$ rpki-client -vvf rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft File: IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft (raw, json) Hash identifier: ipW1YURJ8LydLP1QRrTLrmi0SDMdHEtiVrpmIk0pUwc= Subject key identifier: 16:AF:BE:2B:8A:9D:A5:6A:62:F3:89:43:6A:46:7F:B4:B9:3C:03:82 Authority key identifier: 21:93:41:98:E8:33:10:61:D2:75:B8:CF:C7:94:58:D3:2F:AB:D6:C9 Certificate issuer: /CN=A91C53FD/serialNumber=21934198E8331061D275B8CFC79458D32FABD6C9 Certificate serial: D1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft Manifest number: CF Signing time: Sat 31 May 2025 05:16:11 +0000 Manifest this update: Sat 31 May 2025 05:16:10 +0000 Manifest next update: Sat 07 Jun 2025 05:16:10 +0000 Files and hashes: 1: IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl (hash: Mtk4/TiNevoWOlheiO7hurzB4g6zgGPyFPLqX6jrwOs=) 2: B15E8BECFF3211EEA8607454C4F9AE02.roa (hash: M9Q8RXEiuL/wyMNZhN9zbPG+N0QQluDkDpfmSIoYCRg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:16:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 209 (0xd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C53FD, serialNumber=21934198E8331061D275B8CFC79458D32FABD6C9 Validity Not Before: May 31 05:16:10 2025 GMT Not After : Jun 7 05:16:10 2025 GMT Subject: CN=683a909b-cb62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:4b:35:3e:6e:69:fe:2e:72:85:43:c6:15:cd: 0b:72:c9:e4:5e:db:2e:10:37:26:88:0c:b7:50:79: 46:b9:28:d0:5e:c2:8d:25:95:fb:2d:d8:4e:6b:71: 8e:99:0d:f7:40:f1:fe:32:7c:da:19:10:75:d9:a6: 11:cf:00:96:9b:71:07:6b:ae:43:cc:17:eb:73:0d: 71:dc:0a:cb:86:8f:5c:5f:4f:c5:79:4a:a8:b9:0d: 80:2f:ec:37:5d:6a:e5:da:d1:1b:42:a1:3f:ef:32: aa:53:df:64:77:6b:c5:6f:b4:1b:68:52:0c:f7:ee: c5:6a:d0:fa:a9:da:8a:d6:dc:11:8b:7c:07:d2:4a: 1c:3a:b7:ce:ca:41:71:41:c9:d7:ea:68:d8:0e:01: ec:68:d3:7d:95:fe:73:6d:78:b6:19:af:f0:71:f8: 11:87:22:95:ff:7b:64:48:8e:72:4e:aa:6a:2b:06: 21:8b:ab:1a:01:af:62:04:af:21:48:69:65:de:74: 39:ef:f3:fe:6d:fc:55:09:a1:fa:4a:f7:13:36:49: 1a:db:93:26:07:8c:37:54:de:74:76:c3:77:cb:b4: eb:72:22:e5:13:6f:e3:09:69:07:50:44:56:39:99: 56:0a:92:d6:ca:b4:7a:93:d7:04:c0:c9:69:b6:9b: de:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:AF:BE:2B:8A:9D:A5:6A:62:F3:89:43:6A:46:7F:B4:B9:3C:03:82 X509v3 Authority Key Identifier: keyid:21:93:41:98:E8:33:10:61:D2:75:B8:CF:C7:94:58:D3:2F:AB:D6:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:93:cf:96:b0:ca:d7:55:1f:e4:43:31:ac:db:21:3d:dd:eb: 