$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.mft File: 2YRcGequkJIocqDK_QUfFmFPhK8.mft (raw, json) Hash identifier: U4CEwcTgaSJ1v3/M6j/aYkrcF7aDi3COivLvm9I/lrg= Subject key identifier: 43:9D:43:B1:43:5C:C6:3F:53:99:22:94:B6:DC:BC:1A:CE:20:20:38 Authority key identifier: D9:84:5C:19:EA:AE:90:92:28:72:A0:CA:FD:05:1F:16:61:4F:84:AF Certificate issuer: /CN=A91C6BF0/serialNumber=D9845C19EAAE90922872A0CAFD051F16614F84AF Certificate serial: 0E17 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YRcGequkJIocqDK_QUfFmFPhK8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.mft Manifest number: 0F9A Signing time: Fri 30 May 2025 18:01:32 +0000 Manifest this update: Fri 30 May 2025 18:01:32 +0000 Manifest next update: Fri 06 Jun 2025 18:01:32 +0000 Files and hashes: 1: 2YRcGequkJIocqDK_QUfFmFPhK8.crl (hash: TeNsxvvBa9mLqUyyGH47t4f05ieT1imFSLqKm0XToW0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.crl rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YRcGequkJIocqDK_QUfFmFPhK8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 18:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3607 (0xe17) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C6BF0, serialNumber=D9845C19EAAE90922872A0CAFD051F16614F84AF Validity Not Before: May 30 18:01:32 2025 GMT Not After : Jun 6 18:01:32 2025 GMT Subject: CN=6839f27c-5fad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:11:2c:68:cb:dc:94:7c:ed:ef:93:d2:66:05: 67:66:4b:fe:88:ee:ec:df:71:de:76:b4:a6:75:40: 20:82:bb:dc:99:51:9d:f0:77:ca:a1:58:db:02:2b: b6:ba:c3:be:86:31:63:d7:ce:41:28:33:a6:ac:40: 24:62:23:56:ed:d7:03:53:1e:5f:fb:be:d6:e6:a5: c9:72:d8:e6:00:1b:28:99:e2:b3:aa:90:0a:b1:98: 84:40:b1:66:54:ce:15:1e:3a:e4:fa:d9:be:96:bc: 60:e9:23:fd:ac:2b:29:ee:3c:c9:f7:0f:84:70:20: 9f:5c:df:dc:27:2b:43:2e:23:93:10:5c:6e:4b:07: 21:a8:27:8d:b9:2b:87:54:cf:c9:31:e3:9e:a2:c2: 18:b6:10:15:c5:e2:4b:ae:da:a2:98:2f:65:c5:d0: 63:08:dd:b9:fb:19:aa:19:33:be:7c:5d:72:4f:90: 25:65:b9:89:b1:6a:78:db:c6:5b:46:41:1b:ba:75: 7f:96:04:99:46:f9:32:69:f1:ec:5b:1f:48:3e:1f: 35:4d:de:70:a0:c2:01:0d:b7:29:8f:e4:8e:fb:61: 0e:af:95:3a:1b:e0:46:51:71:45:36:86:5f:f7:ae: 75:6e:10:bb:66:b2:dd:ac:5c:db:0f:99:dc:57:20: 00:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:9D:43:B1:43:5C:C6:3F:53:99:22:94:B6:DC:BC:1A:CE:20:20:38 X509v3 Authority Key Identifier: keyid:D9:84:5C:19:EA:AE:90:92:28:72:A0:CA:FD:05:1F:16:61:4F:84:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2YRcGequkJIocqDK_QUfFmFPhK8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6BF0/1491974AAEBB11E98A390B59C4F9AE02/2YRcGequkJIocqDK_QUfFmFPhK8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8e:58:c7:97:df:0d:df:e9:cd:07:8a:4f:17:9e:b6:70:27:d5: 