$ rpki-client -vvf rpki.apnic.net/member_repository/A91D97C4/C63DF2003C6411EEBCAC5170C4F9AE02/10XhyGsYGPfQVj-Q6LoSvosa43g.mft File: 10XhyGsYGPfQVj-Q6LoSvosa43g.mft (raw, json) Hash identifier: LWkT4ou5/dmOmKncCkaqZQaZHQR5jLIoBQRQdsmoM+4= Subject key identifier: 39:BB:BE:92:5E:C4:10:3B:B4:1E:3F:4F:30:3E:99:53:65:30:BA:40 Authority key identifier: D7:45:E1:C8:6B:18:18:F7:D0:56:3F:90:E8:BA:12:BE:8B:1A:E3:78 Certificate issuer: /CN=A91D97C4/serialNumber=D745E1C86B1818F7D0563F90E8BA12BE8B1AE378 Certificate serial: 0156 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/10XhyGsYGPfQVj-Q6LoSvosa43g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D97C4/C63DF2003C6411EEBCAC5170C4F9AE02/10XhyGsYGPfQVj-Q6LoSvosa43g.mft Manifest number: 0153 Signing time: Sat 31 May 2025 03:50:08 +0000 Manifest this update: Sat 31 May 2025 03:50:08 +0000 Manifest next update: Sat 07 Jun 2025 03:50:08 +0000 Files and hashes: 1: 10XhyGsYGPfQVj-Q6LoSvosa43g.crl (hash: px/Kxn+bwvP8ZbhWsQsW0XO6QpwfvUZ5lSzx3qvFj9g=) 2: 12DD779467A211EEA8239268C4F9AE02.roa (hash: 7lqdZ2FcePrtK+ORkGuFUebt7bprHrcQU1BOkcrtW3A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D97C4/C63DF2003C6411EEBCAC5170C4F9AE02/10XhyGsYGPfQVj-Q6LoSvosa43g.crl rsync://rpki.apnic.net/member_repository/A91D97C4/C63DF2003C6411EEBCAC5170C4F9AE02/10XhyGsYGPfQVj-Q6LoSvosa43g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/10XhyGsYGPfQVj-Q6LoSvosa43g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:50:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 342 (0x156) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D97C4, serialNumber=D745E1C86B1818F7D0563F90E8BA12BE8B1AE378 Validity Not Before: May 31 03:50:08 2025 GMT Not After : Jun 7 03:50:08 2025 GMT Subject: CN=683a7c70-3204 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:29:fc:3c:6e:1e:4b:59:07:ef:98:d9:09:8b: 5b:c4:f7:a3:e9:6a:01:68:86:1f:bc:a5:a5:db:04: de:74:5b:55:69:ce:b3:a5:22:58:a1:73:5f:cc:22: 4e:18:86:3f:45:91:0f:9f:f5:69:4e:ea:1c:86:b7: 5b:81:66:c6:1a:19:eb:d4:1d:9f:2f:54:45:9f:50: 41:80:d5:d6:2d:fb:8d:1d:24:74:3f:46:fb:88:55: e3:05:76:b6:9c:a8:1c:86:6e:cd:be:a9:3d:45:f3: 57:7a:5e:47:16:2d:e5:e3:d3:6d:b6:2f:97:d0:67: 09:8e:10:1e:55:1d:04:bf:b0:06:14:9e:2a:5c:86: 32:93:0b:74:3c:a1:bd:e4:dc:b4:89:03:b7:42:ed: 6c:9c:fa:0e:68:f8:79:0c:e0:5d:e2:e9:2f:3c:92: c9:1d:fc:65:e8:b6:09:ab:24:5f:44:a4:4d:d3:0b: af:7c:8d:36:a5:94:63:32:b3:9a:64:68:c6:df:a0: bb:07:5f:9f:5e:4e:f9:4a:f7:3f:8c:c1:ae:88:f1: 9f:01:32:1b:52:6f:ed:bd:6a:2e:8b:18:14:68:3e: a0:9b:cb:0d:2a:23:46:ac:fa:7b:dd:2f:e1:52:4e: cc:b6:fc:ab:31:30:23:28:27:5f:bc:bd:cc:99:b8: fe:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:BB:BE:92:5E:C4:10:3B:B4:1E:3F:4F:30:3E:99:53:65:30:BA:40 X509v3 Authority Key Identifier: keyid:D7:45:E1:C8:6B:18:18:F7:D0:56:3F:90:E8:BA:12:BE:8B:1A:E3:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D97C4/C63DF2003C6411EEBCAC5170C4F9AE02/10XhyGsYGPfQVj-Q6LoSvosa43g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/10XhyGsYGPfQVj-Q6LoSvosa43g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D97C4/C63DF2003C6411EEBCAC5170C4F9AE02/10XhyGsYGPfQVj-Q6LoSvosa43g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:20:d5:ce:5e:c4:2a:97:8d:b6:1c:55:34:e1:74:22:9d:ea: 58:75:82:5e:c4:93:c5:32:f0:48:58:ef:36:cb:c8:e2:e4:3a: 57:95:15:8d:34:dc:a0:5f:0e:8c:92:1b:a3:82:db:2f:80:7a: d6:c6:1c:d6:23:cd:83:c2:13:df:65:6b:2c:9d:c8:ed:2c:37: 9c:a1:49:27:fe:b5:07:33:87:f1:b5:95:12:9d:2f:aa:5d:f6: c4:57:0d:21:83:ca:73:d1:b2:1d:c5:53:20:e7:b4:5a:dd:36: e3:64:d9:d3:3e:32:49:04:b0:5b:76:11:a6:ae:53:48:71:96: 23:34:b1:87:21:d4:fe:3c:8a:53:91:90:74:e0:69:3f:db:f9: 98:7d:d1:ce:12:ca:8b:69:9e:95:a9:3c:9f:75:c7:31:35:e7: 55:59:77:6d:06:71:ba:49:62:19:4d:9c:d1:05:6b:2d:c4:3e: 65:3d:80:54:7d:5a:1e:00:90:be:1c:4a:b6:f7:3b:22:5e:ff: 35:de:bb:7b:ce:11:3f:d1:25:9e:c4:0f:04:c6:21:6b:6a:13: 10:bd:08:92:17:f1:f5:3d:27:5a:bf:7c:2e:69:64:88:24:21: 9a:b8:f8:75:6d:22:29:91:1f:6d:18:82:e0:f2:62:67:ab:5a: ba:a2:74:d6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDk3QzQxMTAvBgNVBAUTKEQ3NDVFMUM4NkIxODE4RjdEMDU2M0Y5MEU4QkExMkJF OEIxQUUzNzgwHhcNMjUwNTMxMDM1MDA4WhcNMjUwNjA3MDM1MDA4WjAYMRYwFAYD VQQDEw02ODNhN2M3MC0zMjA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAySn8PG4eS1kH75jZCYtbxPej6WoBaIYfvKWl2wTedFtVac6zpSJYoXNfzCJO GIY/RZEPn/VpTuochrdbgWbGGhnr1B2fL1RFn1BBgNXWLfuNHSR0P0b7iFXjBXa2 nKgchm7Nvqk9RfNXel5HFi3l49Ntti+X0GcJjhAeVR0Ev7AGFJ4qXIYykwt0PKG9 5Ny0iQO3Qu1snPoOaPh5DOBd4ukvPJLJHfxl6LYJqyRfRKRN0wuvfI02pZRjMrOa ZGjG36C7B1+fXk75Svc/jMGuiPGfATIbUm/tvWouixgUaD6gm8sNKiNGrPp73S/h Uk7MtvyrMTAjKCdfvL3Mmbj+swIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDm7vpJe xBA7tB4/TzA+mVNlMLpAMB8GA1UdIwQYMBaAFNdF4chrGBj30FY/kOi6Er6LGuN4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOTdDNC9DNjNERjIwMDND NjQxMUVFQkNBQzUxNzBDNEY5QUUwMi8xMFhoeUdzWUdQZlFWai1RNkxvU3Zvc2E0 M2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzEwWGh5R3NZR1BmUVZqLVE2TG9Tdm9zYTQzZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OTdDNC9DNjNERjIwMDNDNjQxMUVFQkNBQzUxNzBDNEY5QUUwMi8xMFhoeUdzWUdQ ZlFWai1RNkxvU3Zvc2E0M2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAXINXOXsQql422HFU04XQinepYdYJexJPFMvBIWO82y8ji5DpXlRWN NNygXw6MkhujgtsvgHrWxhzWI82DwhPfZWssncjtLDecoUkn/rUHM4fxtZUSnS+q XfbEVw0hg8pz0bIdxVMg57Ra3TbjZNnTPjJJBLBbdhGmrlNIcZYjNLGHIdT+PIpT kZB04Gk/2/mYfdHOEsqLaZ6VqTyfdccxNedVWXdtBnG6SWIZTZzRBWstxD5lPYBU fVoeAJC+HEq29zsiXv813rt7zhE/0SWexA8ExiFrahMQvQiSF/H1PSdav3wuaWSI JCGauPh1bSIpkR9tGILg8mJnq1q6onTW -----END CERTIFICATE-----Generated at Sat May 31 16:42:05 2025 by rpki-client