$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9B1B/F9FEE0463CF811EFA367C385C4F9AE02/01nlbdoAA8SD861qQMCA6Qy41HI.mft File: 01nlbdoAA8SD861qQMCA6Qy41HI.mft (raw, json) Hash identifier: 3PIJecd4/cHN1IYJjwXb9fKALUFbt/YP69Qj/gyBsIw= Subject key identifier: 70:84:2D:AB:C2:7A:68:E5:0E:68:1C:CD:1D:92:38:80:46:80:FB:47 Authority key identifier: D3:59:E5:6D:DA:00:03:C4:83:F3:AD:6A:40:C0:80:E9:0C:B8:D4:72 Certificate issuer: /CN=A91D9B1B/serialNumber=D359E56DDA0003C483F3AD6A40C080E90CB8D472 Certificate serial: AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/01nlbdoAA8SD861qQMCA6Qy41HI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9B1B/F9FEE0463CF811EFA367C385C4F9AE02/01nlbdoAA8SD861qQMCA6Qy41HI.mft Manifest number: AA Signing time: Sat 31 May 2025 05:42:25 +0000 Manifest this update: Sat 31 May 2025 05:42:25 +0000 Manifest next update: Sat 07 Jun 2025 05:42:25 +0000 Files and hashes: 1: 01nlbdoAA8SD861qQMCA6Qy41HI.crl (hash: ZDmYonioivzepuQcLLGIjVPFZLfTn34kuPugdvd5b+g=) 2: 97530E023D0911EFA33E4A38C4F9AE02.roa (hash: bWCEf7xphHzCuEdSJWfNIfntO4HJguemBgMtzB7ylYA=) 3: 573BE4DE3D0811EF84157B26C4F9AE02.roa (hash: nywG68ULgKtBcMdjYbgBHpATJxb1PptzCmatC6Dkc8Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9B1B/F9FEE0463CF811EFA367C385C4F9AE02/01nlbdoAA8SD861qQMCA6Qy41HI.crl rsync://rpki.apnic.net/member_repository/A91D9B1B/F9FEE0463CF811EFA367C385C4F9AE02/01nlbdoAA8SD861qQMCA6Qy41HI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/01nlbdoAA8SD861qQMCA6Qy41HI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:42:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 173 (0xad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9B1B, serialNumber=D359E56DDA0003C483F3AD6A40C080E90CB8D472 Validity Not Before: May 31 05:42:25 2025 GMT Not After : Jun 7 05:42:25 2025 GMT Subject: CN=683a96c1-9dea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:d3:7b:70:4d:bf:09:38:30:27:7f:0f:c1:0f: 18:b5:3a:fa:7e:49:f6:bc:8b:79:31:4f:8f:8b:c7: 18:de:94:95:e0:31:06:10:0b:bd:da:21:df:79:9a: 9c:a5:33:e9:fb:79:56:eb:ef:bd:7d:86:8e:a5:2e: 66:03:28:7a:9f:0f:43:4e:03:d5:e3:4b:24:8c:a9: 8a:bc:df:26:db:6e:31:1a:f4:16:44:fe:93:e0:65: b2:d1:4d:05:26:5e:3e:ec:4a:ec:5b:1e:af:f8:71: 51:c4:8d:98:a1:e1:4c:7a:7b:3c:3f:f2:03:31:0c: 40:8a:48:e4:22:1a:c1:a9:4d:3d:75:c3:bf:ff:62: 09:fd:35:5d:10:ea:73:30:da:03:d4:98:32:76:89: a7:42:fb:ce:db:96:84:77:be:71:35:7b:f2:78:ac: ee:88:2d:28:78:51:9f:e0:97:ca:c2:50:58:09:ee: cc:fb:16:dd:00:36:8b:0d:c4:bd:4c:ed:6b:33:2e: 6b:54:80:bf:38:49:54:f1:f2:4b:37:30:ce:be:a2: 25:33:d1:76:91:53:4d:0f:87:e0:db:39:59:53:2b: c2:37:92:a6:54:8d:4e:97:1e:bf:6b:ff:c6:cb:7f: 35:ef:20:18:33:d7:92:6f:e6:8e:cb:5c:9c:d9:e1: 72:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:84:2D:AB:C2:7A:68:E5:0E:68:1C:CD:1D:92:38:80:46:80:FB:47 X509v3 Authority Key Identifier: keyid:D3:59:E5:6D:DA:00:03:C4:83:F3:AD:6A:40:C0:80:E9:0C:B8:D4:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9B1B/F9FEE0463CF811EFA367C385C4F9AE02/01nlbdoAA8SD861qQMCA6Qy41HI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/01nlbdoAA8SD861qQMCA6Qy41HI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9B1B/F9FEE0463CF811EFA367C385C4F9AE02/01nlbdoAA8SD861qQMCA6Qy41HI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ad:97:b8:e0:f4:aa:9b:84:27:0e:26:77:00:67:9a:de:04:62: ca:a0:ac:9e:71:f7:3d:04:19:4f:dc:44:d2:15:39:0d:38:68: b8:97:e5:e4:15:b8:fa:3d:78:54:ab:76:c6:91:26:63:27:53: a6:e5:3a:a7:df:48:34:60:df:38:16:be:37:14:01:32:56:12: 4b:5c:79:2f:0e:2c:d7:22:40:bf:a3:c8:1b:5c:b3:00:0e:b4: f3:a7:2e:fa:87:b8:51:e9:56:68:e4:f0:65:61:57:63:f1:fa: 20:17:0a:3c:40:63:db:db:a1:48:04:3a:ef:81:fa:a2:f0:05: ba:a1:6f:00:8c:66:b3:82:25:0a:8f:7e:8f:1c:f0:ba:e6:d2: 23:f8:9c:7d:53:b2:fd:56:98:9e:2b:95:0c:10:9e:ec:fc:fb: 8f:95:ce:54:0a:24:13:81:f3:fd:17:fc:6f:6d:e2:8f:99:a1: 8a:60:64:99:45:e0:0f:65:53:97:ca:73:13:76:3d:9e:9c:87: 26:a2:58:01:8a:5d:ba:19:4c:81:b0:40:87:0f:08:6d:d6:bc: 0c:86:56:ec:6b:c4:3e:2f:8d:c6:cd:bb:f6:4e:06:4f:4c:29: b9:1b:c8:79:8b:52:30:99:0c:eb:7d:45:47:03:17:c0:10:b3: fe:30:ac:67 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAK0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlCMUIxMTAvBgNVBAUTKEQzNTlFNTZEREEwMDAzQzQ4M0YzQUQ2QTQwQzA4MEU5 MENCOEQ0NzIwHhcNMjUwNTMxMDU0MjI1WhcNMjUwNjA3MDU0MjI1WjAYMRYwFAYD VQQDEw02ODNhOTZjMS05ZGVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzNN7cE2/CTgwJ38PwQ8YtTr6fkn2vIt5MU+Pi8cY3pSV4DEGEAu92iHfeZqc pTPp+3lW6++9fYaOpS5mAyh6nw9DTgPV40skjKmKvN8m224xGvQWRP6T4GWy0U0F Jl4+7ErsWx6v+HFRxI2YoeFMens8P/IDMQxAikjkIhrBqU09dcO//2IJ/TVdEOpz MNoD1JgydomnQvvO25aEd75xNXvyeKzuiC0oeFGf4JfKwlBYCe7M+xbdADaLDcS9 TO1rMy5rVIC/OElU8fJLNzDOvqIlM9F2kVNND4fg2zlZUyvCN5KmVI1Olx6/a//G y3817yAYM9eSb+aOy1yc2eFyowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHCELavC emjlDmgczR2SOIBGgPtHMB8GA1UdIwQYMBaAFNNZ5W3aAAPEg/OtakDAgOkMuNRy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUIxQi9GOUZFRTA0NjND RjgxMUVGQTM2N0MzODVDNEY5QUUwMi8wMW5sYmRvQUE4U0Q4NjFxUU1DQTZReTQx SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzAxbmxiZG9BQThTRDg2MXFRTUNBNlF5NDFISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUIxQi9GOUZFRTA0NjNDRjgxMUVGQTM2N0MzODVDNEY5QUUwMi8wMW5sYmRvQUE4 U0Q4NjFxUU1DQTZReTQxSEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCtl7jg9KqbhCcOJncAZ5reBGLKoKyecfc9BBlP3ETSFTkNOGi4l+Xk Fbj6PXhUq3bGkSZjJ1Om5Tqn30g0YN84Fr43FAEyVhJLXHkvDizXIkC/o8gbXLMA DrTzpy76h7hR6VZo5PBlYVdj8fogFwo8QGPb26FIBDrvgfqi8AW6oW8AjGazgiUK j36PHPC65tIj+Jx9U7L9VpieK5UMEJ7s/PuPlc5UCiQTgfP9F/xvbeKPmaGKYGSZ ReAPZVOXynMTdj2enIcmolgBil26GUyBsECHDwht1rwMhlbsa8Q+L43Gzbv2TgZP TCm5G8h5i1IwmQzrfUVHAxfAELP+MKxn -----END CERTIFICATE-----Generated at Sat May 31 16:38:04 2025 by rpki-client