$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft File: i0hqzK8SpnqVaI6NEb1ljAQcElo.mft (raw, json) Hash identifier: 8BvghOO+Eeg+UCrIbbCQ9rds00oMxVmd2xKYM5senyU= Subject key identifier: 82:6E:8A:8B:84:58:5C:89:F4:1D:DE:DB:9F:BA:13:B4:94:E1:66:BD Authority key identifier: 8B:48:6A:CC:AF:12:A6:7A:95:68:8E:8D:11:BD:65:8C:04:1C:12:5A Certificate issuer: /CN=A91DBA5B/serialNumber=8B486ACCAF12A67A95688E8D11BD658C041C125A Certificate serial: 88 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft Manifest number: 87 Signing time: Sun 01 Jun 2025 06:17:12 +0000 Manifest this update: Sun 01 Jun 2025 06:17:11 +0000 Manifest next update: Sun 08 Jun 2025 06:17:11 +0000 Files and hashes: 1: i0hqzK8SpnqVaI6NEb1ljAQcElo.crl (hash: sko6O5pV8rpNpxeHMX/EdJPSngyyw0iKiMVvp4Ms0eo=) 2: F305F43270E711EF8573CF71C4F9AE02.roa (hash: aci5Spv/e6z609EwzRrCe3VebaHTH23V/kyd6t5TMtw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.crl rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 06:17:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 136 (0x88) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBA5B, serialNumber=8B486ACCAF12A67A95688E8D11BD658C041C125A Validity Not Before: Jun 1 06:17:11 2025 GMT Not After : Jun 8 06:17:11 2025 GMT Subject: CN=683bf068-5236 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:24:d4:4e:51:0b:28:75:4b:cd:07:59:ec:66: c9:44:58:e4:82:02:31:b3:d9:bf:1b:e6:01:02:c5: 64:5d:6c:04:99:d7:e9:80:54:94:e4:a7:88:e9:91: ec:56:0a:a8:56:83:ae:bf:ce:95:7e:79:61:35:c0: 13:e4:ee:1e:2a:ff:a2:f2:fa:a4:20:1e:8a:c3:4c: f6:0b:c4:e3:01:26:6f:a6:48:5c:97:14:8c:a8:d8: 51:d0:86:cd:ff:de:f4:af:58:77:33:54:78:c7:1f: d9:b1:99:49:a5:e9:de:a6:d4:a4:bc:4e:8e:63:39: 06:6e:81:05:1f:83:0e:de:22:2b:a0:1f:31:54:61: ef:cd:f0:dd:f6:22:48:c5:4d:87:78:51:b0:15:8b: f7:80:6b:33:45:68:13:de:0b:91:81:1f:9b:47:7c: f0:c3:f1:57:10:52:df:56:e1:7b:1c:d3:29:09:73: 1d:55:c0:2f:bb:df:3b:84:51:1b:42:c1:4a:e0:d4: f6:d9:79:c1:41:d8:da:a0:3d:7f:4a:3a:4c:0e:66: d6:66:b4:e6:0b:64:e2:29:a2:a0:f0:bc:4f:14:5f: 6f:9c:81:32:94:54:04:77:2d:b0:7a:cf:15:3a:75: f0:00:69:2e:89:f4:7d:b1:70:72:06:98:a6:08:59: be:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:6E:8A:8B:84:58:5C:89:F4:1D:DE:DB:9F:BA:13:B4:94:E1:66:BD X509v3 Authority Key Identifier: keyid:8B:48:6A:CC:AF:12:A6:7A:95:68:8E:8D:11:BD:65:8C:04:1C:12:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 