$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.mft File: x_AoN9JFy4-rzUdBz6K0paL3Pq0.mft (raw, json) Hash identifier: 9R4oX06zOMY7pqz6/k25yClM77G26m//dXt9cRLJ2+M= Subject key identifier: 91:C4:DE:75:C8:C6:7A:D9:8F:29:CC:93:53:7E:4B:31:7B:FE:47:78 Authority key identifier: C7:F0:28:37:D2:45:CB:8F:AB:CD:47:41:CF:A2:B4:A5:A2:F7:3E:AD Certificate issuer: /CN=A91D8BB1/serialNumber=C7F02837D245CB8FABCD4741CFA2B4A5A2F73EAD Certificate serial: 08 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x_AoN9JFy4-rzUdBz6K0paL3Pq0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.mft Manifest number: 08 Signing time: Mon 09 Jun 2025 07:07:01 +0000 Manifest this update: Mon 09 Jun 2025 07:07:01 +0000 Manifest next update: Mon 16 Jun 2025 07:07:01 +0000 Files and hashes: 1: x_AoN9JFy4-rzUdBz6K0paL3Pq0.crl (hash: z2pDoCVC6arpNu5ycM+pxi4H/Z4eQtxnRNAolD/l/Do=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.crl rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x_AoN9JFy4-rzUdBz6K0paL3Pq0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 16 Jun 2025 07:07:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8 (0x8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8BB1, serialNumber=C7F02837D245CB8FABCD4741CFA2B4A5A2F73EAD Validity Not Before: Jun 9 07:07:01 2025 GMT Not After : Jun 16 07:07:01 2025 GMT Subject: CN=68468815-b81c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:2f:62:34:23:d8:1a:3c:5b:f6:1a:72:bb:28: b0:37:08:fb:c1:cb:f4:77:66:6a:b9:72:86:d4:22: a2:cc:56:36:d3:dd:7a:04:fe:d4:91:f6:23:4a:a1: cf:a4:68:0c:85:65:06:f1:c7:c7:5c:29:56:aa:7e: 17:2f:96:a4:35:60:a2:61:e4:93:20:2f:46:c4:03: a6:86:bb:77:a6:20:b7:74:15:6d:7d:e1:bb:b2:b8: 71:96:5f:c1:43:d2:d2:5d:9c:7a:67:45:7c:fa:3b: f1:ec:fb:61:a7:ad:d6:7d:0a:e4:47:65:2c:ab:01: 05:99:15:43:13:d1:b9:3d:9f:93:94:e2:e8:04:f9: 45:a7:9b:0b:ec:dd:b0:65:96:12:55:59:64:ea:a1: 04:a1:f8:12:d2:7c:3d:58:77:4a:22:2f:1b:ff:72: fa:78:dd:e6:e3:cd:46:0a:a8:e5:18:c9:30:05:34: e3:89:76:e2:ee:54:16:a9:cf:6a:fe:89:48:bc:e5: 0a:96:a5:45:7b:e4:1b:4a:b9:e8:78:6d:ad:3e:ed: 7e:14:78:00:d6:6c:1e:d2:23:4a:45:9d:9f:44:ca: 35:0d:cf:07:26:ca:c8:81:2d:db:a1:d3:2a:9d:05: 6d:b1:48:5d:97:53:1d:da:dc:e8:9a:25:cf:3c:50: 92:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:C4:DE:75:C8:C6:7A:D9:8F:29:CC:93:53:7E:4B:31:7B:FE:47:78 X509v3 Authority Key Identifier: keyid:C7:F0:28:37:D2:45:CB:8F:AB:CD:47:41:CF:A2:B4:A5:A2:F7:3E:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x_AoN9JFy4-rzUdBz6K0paL3Pq0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8BB1/5AD769B03D2511F080C48955C4F9AE02/x_AoN9JFy4-rzUdBz6K0paL3Pq0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 