$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB8BA/320901C4BA8511EABA838E30C4F9AE02/ki1g6hk5Zxd7xsOaQGhZijt1ptM.mft File: ki1g6hk5Zxd7xsOaQGhZijt1ptM.mft (raw, json) Hash identifier: faOd90AXqGkKszQyrlYowodR5LSDBFBKhoDFc0JuooU= Subject key identifier: 11:FC:6A:F8:E0:19:3C:80:E4:39:2B:F9:FA:8A:1B:FE:35:8C:44:C2 Authority key identifier: 92:2D:60:EA:19:39:67:17:7B:C6:C3:9A:40:68:59:8A:3B:75:A6:D3 Certificate issuer: /CN=A91CB8BA/serialNumber=922D60EA193967177BC6C39A4068598A3B75A6D3 Certificate serial: 08AE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ki1g6hk5Zxd7xsOaQGhZijt1ptM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB8BA/320901C4BA8511EABA838E30C4F9AE02/ki1g6hk5Zxd7xsOaQGhZijt1ptM.mft Manifest number: 08A6 Signing time: Fri 30 May 2025 20:45:21 +0000 Manifest this update: Fri 30 May 2025 20:45:20 +0000 Manifest next update: Fri 06 Jun 2025 20:45:20 +0000 Files and hashes: 1: ki1g6hk5Zxd7xsOaQGhZijt1ptM.crl (hash: yALQZDGClIZQq+kjNkZzZU0b9zU0FYAung7poc7RwNI=) 2: 0B6B9DE6BAAE11EA8F1DA435C4F9AE02.roa (hash: Pjk7KOVj7H3BoAMc7NRiJiAFk/4ChSG9JZtPBtMlKPY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB8BA/320901C4BA8511EABA838E30C4F9AE02/ki1g6hk5Zxd7xsOaQGhZijt1ptM.crl rsync://rpki.apnic.net/member_repository/A91CB8BA/320901C4BA8511EABA838E30C4F9AE02/ki1g6hk5Zxd7xsOaQGhZijt1ptM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ki1g6hk5Zxd7xsOaQGhZijt1ptM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 20:45:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2222 (0x8ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB8BA, serialNumber=922D60EA193967177BC6C39A4068598A3B75A6D3 Validity Not Before: May 30 20:45:20 2025 GMT Not After : Jun 6 20:45:20 2025 GMT Subject: CN=683a18e1-77f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:29:41:8c:9d:a1:b8:a5:53:16:58:b4:17:2c: 75:5e:de:c2:c0:6c:60:7d:5e:d1:be:0e:79:2a:0a: 6c:cf:93:42:0a:9d:0d:d0:db:6c:f7:0b:65:1a:c2: 7f:86:3b:9e:af:31:1a:e6:8b:14:bb:7d:e6:08:1a: 9b:4a:1c:47:9a:2d:46:e0:5b:af:e7:11:e0:e3:1f: 86:77:19:9a:7f:25:df:69:5a:7e:6d:71:b7:8d:3b: 8a:99:29:25:68:8d:33:39:f3:9d:62:37:68:63:93: 41:13:a8:c9:ba:03:04:95:c9:2b:f4:2e:e6:ed:91: 0d:dd:dd:4b:ec:d8:a0:08:23:48:f9:a9:66:2d:c5: 2a:b2:0d:13:ee:51:32:25:be:8b:74:d1:89:11:40: 57:6c:80:53:c4:a9:2a:b2:e1:4d:3e:e5:b7:c4:36: 28:9f:e5:93:8d:97:ce:80:29:bb:66:30:3b:7a:13: b4:b9:4b:e2:e8:59:88:b1:97:30:19:a2:b3:30:a2: c6:1e:10:68:3d:54:e4:5c:9e:fb:33:95:ad:1f:27: ed:5a:88:c3:68:59:b0:f7:b9:5f:c2:c0:e7:be:f6: 74:44:77:8b:66:dd:8a:21:85:f1:a7:02:4c:74:7a: 34:73:d3:2b:07:a7:55:13:41:14:da:4d:e6:90:af: fb:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:FC:6A:F8:E0:19:3C:80:E4:39:2B:F9:FA:8A:1B:FE:35:8C:44:C2 X509v3 Authority Key Identifier: keyid:92:2D:60:EA:19:39:67:17:7B:C6:C3:9A:40:68:59:8A:3B:75:A6:D3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB8BA/320901C4BA8511EABA838E30C4F9AE02/ki1g6hk5Zxd7xsOaQGhZijt1ptM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ki1g6hk5Zxd7xsOaQGhZijt1ptM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB8BA/320901C4BA8511EABA838E30C4F9AE02/ki1g6hk5Zxd7xsOaQGhZijt1ptM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:ed:12:8c:82:6a:8c:95:36:62:32:4f:77:5d:00:b3:05:d4: 12:af:66:e6:87:7e:1c:79:a4:5f:d8:27:42:e6:6f:03:73:f9: 3a:7e:aa:b5:88:bc:e3:cb:ae:a3:d7:66:72:80:9b:5d:bb:46: 00:16:8f:e9:76:ec:d3:33:16:67:82:dc:7c:7e:56:95:1d:fc: b0:c3:c3:2d:b2:d1:d5:a8:c3:17:d5:b0:a8:e0:f2:9e:b4:8b: 01:74:59:f1:b3:11:46:44:2f:0d:8d:90:38:6d:b9:ef:6b:aa: 8d:ea:d6:76:5b:9e:f3:40:da:92:4a:74:d4:48:91:e4:9d:0c: c3:b3:a6:d6:6c:26:20:83:0e:78:20:de:c7:14:de:1e:9e:98: 40:22:38:69:04:de:3b:64:3b:10:a7:7d:b4:da:a7:a5:c3:d4: 05:12:b0:08:94:c8:5d:8f:df:75:f6:85:f3:40:7e:3f:84:f8: 29:2f:46:7e:65:13:2e:6e:a0:aa:85:c2:e6:e8:d3:bd:23:90: bd:16:ae:8a:91:fd:1e:f1:41:f5:16:e9:18:66:2a:34:3f:95: ea:8e:c4:ef:91:94:b9:61:5a:4c:24:99:56:6e:60:f2:0d:83: af:06:2b:14:c8:4a:59:4b:5c:82:c9:61:a6:11:4b:3e:b0:5c: 10:f8:5b:34 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0I4QkExMTAvBgNVBAUTKDkyMkQ2MEVBMTkzOTY3MTc3QkM2QzM5QTQwNjg1OThB M0I3NUE2RDMwHhcNMjUwNTMwMjA0NTIwWhcNMjUwNjA2MjA0NTIwWjAYMRYwFAYD VQQDEw02ODNhMThlMS03N2Y3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApilBjJ2huKVTFli0Fyx1Xt7CwGxgfV7Rvg55Kgpsz5NCCp0N0Nts9wtlGsJ/ hjuerzEa5osUu33mCBqbShxHmi1G4Fuv5xHg4x+GdxmafyXfaVp+bXG3jTuKmSkl aI0zOfOdYjdoY5NBE6jJugMElckr9C7m7ZEN3d1L7NigCCNI+almLcUqsg0T7lEy Jb6LdNGJEUBXbIBTxKkqsuFNPuW3xDYon+WTjZfOgCm7ZjA7ehO0uUvi6FmIsZcw GaKzMKLGHhBoPVTkXJ77M5WtHyftWojDaFmw97lfwsDnvvZ0RHeLZt2KIYXxpwJM dHo0c9MrB6dVE0EU2k3mkK/77QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBH8avjg GTyA5Dkr+fqKG/41jETCMB8GA1UdIwQYMBaAFJItYOoZOWcXe8bDmkBoWYo7dabT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQjhCQS8zMjA5MDFDNEJB ODUxMUVBQkE4MzhFMzBDNEY5QUUwMi9raTFnNmhrNVp4ZDd4c09hUUdoWmlqdDFw dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tpMWc2aGs1WnhkN3hzT2FRR2haaWp0MXB0TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QjhCQS8zMjA5MDFDNEJBODUxMUVBQkE4MzhFMzBDNEY5QUUwMi9raTFnNmhrNVp4 ZDd4c09hUUdoWmlqdDFwdE0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAy7RKMgmqMlTZiMk93XQCzBdQSr2bmh34ceaRf2CdC5m8Dc/k6fqq1 iLzjy66j12ZygJtdu0YAFo/pduzTMxZngtx8flaVHfyww8MtstHVqMMX1bCo4PKe tIsBdFnxsxFGRC8NjZA4bbnva6qN6tZ2W57zQNqSSnTUSJHknQzDs6bWbCYggw54 IN7HFN4enphAIjhpBN47ZDsQp3202qelw9QFErAIlMhdj9919oXzQH4/hPgpL0Z+ ZRMubqCqhcLm6NO9I5C9Fq6Kkf0e8UH1FukYZio0P5XqjsTvkZS5YVpMJJlWbmDy DYOvBisUyEpZS1yCyWGmEUs+sFwQ+Fs0 -----END CERTIFICATE-----Generated at Sat May 31 17:31:57 2025 by rpki-client