$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft File: 2QDd8konYiv5ZDdX7byv-u4yHDc.mft (raw, json) Hash identifier: PIesHhc/wWDhv97RJPHgvrG3LkOJGuLJ/wSb0/cPjlI= Subject key identifier: 6B:BE:15:8E:63:DB:E9:F8:80:24:16:30:F7:71:21:E1:4E:DD:12:1A Authority key identifier: D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37 Certificate issuer: /CN=A91C7773/serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37 Certificate serial: 0E61 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft Manifest number: 0E48 Signing time: Fri 30 May 2025 17:57:19 +0000 Manifest this update: Fri 30 May 2025 17:57:19 +0000 Manifest next update: Fri 06 Jun 2025 17:57:19 +0000 Files and hashes: 1: 2QDd8konYiv5ZDdX7byv-u4yHDc.crl (hash: T3lp80AASf5BuATgKkfXp4keignb78duK4CtzCeNEZ4=) 2: A47D2EC84C1E11EEBA8CDB4BC4F9AE02.roa (hash: xJh5HRbn741snUCbMX+RHgdNum29ocH1QT8bD3kB9Uw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 17:57:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3681 (0xe61) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7773, serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37 Validity Not Before: May 30 17:57:19 2025 GMT Not After : Jun 6 17:57:19 2025 GMT Subject: CN=6839f17f-ebf2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:91:3a:38:7e:92:50:90:60:29:f0:74:f4:6f: 68:b9:1a:13:71:01:c0:f8:33:80:e8:9e:7b:67:0c: fb:98:cf:49:77:03:fd:5b:4a:26:cf:5e:ce:29:72: a2:dd:53:84:e6:03:28:20:dc:f6:4b:b0:f1:b0:b8: db:b6:cf:cd:39:f1:0d:45:d3:df:4f:d4:72:eb:7d: 8a:ae:48:a3:98:07:d2:b9:5d:ca:73:a7:84:ce:ac: 57:16:37:c9:79:88:1c:02:98:f5:8f:14:a8:1b:94: 2b:8c:e3:67:1a:59:0f:be:43:c6:5b:22:49:cb:95: cf:e9:86:86:f4:fe:b2:fd:d9:33:b5:23:f0:46:87: 01:af:0c:4c:07:4d:39:68:16:a8:c6:b1:50:d4:34: f3:ea:d5:3d:f9:24:b6:56:eb:6d:de:2c:d5:34:b7: a5:f6:40:f0:59:e5:14:e0:9c:8a:87:7c:d4:41:39: eb:aa:12:66:e2:bb:0b:3f:76:7e:11:d8:02:84:01: 3b:49:1e:86:f4:f2:81:4c:ac:57:23:7a:2e:05:3d: 6c:75:94:56:aa:69:ee:b7:77:e7:d2:5e:cc:2c:56: ea:6c:bb:24:41:54:99:83:af:81:76:2f:a5:6e:91: 72:b8:c3:ed:ac:75:bb:09:bc:d1:a8:0e:b6:be:9a: 25:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:BE:15:8E:63:DB:E9:F8:80:24:16:30:F7:71:21:E1:4E:DD:12:1A X509v3 Authority Key Identifier: keyid:D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:e2:4b:cf:c7:8a:27:6c:4a:e0:4d:f3:f4:dd:5a:ee:ff:cc: ad:67:4a:30:d2:57:25:ab:ae:9b:61:8e:84:41:da:3f:5a:52: 85:56:a6:f0:8c:a8:ea:54:25:a5:ba:42:e1:11:82:e2:b0:12: 01:3b:01:c2:64:9b:41:ae:64:4c:d7:b3:8e:e0:d0:ac:d5:17: 0a:8c:ba:26:b2:61:9d:b0:c8:3a:73:fc:23:05:7d:56:24:e5: 02:ba:36:0c:6c:9e:e4:e8:d6:4d:e8:08:b5:d8:f6:a7:81:85: 72:81:0c:ae:f0:7b:f0:a3:91:a4:a3:1f:b0:e2:71:bd:96:a5: ee:c0:0d:a4:65:e1:8e:e1:aa:47:17:a7:5a:36:fe:63:96:98: 65:88:0a:33:14:50:75:53:69:aa:06:80:66:17:d1:13:22:f6: 76:79:69:5c:dc:10:5a:5f:e6:ca:de:06:7f:c3:27:c3:e8:5a: 36:a9:c9:80:02:e3:36:3c:34:30:18:5f:87:a7:e1:01:ce:55: b0:c1:d0:ac:f3:11:02:d2:6e:bb:ab:70:33:2d:bb:3e:92:9e: a3:a7:f9:c1:f4:fb:a3:d3:4f:08:aa:46:35:f9:3d:7f:96:e4: 9f:78:b5:ff:e3:7e:3d:4e:f3:25:af:ff:e5:97:46:0d:43:cc: 98:dc:47:00 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDmEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzc3NzMxMTAvBgNVBAUTKEQ5MDBEREYyNEEyNzYyMkJGOTY0Mzc1N0VEQkNBRkZB RUUzMjFDMzcwHhcNMjUwNTMwMTc1NzE5WhcNMjUwNjA2MTc1NzE5WjAYMRYwFAYD VQQDEw02ODM5ZjE3Zi1lYmYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtZE6OH6SUJBgKfB09G9ouRoTcQHA+DOA6J57Zwz7mM9JdwP9W0omz17OKXKi 3VOE5gMoINz2S7DxsLjbts/NOfENRdPfT9Ry632KrkijmAfSuV3Kc6eEzqxXFjfJ eYgcApj1jxSoG5QrjONnGlkPvkPGWyJJy5XP6YaG9P6y/dkztSPwRocBrwxMB005 aBaoxrFQ1DTz6tU9+SS2Vutt3izVNLel9kDwWeUU4JyKh3zUQTnrqhJm4rsLP3Z+ EdgChAE7SR6G9PKBTKxXI3ouBT1sdZRWqmnut3fn0l7MLFbqbLskQVSZg6+Bdi+l bpFyuMPtrHW7CbzRqA62vpoljQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGu+FY5j 2+n4gCQWMPdxIeFO3RIaMB8GA1UdIwQYMBaAFNkA3fJKJ2Ir+WQ3V+28r/ruMhw3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzc3My9BRDMyMjM3Q0Ey RTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllpdjVaRGRYN2J5di11NHlI RGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJRRGQ4a29uWWl2NVpEZFg3Ynl2LXU0eUhEYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD Nzc3My9BRDMyMjM3Q0EyRTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllp djVaRGRYN2J5di11NHlIRGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAp4kvPx4onbErgTfP03Vru/8ytZ0ow0lclq66bYY6EQdo/WlKFVqbw jKjqVCWlukLhEYLisBIBOwHCZJtBrmRM17OO4NCs1RcKjLomsmGdsMg6c/wjBX1W JOUCujYMbJ7k6NZN6Ai12PangYVygQyu8Hvwo5Gkox+w4nG9lqXuwA2kZeGO4apH F6daNv5jlphliAozFFB1U2mqBoBmF9ETIvZ2eWlc3BBaX+bK3gZ/wyfD6Fo2qcmA AuM2PDQwGF+Hp+EBzlWwwdCs8xEC0m67q3AzLbs+kp6jp/nB9Puj008IqkY1+T1/ luSfeLX/4349TvMlr//ll0YNQ8yY3EcA -----END CERTIFICATE-----Generated at Sat May 31 17:16:09 2025 by rpki-client