$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/c9kAkk5wFUjm4yA4gPbAlypMKRo.mft File: c9kAkk5wFUjm4yA4gPbAlypMKRo.mft (raw, json) Hash identifier: Ay3jZO9IbttaoZvXbAsCC0cQefxrPQyHP2fiJx+T3bE= Subject key identifier: E4:F0:22:A1:D4:C7:88:79:E8:4F:DA:72:32:14:90:B5:B1:43:9A:0F Authority key identifier: 73:D9:00:92:4E:70:15:48:E6:E3:20:38:80:F6:C0:97:2A:4C:29:1A Certificate issuer: /CN=A91C9E72/serialNumber=73D900924E701548E6E3203880F6C0972A4C291A Certificate serial: 7D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c9kAkk5wFUjm4yA4gPbAlypMKRo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/c9kAkk5wFUjm4yA4gPbAlypMKRo.mft Manifest number: 7B Signing time: Sat 31 May 2025 06:16:48 +0000 Manifest this update: Sat 31 May 2025 06:16:48 +0000 Manifest next update: Sat 07 Jun 2025 06:16:48 +0000 Files and hashes: 1: c9kAkk5wFUjm4yA4gPbAlypMKRo.crl (hash: ilW5/Bc0WO/XMMrS3wn1Rw09x62ppxMVuF8zhET8K/8=) 2: 5440C4C8848111EF9F3ECE34C4F9AE02.roa (hash: 3hnmn/EG7rhYM2a7/Cnm16lA4qC355sf3kWBw8CmIQU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/c9kAkk5wFUjm4yA4gPbAlypMKRo.crl rsync://rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/c9kAkk5wFUjm4yA4gPbAlypMKRo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c9kAkk5wFUjm4yA4gPbAlypMKRo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 06:16:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 125 (0x7d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9E72, serialNumber=73D900924E701548E6E3203880F6C0972A4C291A Validity Not Before: May 31 06:16:48 2025 GMT Not After : Jun 7 06:16:48 2025 GMT Subject: CN=683a9ed0-2f58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:13:28:35:0f:29:d8:20:0f:02:f8:76:7b:c4: 82:96:d8:ac:6d:a9:3c:f0:36:d9:af:77:42:12:d7: da:5b:e8:40:51:b0:84:bc:88:0b:4c:4b:4a:65:59: d2:90:dc:b0:9c:ba:dd:3b:7e:d3:fb:d3:46:00:61: 26:fe:06:69:e2:3e:b6:70:6c:0d:62:9b:18:8c:b0: dd:58:6f:b4:85:57:76:32:2c:b2:c5:73:c1:60:e0: 00:ff:d6:fa:da:aa:20:28:49:a7:19:5b:5d:68:ad: 32:24:3f:57:d0:63:11:b0:3e:85:86:28:48:19:f7: 27:9a:fd:a8:ad:b0:84:bd:22:94:67:b1:09:0a:c2: 60:23:f7:0f:2f:06:ab:be:63:19:2f:aa:6b:10:16: 4d:f4:7e:c5:d5:95:3b:e3:11:fa:fd:63:60:95:9f: 7e:35:e4:98:84:68:d2:e3:8e:b5:28:b6:c4:66:79: b3:3b:c4:23:aa:72:e3:c6:86:a3:af:b9:99:a5:e8: 73:2a:d7:56:6f:2d:e5:eb:86:59:0a:94:20:69:b7: 1d:c8:3e:5c:f9:7d:9e:f7:89:8b:e8:46:02:20:b9: 72:4a:de:24:77:7e:a8:cf:75:8d:0e:5f:ef:b6:15: 01:d2:fd:e2:3c:46:b4:43:bd:c6:2e:49:12:d3:0d: 67:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:F0:22:A1:D4:C7:88:79:E8:4F:DA:72:32:14:90:B5:B1:43:9A:0F X509v3 Authority Key Identifier: