$ rpki-client -vvf rpki.apnic.net/member_repository/A91C09EA/8C5912FEE13B11EFBA7BDF3BC4F9AE02/AP0x_Qa0IEw93LY1BxiVM3eMzPg.mft File: AP0x_Qa0IEw93LY1BxiVM3eMzPg.mft (raw, json) Hash identifier: 4KUwDEfNp+jMkEaZxmUGvrslfMG5LoomZUH2npDO1O0= Subject key identifier: 4A:95:35:7B:69:8C:ED:79:39:9E:7A:5C:41:1C:A9:42:BF:F2:21:E3 Authority key identifier: 00:FD:31:FD:06:B4:20:4C:3D:DC:B6:35:07:18:95:33:77:8C:CC:F8 Certificate issuer: /CN=A91C09EA/serialNumber=00FD31FD06B4204C3DDCB63507189533778CCCF8 Certificate serial: 3F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AP0x_Qa0IEw93LY1BxiVM3eMzPg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C09EA/8C5912FEE13B11EFBA7BDF3BC4F9AE02/AP0x_Qa0IEw93LY1BxiVM3eMzPg.mft Manifest number: 3E Signing time: Sat 31 May 2025 07:04:13 +0000 Manifest this update: Sat 31 May 2025 07:04:12 +0000 Manifest next update: Sat 07 Jun 2025 07:04:12 +0000 Files and hashes: 1: AP0x_Qa0IEw93LY1BxiVM3eMzPg.crl (hash: rZUOJnSkZ7BwjORyZhtI3pVEKWB+ICIvdTtRFXZUMFQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C09EA/8C5912FEE13B11EFBA7BDF3BC4F9AE02/AP0x_Qa0IEw93LY1BxiVM3eMzPg.crl rsync://rpki.apnic.net/member_repository/A91C09EA/8C5912FEE13B11EFBA7BDF3BC4F9AE02/AP0x_Qa0IEw93LY1BxiVM3eMzPg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AP0x_Qa0IEw93LY1BxiVM3eMzPg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:04:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63 (0x3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C09EA, serialNumber=00FD31FD06B4204C3DDCB63507189533778CCCF8 Validity Not Before: May 31 07:04:12 2025 GMT Not After : Jun 7 07:04:12 2025 GMT Subject: CN=683aa9ec-5bc0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:c3:f2:c6:43:57:a6:85:ba:d9:bd:52:c6:06: 01:73:23:6e:37:a6:20:aa:0e:27:02:52:46:ba:bb: 39:55:19:8d:89:cc:4f:9f:a0:47:2a:9d:be:13:58: ba:86:88:65:57:ad:c4:27:37:73:3b:fa:da:dd:b1: 48:41:21:c9:f2:86:7f:4f:02:91:0b:b7:99:ab:54: d5:39:6e:dc:ce:3b:b0:69:04:84:42:d5:68:04:32: 25:10:26:72:7a:33:a0:5c:b8:37:0d:fd:4b:d3:55: d4:16:db:d5:90:87:40:33:86:5a:01:f4:7d:9d:31: 70:bf:4f:f0:2c:68:32:8d:8f:ce:0c:27:fd:60:81: 8c:32:e6:f6:51:8f:6f:00:38:49:ae:2f:fd:62:db: e3:cd:42:eb:87:60:f7:3a:93:06:fb:1f:6f:37:7e: 3a:43:1c:c5:36:1f:d4:0d:0d:d0:35:df:06:d1:15: f1:ea:4a:e7:d1:ae:05:be:7c:70:7f:eb:56:0d:97: e5:f4:18:62:3b:cc:ad:1c:1c:79:35:04:21:4f:17: 55:0b:84:fb:a9:b4:ef:6c:c5:6a:75:92:ed:c0:0d: c1:fe:83:2f:ac:b3:59:17:cd:68:2b:a9:3a:4d:e5: bc:9b:07:d7:91:ee:7f:50:0f:12:1e:35:20:dc:eb: e0:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:95:35:7B:69:8C:ED:79:39:9E:7A:5C:41:1C:A9:42:BF:F2:21:E3 X509v3 Authority Key Identifier: keyid:00:FD:31:FD:06:B4:20:4C:3D:DC:B6:35:07:18:95:33:77:8C:CC:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C09EA/8C5912FEE13B11EFBA7BDF3BC4F9AE02/AP0x_Qa0IEw93LY1BxiVM3eMzPg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/AP0x_Qa0IEw93LY1BxiVM3eMzPg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C09EA/8C5912FEE13B11EFBA7BDF3BC4F9AE02/AP0x_Qa0IEw93LY1BxiVM3eMzPg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption af:c7:66:f1:d9:e7:1d:03:02:ad:e1:e6:a2:a0:f4:f0:da:b4: 41:1d:2d:8c:55:17:0a:0a:f9:d9:35:e5:ba:fa:f7:7d:44:df: 73:c2:27:59:8b:53:e4:87:26:3f:86:ec:21:76:5c:ef:c8:e5: e6:c7:8f:b5:33:b5:c1:c9:28:f9:82:ba:0b:f8:26:71:b5:7f: 7c:42:ea:24:1b:58:a6:8a:9b:4a:c6:ad:6a:27:1c:35:35:6d: ef:64:cb:8c:f4:1d:c1:fa:29:af:89:f3:9c:d9:6f:27:fd:e6: c1:e8:a4:30:7b:f2:a2:f3:59:fa:cb:d6:29:b2:f6:65:16:92: 59:6c:69:ec:21:80:d2:38:9e:f2:30:e0:91:80:00:a0:26:d2: 31:6b:65:9e:49:d3:9f:5b:ef:29:c0:13:9a:69:a1:ce:8e:db: 86:3a:e5:a4:6b:55:bd:ca:40:86:dd:87:bc:4e:93:72:70:58: f2:f5:21:67:d8:1e:3b:71:b9:3a:1c:60:f6:ee:fe:1f:c6:3d: b9:6e:9f:29:38:b6:ce:6b:7d:a4:f4:76:17:d9:12:1d:58:f3: 5c:09:03:11:8b:8e:00:a1:66:1d:0b:4c:12:d8:0e:1e:d9:22: 10:ad:86:f5:a5:c1:7c:b3:d3:3a:81:3d:97:87:fb:27:59:8e: 95:b8:68:d0 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD MDlFQTExMC8GA1UEBRMoMDBGRDMxRkQwNkI0MjA0QzNERENCNjM1MDcxODk1MzM3 NzhDQ0NGODAeFw0yNTA1MzEwNzA0MTJaFw0yNTA2MDcwNzA0MTJaMBgxFjAUBgNV BAMTDTY4M2FhOWVjLTViYzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQClw/LGQ1emhbrZvVLGBgFzI243piCqDicCUka6uzlVGY2JzE+foEcqnb4TWLqG iGVXrcQnN3M7+trdsUhBIcnyhn9PApELt5mrVNU5btzOO7BpBIRC1WgEMiUQJnJ6 M6BcuDcN/UvTVdQW29WQh0AzhloB9H2dMXC/T/AsaDKNj84MJ/1ggYwy5vZRj28A OEmuL/1i2+PNQuuHYPc6kwb7H283fjpDHMU2H9QNDdA13wbRFfHqSufRrgW+fHB/ 61YNl+X0GGI7zK0cHHk1BCFPF1ULhPuptO9sxWp1ku3ADcH+gy+ss1kXzWgrqTpN 5bybB9eR7n9QDxIeNSDc6+DXAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUSpU1e2mM 7Xk5nnpcQRypQr/yIeMwHwYDVR0jBBgwFoAUAP0x/Qa0IEw93LY1BxiVM3eMzPgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMwOUVBLzhDNTkxMkZFRTEz QjExRUZCQTdCREYzQkM0RjlBRTAyL0FQMHhfUWEwSUV3OTNMWTFCeGlWTTNlTXpQ Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvQVAweF9RYTBJRXc5M0xZMUJ4aVZNM2VNelBnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUMw OUVBLzhDNTkxMkZFRTEzQjExRUZCQTdCREYzQkM0RjlBRTAyL0FQMHhfUWEwSUV3 OTNMWTFCeGlWTTNlTXpQZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAK/HZvHZ5x0DAq3h5qKg9PDatEEdLYxVFwoK+dk15br6931E33PCJ1mL U+SHJj+G7CF2XO/I5ebHj7UztcHJKPmCugv4JnG1f3xC6iQbWKaKm0rGrWonHDU1 be9ky4z0HcH6Ka+J85zZbyf95sHopDB78qLzWfrL1imy9mUWkllsaewhgNI4nvIw 4JGAAKAm0jFrZZ5J059b7ynAE5ppoc6O24Y65aRrVb3KQIbdh7xOk3JwWPL1IWfY HjtxuTocYPbu/h/GPblunyk4ts5rfaT0dhfZEh1Y81wJAxGLjgChZh0LTBLYDh7Z IhCthvWlwXyz0zqBPZeH+ydZjpW4aNA= -----END CERTIFICATE-----Generated at Sat May 31 14:35:09 2025 by rpki-client