$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft File: 9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft (raw, json) Hash identifier: o3PKx6Xima/CbWxjWKwwtGnhTJu24egblRIky7AM7Fs= Subject key identifier: 96:3A:6C:43:D1:15:C1:C9:0B:D8:1D:41:EC:01:83:15:EF:9E:22:4A Authority key identifier: F7:26:7E:80:BE:81:7F:04:3D:28:FB:7E:73:05:F4:C4:88:A8:39:1A Certificate issuer: /CN=A91C7AA5/serialNumber=F7267E80BE817F043D28FB7E7305F4C488A8391A Certificate serial: 31 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft Manifest number: 28 Signing time: Sat 31 May 2025 07:30:31 +0000 Manifest this update: Sat 31 May 2025 07:30:30 +0000 Manifest next update: Sat 07 Jun 2025 07:30:30 +0000 Files and hashes: 1: 9yZ-gL6BfwQ9KPt-cwX0xIioORo.crl (hash: FPnwsymZ0O+RL2D3JY8/vaDJIE1msCwgxhyjIs8yrsI=) 2: 0AC13D943C5711F0BFBB572EC4F9AE02.roa (hash: o0ChCLIPHM8nd8JoYhOYYDjMTFndJtBeuXYBvBkCdkM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.crl rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49 (0x31) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7AA5, serialNumber=F7267E80BE817F043D28FB7E7305F4C488A8391A Validity Not Before: May 31 07:30:30 2025 GMT Not After : Jun 7 07:30:30 2025 GMT Subject: CN=683ab016-44e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:65:7c:b4:9f:01:e4:f7:ef:60:ee:9a:5e:7a: b6:8e:41:f6:d8:f3:b2:1f:39:06:fe:18:29:1f:60: b0:b0:89:20:3e:5d:26:78:b8:84:9f:f7:1c:24:41: c5:50:72:dc:04:8e:7b:53:c2:1e:a4:fe:1a:0c:7e: 39:23:ae:19:23:97:ee:42:3e:0f:cd:4a:4c:60:87: c4:fa:fc:9a:24:47:da:0b:42:fe:3e:42:d7:60:bf: 9f:5a:c1:26:f2:39:d1:1c:d0:96:2b:a9:47:19:bc: 51:00:28:d8:b2:f4:87:cd:b3:ef:cb:b0:ff:2f:a9: 15:d0:7b:64:72:01:c5:13:a3:f8:9e:29:be:f2:6c: 86:f1:4b:43:66:3f:11:6c:92:0f:f4:a9:96:04:69: 13:04:5a:32:87:9d:00:87:c0:5f:fa:4b:44:ab:bd: a5:af:1f:ca:eb:9e:15:24:22:b2:29:57:c3:85:0a: 28:e2:b4:d7:85:84:34:9e:d5:9b:0c:bb:a8:8e:5f: b2:55:d8:c2:fa:6a:e0:00:02:e5:9c:72:0a:b0:a4: a0:7b:39:6b:c1:ac:ad:72:00:66:68:90:31:e5:7f: 76:d5:ea:63:4f:a1:f1:48:da:31:54:41:9c:2e:ae: 81:fe:2b:1c:77:8b:76:43:5b:12:fa:cb:05:ab:57: 4c:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:3A:6C:43:D1:15:C1:C9:0B:D8:1D:41:EC:01:83:15:EF:9E:22:4A X509v3 Authority Key Identifier: keyid:F7:26:7E:80:BE:81:7F:04:3D:28:FB:7E:73:05:F4:C4:88:A8:39:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9yZ-gL6BfwQ9KPt-cwX0xIioORo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7AA5/BAFB357415BB11F0BFD54881C4F9AE02/9yZ-gL6BfwQ9KPt-cwX0xIioORo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 