$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1C7F/091E1EAAB0D011ECBB04A378C4F9AE02/2rSlKo7BqtbJJS7qTV0VadJ69Gs.mft File: 2rSlKo7BqtbJJS7qTV0VadJ69Gs.mft (raw, json) Hash identifier: hD0GSvHAKCFPl0ynm2nbMkVSxNseQcu8SOzcQliBez0= Subject key identifier: 75:B9:B5:31:D2:BC:A8:62:65:7D:54:AF:1E:4F:CB:72:57:9A:D1:3F Authority key identifier: DA:B4:A5:2A:8E:C1:AA:D6:C9:25:2E:EA:4D:5D:15:69:D2:7A:F4:6B Certificate issuer: /CN=A91D1C7F/serialNumber=DAB4A52A8EC1AAD6C9252EEA4D5D1569D27AF46B Certificate serial: 0367 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2rSlKo7BqtbJJS7qTV0VadJ69Gs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1C7F/091E1EAAB0D011ECBB04A378C4F9AE02/2rSlKo7BqtbJJS7qTV0VadJ69Gs.mft Manifest number: 0363 Signing time: Sat 31 May 2025 01:08:43 +0000 Manifest this update: Sat 31 May 2025 01:08:43 +0000 Manifest next update: Sat 07 Jun 2025 01:08:43 +0000 Files and hashes: 1: 2rSlKo7BqtbJJS7qTV0VadJ69Gs.crl (hash: 4t8giQ/psPF0MAs56iNuwVnYGeRs5nb47AMUN2qm8kk=) 2: E5B25D84B0D211ECB7B1BA7DC4F9AE02.roa (hash: KMYbMfLRKgCDX7CbZCwrDOvnhVpSxFbhQooHcCajhmY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1C7F/091E1EAAB0D011ECBB04A378C4F9AE02/2rSlKo7BqtbJJS7qTV0VadJ69Gs.crl rsync://rpki.apnic.net/member_repository/A91D1C7F/091E1EAAB0D011ECBB04A378C4F9AE02/2rSlKo7BqtbJJS7qTV0VadJ69Gs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2rSlKo7BqtbJJS7qTV0VadJ69Gs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 01:08:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 871 (0x367) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1C7F, serialNumber=DAB4A52A8EC1AAD6C9252EEA4D5D1569D27AF46B Validity Not Before: May 31 01:08:43 2025 GMT Not After : Jun 7 01:08:43 2025 GMT Subject: CN=683a569b-72d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:9c:03:79:41:54:3d:64:a7:90:3e:3e:71:2d: 2b:33:16:69:5d:87:5f:b7:d6:31:ea:f2:e1:4d:d6: b1:7e:b7:16:cb:a3:ed:46:0f:e6:59:9e:33:f3:4a: d9:d0:de:6d:71:2f:35:eb:6a:7b:92:f8:19:a2:0d: 41:fb:bd:8d:30:07:9b:fc:31:77:62:e7:ef:89:17: 09:20:09:71:ba:75:c7:29:58:6f:e9:e7:b9:ee:ed: df:ea:87:be:65:17:45:44:f5:e0:44:93:cf:0b:40: 97:c8:f1:a5:40:af:21:d8:b9:c5:da:b7:db:c4:d7: 7f:6c:af:56:59:73:f1:3a:3a:88:45:97:08:41:cf: 1c:17:96:a1:e6:80:15:89:b5:fe:b2:ea:0d:40:e6: cf:03:a1:5f:f7:0e:5e:c4:2c:e6:bd:1b:70:06:5d: d5:2b:bf:02:db:cf:de:89:e2:ee:c3:36:57:7a:8a: 74:2e:23:f7:15:4d:f7:07:33:35:c5:2a:09:08:92: 11:11:81:16:fa:6c:6b:0b:36:b1:9b:75:c4:34:6d: e1:68:ca:e8:47:a5:10:8b:55:53:56:6b:99:f6:82: 6c:8d:43:2c:aa:d6:27:94:ee:72:ab:49:99:40:a2: 9b:11:94:0b:b9:fc:de:99:b0:2c:f8:9c:e7:35:c1: 77:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:B9:B5:31:D2:BC:A8:62:65:7D:54:AF:1E:4F:CB:72:57:9A:D1:3F X509v3 Authority Key Identifier: