$ rpki-client -vvf rpki.apnic.net/member_repository/A91DACA7/59B9418645B211EFA5DF6D19C4F9AE02/GIFbNMhpKEtDI8kWmTZ3D90LQjY.mft File: GIFbNMhpKEtDI8kWmTZ3D90LQjY.mft (raw, json) Hash identifier: KC5zHwaDtbua2Vkk+VyCjHOc+eDtMrMcaF2pFHHuTBQ= Subject key identifier: 90:7A:08:AA:E6:30:C4:E1:89:5A:53:D5:80:69:62:91:46:39:7C:16 Authority key identifier: 18:81:5B:34:C8:69:28:4B:43:23:C9:16:99:36:77:0F:DD:0B:42:36 Certificate issuer: /CN=A91DACA7/serialNumber=18815B34C869284B4323C9169936770FDD0B4236 Certificate serial: A2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GIFbNMhpKEtDI8kWmTZ3D90LQjY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DACA7/59B9418645B211EFA5DF6D19C4F9AE02/GIFbNMhpKEtDI8kWmTZ3D90LQjY.mft Manifest number: A2 Signing time: Sat 31 May 2025 05:47:23 +0000 Manifest this update: Sat 31 May 2025 05:47:22 +0000 Manifest next update: Sat 07 Jun 2025 05:47:22 +0000 Files and hashes: 1: GIFbNMhpKEtDI8kWmTZ3D90LQjY.crl (hash: 6EirL5+S60ao4uxrv/3+3/MTdvkFS6hkVgGhOwvBBH4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DACA7/59B9418645B211EFA5DF6D19C4F9AE02/GIFbNMhpKEtDI8kWmTZ3D90LQjY.crl rsync://rpki.apnic.net/member_repository/A91DACA7/59B9418645B211EFA5DF6D19C4F9AE02/GIFbNMhpKEtDI8kWmTZ3D90LQjY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GIFbNMhpKEtDI8kWmTZ3D90LQjY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 05:47:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 162 (0xa2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DACA7, serialNumber=18815B34C869284B4323C9169936770FDD0B4236 Validity Not Before: May 31 05:47:22 2025 GMT Not After : Jun 7 05:47:22 2025 GMT Subject: CN=683a97ea-f7e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:6b:a6:7e:f6:a8:f2:f9:80:f4:80:e8:78:56: f6:2c:8d:72:a6:7e:df:07:d9:f6:7a:96:04:d6:17: 63:d5:0d:30:f9:fb:23:d6:7c:41:87:a8:b1:fd:f9: c1:7c:36:c9:a5:bc:a2:18:71:b2:e8:15:94:cb:8c: af:2a:ae:cc:13:f1:35:4c:84:f0:23:b4:06:7b:d1: 99:3a:19:57:67:10:ff:48:d1:55:67:a3:dc:0d:82: c8:95:06:c0:d1:58:42:a0:9a:df:41:a8:8d:bf:93: 0b:0b:10:7b:9f:b2:3d:97:1a:4d:32:69:30:9f:b5: be:02:cb:a9:bb:33:94:56:60:12:7d:c5:fc:df:02: bc:1f:20:61:39:90:55:a4:e6:1f:d9:a1:1e:55:d7: 6b:c0:8a:44:3c:18:b6:78:df:58:7e:81:01:18:c5: 79:21:7b:0b:2c:88:ba:10:b0:05:24:44:d1:c3:e2: 9f:2b:69:f7:8c:24:30:f3:12:05:c9:a8:95:d3:25: 0b:b5:71:54:e8:ef:2b:5d:35:07:b4:9c:f6:87:cb: 50:f3:fa:db:5d:9f:7e:2c:90:47:81:11:6f:c3:17: 26:73:fd:3e:67:90:70:22:a5:d8:33:b0:6d:6d:d4: 5b:b2:34:d5:dc:1e:95:54:e8:1f:5e:17:bc:9c:9d: cd:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:7A:08:AA:E6:30:C4:E1:89:5A:53:D5:80:69:62:91:46:39:7C:16 X509v3 Authority Key Identifier: keyid:18:81:5B:34:C8:69:28:4B:43:23:C9:16:99:36:77:0F:DD:0B:42:36 