1c:be:b7:a8:04:f9:c6:39:ca:81:64:13:6b:ac:1c:49:d1:87: 11:08:2b:c7:34:e4:36:92:5b:28:f9:83:e3:8e:23:18:da:54: d3:b0:cb:9e:5f:85:55:13:6c:16:8e:e5:7e:ce:55:d2:1a:a1: 49:6b:3d:c7:40:21:81:5f:6c:17:47:99:89:1e:f5:50:0f:65: c9:69:59:b0:d1:32:0c:29:62:3b:85:93:8e:d2:6c:41:14:96: 78:1d:37:86:2c:cb:ae:ae:5c:0a:97:8d:50:14:4c:4e:e5:2f: 68:33:27:b9:cb:36:75:98:94:df:34:85:0d:9a:7e:02:4f:6c: a2:af:e5:66:9b:d0:16:74:9b:60:3d:42:56:b4:7f:23:ec:fd: 4d:8f:50:cc:49:71:d5:18:a5:b1:6e:44:e9:7f:71:e4:83:a0: 15:a4:5d:80:4b:eb:e7:87:86:74:8e:84:89:a2:3e:bf:ac:a0: c3:5b:09:c9:55:b8:3e:f6:3e:9a:b9:38:3f:98:85:b7:51:7d: f4:12:30:45:4b:37:25:71:47:93:17:6d:73:61:cd:32:46:4e: 23:eb:03:29:17:2e:6b:f7:c6:6b:e1:97:f8:bb:24:2e:c5:bb: f7:6d:af:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDhcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzZCRjAxMTAvBgNVBAUTKEQ5ODQ1QzE5RUFBRTkwOTIyODcyQTBDQUZEMDUxRjE2 NjE0Rjg0QUYwHhcNMjUwNTMwMTgwMTMyWhcNMjUwNjA2MTgwMTMyWjAYMRYwFAYD VQQDEw02ODM5ZjI3Yy01ZmFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxREsaMvclHzt75PSZgVnZkv+iO7s33HedrSmdUAggrvcmVGd8HfKoVjbAiu2 usO+hjFj185BKDOmrEAkYiNW7dcDUx5f+77W5qXJctjmABsomeKzqpAKsZiEQLFm VM4VHjrk+tm+lrxg6SP9rCsp7jzJ9w+EcCCfXN/cJytDLiOTEFxuSwchqCeNuSuH VM/JMeOeosIYthAVxeJLrtqimC9lxdBjCN25+xmqGTO+fF1yT5AlZbmJsWp428Zb RkEbunV/lgSZRvkyafHsWx9IPh81Td5woMIBDbcpj+SO+2EOr5U6G+BGUXFFNoZf 9651bhC7ZrLdrFzbD5ncVyAAWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEOdQ7FD XMY/U5kilLbcvBrOICA4MB8GA1UdIwQYMBaAFNmEXBnqrpCSKHKgyv0FHxZhT4Sv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkJGMC8xNDkxOTc0QUFF QkIxMUU5OEEzOTBCNTlDNEY5QUUwMi8yWVJjR2VxdWtKSW9jcURLX1FVZkZtRlBo SzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJZUmNHZXF1a0pJb2NxREtfUVVmRm1GUGhLOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NkJGMC8xNDkxOTc0QUFFQkIxMUU5OEEzOTBCNTlDNEY5QUUwMi8yWVJjR2VxdWtK SW9jcURLX1FVZkZtRlBoSzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCOWMeX3w3f6c0Hik8XnrZwJ9UcvreoBPnGOcqBZBNrrBxJ0YcRCCvH NOQ2klso+YPjjiMY2lTTsMueX4VVE2wWjuV+zlXSGqFJaz3HQCGBX2wXR5mJHvVQ D2XJaVmw0TIMKWI7hZOO0mxBFJZ4HTeGLMuurlwKl41QFExO5S9oMye5yzZ1mJTf NIUNmn4CT2yir+Vmm9AWdJtgPUJWtH8j7P1Nj1DMSXHVGKWxbkTpf3Hkg6AVpF2A S+vnh4Z0joSJoj6/rKDDWwnJVbg+9j6auTg/mIW3UX30EjBFSzclcUeTF21zYc0y Rk4j6wMpFy5r98Zr4Zf4uyQuxbv3ba+C -----END CERTIFICATE-----Generated at Sat May 31 17:51:40 2025 by rpki-client