$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1691/50C692929D2411E7861A226BC4F9AE02/3ASvGYyX8lgvFa3e7nxoJhHK2lE.mft File: 3ASvGYyX8lgvFa3e7nxoJhHK2lE.mft (raw, json) Hash identifier: UQn5Aai4RxKU9rosyIslcJYMlqcu91mqXEOQKKCQAro= Subject key identifier: 42:B1:DB:47:81:A1:FD:74:C0:A1:71:06:C1:F1:37:41:73:97:76:65 Authority key identifier: DC:04:AF:19:8C:97:F2:58:2F:15:AD:DE:EE:7C:68:26:11:CA:DA:51 Certificate issuer: /CN=A91D1691/serialNumber=DC04AF198C97F2582F15ADDEEE7C682611CADA51 Certificate serial: 1894 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/3ASvGYyX8lgvFa3e7nxoJhHK2lE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1691/50C692929D2411E7861A226BC4F9AE02/3ASvGYyX8lgvFa3e7nxoJhHK2lE.mft Manifest number: 188E Signing time: Mon 02 Jun 2025 15:58:52 +0000 Manifest this update: Mon 02 Jun 2025 15:58:51 +0000 Manifest next update: Mon 09 Jun 2025 15:58:51 +0000 Files and hashes: 1: 3ASvGYyX8lgvFa3e7nxoJhHK2lE.crl (hash: 2g0hRCZoi9uc69ERJiKep4rha0QeOJ4XWa70fXWztd8=) 2: AEA7C9C0818911EA81577016C4F9AE02.roa (hash: WuIJH5EmbtRmJmFCN//mGN8XhCDwfYBWN+2IltuHvZ4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1691/50C692929D2411E7861A226BC4F9AE02/3ASvGYyX8lgvFa3e7nxoJhHK2lE.crl rsync://rpki.apnic.net/member_repository/A91D1691/50C692929D2411E7861A226BC4F9AE02/3ASvGYyX8lgvFa3e7nxoJhHK2lE.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/3ASvGYyX8lgvFa3e7nxoJhHK2lE.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 09 Jun 2025 15:58:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6292 (0x1894) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1691, serialNumber=DC04AF198C97F2582F15ADDEEE7C682611CADA51 Validity Not Before: Jun 2 15:58:51 2025 GMT Not After : Jun 9 15:58:51 2025 GMT Subject: CN=683dca3c-4678 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:84:ec:4a:68:d4:39:bc:99:24:7c:28:ff:3d: 07:71:49:c1:e4:66:2d:eb:cb:fa:d5:66:ab:b8:96: e3:5a:dc:73:45:28:4d:b9:7e:7c:28:ad:3d:c9:30: bf:ce:a4:50:0f:5f:45:60:83:78:ad:03:9e:14:fa: d2:c6:34:c8:a7:e1:ce:13:61:68:81:1a:a3:10:db: 98:0c:19:23:cb:01:82:78:c7:ae:5a:57:ac:5a:00: da:66:df:76:a6:88:b5:5a:72:e5:8c:89:cd:ff:96: 13:df:20:e7:a8:7b:0a:c9:01:72:9f:03:22:b3:12: 24:4d:64:82:e4:84:59:89:69:1c:4d:40:55:22:14: 3a:e7:7a:e5:ed:80:a2:fc:4b:e9:35:fc:8e:ed:2e: c4:5a:2c:85:7e:94:60:24:1f:9e:60:f7:1b:42:5d: 7d:e5:98:5b:ce:2d:62:9d:e0:d7:41:45:c1:2b:8c: 58:f5:05:1b:b4:8e:e7:05:03:ab:bd:e8:b5:49:54: 08:08:2c:c7:f0:7a:e6:a7:85:3a:f2:6e:43:01:58: df:e8:cb:74:52:77:8a:1b:7f:50:08:53:ac:cf:12: 03:17:40:e2:5f:31:40:31:6f:db:cf:93:6f:43:cd: 42:f7:28:99:af:e8:a5:8e:c9:ad:ad:a7:f0:89:55: d5:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:B1:DB:47:81:A1:FD:74:C0:A1:71:06:C1:F1:37:41:73:97:76:65 X509v3 Authority Key Identifier: keyid:DC:04:AF:19:8C:97:F2:58:2F:15:AD:DE:EE:7C:68:26:11:CA:DA:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1691/50C692929D2411E7861A226BC4F9AE02/3ASvGYyX8lgvFa3e7nxoJhHK2lE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/3ASvGYyX8lgvFa3e7nxoJhHK2lE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1691/50C692929D2411E7861A226BC4F9AE02/3ASvGYyX8lgvFa3e7nxoJhHK2lE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:75:b3:91:dc:2d:22:f6:1d:ce:73:f3:61:ee:31:fa:44:a5: dd:c6:93:68:0a:04:21:89:bb:1e:23:68:78:ae:9e:62:e8:3c: b7:5c:0c:3f:b0:a5:28:90:b6:b9:12:53:cc:e4:2b:75:4e:01: 45:dc:89:65:82:94:fe:27:ab:fb:aa:30:dd:4a:e1:7e:6e:ef: 9c:fd:29:48:e6:39:d5:e1:7f:e5:d5:8a:e2:1f:4b:99:db:80: 26:1d:6b:cd:fb:8a:bb:3d:cf:9c:62:fa:9a:50:89:c3:b4:d5: de:df:2b:98:8c:9b:ff:46:c5:fe:41:f9:6d:92:c5:60:0d:bb: 4d:d0:37:54:d6:00:70:ea:26:c0:a1:f4:af:f1:af:cb:69:50: f6:17:cc:5f:ab:ca:cb:38:6c:6a:82:ad:40:6a:40:b8:59:c4: 14:82:f5:26:92:d7:80:a5:ae:24:f6:16:9e:b3:9d:54:1d:b8: 29:ad:7b:18:9b:5a:92:67:0d:47:55:40:fd:11:8d:0d:f5:90: 41:84:ec:87:a3:b3:1b:a7:a3:92:c7:94:8e:af:1a:13:75:42: 41:dc:ea:90:7b:08:5e:38:3d:1d:ac:10:5d:cc:9b:18:ed:ad: de:7b:48:3b:24:53:f5:12:81:dc:8a:d0:86:6c:13:c7:4e:d7: a6:f7:9d:32 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDE2OTExMTAvBgNVBAUTKERDMDRBRjE5OEM5N0YyNTgyRjE1QURERUVFN0M2ODI2 MTFDQURBNTEwHhcNMjUwNjAyMTU1ODUxWhcNMjUwNjA5MTU1ODUxWjAYMRYwFAYD VQQDEw02ODNkY2EzYy00Njc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxITsSmjUObyZJHwo/z0HcUnB5GYt68v61WaruJbjWtxzRShNuX58KK09yTC/ zqRQD19FYIN4rQOeFPrSxjTIp+HOE2FogRqjENuYDBkjywGCeMeuWlesWgDaZt92 poi1WnLljInN/5YT3yDnqHsKyQFynwMisxIkTWSC5IRZiWkcTUBVIhQ653rl7YCi /EvpNfyO7S7EWiyFfpRgJB+eYPcbQl195Zhbzi1ineDXQUXBK4xY9QUbtI7nBQOr vei1SVQICCzH8Hrmp4U68m5DAVjf6Mt0UneKG39QCFOszxIDF0DiXzFAMW/bz5Nv Q81C9yiZr+iljsmtrafwiVXVOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEKx20eB of10wKFxBsHxN0Fzl3ZlMB8GA1UdIwQYMBaAFNwErxmMl/JYLxWt3u58aCYRytpR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTY5MS81MEM2OTI5MjlE MjQxMUU3ODYxQTIyNkJDNEY5QUUwMi8zQVN2R1l5WDhsZ3ZGYTNlN254b0poSEsy bEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyLzNBU3ZHWXlYOGxndkZhM2U3bnhvSmhISzJsRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MTY5MS81MEM2OTI5MjlEMjQxMUU3ODYxQTIyNkJDNEY5QUUwMi8zQVN2R1l5WDhs Z3ZGYTNlN254b0poSEsybEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBIdbOR3C0i9h3Oc/Nh7jH6RKXdxpNoCgQhibseI2h4rp5i6Dy3XAw/ sKUokLa5ElPM5Ct1TgFF3IllgpT+J6v7qjDdSuF+bu+c/SlI5jnV4X/l1YriH0uZ 24AmHWvN+4q7Pc+cYvqaUInDtNXe3yuYjJv/RsX+QfltksVgDbtN0DdU1gBw6ibA ofSv8a/LaVD2F8xfq8rLOGxqgq1AakC4WcQUgvUmkteApa4k9haes51UHbgprXsY m1qSZw1HVUD9EY0N9ZBBhOyHo7Mbp6OSx5SOrxoTdUJB3OqQewheOD0drBBdzJsY 7a3ee0g7JFP1EoHcitCGbBPHTtem950y -----END CERTIFICATE-----Generated at Wed Jun 4 00:19:00 2025 by rpki-client