$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft File: cn1G1OfHecpnYSxgtGVS68IZkPs.mft (raw, json) Hash identifier: 25VRi+5LG1xBrjgPtBSVrOYZ3g7BNTPSX9RJsSRgEoQ= Subject key identifier: 14:7D:76:CE:1C:50:37:4A:2C:6F:77:E7:CD:B2:F9:C4:86:67:D7:00 Authority key identifier: 72:7D:46:D4:E7:C7:79:CA:67:61:2C:60:B4:65:52:EB:C2:19:90:FB Certificate issuer: /CN=A91D4D97/serialNumber=727D46D4E7C779CA67612C60B46552EBC21990FB Certificate serial: 044E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cn1G1OfHecpnYSxgtGVS68IZkPs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft Manifest number: 044A Signing time: Sat 31 May 2025 00:25:40 +0000 Manifest this update: Sat 31 May 2025 00:25:40 +0000 Manifest next update: Sat 07 Jun 2025 00:25:40 +0000 Files and hashes: 1: cn1G1OfHecpnYSxgtGVS68IZkPs.crl (hash: w4DiDgb+x1VBh6FDOQc+jR7487HaCPKVizRyVnwd3nM=) 2: A9E2BE54567B11ECB346816BC4F9AE02.roa (hash: TPVU1s6exIqwh/rpq/ezgL4ll5z3zJFyVmt+0YWYn8g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.crl rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cn1G1OfHecpnYSxgtGVS68IZkPs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 00:25:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1102 (0x44e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4D97, serialNumber=727D46D4E7C779CA67612C60B46552EBC21990FB Validity Not Before: May 31 00:25:40 2025 GMT Not After : Jun 7 00:25:40 2025 GMT Subject: CN=683a4c84-3bc4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:c8:e5:18:6f:26:8e:c2:0e:67:24:67:24:f3: 79:b3:37:65:e2:32:46:ff:da:2e:89:09:19:80:94: 99:00:6b:c5:0f:05:47:4a:77:73:66:39:74:71:c4: b3:88:df:4c:25:61:36:8a:86:39:a8:e6:76:79:41: 10:01:f9:ab:e5:b5:ed:eb:42:a3:26:29:ed:03:96: 10:e8:41:c5:09:be:a4:cc:3d:fc:5c:30:28:14:4d: a6:4b:0e:ae:2d:da:c4:18:ac:70:58:fe:42:04:24: 37:fe:23:9c:d3:43:c8:2b:b8:4e:12:91:ed:e1:84: 96:9a:cb:1b:d0:4b:23:f1:1d:bb:95:6d:94:b3:04: 18:8a:3b:a3:23:57:8c:7b:e0:78:19:14:d5:3c:b1: fa:12:8c:da:b5:a1:19:f5:8d:d8:e2:dc:ec:d1:55: 01:76:ae:40:bd:a1:95:b0:e0:f0:ff:ad:f9:dd:a0: 71:32:bc:e9:c9:26:e2:bb:24:18:26:25:07:54:33: 66:12:e3:13:8c:08:fa:c1:0c:9b:a6:87:b1:2e:62: 7d:1a:ac:95:90:5e:ff:4d:45:44:86:69:83:3f:c1: 0a:12:08:f0:2e:62:4a:25:eb:e6:5e:d9:b4:e6:36: 58:b1:f0:2a:9b:ef:70:90:fe:ad:82:94:fe:da:c5: 55:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:7D:76:CE:1C:50:37:4A:2C:6F:77:E7:CD:B2:F9:C4:86:67:D7:00 X509v3 Authority Key Identifier: keyid:72:7D:46:D4:E7:C7:79:CA:67:61:2C:60:B4:65:52:EB:C2:19:90:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cn1G1OfHecpnYSxgtGVS68IZkPs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:8d:fb:3c:61:af:7d:7d:ce:a2:3a:78:c3:2b:7f:52:d4:58: c9:4b:20:5d:c5:d5:4d:1a:0f:a1:de:41:3e:27:4b:22:62:60: 29:70:e8:0e:cb:58:3c:cf:73:20:78:94:e0:62:db:7a:e4:4f: 94:1c:d6:75:33:fd:54:10:52:e3:f3:2f:1a:80:e7:2c:53:58: 15:01:62:d2:bf:e6:ec:39:78:de:8f:aa:9e:17:47:db:0e:00: f5:0d:1a:fb:51:cc:b1:7e:1a:a1:de:48:eb:90:b7:2e:44:ab: 0c:2d:ba:be:a5:7a:5c:ce:d3:cc:3c:2b:cb:f9:aa:6d:78:8f: c1:07:f3:74:9f:64:8d:33:93:68:34:dc:55:18:c1:98:58:bf: 20:03:e6:33:39:2f:3c:9c:45:e3:b5:a7:b0:d8:8c:33:b1:56: 89:3c:5c:7c:7e:a3:ba:1d:40:50:67:0f:76:cf:e1:82:b3:c6: 23:ba:bd:72:ed:63:f3:0d:ff:ef:d0:8e:52:e6:62:35:88:e8: e2:2e:82:21:ae:28:03:f2:11:43:1b:2f:52:ea:95:10:f4:63: e3:ae:20:1a:2d:a5:5a:37:ba:54:71:fb:0b:7d:94:42:43:05: e3:64:b0:e5:48:12:78:10:ac:f2:ee:46:84:f9:71:a4:d0:6c: 98:83:d8:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBE4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDREOTcxMTAvBgNVBAUTKDcyN0Q0NkQ0RTdDNzc5Q0E2NzYxMkM2MEI0NjU1MkVC QzIxOTkwRkIwHhcNMjUwNTMxMDAyNTQwWhcNMjUwNjA3MDAyNTQwWjAYMRYwFAYD VQQDEw02ODNhNGM4NC0zYmM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArcjlGG8mjsIOZyRnJPN5szdl4jJG/9ouiQkZgJSZAGvFDwVHSndzZjl0ccSz iN9MJWE2ioY5qOZ2eUEQAfmr5bXt60KjJintA5YQ6EHFCb6kzD38XDAoFE2mSw6u LdrEGKxwWP5CBCQ3/iOc00PIK7hOEpHt4YSWmssb0Esj8R27lW2UswQYijujI1eM e+B4GRTVPLH6EozataEZ9Y3Y4tzs0VUBdq5AvaGVsODw/6353aBxMrzpySbiuyQY JiUHVDNmEuMTjAj6wQybpoexLmJ9GqyVkF7/TUVEhmmDP8EKEgjwLmJKJevmXtm0 5jZYsfAqm+9wkP6tgpT+2sVV+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBR9ds4c UDdKLG93582y+cSGZ9cAMB8GA1UdIwQYMBaAFHJ9RtTnx3nKZ2EsYLRlUuvCGZD7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENEQ5Ny8xRjYxNDZFMDU2 NzgxMUVDOTIyQTM1NjdDNEY5QUUwMi9jbjFHMU9mSGVjcG5ZU3hndEdWUzY4SVpr UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NuMUcxT2ZIZWNwbllTeGd0R1ZTNjhJWmtQcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NEQ5Ny8xRjYxNDZFMDU2NzgxMUVDOTIyQTM1NjdDNEY5QUUwMi9jbjFHMU9mSGVj cG5ZU3hndEdWUzY4SVprUHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAIjfs8Ya99fc6iOnjDK39S1FjJSyBdxdVNGg+h3kE+J0siYmApcOgO y1g8z3MgeJTgYtt65E+UHNZ1M/1UEFLj8y8agOcsU1gVAWLSv+bsOXjej6qeF0fb DgD1DRr7Ucyxfhqh3kjrkLcuRKsMLbq+pXpcztPMPCvL+apteI/BB/N0n2SNM5No NNxVGMGYWL8gA+YzOS88nEXjtaew2IwzsVaJPFx8fqO6HUBQZw92z+GCs8Yjur1y 7WPzDf/v0I5S5mI1iOjiLoIhrigD8hFDGy9S6pUQ9GPjriAaLaVaN7pUcfsLfZRC QwXjZLDlSBJ4EKzy7kaE+XGk0GyYg9iw -----END CERTIFICATE-----Generated at Sat May 31 17:30:21 2025 by rpki-client