$ rpki-client -vvf rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft File: -iKAHFKuKl_EkbfL6-aO_KLI0dk.mft (raw, json) Hash identifier: L+low+nDDgNlU20CaHpxQCigHatrQJrqvtwhhp1HGus= Subject key identifier: CC:41:55:78:5C:54:1C:86:64:0B:DC:42:73:61:81:64:04:1B:95:F5 Authority key identifier: FA:22:80:1C:52:AE:2A:5F:C4:91:B7:CB:EB:E6:8E:FC:A2:C8:D1:D9 Certificate issuer: /CN=A91D837B/serialNumber=FA22801C52AE2A5FC491B7CBEBE68EFCA2C8D1D9 Certificate serial: 5B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft Manifest number: 5A Signing time: Tue 03 Jun 2025 07:02:44 +0000 Manifest this update: Tue 03 Jun 2025 07:02:44 +0000 Manifest next update: Tue 10 Jun 2025 07:02:44 +0000 Files and hashes: 1: -iKAHFKuKl_EkbfL6-aO_KLI0dk.crl (hash: ze22SBja4N+aCxPjRgF7dC5UBZI4S9pXMAbZOEHzV7Q=) 2: 8F7DFE66C96E11EF98B64E15C4F9AE02.roa (hash: NJttL+qjjIMKQduatRuB9wCf9GQJviKk9JlU07XKUgE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.crl rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 07:02:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 91 (0x5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D837B, serialNumber=FA22801C52AE2A5FC491B7CBEBE68EFCA2C8D1D9 Validity Not Before: Jun 3 07:02:44 2025 GMT Not After : Jun 10 07:02:44 2025 GMT Subject: CN=683e9e14-d386 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:89:d7:43:64:70:38:ff:a0:6b:d8:bc:af:de: af:dd:a0:b3:22:eb:4a:94:55:5d:f2:d8:62:76:1e: 05:0d:55:fb:a9:73:1b:a6:e6:a4:ef:57:2c:ba:59: 0f:64:39:60:09:32:d6:6c:a6:ff:d8:e4:b5:68:6c: 95:70:b8:ca:b0:31:18:59:e5:1d:0b:2c:f3:ed:bd: 2d:15:5c:2b:6f:07:96:94:80:5a:7c:aa:05:4e:2e: e7:67:dd:43:4e:5a:b9:22:90:65:1a:19:b9:8a:fa: a1:98:fb:8f:41:6d:68:ef:bb:4f:f4:38:44:f4:9c: 0a:9c:39:7f:3d:c2:cb:81:77:b1:a4:f4:8a:e2:d7: 9a:3f:95:24:9e:62:ce:b3:bd:88:1e:d5:e9:91:bf: 89:bb:26:ef:0f:92:80:5c:45:02:e4:a2:c4:cd:9d: 0d:31:1f:ac:aa:9c:dd:67:29:ac:a8:3f:7d:a9:5e: d5:4d:79:d9:88:db:dd:b1:76:0b:fb:2f:7c:d3:01: 45:d2:0c:cd:38:1c:bd:79:13:94:c3:43:4b:8b:26: 1a:b5:42:c4:b8:64:68:28:d2:c7:e6:a4:f7:57:2f: e1:77:e8:6a:cf:f6:e3:1c:b8:ea:1f:76:c1:ce:91: b5:13:19:79:28:8f:77:ac:31:91:74:1d:02:cb:6c: 4b:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:41:55:78:5C:54:1C:86:64:0B:DC:42:73:61:81:64:04:1B:95:F5 X509v3 Authority Key Identifier: keyid:FA:22:80:1C:52:AE:2A:5F:C4:91:B7:CB:EB:E6:8E:FC:A2:C8:D1:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:e3:13:aa:84:95:71:5c:2b:85:91:09:01:e7:89:32:45:49: cd:ae:4f:85:e6:0a:07:3c:13:64:ef:a4:7e:b7:03:f1:9f:9e: c9:e7:fa:39:c2:34:d4:2d:00:43:76:78:e4:26:5c:92:6d:55: 44:bf:1e:f8:f6:4f:4b:e0:3f:2d:af:05:8e:d7:3f:1b:de:a3: a6:b9:eb:8a:de:37:d4:de:8d:d2:1c:23:61:45:09:9d:36:cc: fb:8b:7f:db:3e:0a:78:a1:23:f0:4a:bc:d0:68:82:ce:e4:bd: ea:30:97:d3:5d:d0:e5:ad:20:b7:7e:1d:80:7d:44:90:fb:ee: 49:96:5d:66:7c:1b:92:cd:c6:ae:74:da:77:ab:b4:b0:96:b7: b7:8e:66:d8:aa:d8:cc:0a:0f:3a:6c:60:0d:4c:36:e3:dd:4e: 45:29:f4:fc:28:e3:85:2b:86:fc:b8:14:34:d3:ac:b4:51:82: 0e:d0:cb:33:dc:77:f7:8d:3e:15:cb:97:ae:49:10:03:0c:ce: 9a:62:b2:dd:3b:cb:ec:d6:3b:2c:5f:51:ba:fa:a2:92:b9:a1: b5:fc:98:48:88:ba:7d:19:48:1f:44:44:d3:40:ea:2d:78:ba: d9:37:2b:9e:ec:cf:4b:e1:82:e3:25:32:dc:33:ca:b9:cf:a8: 38:c0:2a:7e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE ODM3QjExMC8GA1UEBRMoRkEyMjgwMUM1MkFFMkE1RkM0OTFCN0NCRUJFNjhFRkNB MkM4RDFEOTAeFw0yNTA2MDMwNzAyNDRaFw0yNTA2MTAwNzAyNDRaMBgxFjAUBgNV BAMTDTY4M2U5ZTE0LWQzODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC6iddDZHA4/6Br2Lyv3q/doLMi60qUVV3y2GJ2HgUNVfupcxum5qTvVyy6WQ9k OWAJMtZspv/Y5LVobJVwuMqwMRhZ5R0LLPPtvS0VXCtvB5aUgFp8qgVOLudn3UNO WrkikGUaGbmK+qGY+49BbWjvu0/0OET0nAqcOX89wsuBd7Gk9Iri15o/lSSeYs6z vYge1emRv4m7Ju8PkoBcRQLkosTNnQ0xH6yqnN1nKayoP32pXtVNedmI292xdgv7 L3zTAUXSDM04HL15E5TDQ0uLJhq1QsS4ZGgo0sfmpPdXL+F36GrP9uMcuOofdsHO kbUTGXkoj3esMZF0HQLLbEvLAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUzEFVeFxU HIZkC9xCc2GBZAQblfUwHwYDVR0jBBgwFoAU+iKAHFKuKl/EkbfL6+aO/KLI0dkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4MzdCLzE1OEQ3RjNDQjk5 QzExRUY5NjM4Rjc2OUM0RjlBRTAyLy1pS0FIRkt1S2xfRWtiZkw2LWFPX0tMSTBk ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvLWlLQUhGS3VLbF9Fa2JmTDYtYU9fS0xJMGRrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4 MzdCLzE1OEQ3RjNDQjk5QzExRUY5NjM4Rjc2OUM0RjlBRTAyLy1pS0FIRkt1S2xf RWtiZkw2LWFPX0tMSTBkay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAB3jE6qElXFcK4WRCQHniTJFSc2uT4XmCgc8E2TvpH63A/Gfnsnn+jnC NNQtAEN2eOQmXJJtVUS/Hvj2T0vgPy2vBY7XPxveo6a564reN9TejdIcI2FFCZ02 zPuLf9s+CnihI/BKvNBogs7kveowl9Nd0OWtILd+HYB9RJD77kmWXWZ8G5LNxq50 2nertLCWt7eOZtiq2MwKDzpsYA1MNuPdTkUp9Pwo44Urhvy4FDTTrLRRgg7QyzPc d/eNPhXLl65JEAMMzppist07y+zWOyxfUbr6opK5obX8mEiIun0ZSB9ERNNA6i14 utk3K57sz0vhguMlMtwzyrnPqDjAKn4= -----END CERTIFICATE-----Generated at Tue Jun 3 23:56:14 2025 by rpki-client