$ rpki-client -vvf rpki.apnic.net/member_repository/A91DB128/7BF23AC4DDE811EDBF8C973AC4F9AE02/cM9awmFE6NdDsVID4mwiBG-iQHo.mft File: cM9awmFE6NdDsVID4mwiBG-iQHo.mft (raw, json) Hash identifier: 74866Jg631WncWtJfOfcGNXuKgDlcC4Ljdh3iAA0TWM= Subject key identifier: BB:01:23:1B:A5:F6:8B:85:98:8F:8A:53:B8:90:D7:CC:0A:4C:A6:B1 Authority key identifier: 70:CF:5A:C2:61:44:E8:D7:43:B1:52:03:E2:6C:22:04:6F:A2:40:7A Certificate issuer: /CN=A91DB128/serialNumber=70CF5AC26144E8D743B15203E26C22046FA2407A Certificate serial: 0197 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cM9awmFE6NdDsVID4mwiBG-iQHo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DB128/7BF23AC4DDE811EDBF8C973AC4F9AE02/cM9awmFE6NdDsVID4mwiBG-iQHo.mft Manifest number: 0191 Signing time: Sat 31 May 2025 03:13:36 +0000 Manifest this update: Sat 31 May 2025 03:13:35 +0000 Manifest next update: Sat 07 Jun 2025 03:13:35 +0000 Files and hashes: 1: cM9awmFE6NdDsVID4mwiBG-iQHo.crl (hash: +RjcO+0hoHTyQxE3OZMDaygI87FTFcQaMF+5mKEIs78=) 2: ABD7D9FCDDEC11EDB14EDA32C4F9AE02.roa (hash: ViKM5e5iyaoZ2fwSNhoyHsddKA5yuwX0C7qKIyKJX7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DB128/7BF23AC4DDE811EDBF8C973AC4F9AE02/cM9awmFE6NdDsVID4mwiBG-iQHo.crl rsync://rpki.apnic.net/member_repository/A91DB128/7BF23AC4DDE811EDBF8C973AC4F9AE02/cM9awmFE6NdDsVID4mwiBG-iQHo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cM9awmFE6NdDsVID4mwiBG-iQHo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:13:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 407 (0x197) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DB128, serialNumber=70CF5AC26144E8D743B15203E26C22046FA2407A Validity Not Before: May 31 03:13:35 2025 GMT Not After : Jun 7 03:13:35 2025 GMT Subject: CN=683a73e0-60ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:45:8c:65:48:4c:71:bf:3a:9a:15:85:50:1e: 15:d4:c3:69:8c:90:5f:7f:a4:ed:3c:df:60:57:33: b4:36:2f:b9:c2:9e:0e:19:17:e0:d2:4e:fe:c4:69: 68:af:ca:d1:40:bc:66:24:9b:d2:8e:d5:31:df:94: fd:e7:45:e3:49:ec:48:a5:72:7a:3f:be:99:fa:6a: 47:26:74:ce:84:a0:44:bd:58:b7:b1:dc:33:19:cf: b4:b0:37:38:29:f7:69:f7:7c:07:73:32:01:1f:57: f4:3f:0b:d4:b4:50:65:0c:90:66:ca:28:42:24:94: f3:7b:90:75:22:90:8d:2f:de:85:6e:22:a8:16:b2: 03:d7:22:34:b4:d6:83:74:4e:e9:36:2d:ea:c5:fe: f0:2d:ec:58:d7:fe:5c:ca:f7:25:26:5e:6a:7b:bd: 09:3f:88:30:0e:de:3c:66:df:80:36:86:b4:35:7a: ea:ec:8e:f4:52:5c:68:07:31:25:41:ad:44:5f:07: 1a:cc:5a:3c:8d:01:c3:6e:dd:af:df:44:bc:3c:d5: c4:0f:c3:1d:5d:d8:ac:01:c7:d9:58:5b:c1:88:34: 68:a7:87:50:1f:2f:bf:1d:77:eb:aa:61:07:bf:60: 54:97:71:5d:ac:3b:51:89:c6:dc:cc:80:59:7e:54: 77:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:01:23:1B:A5:F6:8B:85:98:8F:8A:53:B8:90:D7:CC:0A:4C:A6:B1 X509v3 Authority Key Identifier: