$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.mft File: 2IDvJluUDjHf7RxCrvUUS2RBNxc.mft (raw, json) Hash identifier: 7RDPoEAnvxGhlxpUDRAFzzCjjtmvhordyO0pGnbPRCg= Subject key identifier: D8:77:00:6F:66:B0:5E:87:02:A7:2E:8E:75:BC:AE:27:8F:16:C4:DB Authority key identifier: D8:80:EF:26:5B:94:0E:31:DF:ED:1C:42:AE:F5:14:4B:64:41:37:17 Certificate issuer: /CN=A91CFA8E/serialNumber=D880EF265B940E31DFED1C42AEF5144B64413717 Certificate serial: 01A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.mft Manifest number: 0199 Signing time: Sat 31 May 2025 03:22:51 +0000 Manifest this update: Sat 31 May 2025 03:22:51 +0000 Manifest next update: Sat 07 Jun 2025 03:22:51 +0000 Files and hashes: 1: 2IDvJluUDjHf7RxCrvUUS2RBNxc.crl (hash: UT78eFr/vW9YEV7Ax6V/dYNwYLIHzUt15xJ9u9KsX5U=) 2: 61663178F88311EDB1DF555DC4F9AE02.roa (hash: fXSIWmh9V9F/x3Hddt6PPXIzX5rLMrps20QQT3eYyH8=) 3: 43E961E013E711EE8ECA2D3CC4F9AE02.roa (hash: 2uAnojTpBx/p6UzON5W2LUqPsm+IaZARqT6ypFNqC5M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.crl rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:22:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 423 (0x1a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFA8E, serialNumber=D880EF265B940E31DFED1C42AEF5144B64413717 Validity Not Before: May 31 03:22:51 2025 GMT Not After : Jun 7 03:22:51 2025 GMT Subject: CN=683a760b-86d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:01:33:5e:95:46:89:dd:4e:d5:f9:3f:d4:40: 1a:3d:a0:d3:eb:d0:24:6e:86:85:35:80:34:d8:88: b5:03:5c:dc:fb:ff:bd:ca:33:bc:7f:0a:c3:99:7f: 9c:c4:98:bc:a9:89:ec:79:1d:1a:b4:64:ed:6c:7f: bc:3b:4a:0c:5c:73:bb:7f:0f:93:18:f4:c3:07:98: 7e:ae:89:4b:b9:c6:81:bd:a6:25:c2:66:a0:5b:92: 98:e4:50:da:89:ea:bf:ff:b2:f1:5a:00:b5:13:ec: 1e:83:2d:88:08:36:fd:36:a4:32:0d:68:cd:c9:81: 60:2e:09:43:74:89:82:3c:fa:12:6b:26:81:7b:19: 68:a4:05:8d:83:9d:56:c5:90:c3:32:2f:b9:f9:8c: 6e:90:bd:27:8f:da:fa:03:18:70:2c:3e:ed:b2:2a: 8c:ec:76:a2:50:4e:38:ab:53:b7:df:c8:28:b8:2d: 13:8c:2f:73:12:f6:0e:44:53:9e:fe:5f:9f:8e:8d: 2c:76:33:f3:76:3c:8b:79:7d:7e:ed:0f:0b:90:6f: 37:ae:d0:c7:d9:3f:b4:d1:ec:27:c0:9a:4f:86:48: 39:03:4d:7d:c4:c6:39:3c:30:06:5b:1d:be:31:2a: 78:98:22:aa:06:84:90:45:ab:82:74:45:92:37:c8: 91:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:77:00:6F:66:B0:5E:87:02:A7:2E:8E:75:BC:AE:27:8F:16:C4:DB X509v3 Authority Key Identifier: keyid:D8:80:EF:26:5B:94:0E:31:DF:ED:1C:42:AE:F5:14:4B:64:41:37:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2IDvJluUDjHf7RxCrvUUS2RBNxc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFA8E/61BAD8E0F87E11ED90D8445CC4F9AE02/2IDvJluUDjHf7RxCrvUUS2RBNxc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:78:8c:ec:22:8c:2e:46:a6:43:e9:d7:ab:e9:f7:28:c1:0c: 