10:44:8f:6a:8f:9a:57:c9:3d:b0:3a:d4:8a:f6:27:a5:79:67: 66:49:07:a3:ca:8a:ad:13:e6:bd:3a:c7:9b:36:90:85:43:4a: 2e:64:b1:e5:62:5d:d9:91:d9:c7:6d:6c:3a:ef:57:90:21:be: 37:c7:17:b9:d8:ce:88:21:05:d4:d7:56:43:5a:b6:fd:01:23: 8b:57:ef:9f:28:78:20:44:30:97:87:56:e2:7d:a0:5f:4d:64: 84:e5:fe:22:c7:32:4c:dc:56:cb:c2:6d:86:dc:b1:3e:ee:9f: df:cb:4e:7f:49:5e:db:af:99:95:10:5d:35:d1:7b:05:2f:7c: 63:2b:d6:1d:55:c8:ed:1a:5e:2a:10:a4:59:b6:4d:62:ab:f8: 6d:2a:7f:d2:5e:93:33:b3:b1:7a:87:52:53:53:18:86:9f:e1: 9a:d9:fc:37:e1:2b:2b:bc:17:f9:92:56:ab:df:0c:b5:a7:e2: 7f:e1:30:1b:3f:b9:5a:9f:e7:55:cd:21:f9:9b:88:be:61:fb: ab:f2:f8:f4:6e:eb:2e:a2:5f:60:05:2c:8a:80:5b:29:be:ed: 04:48:09:65:c0:d9:4a:bd:bb:d7:66:61:e7:b1:c2:64:cf:33: e9:4a:02:87 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzUzRkQxMTAvBgNVBAUTKDIxOTM0MTk4RTgzMzEwNjFEMjc1QjhDRkM3OTQ1OEQz MkZBQkQ2QzkwHhcNMjUwNTMxMDUxNjEwWhcNMjUwNjA3MDUxNjEwWjAYMRYwFAYD VQQDEw02ODNhOTA5Yi1jYjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvEs1Pm5p/i5yhUPGFc0LcsnkXtsuEDcmiAy3UHlGuSjQXsKNJZX7LdhOa3GO mQ33QPH+MnzaGRB12aYRzwCWm3EHa65DzBfrcw1x3ArLho9cX0/FeUqouQ2AL+w3 XWrl2tEbQqE/7zKqU99kd2vFb7QbaFIM9+7FatD6qdqK1twRi3wH0kocOrfOykFx QcnX6mjYDgHsaNN9lf5zbXi2Ga/wcfgRhyKV/3tkSI5yTqpqKwYhi6saAa9iBK8h SGll3nQ57/P+bfxVCaH6SvcTNkka25MmB4w3VN50dsN3y7TrciLlE2/jCWkHUERW OZlWCpLWyrR6k9cEwMlptpveFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBavviuK naVqYvOJQ2pGf7S5PAOCMB8GA1UdIwQYMBaAFCGTQZjoMxBh0nW4z8eUWNMvq9bJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTNGRC82ODhFNTdFRUZG MzIxMUVFQTU1RDhFNTNDNEY5QUUwMi9JWk5CbU9nekVHSFNkYmpQeDVSWTB5LXIx c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0laTkJtT2d6RUdIU2RialB4NVJZMHktcjFzay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NTNGRC82ODhFNTdFRUZGMzIxMUVFQTU1RDhFNTNDNEY5QUUwMi9JWk5CbU9nekVH SFNkYmpQeDVSWTB5LXIxc2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCak8+WsMrXVR/kQzGs2yE93esQRI9qj5pXyT2wOtSK9ieleWdmSQej yoqtE+a9OsebNpCFQ0ouZLHlYl3ZkdnHbWw671eQIb43xxe52M6IIQXU11ZDWrb9 ASOLV++fKHggRDCXh1bifaBfTWSE5f4ixzJM3FbLwm2G3LE+7p/fy05/SV7br5mV EF010XsFL3xjK9YdVcjtGl4qEKRZtk1iq/htKn/SXpMzs7F6h1JTUxiGn+Ga2fw3 4SsrvBf5klar3wy1p+J/4TAbP7lan+dVzSH5m4i+Yfur8vj0busuol9gBSyKgFsp vu0ESAllwNlKvbvXZmHnscJkzzPpSgKH -----END CERTIFICATE-----Generated at Sat May 31 17:44:05 2025 by rpki-client