$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft File: MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft (raw, json) Hash identifier: 078I/F4iI3fxYDr1DL8gpE6Ay0YSZDWzOh/Y1GGkvzk= Subject key identifier: DD:3A:4A:B4:B0:E3:E1:08:D6:E5:5A:2F:38:AC:7A:B9:D4:D6:F3:47 Authority key identifier: 32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8 Certificate issuer: /CN=A91DA023/serialNumber=3270F3ACD971EEDF84617548F72E51E22A503CF8 Certificate serial: 3486 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft Manifest number: 3486 Signing time: Tue 10 Jun 2025 15:02:33 +0000 Manifest this update: Tue 10 Jun 2025 15:02:33 +0000 Manifest next update: Tue 17 Jun 2025 15:02:33 +0000 Files and hashes: 1: MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl (hash: OEyJQ36TwEnr8i9iy3PZX0JxyrEKv7Nkgp6T9OQ3CM4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 17 Jun 2025 15:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13446 (0x3486) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA023, serialNumber=3270F3ACD971EEDF84617548F72E51E22A503CF8 Validity Not Before: Jun 10 15:02:33 2025 GMT Not After : Jun 17 15:02:33 2025 GMT Subject: CN=68484909-763c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:df:53:64:6a:e0:8b:03:37:cf:01:58:f7:ba: 91:27:67:42:f3:9e:03:b9:63:01:46:f5:9c:cb:03: e5:a5:fd:98:7f:5f:33:98:4e:2b:51:aa:af:f7:a7: f7:34:8c:16:e8:00:2a:67:46:2e:c6:2f:16:06:87: 10:07:36:35:3e:7d:8f:1d:a4:31:66:7b:65:36:14: 0e:16:58:23:94:4a:e4:5d:1c:85:16:8c:cd:12:7c: 57:fe:c7:31:e2:c3:c7:93:3b:7a:e4:97:e3:0e:36: 66:d0:c4:26:ae:69:a8:be:3d:0e:a7:14:a2:9e:df: 42:6d:74:a4:db:bb:ac:c5:41:16:bb:47:23:0d:f7: 2f:08:04:27:4a:ef:1e:f5:bc:a6:7b:be:f3:96:12: 29:72:e8:33:d1:94:70:85:f9:cd:3b:96:b9:07:2e: e7:3b:85:30:89:86:ab:84:58:c9:a4:34:a9:10:7c: b9:f4:07:d0:ce:56:b8:b6:db:61:fd:17:32:34:5b: 5b:e7:8b:95:c5:cb:c9:bc:b3:02:29:bc:5e:3d:98: 51:15:43:84:20:60:1c:9d:69:f0:bf:e0:43:d0:88: c9:33:b6:95:2c:70:7a:ef:b5:56:d1:65:55:5e:06: ec:92:39:a8:56:8b:3d:d1:83:7d:df:03:1c:09:33: 45:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:3A:4A:B4:B0:E3:E1:08:D6:E5:5A:2F:38:AC:7A:B9:D4:D6:F3:47 X509v3 Authority Key Identifier: keyid:32:70:F3:AC:D9:71:EE:DF:84:61:75:48:F7:2E:51:E2:2A:50:3C:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA023/6F172DF01DA011E2A1C3A69108B02CD2/MnDzrNlx7t-EYXVI9y5R4ipQPPg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:97:0e:bd:61:e5:ee:43:c4:43:d9:a8:72:04:26:45:eb:12: 96:87:a6:58:ed:00:8b:3c:65:d3:f6:18:8b:66:4d:db:74:20: 8e:d0:b4:e2:26:18:c7:db:f2:5d:0d:89:23:da:05:cf:d2:e3: 38:f0:3b:df:45:01:59:32:49:a7:16:44:36:5b:08:04:57:39: 9e:b1:89:ed:e2:49:e1:7d:1c:04:b2:78:21:aa:1a:26:56:af: c6:8f:67:97:18:c2:3c:97:70:7a:bb:c1:39:c5:16:17:33:37: bf:d5:13:a2:67:4a:22:cc:ed:fa:c6:b7:ca:46:e2:f0:29:29: 90:50:56:36:55:6b:c5:51:23:76:35:bc:35:f5:cf:8d:a7:50: 4e:b9:91:aa:09:ee:b6:3e:f4:18:7e:67:06:c2:bf:6c:46:86: 18:60:ca:fa:94:f4:d6:af:82:08:e8:ee:b4:b4:38:d8:bb:95: 00:fe:fb:36:bc:ee:e9:6e:70:6b:7b:e5:8a:66:93:41:23:ac: 9b:92:18:34:30:0a:d2:97:b4:1b:0b:22:c5:5d:14:1e:db:8f: a8:03:d5:7d:1d:fc:34:0f:63:7e:01:b2:ce:3f:d2:0a:e6:1b: fe:69:88:60:97:6d:fa:f2:6b:30:cb:74:60:56:4a:da:69:7b: f8:71:98:34 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNIYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REEwMjMxMTAvBgNVBAUTKDMyNzBGM0FDRDk3MUVFREY4NDYxNzU0OEY3MkU1MUUy MkE1MDNDRjgwHhcNMjUwNjEwMTUwMjMzWhcNMjUwNjE3MTUwMjMzWjAYMRYwFAYD VQQDEw02ODQ4NDkwOS03NjNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA599TZGrgiwM3zwFY97qRJ2dC854DuWMBRvWcywPlpf2Yf18zmE4rUaqv96f3 NIwW6AAqZ0Yuxi8WBocQBzY1Pn2PHaQxZntlNhQOFlgjlErkXRyFFozNEnxX/scx 4sPHkzt65JfjDjZm0MQmrmmovj0OpxSint9CbXSk27usxUEWu0cjDfcvCAQnSu8e 9byme77zlhIpcugz0ZRwhfnNO5a5By7nO4UwiYarhFjJpDSpEHy59AfQzla4ttth /RcyNFtb54uVxcvJvLMCKbxePZhRFUOEIGAcnWnwv+BD0IjJM7aVLHB677VW0WVV XgbskjmoVos90YN93wMcCTNFHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN06SrSw 4+EI1uVaLzisernU1vNHMB8GA1UdIwQYMBaAFDJw86zZce7fhGF1SPcuUeIqUDz4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTAyMy82RjE3MkRGMDFE QTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0LUVZWFZJOXk1UjRpcFFQ UGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01uRHpyTmx4N3QtRVlYVkk5eTVSNGlwUVBQZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QTAyMy82RjE3MkRGMDFEQTAxMUUyQTFDM0E2OTEwOEIwMkNEMi9NbkR6ck5seDd0 LUVZWFZJOXk1UjRpcFFQUGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCBlw69YeXuQ8RD2ahyBCZF6xKWh6ZY7QCLPGXT9hiLZk3bdCCO0LTi JhjH2/JdDYkj2gXP0uM48DvfRQFZMkmnFkQ2WwgEVzmesYnt4knhfRwEsnghqhom Vq/Gj2eXGMI8l3B6u8E5xRYXMze/1ROiZ0oizO36xrfKRuLwKSmQUFY2VWvFUSN2 Nbw19c+Np1BOuZGqCe62PvQYfmcGwr9sRoYYYMr6lPTWr4II6O60tDjYu5UA/vs2 vO7pbnBre+WKZpNBI6ybkhg0MArSl7QbCyLFXRQe24+oA9V9Hfw0D2N+AbLOP9IK 5hv+aYhgl2368mswy3RgVkraaXv4cZg0 -----END CERTIFICATE-----Generated at Wed Jun 11 11:09:13 2025 by rpki-client