55:9a:04:56:26:80:cb:64:0b:45:6c:1a:ce:c5:98:44:f5:da: 17:af:d8:fc:fb:78:7c:ca:19:fa:5a:f3:91:67:fd:8c:02:57: 55:3c:da:a9:87:a7:d5:93:5e:b6:4c:5a:4f:f7:ef:22:87:d5: 60:09:75:d0:81:f4:9d:76:3e:83:d9:f3:6d:41:0c:2b:e0:18: 2d:c6:f4:c3:84:f9:90:6e:79:fe:94:20:a6:f9:ff:b7:12:08: 22:b8:54:d1:fb:bf:45:3f:8f:da:a8:e1:f4:6e:c6:87:db:38: 1e:85:63:10:a5:65:d5:ab:5c:76:6c:24:7d:39:a5:04:fc:9a: 3c:71:c9:ad:ee:e1:63:73:e3:18:18:98:f5:af:75:37:ff:11: d6:ca:bd:79:9e:06:69:23:bc:b0:ef:ce:93:d0:ac:2f:a1:ce: 9f:de:43:a2:5d:99:b2:71:e2:00:09:ba:db:df:d3:13:76:13: b8:19:43:bb:f1:7c:7f:54:54:89:a5:5f:ff:18:e2:20:1f:2c: 9e:00:a7:ea:56:96:f2:02:97:65:98:96:bb:f4:c7:64:a0:cf: b8:ec:89:c2:94:e1:c7:3a:de:48:35:89:99:d3:fe:76:04:ed: f8:6e:f0:80:a4:dc:05:a8:61:b7:a0:22:2e:1b:da:4c:03:fe: cf:8d:63:75 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD N0FBNTExMC8GA1UEBRMoRjcyNjdFODBCRTgxN0YwNDNEMjhGQjdFNzMwNUY0QzQ4 OEE4MzkxQTAeFw0yNTA1MzEwNzMwMzBaFw0yNTA2MDcwNzMwMzBaMBgxFjAUBgNV BAMTDTY4M2FiMDE2LTQ0ZTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCvZXy0nwHk9+9g7ppeeraOQfbY87IfOQb+GCkfYLCwiSA+XSZ4uISf9xwkQcVQ ctwEjntTwh6k/hoMfjkjrhkjl+5CPg/NSkxgh8T6/JokR9oLQv4+Qtdgv59awSby OdEc0JYrqUcZvFEAKNiy9IfNs+/LsP8vqRXQe2RyAcUTo/ieKb7ybIbxS0NmPxFs kg/0qZYEaRMEWjKHnQCHwF/6S0SrvaWvH8rrnhUkIrIpV8OFCijitNeFhDSe1ZsM u6iOX7JV2ML6auAAAuWccgqwpKB7OWvBrK1yAGZokDHlf3bV6mNPofFI2jFUQZwu roH+Kxx3i3ZDWxL6ywWrV0yfAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUljpsQ9EV wckL2B1B7AGDFe+eIkowHwYDVR0jBBgwFoAU9yZ+gL6BfwQ9KPt+cwX0xIioORow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3QUE1L0JBRkIzNTc0MTVC QjExRjBCRkQ1NDg4MUM0RjlBRTAyLzl5Wi1nTDZCZndROUtQdC1jd1gweElpb09S by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvOXlaLWdMNkJmd1E5S1B0LWN3WDB4SWlvT1JvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM3 QUE1L0JBRkIzNTc0MTVCQjExRjBCRkQ1NDg4MUM0RjlBRTAyLzl5Wi1nTDZCZndR OUtQdC1jd1gweElpb09Sby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFWaBFYmgMtkC0VsGs7FmET12hev2Pz7eHzKGfpa85Fn/YwCV1U82qmH p9WTXrZMWk/37yKH1WAJddCB9J12PoPZ821BDCvgGC3G9MOE+ZBuef6UIKb5/7cS CCK4VNH7v0U/j9qo4fRuxofbOB6FYxClZdWrXHZsJH05pQT8mjxxya3u4WNz4xgY mPWvdTf/EdbKvXmeBmkjvLDvzpPQrC+hzp/eQ6JdmbJx4gAJutvf0xN2E7gZQ7vx fH9UVImlX/8Y4iAfLJ4Ap+pWlvICl2WYlrv0x2Sgz7jsicKU4cc63kg1iZnT/nYE 7fhu8ICk3AWoYbegIi4b2kwD/s+NY3U= -----END CERTIFICATE-----Generated at Sat May 31 16:35:53 2025 by rpki-client