keyid:DA:B4:A5:2A:8E:C1:AA:D6:C9:25:2E:EA:4D:5D:15:69:D2:7A:F4:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1C7F/091E1EAAB0D011ECBB04A378C4F9AE02/2rSlKo7BqtbJJS7qTV0VadJ69Gs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2rSlKo7BqtbJJS7qTV0VadJ69Gs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1C7F/091E1EAAB0D011ECBB04A378C4F9AE02/2rSlKo7BqtbJJS7qTV0VadJ69Gs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:b2:51:77:a4:eb:d4:77:48:59:f7:af:65:af:c9:11:f3:d7: 5a:cc:39:72:f3:ac:ee:19:be:b2:51:17:a4:28:ca:44:cd:a7: aa:b2:e0:29:13:76:bb:d4:d9:73:a2:b8:f2:75:a1:2d:e1:71: e2:ae:5a:70:d9:77:1a:c6:1c:17:02:5a:12:6d:6d:44:ce:86: 5d:0b:f1:5d:ad:8a:1b:60:5e:13:f0:8c:f1:32:98:8d:04:18: ee:72:fb:93:77:b2:ed:f8:d6:6e:66:3d:1e:39:31:74:d9:ff: 06:92:cc:49:c3:28:c5:52:ec:f5:62:f0:97:29:c1:b8:7f:1e: 9a:26:e4:c6:1d:dc:74:7d:64:cd:7c:f2:8c:c1:c8:f2:64:76: 09:ad:7b:5f:99:b0:04:6e:b0:58:ab:e3:0a:32:2a:c3:c9:c4: 90:2f:b2:e8:5c:a1:04:b4:87:46:7c:59:64:72:b2:75:0b:a8: f3:fb:94:27:62:e9:9d:7b:3a:2a:91:87:92:90:d6:7b:f2:a9: 18:4f:60:88:c1:1b:15:9a:12:9d:83:7f:e8:79:e8:0e:0b:7f: 40:35:d4:d8:bb:a3:16:b5:65:48:55:0a:44:d6:77:2a:29:be: 40:65:22:83:a5:db:9a:42:12:56:4d:d9:c2:be:48:11:c5:9c: 55:a5:af:85 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA2cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDFDN0YxMTAvBgNVBAUTKERBQjRBNTJBOEVDMUFBRDZDOTI1MkVFQTRENUQxNTY5 RDI3QUY0NkIwHhcNMjUwNTMxMDEwODQzWhcNMjUwNjA3MDEwODQzWjAYMRYwFAYD VQQDEw02ODNhNTY5Yi03MmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5pwDeUFUPWSnkD4+cS0rMxZpXYdft9Yx6vLhTdaxfrcWy6PtRg/mWZ4z80rZ 0N5tcS8162p7kvgZog1B+72NMAeb/DF3YufviRcJIAlxunXHKVhv6ee57u3f6oe+ ZRdFRPXgRJPPC0CXyPGlQK8h2LnF2rfbxNd/bK9WWXPxOjqIRZcIQc8cF5ah5oAV ibX+suoNQObPA6Ff9w5exCzmvRtwBl3VK78C28/eieLuwzZXeop0LiP3FU33BzM1 xSoJCJIREYEW+mxrCzaxm3XENG3haMroR6UQi1VTVmuZ9oJsjUMsqtYnlO5yq0mZ QKKbEZQLufzembAs+JznNcF32QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHW5tTHS vKhiZX1Urx5Py3JXmtE/MB8GA1UdIwQYMBaAFNq0pSqOwarWySUu6k1dFWnSevRr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMUM3Ri8wOTFFMUVBQUIw RDAxMUVDQkIwNEEzNzhDNEY5QUUwMi8yclNsS283QnF0YkpKUzdxVFYwVmFkSjY5 R3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJyU2xLbzdCcXRiSkpTN3FUVjBWYWRKNjlHcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MUM3Ri8wOTFFMUVBQUIwRDAxMUVDQkIwNEEzNzhDNEY5QUUwMi8yclNsS283QnF0 YkpKUzdxVFYwVmFkSjY5R3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBbslF3pOvUd0hZ969lr8kR89dazDly86zuGb6yURekKMpEzaeqsuAp E3a71NlzorjydaEt4XHirlpw2XcaxhwXAloSbW1EzoZdC/FdrYobYF4T8IzxMpiN BBjucvuTd7Lt+NZuZj0eOTF02f8GksxJwyjFUuz1YvCXKcG4fx6aJuTGHdx0fWTN fPKMwcjyZHYJrXtfmbAEbrBYq+MKMirDycSQL7LoXKEEtIdGfFlkcrJ1C6jz+5Qn YumdezoqkYeSkNZ78qkYT2CIwRsVmhKdg3/oeegOC39ANdTYu6MWtWVIVQpE1ncq Kb5AZSKDpduaQhJWTdnCvkgRxZxVpa+F -----END CERTIFICATE-----Generated at Sat May 31 17:07:46 2025 by rpki-client