$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.mft File: B7Y7XcFse0rper0AhqMVbV10Rlk.mft (raw, json) Hash identifier: eSY8/5BtEpQZBKjgFz1ZJrS1QMGB4R4CYr1actnRJkc= Subject key identifier: 20:04:1F:13:DE:95:E2:5A:20:B3:50:70:50:5C:98:51:D3:5D:CD:AD Authority key identifier: 07:B6:3B:5D:C1:6C:7B:4A:E9:7A:BD:00:86:A3:15:6D:5D:74:46:59 Certificate issuer: /CN=A91C6E49/serialNumber=07B63B5DC16C7B4AE97ABD0086A3156D5D744659 Certificate serial: 01EC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B7Y7XcFse0rper0AhqMVbV10Rlk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.mft Manifest number: 01E8 Signing time: Sat 31 May 2025 02:20:30 +0000 Manifest this update: Sat 31 May 2025 02:20:30 +0000 Manifest next update: Sat 07 Jun 2025 02:20:30 +0000 Files and hashes: 1: B7Y7XcFse0rper0AhqMVbV10Rlk.crl (hash: OdR7iT65+EPKdJnwIY0BN/eQFeI7kQ5uI5DHYoZiPLk=) 2: 98FD8A0E538411ED8D781C7CC4F9AE02.roa (hash: lJnZtZDQNzdO0qp1p8vNJySg5lDyaZrljj6ja2HApOA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.crl rsync://rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B7Y7XcFse0rper0AhqMVbV10Rlk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 02:20:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 492 (0x1ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C6E49, serialNumber=07B63B5DC16C7B4AE97ABD0086A3156D5D744659 Validity Not Before: May 31 02:20:30 2025 GMT Not After : Jun 7 02:20:30 2025 GMT Subject: CN=683a676e-c35b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:20:28:f5:e5:c3:7c:53:16:90:38:81:9b:06: 33:70:45:4d:a5:80:b4:0c:45:b1:bc:57:8e:78:fd: 40:67:3e:aa:66:0a:36:11:ee:78:15:f1:88:7d:c7: 1b:b2:52:cb:0a:dd:9f:48:22:b1:48:c2:ec:bd:0b: b9:b8:2c:14:ce:00:d4:7d:b9:83:88:2a:9b:e5:80: d9:d0:7f:0b:ec:b3:4e:a6:cc:f2:9d:5d:7f:92:69: 92:ab:29:5c:ca:e1:c3:b1:50:ba:a9:c4:52:e1:58: 46:0d:c6:f8:98:78:b9:8f:1a:50:40:3c:91:8c:3b: f4:ab:94:f0:13:3e:e3:8c:e6:1b:9e:a0:39:f1:e4: 21:6f:5b:70:5f:5c:6b:82:90:75:e7:91:b2:09:6a: 12:20:18:67:8b:35:af:1f:06:84:af:af:2f:4d:21: b9:44:71:4d:c3:08:f2:9f:65:e1:14:f5:65:99:41: 01:9e:01:a9:a0:8b:b5:e8:52:87:2e:e2:35:30:ac: 69:8b:93:c0:0d:80:ab:8b:a2:44:4d:f6:d2:5b:d1: 4e:f6:01:d6:5e:d3:2f:67:4f:b0:4f:f7:c9:bc:74: 49:ea:bb:04:11:70:68:36:67:a0:0a:bf:7a:d9:09: a3:1a:0a:be:5c:d5:08:15:47:18:47:77:23:f5:ae: d8:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:04:1F:13:DE:95:E2:5A:20:B3:50:70:50:5C:98:51:D3:5D:CD:AD X509v3 Authority Key Identifier: keyid:07:B6:3B:5D:C1:6C:7B:4A:E9:7A:BD:00:86:A3:15:6D:5D:74:46:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B7Y7XcFse0rper0AhqMVbV10Rlk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:64:63:cf:5e:94:1f:89:3f:57:90:af:e6:ef:ce:ec:60:11: 20:b8:e3:ea:ec:45:7c:75:6b:c1:6a:42:a7:fb:49:7e:3e:36: 54:3e:00:f7:87:e1:dd:5c:21:bb:8b:5e:d5:e4:30:94:e3:09: f2:fc:64:23:c8:3e:73:fb:c4:17:8d:68:8e:83:61:36:3b:a8: 29:16:6f:97:54:e6:85:d4:7d:be:70:13:27:84:04:e2:8d:31: 73:5d:c9:3f:24:d2:db:05:aa:de:e0:0c:12:8f:67:01:69:1f: 2b:62:2b:13:98:33:c2:bd:bd:35:a9:33:3b:4f:d7:c8:b6:84: 89:86:3e:18:07:1b:c7:7f:cd:e2:b1:62:cf:7f:48:48:7f:3d: f9:0d:44:a6:9a:6e:41:05:8e:5b:d8:5f:70:d7:1a:73:65:9c: ae:c4:0b:43:d1:cd:ae:4d:1d:af:80:65:4d:d0:b0:44:57:1a: 7a:59:fe:6e:5f:22:e1:6c:28:fd:08:79:de:5f:08:ec:cf:81: 23:86:f7:4b:17:10:cf:10:9a:12:46:f9:6e:fe:12:52:74:46: 9e:74:65:2c:19:e2:6f:6b:7d:a3:0b:24:12:1b:57:c3:b3:dc: b1:ab:0c:a6:aa:30:a2:05:18:39:1c:6d:bc:f0:30:bc:af:a3: 5c:bd:c1:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAewwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzZFNDkxMTAvBgNVBAUTKDA3QjYzQjVEQzE2QzdCNEFFOTdBQkQwMDg2QTMxNTZE NUQ3NDQ2NTkwHhcNMjUwNTMxMDIyMDMwWhcNMjUwNjA3MDIyMDMwWjAYMRYwFAYD VQQDEw02ODNhNjc2ZS1jMzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2SAo9eXDfFMWkDiBmwYzcEVNpYC0DEWxvFeOeP1AZz6qZgo2Ee54FfGIfccb slLLCt2fSCKxSMLsvQu5uCwUzgDUfbmDiCqb5YDZ0H8L7LNOpszynV1/kmmSqylc yuHDsVC6qcRS4VhGDcb4mHi5jxpQQDyRjDv0q5TwEz7jjOYbnqA58eQhb1twX1xr gpB155GyCWoSIBhnizWvHwaEr68vTSG5RHFNwwjyn2XhFPVlmUEBngGpoIu16FKH LuI1MKxpi5PADYCri6JETfbSW9FO9gHWXtMvZ0+wT/fJvHRJ6rsEEXBoNmegCr96 2QmjGgq+XNUIFUcYR3cj9a7YpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCAEHxPe leJaILNQcFBcmFHTXc2tMB8GA1UdIwQYMBaAFAe2O13BbHtK6Xq9AIajFW1ddEZZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkU0OS9CMzNBQTdBNjUz ODExMUVEOEFBOThGNzdDNEY5QUUwMi9CN1k3WGNGc2UwcnBlcjBBaHFNVmJWMTBS bGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0I3WTdYY0ZzZTBycGVyMEFocU1WYlYxMFJsay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NkU0OS9CMzNBQTdBNjUzODExMUVEOEFBOThGNzdDNEY5QUUwMi9CN1k3WGNGc2Uw cnBlcjBBaHFNVmJWMTBSbGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBBZGPPXpQfiT9XkK/m787sYBEguOPq7EV8dWvBakKn+0l+PjZUPgD3 h+HdXCG7i17V5DCU4wny/GQjyD5z+8QXjWiOg2E2O6gpFm+XVOaF1H2+cBMnhATi jTFzXck/JNLbBare4AwSj2cBaR8rYisTmDPCvb01qTM7T9fItoSJhj4YBxvHf83i sWLPf0hIfz35DUSmmm5BBY5b2F9w1xpzZZyuxAtD0c2uTR2vgGVN0LBEVxp6Wf5u XyLhbCj9CHneXwjsz4EjhvdLFxDPEJoSRvlu/hJSdEaedGUsGeJva32jCyQSG1fD s9yxqwymqjCiBRg5HG288DC8r6NcvcEk -----END CERTIFICATE-----Generated at Sat May 31 16:45:48 2025 by rpki-client