36:48:43:1c:a4:77:02:4c:21:4f:d1:fe:e8:2b:cd:4b:94:29: 1e:88:2b:41:4c:00:96:2d:5b:95:62:d9:0e:4b:a3:8f:26:3f: cf:6b:33:31:0c:23:f1:ea:ea:bf:c2:eb:e0:ff:40:3c:bc:40: 7b:b8:be:a7:09:ed:71:d4:5b:39:b4:a8:54:3f:5a:83:64:bc: 31:33:3d:bd:7c:53:ee:d9:21:11:6c:58:08:41:fc:0d:e0:4e: 4a:56:25:13:5f:21:5d:7b:9a:d8:79:50:6e:15:23:f8:8b:1e: 2c:2d:cd:3f:a2:62:d2:c0:60:f8:0b:ad:6c:37:09:c9:76:d2: eb:98:c5:83:e5:53:be:0a:eb:11:93:e9:57:bb:58:51:f9:36: 6b:c7:cb:7a:91:20:98:74:0c:85:d7:93:a8:47:48:8d:6d:a8: 2f:b3:6b:cb:02:b8:2e:8f:dd:3f:22:10:bf:d7:cb:4a:42:61: 15:60:07:4a:e6:e8:fa:f3:6d:4e:3d:83:55:08:ef:81:81:c8: e1:e3:41:ee:cb:62:c7:b2:68:59:c0:a2:6f:cd:ab:68:ec:62: a1:ad:6d:9f:38:39:de:09:39:a9:3c:74:de:fe:0d:23:ea:ad: fb:8f:0d:7d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAacwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZBOEUxMTAvBgNVBAUTKEQ4ODBFRjI2NUI5NDBFMzFERkVEMUM0MkFFRjUxNDRC NjQ0MTM3MTcwHhcNMjUwNTMxMDMyMjUxWhcNMjUwNjA3MDMyMjUxWjAYMRYwFAYD VQQDEw02ODNhNzYwYi04NmQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1wEzXpVGid1O1fk/1EAaPaDT69AkboaFNYA02Ii1A1zc+/+9yjO8fwrDmX+c xJi8qYnseR0atGTtbH+8O0oMXHO7fw+TGPTDB5h+rolLucaBvaYlwmagW5KY5FDa ieq//7LxWgC1E+wegy2ICDb9NqQyDWjNyYFgLglDdImCPPoSayaBexlopAWNg51W xZDDMi+5+YxukL0nj9r6AxhwLD7tsiqM7HaiUE44q1O338gouC0TjC9zEvYORFOe /l+fjo0sdjPzdjyLeX1+7Q8LkG83rtDH2T+00ewnwJpPhkg5A019xMY5PDAGWx2+ MSp4mCKqBoSQRauCdEWSN8iRPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNh3AG9m sF6HAqcujnW8riePFsTbMB8GA1UdIwQYMBaAFNiA7yZblA4x3+0cQq71FEtkQTcX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkE4RS82MUJBRDhFMEY4 N0UxMUVEOTBEODQ0NUNDNEY5QUUwMi8ySUR2Smx1VURqSGY3UnhDcnZVVVMyUkJO eGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJJRHZKbHVVRGpIZjdSeENydlVVUzJSQk54Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkE4RS82MUJBRDhFMEY4N0UxMUVEOTBEODQ0NUNDNEY5QUUwMi8ySUR2Smx1VURq SGY3UnhDcnZVVVMyUkJOeGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBaeIzsIowuRqZD6der6fcowQw2SEMcpHcCTCFP0f7oK81LlCkeiCtB TACWLVuVYtkOS6OPJj/PazMxDCPx6uq/wuvg/0A8vEB7uL6nCe1x1Fs5tKhUP1qD ZLwxMz29fFPu2SERbFgIQfwN4E5KViUTXyFde5rYeVBuFSP4ix4sLc0/omLSwGD4 C61sNwnJdtLrmMWD5VO+CusRk+lXu1hR+TZrx8t6kSCYdAyF15OoR0iNbagvs2vL Arguj90/IhC/18tKQmEVYAdK5uj6821OPYNVCO+Bgcjh40Huy2LHsmhZwKJvzato 7GKhrW2fODneCTmpPHTe/g0j6q37jw19 -----END CERTIFICATE-----Generated at Sat May 31 17:49:38 2025 by rpki-client