$ rpki-client -vvf rpki.apnic.net/member_repository/A91DAFA2/B7B67760EF6911E6BD73C651C4F9AE02/GLHIjO5o9jwhzWoMsbgx1db11s8.mft File: GLHIjO5o9jwhzWoMsbgx1db11s8.mft (raw, json) Hash identifier: BzVyRcGv/K8K4x76RWUCfqiBCVb1JnPfbCuOzgVIf9A= Subject key identifier: 51:88:27:02:48:B2:38:E3:4A:94:9F:B8:9B:A5:A7:A3:51:AB:DC:A6 Authority key identifier: 18:B1:C8:8C:EE:68:F6:3C:21:CD:6A:0C:B1:B8:31:D5:D6:F5:D6:CF Certificate issuer: /CN=A91DAFA2/serialNumber=18B1C88CEE68F63C21CD6A0CB1B831D5D6F5D6CF Certificate serial: 1C05 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GLHIjO5o9jwhzWoMsbgx1db11s8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DAFA2/B7B67760EF6911E6BD73C651C4F9AE02/GLHIjO5o9jwhzWoMsbgx1db11s8.mft Manifest number: 1BFA Signing time: Fri 30 May 2025 16:23:30 +0000 Manifest this update: Fri 30 May 2025 16:23:29 +0000 Manifest next update: Fri 06 Jun 2025 16:23:29 +0000 Files and hashes: 1: GLHIjO5o9jwhzWoMsbgx1db11s8.crl (hash: gkIltMgg4DHGRr0s6xtC//xnNQirCy4Y0SI9++jX5gE=) 2: 02FB1DCAEF6A11E69A4AD551C4F9AE02.roa (hash: 87Eagj9nbEvxROvw6iIl3FH0KdIVxp+aZzvllNFI0J8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DAFA2/B7B67760EF6911E6BD73C651C4F9AE02/GLHIjO5o9jwhzWoMsbgx1db11s8.crl rsync://rpki.apnic.net/member_repository/A91DAFA2/B7B67760EF6911E6BD73C651C4F9AE02/GLHIjO5o9jwhzWoMsbgx1db11s8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GLHIjO5o9jwhzWoMsbgx1db11s8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 16:23:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7173 (0x1c05) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DAFA2, serialNumber=18B1C88CEE68F63C21CD6A0CB1B831D5D6F5D6CF Validity Not Before: May 30 16:23:29 2025 GMT Not After : Jun 6 16:23:29 2025 GMT Subject: CN=6839db81-e326 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:aa:19:b8:13:77:c5:91:f9:f9:a1:92:dd:37: 18:b7:4a:16:95:f5:21:1c:ee:42:a1:3e:59:ce:8d: bd:e7:55:ae:7c:81:e2:fe:bb:0f:f4:de:e4:36:b4: 3f:d9:6c:53:30:05:ac:88:84:7e:e7:4b:1f:39:8a: 8a:f3:27:75:13:b5:b3:03:c7:f0:6e:cb:03:ce:77: 45:cc:d4:6e:ab:66:8e:40:89:f3:b2:61:95:3c:95: 67:0d:b1:b0:b7:03:7a:51:b0:fe:e7:36:53:f5:a5: 37:d6:07:bb:d7:e3:be:15:85:6a:5d:84:0b:ad:e4: 27:3d:cc:09:43:c2:bc:90:91:ff:02:8a:4a:7f:f9: be:6f:4e:05:78:51:e1:4c:35:38:6a:ce:e9:fa:b5: e7:49:ad:6a:9c:de:e7:95:6c:d9:6b:74:e6:c6:d1: 88:6b:ec:a7:cb:b0:6d:18:7b:35:9d:51:43:34:d3: 8e:46:c6:f2:f8:ea:75:e3:49:38:4a:89:c7:b9:60: 32:af:ec:a6:c0:3e:af:09:26:d8:cc:cb:54:80:0b: fb:7b:4d:a2:01:af:d7:3f:5e:bb:10:99:d0:2e:73: 6f:58:07:b3:d1:44:d2:b0:13:ee:6d:df:80:8b:b3: 0f:7e:20:3c:ab:6d:39:72:d4:2f:c5:bf:50:74:b4: a0:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:88:27:02:48:B2:38:E3:4A:94:9F:B8:9B:A5:A7:A3:51:AB:DC:A6 X509v3 Authority Key Identifier: keyid:18:B1:C8:8C:EE:68:F6:3C:21:CD:6A:0C:B1:B8:31:D5:D6:F5:D6:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DAFA2/B7B67760EF6911E6BD73C651C4F9AE02/GLHIjO5o9jwhzWoMsbgx1db11s8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GLHIjO5o9jwhzWoMsbgx1db11s8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DAFA2/B7B67760EF6911E6BD73C651C4F9AE02/GLHIjO5o9jwhzWoMsbgx1db11s8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:b1:ff:c0:fd:77:ff:08:4f:75:63:d6:4c:c3:04:05:85:cf: 97:90:87:cc:3d:92:0a:d2:99:20:f6:84:b6:c1:c7:31:24:f7: d9:db:77:88:ca:bc:e7:08:75:0f:81:62:5c:d0:d8:4b:97:4b: 6e:88:34:40:45:1f:af:ba:0b:b5:b0:f0:e9:a0:b3:37:cc:ca: 1b:f2:d8:6e:8f:f5:85:d9:c7:3a:0d:4e:8d:a9:0c:6a:ea:5e: 4d:0b:13:b6:fe:76:f8:58:8a:cd:ad:4f:d9:48:29:2b:9d:03: e0:69:e1:07:c6:9d:80:08:3a:b4:07:e4:4b:db:8d:4c:39:06: 07:99:76:3b:bd:c8:79:9a:41:45:8b:c4:89:63:fb:91:96:49: 1a:10:50:c9:de:81:83:b4:07:81:75:79:af:de:65:98:d2:bb: 03:57:51:69:3d:3e:c3:39:f1:5c:0f:65:69:35:77:0c:df:cf: ab:57:28:b7:76:a2:0e:b5:07:97:06:53:a2:a9:b5:60:b6:d6: 37:5a:f7:f0:a1:17:10:fe:a8:2e:dc:c9:b7:45:bb:7a:ac:c3: bd:9f:38:47:a7:68:25:cd:bb:58:07:5b:c2:1b:85:aa:3a:33: 0a:e4:03:05:9e:09:70:af:40:41:61:91:ca:2c:62:42:bf:69: 2f:5c:5f:82 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHAUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REFGQTIxMTAvBgNVBAUTKDE4QjFDODhDRUU2OEY2M0MyMUNENkEwQ0IxQjgzMUQ1 RDZGNUQ2Q0YwHhcNMjUwNTMwMTYyMzI5WhcNMjUwNjA2MTYyMzI5WjAYMRYwFAYD VQQDEw02ODM5ZGI4MS1lMzI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxKoZuBN3xZH5+aGS3TcYt0oWlfUhHO5CoT5Zzo2951WufIHi/rsP9N7kNrQ/ 2WxTMAWsiIR+50sfOYqK8yd1E7WzA8fwbssDzndFzNRuq2aOQInzsmGVPJVnDbGw twN6UbD+5zZT9aU31ge71+O+FYVqXYQLreQnPcwJQ8K8kJH/AopKf/m+b04FeFHh TDU4as7p+rXnSa1qnN7nlWzZa3TmxtGIa+yny7BtGHs1nVFDNNOORsby+Op140k4 SonHuWAyr+ymwD6vCSbYzMtUgAv7e02iAa/XP167EJnQLnNvWAez0UTSsBPubd+A i7MPfiA8q205ctQvxb9QdLSg1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFGIJwJI sjjjSpSfuJulp6NRq9ymMB8GA1UdIwQYMBaAFBixyIzuaPY8Ic1qDLG4MdXW9dbP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQUZBMi9CN0I2Nzc2MEVG NjkxMUU2QkQ3M0M2NTFDNEY5QUUwMi9HTEhJak81bzlqd2h6V29Nc2JneDFkYjEx czguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0dMSElqTzVvOWp3aHpXb01zYmd4MWRiMTFzOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QUZBMi9CN0I2Nzc2MEVGNjkxMUU2QkQ3M0M2NTFDNEY5QUUwMi9HTEhJak81bzlq d2h6V29Nc2JneDFkYjExczgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC6sf/A/Xf/CE91Y9ZMwwQFhc+XkIfMPZIK0pkg9oS2wccxJPfZ23eI yrznCHUPgWJc0NhLl0tuiDRARR+vugu1sPDpoLM3zMob8thuj/WF2cc6DU6NqQxq 6l5NCxO2/nb4WIrNrU/ZSCkrnQPgaeEHxp2ACDq0B+RL241MOQYHmXY7vch5mkFF i8SJY/uRlkkaEFDJ3oGDtAeBdXmv3mWY0rsDV1FpPT7DOfFcD2VpNXcM38+rVyi3 dqIOtQeXBlOiqbVgttY3WvfwoRcQ/qgu3Mm3Rbt6rMO9nzhHp2glzbtYB1vCG4Wq OjMK5AMFnglwr0BBYZHKLGJCv2kvXF+C -----END CERTIFICATE-----Generated at Sat May 31 16:56:15 2025 by rpki-client