keyid:70:CF:5A:C2:61:44:E8:D7:43:B1:52:03:E2:6C:22:04:6F:A2:40:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DB128/7BF23AC4DDE811EDBF8C973AC4F9AE02/cM9awmFE6NdDsVID4mwiBG-iQHo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cM9awmFE6NdDsVID4mwiBG-iQHo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DB128/7BF23AC4DDE811EDBF8C973AC4F9AE02/cM9awmFE6NdDsVID4mwiBG-iQHo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6b:74:e4:6c:8a:62:72:8b:9a:72:5a:5b:60:f7:0c:af:9f:e9: 9b:22:2e:89:8c:07:a0:5d:3b:16:39:71:2c:55:ca:d8:86:31: d7:73:c7:e0:39:ea:e0:91:b4:00:71:52:cc:43:e0:c1:a0:c3: 9f:83:49:ef:6e:ea:fa:31:90:1f:f0:c2:b8:a1:70:0f:ba:c6: a0:04:18:bf:76:54:59:ba:7b:83:87:cf:93:0b:68:58:03:24: 5f:8c:83:ff:4c:cd:b0:3a:d7:1a:be:5a:1e:02:a3:28:0b:93: 3e:52:33:de:6f:d7:fa:83:6e:4a:c2:a7:c2:d1:7c:aa:a6:a9: 56:fc:ca:dc:37:27:08:48:2b:17:a1:9e:37:ed:c5:2b:b1:2d: 5d:50:ab:49:8e:e1:8c:c4:e4:16:d9:28:9b:f5:1d:a1:27:69: 75:66:ee:9b:bb:34:77:d1:3c:12:3d:bd:f0:26:bd:20:5b:cc: 61:09:2b:e3:89:2a:3e:d3:a9:de:c9:ed:30:57:c4:9f:5c:b9: 92:d5:69:71:c7:de:89:6e:42:4e:f9:f3:64:c8:8f:bc:7e:cb: d2:71:5a:e6:72:3c:64:26:b4:33:a0:10:73:30:02:7d:e3:30: ca:49:aa:47:89:5c:54:4c:dd:31:4b:5b:3b:b9:43:ae:21:68: 8a:b5:81:a5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REIxMjgxMTAvBgNVBAUTKDcwQ0Y1QUMyNjE0NEU4RDc0M0IxNTIwM0UyNkMyMjA0 NkZBMjQwN0EwHhcNMjUwNTMxMDMxMzM1WhcNMjUwNjA3MDMxMzM1WjAYMRYwFAYD VQQDEw02ODNhNzNlMC02MGVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA90WMZUhMcb86mhWFUB4V1MNpjJBff6TtPN9gVzO0Ni+5wp4OGRfg0k7+xGlo r8rRQLxmJJvSjtUx35T950XjSexIpXJ6P76Z+mpHJnTOhKBEvVi3sdwzGc+0sDc4 Kfdp93wHczIBH1f0PwvUtFBlDJBmyihCJJTze5B1IpCNL96FbiKoFrID1yI0tNaD dE7pNi3qxf7wLexY1/5cyvclJl5qe70JP4gwDt48Zt+ANoa0NXrq7I70UlxoBzEl Qa1EXwcazFo8jQHDbt2v30S8PNXED8MdXdisAcfZWFvBiDRop4dQHy+/HXfrqmEH v2BUl3FdrDtRicbczIBZflR3BwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLsBIxul 9ouFmI+KU7iQ18wKTKaxMB8GA1UdIwQYMBaAFHDPWsJhROjXQ7FSA+JsIgRvokB6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQjEyOC83QkYyM0FDNERE RTgxMUVEQkY4Qzk3M0FDNEY5QUUwMi9jTTlhd21GRTZOZERzVklENG13aUJHLWlR SG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NNOWF3bUZFNk5kRHNWSUQ0bXdpQkctaVFIby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QjEyOC83QkYyM0FDNERERTgxMUVEQkY4Qzk3M0FDNEY5QUUwMi9jTTlhd21GRTZO ZERzVklENG13aUJHLWlRSG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBrdORsimJyi5pyWltg9wyvn+mbIi6JjAegXTsWOXEsVcrYhjHXc8fg OergkbQAcVLMQ+DBoMOfg0nvbur6MZAf8MK4oXAPusagBBi/dlRZunuDh8+TC2hY AyRfjIP/TM2wOtcavloeAqMoC5M+UjPeb9f6g25KwqfC0XyqpqlW/MrcNycISCsX oZ437cUrsS1dUKtJjuGMxOQW2Sib9R2hJ2l1Zu6buzR30TwSPb3wJr0gW8xhCSvj iSo+06neye0wV8SfXLmS1Wlxx96JbkJO+fNkyI+8fsvScVrmcjxkJrQzoBBzMAJ9 4zDKSapHiVxUTN0xS1s7uUOuIWiKtYGl -----END CERTIFICATE-----Generated at Sat May 31 16:25:53 2025 by rpki-client