66:20:4a:37:b2:67:93:98:a9:43:42:8b:43:3c:9a:d3:49:5d: 8b:2e:fe:9a:3f:27:74:1d:0d:c8:57:07:96:3f:a3:4a:88:a0: f2:81:e5:f5:c7:99:fa:f9:de:ea:70:b9:5e:41:88:78:23:86: 48:6a:f7:12:59:6b:aa:33:99:95:ed:31:e8:85:51:de:29:c2: 90:36:e2:7e:cb:a9:7e:0e:0c:ca:79:9e:b3:7b:55:51:f0:1e: 34:f2:27:12:bf:f3:06:49:65:29:2f:08:c8:cd:27:e0:08:ad: 0f:79:8a:73:aa:69:75:cf:ba:e0:10:e1:92:ba:6b:26:47:b2: ef:9b:ce:8b:99:32:9e:d7:eb:95:d4:28:a6:f0:c4:b0:ae:76: 79:29:85:cf:9a:2b:0c:6d:cf:5c:c1:c8:47:f2:33:1c:13:b4: 78:24:0d:3a:00:ed:20:9b:ec:0b:cc:28:e4:cc:7e:fe:83:08: a2:61:f4:44:f8:bf:9b:b8:21:e3:bf:74:55:96:b7:2d:6e:e6: f1:16:76:17:35:9e:d5:24:f5:38:0e:7a:55:81:a4:b5:83:61: 0c:d5:83:c8:ca:b7:34:08:e1:82:d3:96:9c:35:93:f9:6a:aa: bd:26:74:de:ef:ab:1a:7c:88:f6:27:0f:fe:cb:1e:49:34:fb: 0b:0a:01:28 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REJBNUIxMTAvBgNVBAUTKDhCNDg2QUNDQUYxMkE2N0E5NTY4OEU4RDExQkQ2NThD MDQxQzEyNUEwHhcNMjUwNjAxMDYxNzExWhcNMjUwNjA4MDYxNzExWjAYMRYwFAYD VQQDEw02ODNiZjA2OC01MjM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxiTUTlELKHVLzQdZ7GbJRFjkggIxs9m/G+YBAsVkXWwEmdfpgFSU5KeI6ZHs VgqoVoOuv86VfnlhNcAT5O4eKv+i8vqkIB6Kw0z2C8TjASZvpkhclxSMqNhR0IbN /970r1h3M1R4xx/ZsZlJpeneptSkvE6OYzkGboEFH4MO3iIroB8xVGHvzfDd9iJI xU2HeFGwFYv3gGszRWgT3guRgR+bR3zww/FXEFLfVuF7HNMpCXMdVcAvu987hFEb QsFK4NT22XnBQdjaoD1/SjpMDmbWZrTmC2TiKaKg8LxPFF9vnIEylFQEdy2wes8V OnXwAGkuifR9sXByBpimCFm+FQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIJuiouE WFyJ9B3e25+6E7SU4Wa9MB8GA1UdIwQYMBaAFItIasyvEqZ6lWiOjRG9ZYwEHBJa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQkE1Qi80RDdDRTY2QTcw RTcxMUVGQjQ0NEFGNzBDNEY5QUUwMi9pMGhxeks4U3BucVZhSTZORWIxbGpBUWNF bG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2kwaHF6SzhTcG5xVmFJNk5FYjFsakFRY0Vsby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QkE1Qi80RDdDRTY2QTcwRTcxMUVGQjQ0NEFGNzBDNEY5QUUwMi9pMGhxeks4U3Bu cVZhSTZORWIxbGpBUWNFbG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBmIEo3smeTmKlDQotDPJrTSV2LLv6aPyd0HQ3IVweWP6NKiKDygeX1 x5n6+d7qcLleQYh4I4ZIavcSWWuqM5mV7THohVHeKcKQNuJ+y6l+DgzKeZ6ze1VR 8B408icSv/MGSWUpLwjIzSfgCK0PeYpzqml1z7rgEOGSumsmR7Lvm86LmTKe1+uV 1Cim8MSwrnZ5KYXPmisMbc9cwchH8jMcE7R4JA06AO0gm+wLzCjkzH7+gwiiYfRE +L+buCHjv3RVlrctbubxFnYXNZ7VJPU4DnpVgaS1g2EM1YPIyrc0COGC05acNZP5 aqq9JnTe76safIj2Jw/+yx5JNPsLCgEo -----END CERTIFICATE-----Generated at Mon Jun 2 19:39:33 2025 by rpki-client