$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1C49/C49F75F81D9F11E29EFBA29008B02CD2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.mft File: gh9Nsi7lmv1ZOn5ontqfyUvlhd0.mft (raw, json) Hash identifier: ABFrVd5vN3JF+ZEsFytouXtGGe8Uct7JJAQKPc6OLv0= Subject key identifier: 2C:EA:3E:88:F8:9C:15:1F:BE:FF:0E:67:D6:AB:00:49:91:36:D6:6B Authority key identifier: 82:1F:4D:B2:2E:E5:9A:FD:59:3A:7E:68:9E:DA:9F:C9:4B:E5:85:DD Certificate issuer: /CN=A91C1C49/serialNumber=821F4DB22EE59AFD593A7E689EDA9FC94BE585DD Certificate serial: 348B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1C49/C49F75F81D9F11E29EFBA29008B02CD2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.mft Manifest number: 4099 Signing time: Sat 31 May 2025 15:03:00 +0000 Manifest this update: Sat 31 May 2025 15:03:00 +0000 Manifest next update: Sat 07 Jun 2025 15:03:00 +0000 Files and hashes: 1: gh9Nsi7lmv1ZOn5ontqfyUvlhd0.crl (hash: bDOeIpN+cHBUi5kYHktLuQPhwqgSw37DFl2C4aKewGY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1C49/C49F75F81D9F11E29EFBA29008B02CD2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.crl rsync://rpki.apnic.net/member_repository/A91C1C49/C49F75F81D9F11E29EFBA29008B02CD2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:02:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13451 (0x348b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1C49, serialNumber=821F4DB22EE59AFD593A7E689EDA9FC94BE585DD Validity Not Before: May 31 15:03:00 2025 GMT Not After : Jun 7 15:03:00 2025 GMT Subject: CN=683b1a24-036a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:fa:45:a7:a1:aa:84:de:37:00:df:fa:e9:6a: ab:63:b9:98:84:07:90:6d:0b:68:01:f4:0a:b2:37: 2d:64:cc:3c:d9:ff:39:60:39:65:55:60:89:3b:f0: 05:40:56:08:64:66:54:f3:02:3f:30:55:48:89:a7: 5f:4d:c6:ce:1a:00:2a:8d:51:d0:91:96:22:84:26: 40:6f:72:9f:b9:c5:4f:22:a2:bc:26:fa:a9:b3:e4: c4:4f:e0:d2:f6:cf:25:83:cb:c1:83:00:a3:1a:a4: 78:18:3f:3f:4b:db:05:66:47:e3:d6:d5:14:7d:fe: af:f1:f4:48:56:98:7e:6f:13:12:7c:cd:bc:39:d5: bd:ea:51:03:ce:75:b1:41:ae:22:7a:2e:43:53:37: ad:76:45:99:18:98:ec:8e:0a:1b:a2:4a:94:a6:09: e3:6f:86:57:a9:85:90:04:3f:00:93:78:c3:b7:63: 64:aa:55:d4:dc:92:22:64:e0:67:d0:6d:9b:6e:9b: 58:12:03:76:a3:d5:7a:3e:ea:4a:3d:72:cd:5a:61: 48:9e:f3:ba:ac:cc:7b:c5:00:50:71:e8:f8:b2:c8: d9:78:d5:35:eb:73:c9:d1:24:b1:77:e5:e9:54:71: 32:de:af:c4:12:cf:bc:ed:53:42:58:2d:d6:f4:2b: 8c:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:EA:3E:88:F8:9C:15:1F:BE:FF:0E:67:D6:AB:00:49:91:36:D6:6B X509v3 Authority Key Identifier: keyid:82:1F:4D:B2:2E:E5:9A:FD:59:3A:7E:68:9E:DA:9F:C9:4B:E5:85:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1C49/C49F75F81D9F11E29EFBA29008B02CD2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1C49/C49F75F81D9F11E29EFBA29008B02CD2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8d:36:23:52:cb:f9:23:5d:62:2d:ad:01:3c:85:22:5c:59:62: 8a:42:31:07:f8:5d:67:78:e9:77:a4:37:38:63:3b:87:4a:19: d9:b9:62:9f:af:ff:69:7f:9c:72:f1:b4:df:0e:ec:41:95:a9: 1a:88:6a:9a:4f:e2:2a:ed:aa:99:26:ad:02:b8:80:f4:a3:09: ae:2a:ac:21:94:0a:47:2f:91:f0:3d:2e:9f:1e:7a:86:66:a1: e4:2a:ef:b2:f3:7d:6b:28:01:a2:b4:db:dd:9f:48:d8:9e:ad: 5d:1e:b4:68:bc:69:3e:60:31:cf:f2:9f:d5:85:db:4a:1e:7c: 59:d0:c3:03:23:e1:a1:e5:74:79:a9:06:83:d0:c0:0a:07:b6: 55:f0:b2:2f:d6:fd:e7:bc:86:b9:08:b3:60:7f:b9:63:a5:8a: 8c:ea:d3:18:44:9a:b9:1b:e9:47:be:c7:bc:aa:25:9f:32:42: c2:22:e8:7a:8a:70:78:b8:ba:bd:ee:6b:b1:48:da:2a:02:6e: 73:bd:22:47:8d:fc:8c:09:a3:bc:c4:cf:c2:5c:d4:3c:a9:2f: 91:2a:2d:e1:32:dc:7f:a0:09:58:db:26:93:99:73:ba:2a:c0: 52:cd:c2:eb:9d:1f:f3:30:1b:96:73:91:b6:9f:21:08:0d:c1: 60:47:4f:d3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzFDNDkxMTAvBgNVBAUTKDgyMUY0REIyMkVFNTlBRkQ1OTNBN0U2ODlFREE5RkM5 NEJFNTg1REQwHhcNMjUwNTMxMTUwMzAwWhcNMjUwNjA3MTUwMzAwWjAYMRYwFAYD VQQDEw02ODNiMWEyNC0wMzZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzvpFp6GqhN43AN/66WqrY7mYhAeQbQtoAfQKsjctZMw82f85YDllVWCJO/AF QFYIZGZU8wI/MFVIiadfTcbOGgAqjVHQkZYihCZAb3KfucVPIqK8Jvqps+TET+DS 9s8lg8vBgwCjGqR4GD8/S9sFZkfj1tUUff6v8fRIVph+bxMSfM28OdW96lEDznWx Qa4iei5DUzetdkWZGJjsjgobokqUpgnjb4ZXqYWQBD8Ak3jDt2NkqlXU3JIiZOBn 0G2bbptYEgN2o9V6PupKPXLNWmFInvO6rMx7xQBQcej4ssjZeNU163PJ0SSxd+Xp VHEy3q/EEs+87VNCWC3W9CuMQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCzqPoj4 nBUfvv8OZ9arAEmRNtZrMB8GA1UdIwQYMBaAFIIfTbIu5Zr9WTp+aJ7an8lL5YXd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUM0OS9DNDlGNzVGODFE OUYxMUUyOUVGQkEyOTAwOEIwMkNEMi9naDlOc2k3bG12MVpPbjVvbnRxZnlVdmxo ZDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2doOU5zaTdsbXYxWk9uNW9udHFmeVV2bGhkMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MUM0OS9DNDlGNzVGODFEOUYxMUUyOUVGQkEyOTAwOEIwMkNEMi9naDlOc2k3bG12 MVpPbjVvbnRxZnlVdmxoZDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCNNiNSy/kjXWItrQE8hSJcWWKKQjEH+F1neOl3pDc4YzuHShnZuWKf r/9pf5xy8bTfDuxBlakaiGqaT+Iq7aqZJq0CuID0owmuKqwhlApHL5HwPS6fHnqG ZqHkKu+y831rKAGitNvdn0jYnq1dHrRovGk+YDHP8p/VhdtKHnxZ0MMDI+Gh5XR5 qQaD0MAKB7ZV8LIv1v3nvIa5CLNgf7ljpYqM6tMYRJq5G+lHvse8qiWfMkLCIuh6 inB4uLq97muxSNoqAm5zvSJHjfyMCaO8xM/CXNQ8qS+RKi3hMtx/oAlY2yaTmXO6 KsBSzcLrnR/zMBuWc5G2nyEIDcFgR0/T -----END CERTIFICATE-----Generated at Mon Jun 2 06:23:22 2025 by rpki-client