$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.mft File: aLMj2oThIFRmzrWv19YHcmdbBTE.mft (raw, json) Hash identifier: twqypCDXkUR1n+o3bTGo3vV4W9XWuYoOGz1Sj9E5qec= Subject key identifier: 14:47:EF:85:43:CE:C0:E0:9C:E9:5E:E6:45:16:FA:00:0C:AE:88:F1 Authority key identifier: 68:B3:23:DA:84:E1:20:54:66:CE:B5:AF:D7:D6:07:72:67:5B:05:31 Certificate issuer: /CN=A91CD40B/serialNumber=68B323DA84E1205466CEB5AFD7D60772675B0531 Certificate serial: 79 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aLMj2oThIFRmzrWv19YHcmdbBTE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.mft Manifest number: 79 Signing time: Sat 31 May 2025 06:17:37 +0000 Manifest this update: Sat 31 May 2025 06:17:36 +0000 Manifest next update: Sat 07 Jun 2025 06:17:36 +0000 Files and hashes: 1: aLMj2oThIFRmzrWv19YHcmdbBTE.crl (hash: e62m+wEuwJWcNpntWHfXUxfpX1vEq9qd8vVLAZdGTwM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.crl rsync://rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aLMj2oThIFRmzrWv19YHcmdbBTE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 06:17:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 121 (0x79) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD40B, serialNumber=68B323DA84E1205466CEB5AFD7D60772675B0531 Validity Not Before: May 31 06:17:36 2025 GMT Not After : Jun 7 06:17:36 2025 GMT Subject: CN=683a9f01-574d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a4:4c:7d:cf:f1:74:55:bc:3e:c0:3c:1f:06: 65:4a:01:a8:43:ba:0b:f9:4e:33:3e:72:19:88:97: 71:e6:9b:15:ac:b6:d1:f1:0d:4c:3e:fa:95:1d:c7: 59:7e:fb:65:03:3a:56:22:2f:7e:66:09:bd:a2:9d: 76:fd:70:b4:c8:eb:25:b2:ad:7e:90:b9:c8:bb:ed: b7:b7:fa:25:7e:dc:40:d6:bf:ab:57:58:29:70:d6: cb:6c:02:4a:fd:69:db:41:32:82:08:f8:4b:2a:24: f2:46:49:19:85:3b:5d:60:1a:4c:68:f5:17:a5:8b: d5:08:0e:da:45:c2:ad:69:61:51:b6:47:c5:f4:5d: 36:4e:96:15:b5:71:9f:88:1e:99:9c:8d:bd:fb:4c: 21:67:41:87:7b:ed:79:e5:92:1f:fa:41:02:e0:f7: 9b:ee:76:de:d6:aa:a1:13:79:28:74:46:dd:69:81: d7:f2:35:67:c9:67:47:21:14:6f:b8:69:b4:0a:04: 2b:c8:14:fa:f4:1d:96:76:21:2a:dc:94:a2:ea:7f: 13:82:89:f3:65:10:53:02:73:54:5a:a7:2d:2b:35: 7d:91:03:03:cd:1b:15:d9:49:eb:2d:dc:dd:69:35: f5:e0:f1:65:71:56:43:c4:6b:03:06:88:2b:09:a1: 13:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:47:EF:85:43:CE:C0:E0:9C:E9:5E:E6:45:16:FA:00:0C:AE:88:F1 X509v3 Authority Key Identifier: keyid:68:B3:23:DA:84:E1:20:54:66:CE:B5:AF:D7:D6:07:72:67:5B:05:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aLMj2oThIFRmzrWv19YHcmdbBTE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD40B/741A1E2C855B11EFB0576D40C4F9AE02/aLMj2oThIFRmzrWv19YHcmdbBTE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:8e:8b:0e:53:6d:a4:48:60:5e:95:1e:46:1a:d1:62:3a:75: df:b2:b1:8f:6f:41:0c:dd:78:2b:c3:27:54:90:f7:96:8e:92: 14:49:b7:10:0f:5c:ae:e5:cb:64:1c:28:49:c9:78:f8:3b:33: 55:18:69:c4:7e:aa:c4:09:e0:be:40:4a:27:3b:03:d6:93:f0: 79:a3:c6:4e:a0:56:a9:fe:69:71:b0:6e:ed:1a:86:3c:a8:d8: 9b:82:7e:a2:26:c7:6a:4f:eb:50:45:e9:df:fa:a1:98:c3:47: a4:67:65:1d:42:bf:86:96:0f:f0:05:8d:6b:02:36:27:ee:9a: 11:aa:d4:89:30:9e:68:41:d5:ae:7a:d4:3e:7e:1d:e2:00:e8: f8:f2:10:51:9f:bc:04:f4:e4:6f:a7:9a:dd:05:27:15:7d:d3: 76:fa:c8:11:b2:bf:f3:45:a7:f6:b3:fa:a5:b3:38:d6:20:e0: 1c:61:2f:e8:ac:8f:12:5f:e9:94:7f:95:19:4f:ff:18:eb:e4: 41:3e:ee:a0:a9:43:ee:9d:ce:48:01:ea:8c:83:17:39:a7:31: 86:ae:23:49:3e:47:03:86:9f:aa:dc:d2:85:28:91:90:a0:1c: 48:23:54:09:12:5b:1f:07:9f:ad:02:39:14:49:34:5e:30:65: f2:4d:2c:f6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBeTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RDQwQjExMC8GA1UEBRMoNjhCMzIzREE4NEUxMjA1NDY2Q0VCNUFGRDdENjA3NzI2 NzVCMDUzMTAeFw0yNTA1MzEwNjE3MzZaFw0yNTA2MDcwNjE3MzZaMBgxFjAUBgNV BAMTDTY4M2E5ZjAxLTU3NGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCypEx9z/F0Vbw+wDwfBmVKAahDugv5TjM+chmIl3HmmxWsttHxDUw++pUdx1l+ +2UDOlYiL35mCb2inXb9cLTI6yWyrX6Quci77be3+iV+3EDWv6tXWClw1stsAkr9 adtBMoII+EsqJPJGSRmFO11gGkxo9Reli9UIDtpFwq1pYVG2R8X0XTZOlhW1cZ+I Hpmcjb37TCFnQYd77Xnlkh/6QQLg95vudt7WqqETeSh0Rt1pgdfyNWfJZ0chFG+4 abQKBCvIFPr0HZZ2ISrclKLqfxOCifNlEFMCc1Rapy0rNX2RAwPNGxXZSest3N1p NfXg8WVxVkPEawMGiCsJoRMJAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUFEfvhUPO wOCc6V7mRRb6AAyuiPEwHwYDVR0jBBgwFoAUaLMj2oThIFRmzrWv19YHcmdbBTEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNENDBCLzc0MUExRTJDODU1 QjExRUZCMDU3NkQ0MEM0RjlBRTAyL2FMTWoyb1RoSUZSbXpyV3YxOVlIY21kYkJU RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvYUxNajJvVGhJRlJtenJXdjE5WUhjbWRiQlRFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNE NDBCLzc0MUExRTJDODU1QjExRUZCMDU3NkQ0MEM0RjlBRTAyL2FMTWoyb1RoSUZS bXpyV3YxOVlIY21kYkJURS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHKOiw5TbaRIYF6VHkYa0WI6dd+ysY9vQQzdeCvDJ1SQ95aOkhRJtxAP XK7ly2QcKEnJePg7M1UYacR+qsQJ4L5ASic7A9aT8Hmjxk6gVqn+aXGwbu0ahjyo 2JuCfqImx2pP61BF6d/6oZjDR6RnZR1Cv4aWD/AFjWsCNifumhGq1IkwnmhB1a56 1D5+HeIA6PjyEFGfvAT05G+nmt0FJxV903b6yBGyv/NFp/az+qWzONYg4BxhL+is jxJf6ZR/lRlP/xjr5EE+7qCpQ+6dzkgB6oyDFzmnMYauI0k+RwOGn6rc0oUokZCg HEgjVAkSWx8Hn60CORRJNF4wZfJNLPY= -----END CERTIFICATE-----Generated at Sat May 31 16:26:59 2025 by rpki-client