$ rpki-client -vvf rpki.apnic.net/member_repository/A91D243F/D684FC2E1A8B11F09CC24535C4F9AE02/GJZ9zbckqEpxcR5niqsdLnIhXWw.mft File: GJZ9zbckqEpxcR5niqsdLnIhXWw.mft (raw, json) Hash identifier: zT0w3TkDcL3wBh0hK43kzTqjk1oJHZ/OWA/WV19tC3w= Subject key identifier: 4C:CD:21:E4:3E:95:8A:A9:3F:02:F6:4B:AE:76:E7:E5:63:65:7F:59 Authority key identifier: 18:96:7D:CD:B7:24:A8:4A:71:71:1E:67:8A:AB:1D:2E:72:21:5D:6C Certificate issuer: /CN=A91D243F/serialNumber=18967DCDB724A84A71711E678AAB1D2E72215D6C Certificate serial: 33 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GJZ9zbckqEpxcR5niqsdLnIhXWw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D243F/D684FC2E1A8B11F09CC24535C4F9AE02/GJZ9zbckqEpxcR5niqsdLnIhXWw.mft Manifest number: 24 Signing time: Sat 31 May 2025 07:31:50 +0000 Manifest this update: Sat 31 May 2025 07:31:49 +0000 Manifest next update: Sat 07 Jun 2025 07:31:49 +0000 Files and hashes: 1: GJZ9zbckqEpxcR5niqsdLnIhXWw.crl (hash: yv3ek3Ruzu/dMQEwrfKr6rYSbTsMIFoyATwCjGGasYg=) 2: 1808A790318411F0BC1DD041C4F9AE02.roa (hash: flX3irYKlYgZGHT2kvpQWpKKvTykKg+AN7X91kuuF4c=) 3: 37B448241F7811F0AC4FFF82C4F9AE02.roa (hash: rfQkg7k3FOtxE3QH+1b/dgEb3pjSHYuBHOu/Aw1ktps=) 4: 1879BE8A318411F0BC1DD041C4F9AE02.roa (hash: Z2oCf9VHu+Nlt7KaEbBkyqcl7gO+UQwxVS+M1hIhebk=) 5: 17894A68318411F0BC1DD041C4F9AE02.roa (hash: BtSPkMAc6JmUbVgs04DwYummrrWRw2IMsZrBj4wxrVc=) 6: 6896A446318411F0BBC4F91DC4F9AE02.roa (hash: Xrg0tE5OWYBtPUZ5NZncP6ifYaxEX/Vp4aRquzOzr2Y=) 7: 372E72941F7811F0AC4FFF82C4F9AE02.roa (hash: 77gNSThyGJ0AnlBE5SHj9Jhjf0hxCyKERlvCEcqZ/Gg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D243F/D684FC2E1A8B11F09CC24535C4F9AE02/GJZ9zbckqEpxcR5niqsdLnIhXWw.crl rsync://rpki.apnic.net/member_repository/A91D243F/D684FC2E1A8B11F09CC24535C4F9AE02/GJZ9zbckqEpxcR5niqsdLnIhXWw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GJZ9zbckqEpxcR5niqsdLnIhXWw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:31:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51 (0x33) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D243F, serialNumber=18967DCDB724A84A71711E678AAB1D2E72215D6C Validity Not Before: May 31 07:31:49 2025 GMT Not After : Jun 7 07:31:49 2025 GMT Subject: CN=683ab066-572b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:23:3e:cb:2b:cc:d8:3a:8d:e0:29:53:70:f2: b4:1f:8d:cd:6e:de:c3:40:88:09:e7:51:5d:14:f7: bd:84:f5:f6:61:0a:7b:19:9b:31:ca:fe:a9:70:3d: 32:93:e3:4f:de:57:1a:7c:ae:93:3e:6b:d8:d9:a3: 76:3e:7d:bf:6f:e7:e9:b3:56:16:0e:b1:40:f6:93: 94:b2:de:4c:fd:f8:25:74:8c:5f:5b:4b:5d:74:89: 13:7d:7a:36:33:d0:d3:da:87:16:d6:9f:a3:c3:bb: 1e:ad:d3:d0:ad:59:a5:29:0a:d7:49:ba:36:f0:3d: 94:df:3c:91:71:af:f8:47:cb:ec:63:56:eb:6d:b2: 41:06:cf:42:24:bb:49:51:e2:9a:22:4a:cc:69:8e: e1:48:2c:a0:2e:2c:02:a0:42:5b:d3:53:81:50:d8: 74:8f:70:8e:04:a6:40:33:ec:62:a5:e0:11:1e:27: 46:42:b3:70:39:f2:78:d2:6d:97:ba:bf:9c:73:20: f2:1e:d3:10:a5:b8:65:ed:b0:18:65:5a:e7:7e:89: d5:8b:9d:7e:8e:e8:9f:61:39:d5:32:68:97:e4:da: 42:04:0a:d3:4c:0d:8d:77:f0:99:b9:b9:40:1a:dd: d8:36:c7:7f:88:ba:66:11:dd:1f:30:c1:b8:7d:9f: 22:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:CD:21:E4:3E:95:8A:A9:3F:02:F6:4B:AE:76:E7:E5:63:65:7F:59 X509v3 Authority Key Identifier: keyid:18:96:7D:CD:B7:24:A8:4A:71:71:1E:67:8A:AB:1D:2E:72:21:5D:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D243F/D684FC2E1A8B11F09CC24535C4F9AE02/GJZ9zbckqEpxcR5niqsdLnIhXWw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GJZ9zbckqEpxcR5niqsdLnIhXWw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D243F/D684FC2E1A8B11F09CC24535C4F9AE02/GJZ9zbckqEpxcR5niqsdLnIhXWw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:06:28:62:97:6b:d9:83:79:95:d7:43:f9:a9:66:65:82:34: ea:f6:2b:16:7f:80:3d:7f:15:59:cc:22:ea:de:d8:ad:ab:bd: 82:f3:dd:a3:36:76:5c:95:ac:58:1b:08:c1:de:03:49:f6:03: d5:fd:fb:c9:6b:3f:ee:d8:3d:0a:52:eb:13:f7:a7:43:d1:5f: 69:ed:83:6a:ab:9a:b0:9f:9f:8e:ef:fd:cb:f2:4c:89:0e:84: 80:83:11:aa:b7:72:f8:37:c6:71:2d:51:2d:b2:bf:d6:a5:18: bf:25:09:5a:ad:7c:a3:9f:48:47:8b:d0:8f:6b:7f:47:1d:ba: 62:59:e0:f7:be:a2:33:85:70:87:af:df:40:db:ab:14:e8:69: 0b:d6:7c:e9:cb:a6:8f:15:f3:59:72:a1:9d:88:ac:96:6e:4b: a3:be:30:ea:33:59:59:18:28:f3:5b:5a:13:88:a6:dc:4f:1b: 59:56:a1:a0:dd:a8:06:eb:20:0a:2c:af:9c:f7:e9:17:88:46: b8:80:e7:aa:a4:5b:98:d1:d2:55:3e:b4:25:3e:c8:ca:02:9e: d8:22:0b:e2:3c:71:08:cc:1d:c3:4f:16:60:a4:1b:86:ae:b9: 2d:62:fd:db:52:63:b3:27:fa:78:44:7d:64:46:be:6a:87:04: 62:d6:33:a4 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE MjQzRjExMC8GA1UEBRMoMTg5NjdEQ0RCNzI0QTg0QTcxNzExRTY3OEFBQjFEMkU3 MjIxNUQ2QzAeFw0yNTA1MzEwNzMxNDlaFw0yNTA2MDcwNzMxNDlaMBgxFjAUBgNV BAMTDTY4M2FiMDY2LTU3MmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCzIz7LK8zYOo3gKVNw8rQfjc1u3sNAiAnnUV0U972E9fZhCnsZmzHK/qlwPTKT 40/eVxp8rpM+a9jZo3Y+fb9v5+mzVhYOsUD2k5Sy3kz9+CV0jF9bS110iRN9ejYz 0NPahxbWn6PDux6t09CtWaUpCtdJujbwPZTfPJFxr/hHy+xjVuttskEGz0Iku0lR 4poiSsxpjuFILKAuLAKgQlvTU4FQ2HSPcI4EpkAz7GKl4BEeJ0ZCs3A58njSbZe6 v5xzIPIe0xCluGXtsBhlWud+idWLnX6O6J9hOdUyaJfk2kIECtNMDY138Jm5uUAa 3dg2x3+IumYR3R8wwbh9nyJRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUTM0h5D6V iqk/AvZLrnbn5WNlf1kwHwYDVR0jBBgwFoAUGJZ9zbckqEpxcR5niqsdLnIhXWww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQyNDNGL0Q2ODRGQzJFMUE4 QjExRjA5Q0MyNDUzNUM0RjlBRTAyL0dKWjl6YmNrcUVweGNSNW5pcXNkTG5JaFhX dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvR0paOXpiY2txRXB4Y1I1bmlxc2RMbkloWFd3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQy NDNGL0Q2ODRGQzJFMUE4QjExRjA5Q0MyNDUzNUM0RjlBRTAyL0dKWjl6YmNrcUVw eGNSNW5pcXNkTG5JaFhXdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEIGKGKXa9mDeZXXQ/mpZmWCNOr2KxZ/gD1/FVnMIure2K2rvYLz3aM2 dlyVrFgbCMHeA0n2A9X9+8lrP+7YPQpS6xP3p0PRX2ntg2qrmrCfn47v/cvyTIkO hICDEaq3cvg3xnEtUS2yv9alGL8lCVqtfKOfSEeL0I9rf0cdumJZ4Pe+ojOFcIev 30DbqxToaQvWfOnLpo8V81lyoZ2IrJZuS6O+MOozWVkYKPNbWhOIptxPG1lWoaDd qAbrIAosr5z36ReIRriA56qkW5jR0lU+tCU+yMoCntgiC+I8cQjMHcNPFmCkG4au uS1i/dtSY7Mn+nhEfWRGvmqHBGLWM6Q= -----END CERTIFICATE-----Generated at Sat May 31 17:42:35 2025 by rpki-client