keyid:73:D9:00:92:4E:70:15:48:E6:E3:20:38:80:F6:C0:97:2A:4C:29:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/c9kAkk5wFUjm4yA4gPbAlypMKRo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/c9kAkk5wFUjm4yA4gPbAlypMKRo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9E72/E6B44902848011EFAAD8E233C4F9AE02/c9kAkk5wFUjm4yA4gPbAlypMKRo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d2:97:b9:a5:37:59:40:2c:93:e8:24:b2:b5:3b:46:d9:33:7b: ac:b5:35:a9:e4:b6:a5:41:8f:f3:40:ae:e7:bd:43:b2:24:40: 3d:f2:7f:6a:19:55:b2:f4:18:b8:f5:55:85:c8:6a:ed:16:96: 88:88:5b:3e:65:0f:85:22:74:a4:e3:47:fd:5e:a0:41:1a:41: a2:25:71:1b:75:3a:72:70:a9:b5:d7:50:42:28:0a:2b:9f:b9: 8c:87:88:26:d9:b0:81:78:2f:fb:a1:62:87:d0:9b:b8:69:69: b4:48:28:e8:e8:ba:9e:5f:ef:91:d7:1b:b5:43:54:48:15:ae: 11:5b:81:e3:e1:2d:7c:fa:24:d7:4f:e7:43:8b:09:28:8b:10: 05:1e:bd:47:1b:79:3a:db:f0:84:07:28:1a:cb:70:4a:3b:cf: d9:7d:b9:ef:de:74:50:4b:4c:89:19:44:fe:4d:c7:e4:72:90: 56:e4:81:65:f1:b4:32:f8:81:46:b0:d4:97:9e:ab:4e:ed:7b: 44:2a:a4:71:43:c3:19:6c:9f:07:11:5e:18:3e:33:61:86:24: 84:df:e9:f8:8e:62:4e:e5:a2:53:37:7f:2d:91:e2:36:db:99: df:68:af:37:0a:b2:48:3e:9c:f7:66:46:03:64:71:ce:d6:59: 36:b6:df:2b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBfTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD OUU3MjExMC8GA1UEBRMoNzNEOTAwOTI0RTcwMTU0OEU2RTMyMDM4ODBGNkMwOTcy QTRDMjkxQTAeFw0yNTA1MzEwNjE2NDhaFw0yNTA2MDcwNjE2NDhaMBgxFjAUBgNV BAMTDTY4M2E5ZWQwLTJmNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCeEyg1DynYIA8C+HZ7xIKW2KxtqTzwNtmvd0IS19pb6EBRsIS8iAtMS0plWdKQ 3LCcut07ftP700YAYSb+BmniPrZwbA1imxiMsN1Yb7SFV3YyLLLFc8Fg4AD/1vra qiAoSacZW11orTIkP1fQYxGwPoWGKEgZ9yea/aitsIS9IpRnsQkKwmAj9w8vBqu+ YxkvqmsQFk30fsXVlTvjEfr9Y2CVn3415JiEaNLjjrUotsRmebM7xCOqcuPGhqOv uZml6HMq11ZvLeXrhlkKlCBptx3IPlz5fZ73iYvoRgIguXJK3iR3fqjPdY0OX++2 FQHS/eI8RrRDvcYuSRLTDWeXAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU5PAiodTH iHnoT9pyMhSQtbFDmg8wHwYDVR0jBBgwFoAUc9kAkk5wFUjm4yA4gPbAlypMKRow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM5RTcyL0U2QjQ0OTAyODQ4 MDExRUZBQUQ4RTIzM0M0RjlBRTAyL2M5a0FrazV3RlVqbTR5QTRnUGJBbHlwTUtS by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvYzlrQWtrNXdGVWptNHlBNGdQYkFseXBNS1JvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM5 RTcyL0U2QjQ0OTAyODQ4MDExRUZBQUQ4RTIzM0M0RjlBRTAyL2M5a0FrazV3RlVq bTR5QTRnUGJBbHlwTUtSby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBANKXuaU3WUAsk+gksrU7Rtkze6y1NanktqVBj/NArue9Q7IkQD3yf2oZ VbL0GLj1VYXIau0WloiIWz5lD4UidKTjR/1eoEEaQaIlcRt1OnJwqbXXUEIoCiuf uYyHiCbZsIF4L/uhYofQm7hpabRIKOjoup5f75HXG7VDVEgVrhFbgePhLXz6JNdP 50OLCSiLEAUevUcbeTrb8IQHKBrLcEo7z9l9ue/edFBLTIkZRP5Nx+RykFbkgWXx tDL4gUaw1Jeeq07te0QqpHFDwxlsnwcRXhg+M2GGJITf6fiOYk7lolM3fy2R4jbb md9orzcKskg+nPdmRgNkcc7WWTa23ys= -----END CERTIFICATE-----Generated at Sat May 31 17:39:23 2025 by rpki-client