57:c9:89:d3:9f:89:42:90:ab:fb:83:d3:84:9b:65:61:e9:29: 43:2a:d1:c0:42:4d:51:4c:7e:0d:d9:e9:8e:61:68:f6:23:c3: f1:f7:14:e9:c9:9b:ce:9b:3e:9b:5c:8e:df:e3:97:ac:c0:32: d8:11:a8:3e:3e:18:03:ac:a7:df:f0:ed:fc:07:38:5e:c5:dd: 0f:9a:0a:38:05:ae:c4:f9:d2:95:1a:5c:a4:77:dc:e5:21:0e: 27:9b:50:57:a4:d5:af:9d:94:a9:40:75:a1:c5:cf:ef:0d:25: 2a:de:be:79:79:85:31:27:3e:93:d7:b2:ac:b8:29:9f:48:0d: 08:dc:e9:f4:0b:43:09:3a:de:fa:0a:7c:1b:66:49:0f:06:96: f7:9a:7b:fe:1e:68:2a:96:26:06:26:01:f6:76:5e:e2:96:cb: 60:a5:df:2e:c7:10:48:d6:f3:67:d9:d9:5e:4c:f0:e7:50:0d: 36:cc:ca:5b:0e:07:a3:70:9a:f4:92:cb:4f:4e:18:f9:e8:e4: cf:69:77:a9:89:9f:0f:ff:60:55:69:c3:a4:d9:0c:ce:92:55: 02:5f:8f:c1:1e:39:f9:ea:3b:52:2d:2d:74:62:e5:6a:9d:6c: 1f:d6:d0:df:9f:8b:07:7e:33:d4:4f:cf:54:17:03:e2:42:89: 7b:34:1f:82 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBCDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE OEJCMTExMC8GA1UEBRMoQzdGMDI4MzdEMjQ1Q0I4RkFCQ0Q0NzQxQ0ZBMkI0QTVB MkY3M0VBRDAeFw0yNTA2MDkwNzA3MDFaFw0yNTA2MTYwNzA3MDFaMBgxFjAUBgNV BAMTDTY4NDY4ODE1LWI4MWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDgL2I0I9gaPFv2GnK7KLA3CPvBy/R3Zmq5cobUIqLMVjbT3XoE/tSR9iNKoc+k aAyFZQbxx8dcKVaqfhcvlqQ1YKJh5JMgL0bEA6aGu3emILd0FW194buyuHGWX8FD 0tJdnHpnRXz6O/Hs+2GnrdZ9CuRHZSyrAQWZFUMT0bk9n5OU4ugE+UWnmwvs3bBl lhJVWWTqoQSh+BLSfD1Yd0oiLxv/cvp43ebjzUYKqOUYyTAFNOOJduLuVBapz2r+ iUi85QqWpUV75BtKueh4ba0+7X4UeADWbB7SI0pFnZ9EyjUNzwcmysiBLduh0yqd BW2xSF2XUx3a3OiaJc88UJKhAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUkcTedcjG etmPKcyTU35LMXv+R3gwHwYDVR0jBBgwFoAUx/AoN9JFy4+rzUdBz6K0paL3Pq0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4QkIxLzVBRDc2OUIwM0Qy NTExRjA4MEM0ODk1NUM0RjlBRTAyL3hfQW9OOUpGeTQtcnpVZEJ6NkswcGFMM1Bx MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIveF9Bb045SkZ5NC1yelVkQno2SzBwYUwzUHEwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQ4 QkIxLzVBRDc2OUIwM0QyNTExRjA4MEM0ODk1NUM0RjlBRTAyL3hfQW9OOUpGeTQt cnpVZEJ6NkswcGFMM1BxMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFfJidOfiUKQq/uD04SbZWHpKUMq0cBCTVFMfg3Z6Y5haPYjw/H3FOnJ m86bPptcjt/jl6zAMtgRqD4+GAOsp9/w7fwHOF7F3Q+aCjgFrsT50pUaXKR33OUh DiebUFek1a+dlKlAdaHFz+8NJSrevnl5hTEnPpPXsqy4KZ9IDQjc6fQLQwk63voK fBtmSQ8Glveae/4eaCqWJgYmAfZ2XuKWy2Cl3y7HEEjW82fZ2V5M8OdQDTbMylsO B6NwmvSSy09OGPno5M9pd6mJnw//YFVpw6TZDM6SVQJfj8EeOfnqO1ItLXRi5Wqd bB/W0N+fiwd+M9RPz1QXA+JCiXs0H4I= -----END CERTIFICATE-----Generated at Tue Jun 10 16:54:04 2025 by rpki-client