$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft File: BUM8OuqKSXAsmoLuyV0WtVA86mA.mft (raw, json) Hash identifier: 07W3Ri9H7BNTDPBPH1gWrnGTkN5nZx9WadQnOT3BS98= Subject key identifier: C1:24:CD:34:87:87:80:F7:5D:00:3A:2E:2A:D9:BF:33:16:23:F4:38 Authority key identifier: 05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 Certificate issuer: /CN=A91CFFA0/serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60 Certificate serial: 0D53 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft Manifest number: 0D31 Signing time: Sat 31 May 2025 18:04:45 +0000 Manifest this update: Sat 31 May 2025 18:04:45 +0000 Manifest next update: Sat 07 Jun 2025 18:04:45 +0000 Files and hashes: 1: BUM8OuqKSXAsmoLuyV0WtVA86mA.crl (hash: XxmX3QSO0QVyIA2dY9YOZEGfkn02M9Y34Rf6aM2CZsY=) 2: 83ECD7C40CCA11ED97820077C4F9AE02.roa (hash: tsWCAJh3hDUuF0jt3mDhnNo48pJ1cTxWnbkE+ZQXBxw=) 3: 0E3F36D8C43D11EBAB31777FC4F9AE02.roa (hash: BThAKf2icEZsZqpXgnFl9VpqvpRKYGs7e0515Blb0yw=) 4: 1F4E1CC014D311EA81309110C4F9AE02.roa (hash: zPumQuSa3V5Do5kU4HAy8QEzfyGrDVZPMvaKh+jhJxk=) 5: E6F0F39214CE11EA9E740182C4F9AE02.roa (hash: zpETj3vTU+4JGJFNH2bJangxDJpoV//my0UXRjaLeMk=) 6: 4CD3C8DC14D011EA93366A85C4F9AE02.roa (hash: JwI9xru2SKVmPRR5P37ZWy6F3njGvB5RFaYgtRHbNFY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 18:04:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3411 (0xd53) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFA0, serialNumber=05433C3AEA8A49702C9A82EEC95D16B5503CEA60 Validity Not Before: May 31 18:04:45 2025 GMT Not After : Jun 7 18:04:45 2025 GMT Subject: CN=683b44bd-b987 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:62:ba:b5:c5:82:ed:5f:e0:4c:c3:f8:c4:6f: b6:84:da:80:af:58:49:49:7a:44:ca:f9:4b:cb:55: e2:aa:58:cf:5f:d5:97:94:5f:e8:75:97:fc:6d:f1: d8:3d:7d:47:25:9d:71:1a:94:1a:d9:9c:e9:71:f0: ee:c9:56:b0:9a:3d:dc:df:58:f2:de:da:04:28:ce: e9:dd:e5:b4:50:30:b4:64:03:d0:fd:85:53:f0:70: a3:46:56:6f:53:1d:65:a3:9d:ee:05:c7:fb:31:1d: e1:5d:5a:a8:4e:dc:a4:f6:4f:40:a1:4a:24:a9:e2: 4a:33:f5:07:c0:1a:d6:66:e9:6d:8f:a7:2b:9c:b5: 87:61:35:5c:15:ab:c6:c5:72:46:8b:9f:54:b4:77: 15:47:b8:09:19:dc:05:7d:c1:0f:1e:8d:2e:35:50: 5a:b8:87:57:4d:8e:5e:a2:2d:bf:b0:76:4c:ec:87: 48:88:d9:45:0f:2d:ce:cf:38:4b:a2:94:e4:29:96: 86:78:8a:a2:4d:8f:71:ad:25:3d:1c:c5:b0:09:4c: 7c:d6:15:4c:c8:a2:20:5e:e2:65:f2:05:34:df:7e: bc:6d:5e:90:97:a3:80:45:70:fa:07:ee:e4:df:3b: fc:e2:97:cd:e8:b8:fd:33:9b:d3:2f:a8:08:89:26: 68:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:24:CD:34:87:87:80:F7:5D:00:3A:2E:2A:D9:BF:33:16:23:F4:38 X509v3 Authority Key Identifier: keyid:05:43:3C:3A:EA:8A:49:70:2C:9A:82:EE:C9:5D:16:B5:50:3C:EA:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/BUM8OuqKSXAsmoLuyV0WtVA86mA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFA0/150BF690D8CB11E9BAE24D21C4F9AE02/BUM8OuqKSXAsmoLuyV0WtVA86mA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a9:20:a9:3a:e9:e1:d9:1c:95:59:1e:eb:55:bd:fa:ed:53:c6: 34:45:a0:4e:41:87:2c:fe:2f:aa:c4:2f:29:d6:2a:c5:50:3c: 06:be:9e:09:70:ae:5c:47:2b:36:c5:d9:72:24:c1:f2:e1:e2: c0:e3:29:58:71:03:9f:c5:d8:5f:57:e2:75:1b:48:bc:e5:6a: 10:4d:c5:48:74:d8:fe:17:5d:75:ef:c9:0f:aa:43:00:02:05: 52:3a:3b:a6:dc:d2:36:5d:ca:5c:ed:fd:33:c2:27:12:f1:b3: 8b:dd:b6:a8:92:1e:0b:af:73:9c:54:22:6c:85:4e:bc:27:30: ce:34:a2:22:62:1d:aa:90:7b:df:53:bf:fc:26:d9:72:4b:b0: 2d:1e:d9:96:85:63:d1:e9:a4:f4:06:23:dc:c1:d2:08:92:ce: b2:e3:cf:dd:eb:b8:68:a7:8e:0b:73:e5:2e:c8:05:6e:d8:0b: 90:aa:78:ac:81:78:0d:b9:f0:b4:f4:ca:78:0f:f8:ad:c8:b1: 73:84:23:80:69:fc:56:23:4d:e2:52:f8:d4:ba:33:99:64:00: 6a:8e:d8:93:77:48:38:03:5c:81:c2:76:ef:77:ef:be:cd:43: f4:90:14:54:bd:45:15:5f:de:c6:93:62:17:2f:f3:67:1d:29: 52:a5:d0:f5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDVMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZGQTAxMTAvBgNVBAUTKDA1NDMzQzNBRUE4QTQ5NzAyQzlBODJFRUM5NUQxNkI1 NTAzQ0VBNjAwHhcNMjUwNTMxMTgwNDQ1WhcNMjUwNjA3MTgwNDQ1WjAYMRYwFAYD VQQDEw02ODNiNDRiZC1iOTg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxGK6tcWC7V/gTMP4xG+2hNqAr1hJSXpEyvlLy1XiqljPX9WXlF/odZf8bfHY PX1HJZ1xGpQa2ZzpcfDuyVawmj3c31jy3toEKM7p3eW0UDC0ZAPQ/YVT8HCjRlZv Ux1lo53uBcf7MR3hXVqoTtyk9k9AoUokqeJKM/UHwBrWZultj6crnLWHYTVcFavG xXJGi59UtHcVR7gJGdwFfcEPHo0uNVBauIdXTY5eoi2/sHZM7IdIiNlFDy3OzzhL opTkKZaGeIqiTY9xrSU9HMWwCUx81hVMyKIgXuJl8gU03368bV6Ql6OARXD6B+7k 3zv84pfN6Lj9M5vTL6gIiSZoKwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMEkzTSH h4D3XQA6LirZvzMWI/Q4MB8GA1UdIwQYMBaAFAVDPDrqiklwLJqC7sldFrVQPOpg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkZBMC8xNTBCRjY5MEQ4 Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NYQXNtb0x1eVYwV3RWQTg2 bUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0JVTThPdXFLU1hBc21vTHV5VjBXdFZBODZtQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkZBMC8xNTBCRjY5MEQ4Q0IxMUU5QkFFMjREMjFDNEY5QUUwMi9CVU04T3VxS1NY QXNtb0x1eVYwV3RWQTg2bUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCpIKk66eHZHJVZHutVvfrtU8Y0RaBOQYcs/i+qxC8p1irFUDwGvp4J cK5cRys2xdlyJMHy4eLA4ylYcQOfxdhfV+J1G0i85WoQTcVIdNj+F11178kPqkMA AgVSOjum3NI2Xcpc7f0zwicS8bOL3baokh4Lr3OcVCJshU68JzDONKIiYh2qkHvf U7/8JtlyS7AtHtmWhWPR6aT0BiPcwdIIks6y48/d67hop44Lc+UuyAVu2AuQqnis gXgNufC09Mp4D/ityLFzhCOAafxWI03iUvjUujOZZABqjtiTd0g4A1yBwnbvd+++ zUP0kBRUvUUVX97Gk2IXL/NnHSlSpdD1 -----END CERTIFICATE-----Generated at Mon Jun 2 20:40:57 2025 by rpki-client