWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDbptaGnQU/B/VbHgEEzpEpfJ5SYC7IxYpDXYpNtWsolW4SjPwgfLwhu6pR2Qhk 2zRfyM1sdtUprBwRYumtoep6H1NvcehTLAigYKa6Y5/QsGOVsaWs/c0ZqrLRtUQi KvdAT2PK16q3qAFbt2qU8Etku9xzeWutBkLSzEjbvGTLq9DomKSc2cl3RGzQQfHp LdQP+hmMKAUi29ZalxHH7DxgsFLFZ4PdTyWm5drGTg0NIIEbUHnfYkCmgQJRxDwL tHie+oHiHMpxDVQL/8s3FMP5IyY4SV5mF7nr9g7RSVMTIT0SaCKibDhY0JR7tfrc vIORTi7ZYPfWNw/IeIcvbb1zAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUHdC1bH7r vEwbBYYC06taSKG8nO4wHwYDVR0jBBgwFoAU7AffwfGIh38OvP3gtIHMAiw0NrIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJFRTFELzkyNzgyMjM0Qzcw RTExRUY4MDY3QzQ2NkM0RjlBRTAyLzdBZmZ3ZkdJaDM4T3ZQM2d0SUhNQWl3ME5y SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvN0FmZndmR0loMzhPdlAzZ3RJSE1BaXcwTnJJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUJF RTFELzkyNzgyMjM0QzcwRTExRUY4MDY3QzQ2NkM0RjlBRTAyLzdBZmZ3ZkdJaDM4 T3ZQM2d0SUhNQWl3ME5ySS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACdLio42FgmCVg7LkvVJ4CdGwqimj/5heG2XC44s9tmkc0CmxZrbhTo+ +uNNTtMS7x0cFgl3rVfqe20zh7IZWXZ7IAYUj/xU7sOYbCw4nj1NP7B/9Jic05oP frtxTJuS1USa+pGkYMRhukdo1ht1aBawtOibnVhzFwjxwV+sGNIbY4jGVJL8jkIb KCSFsohPM57OjhhXUD/mZmZRX9h2RhQwyZ90mdQzYAh7R4uKOV1Kt04CoKFbTp/w m7TZ70EcQBn0532FeanYYkY9pyXyMX0Clc0yuKRvPtGBw4QwHNty2sgqaX0K8tlX R9TLnGq6ga0Ywzh6Yh3NkgyUsaiR2RI= -----END CERTIFICATE-----Generated at Mon Jun 2 22:15:09 2025 by rpki-client