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DACA7/59B9418645B211EFA5DF6D19C4F9AE02/GIFbNMhpKEtDI8kWmTZ3D90LQjY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GIFbNMhpKEtDI8kWmTZ3D90LQjY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DACA7/59B9418645B211EFA5DF6D19C4F9AE02/GIFbNMhpKEtDI8kWmTZ3D90LQjY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:ac:63:61:c9:af:d7:19:e0:95:0e:8b:b4:b9:04:65:0c:c1: e5:8a:15:6c:91:13:3b:ec:ac:47:d2:f1:cc:60:da:8f:2b:83: 21:f9:72:76:91:10:95:78:06:40:a9:15:6c:bd:39:fd:ec:94: 5d:4e:f5:e6:ba:e2:cf:d5:2b:f6:a6:24:91:ef:75:87:0f:65: e9:35:20:31:89:5c:11:f9:6e:17:1c:86:91:b2:9e:d7:d9:af: 93:55:e1:b4:0f:14:ed:85:71:93:70:bc:4b:e0:47:a1:89:1f: 77:33:ad:56:68:34:c5:75:b6:eb:76:cd:76:79:b5:f3:aa:75: 40:46:06:cc:0a:6b:7b:5e:4b:06:c0:20:7d:ea:23:76:d1:ca: 7d:8c:5d:8a:60:f3:74:eb:44:aa:c4:3f:99:b0:71:9f:b2:f7: 9a:ec:83:1e:de:44:88:52:a6:12:20:d5:e9:98:3c:9a:d8:2b: 1a:53:fa:f0:57:a4:db:13:ed:eb:92:e9:b2:2d:8b:f1:d3:e2: 1f:1d:42:d1:3d:2e:62:55:a1:71:24:9b:ac:19:3e:0a:1b:fe: 3e:0e:a7:0d:01:4f:ea:b2:a7:8f:9d:d3:4e:e4:4f:01:c0:f9: 95:53:1f:67:a4:30:f3:d0:ad:7b:88:a8:cf:e5:c5:c2:f0:b6: 7d:6f:10:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REFDQTcxMTAvBgNVBAUTKDE4ODE1QjM0Qzg2OTI4NEI0MzIzQzkxNjk5MzY3NzBG REQwQjQyMzYwHhcNMjUwNTMxMDU0NzIyWhcNMjUwNjA3MDU0NzIyWjAYMRYwFAYD VQQDEw02ODNhOTdlYS1mN2UxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtWumfvao8vmA9IDoeFb2LI1ypn7fB9n2epYE1hdj1Q0w+fsj1nxBh6ix/fnB fDbJpbyiGHGy6BWUy4yvKq7ME/E1TITwI7QGe9GZOhlXZxD/SNFVZ6PcDYLIlQbA 0VhCoJrfQaiNv5MLCxB7n7I9lxpNMmkwn7W+AsupuzOUVmASfcX83wK8HyBhOZBV pOYf2aEeVddrwIpEPBi2eN9YfoEBGMV5IXsLLIi6ELAFJETRw+KfK2n3jCQw8xIF yaiV0yULtXFU6O8rXTUHtJz2h8tQ8/rbXZ9+LJBHgRFvwxcmc/0+Z5BwIqXYM7Bt bdRbsjTV3B6VVOgfXhe8nJ3NKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJB6CKrm MMThiVpT1YBpYpFGOXwWMB8GA1UdIwQYMBaAFBiBWzTIaShLQyPJFpk2dw/dC0I2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQUNBNy81OUI5NDE4NjQ1 QjIxMUVGQTVERjZEMTlDNEY5QUUwMi9HSUZiTk1ocEtFdERJOGtXbVRaM0Q5MExR alkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dJRmJOTWhwS0V0REk4a1dtVFozRDkwTFFqWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QUNBNy81OUI5NDE4NjQ1QjIxMUVGQTVERjZEMTlDNEY5QUUwMi9HSUZiTk1ocEtF dERJOGtXbVRaM0Q5MExRalkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBbrGNhya/XGeCVDou0uQRlDMHlihVskRM77KxH0vHMYNqPK4Mh+XJ2 kRCVeAZAqRVsvTn97JRdTvXmuuLP1Sv2piSR73WHD2XpNSAxiVwR+W4XHIaRsp7X 2a+TVeG0DxTthXGTcLxL4EehiR93M61WaDTFdbbrds12ebXzqnVARgbMCmt7XksG wCB96iN20cp9jF2KYPN060SqxD+ZsHGfsvea7IMe3kSIUqYSINXpmDya2CsaU/rw V6TbE+3rkumyLYvx0+IfHULRPS5iVaFxJJusGT4KG/4+DqcNAU/qsqePndNO5E8B wPmVUx9npDDz0K17iKjP5cXC8LZ9bxBG -----END CERTIFICATE-----Generated at Sat May 31 16:57:43 2025 by rpki-client