$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft File: 30fOzFfqiK65ajhlVgufImC6mQ4.mft (raw, json) Hash identifier: IbvFbdF9iBbFbr29kwpzsGsCdhVwBi3c9DFlTIYre84= Subject key identifier: 7B:49:8F:D3:0B:D2:96:86:8C:1F:8B:80:13:00:64:0A:0F:DC:2F:C2 Authority key identifier: DF:47:CE:CC:57:EA:88:AE:B9:6A:38:65:56:0B:9F:22:60:BA:99:0E Certificate issuer: /CN=A91DBA5B/serialNumber=DF47CECC57EA88AEB96A3865560B9F2260BA990E Certificate serial: 87 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/30fOzFfqiK65ajhlVgufImC6mQ4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft Manifest number: 86 Signing time: Sat 31 May 2025 06:08:55 +0000 Manifest this update: Sat 31 May 2025 06:08:55 +0000 Manifest next update: Sat 07 Jun 2025 06:08:55 +0000 Files and hashes: 1: 30fOzFfqiK65ajhlVgufImC6mQ4.crl (hash: KO9LH5LmExbJfbtniCcF09mFPIChkr8/4esM787yu7k=) 2: 02389B7670E811EFA8DBE571C4F9AE02.roa (hash: AxDsA8rt+K98y/uEnY4JUiHZ0XXqFDNJTlI0IgqxxqQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.crl rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/30fOzFfqiK65ajhlVgufImC6mQ4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 06:08:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 135 (0x87) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBA5B, serialNumber=DF47CECC57EA88AEB96A3865560B9F2260BA990E Validity Not Before: May 31 06:08:55 2025 GMT Not After : Jun 7 06:08:55 2025 GMT Subject: CN=683a9cf7-53fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:6b:e4:1b:9c:83:23:53:f6:61:db:ce:81:7c: 96:9e:ab:94:0b:19:c0:21:5b:99:16:86:9b:41:be: e4:c2:a1:11:18:ad:23:30:5e:17:48:16:b1:41:2d: 00:77:02:86:65:01:48:23:a9:9e:e9:71:09:c1:e2: 9c:32:43:94:1f:e7:47:36:db:eb:3f:59:0b:e2:d9: 34:7a:05:06:69:53:8f:60:ed:13:9f:c8:87:b9:37: 9c:75:ff:25:02:5b:ea:8c:bd:ec:04:3c:5e:5f:8e: ba:a8:a3:aa:16:2f:9e:8b:0b:b7:2f:7c:f3:80:82: 4a:11:d7:f4:98:26:03:a0:c5:45:91:e9:08:d8:43: 33:0b:fa:65:2c:c0:d2:f8:33:85:89:fa:a5:e6:3d: 47:e0:ae:3b:ec:2a:28:0f:bf:37:9d:e5:26:6e:fd: 58:d6:eb:1a:0d:fb:4c:b8:2f:3e:b3:3f:69:30:8f: e3:ff:e3:23:ca:a6:1f:ce:a0:b7:39:0c:c1:ed:38: 04:6b:59:4d:66:d5:07:0c:43:a0:59:4b:89:ac:d4: eb:4d:3b:18:17:24:fe:21:11:7c:b8:cd:9a:bc:ef: 8d:a4:cb:74:f5:d8:66:eb:46:8d:11:a7:09:b4:db: c8:86:dc:98:ea:75:26:95:eb:33:0c:f6:7e:be:96: 4f:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:49:8F:D3:0B:D2:96:86:8C:1F:8B:80:13:00:64:0A:0F:DC:2F:C2 X509v3 Authority Key Identifier: keyid:DF:47:CE:CC:57:EA:88:AE:B9:6A:38:65:56:0B:9F:22:60:BA:99:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/30fOzFfqiK65ajhlVgufImC6mQ4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9c:b5:f9:1b:e6:45:67:20:ad:89:73:4d:4f:15:2e:d7:cf:66: 98:10:97:cc:6b:8c:31:7e:22:13:12:90:e0:f9:ec:93:cb:6a: 20:0b:f5:cc:de:02:30:a7:a0:b0:bf:fe:15:87:9c:e8:6f:19: 8c:3f:d9:65:eb:43:7f:48:f9:b7:f6:fe:8a:6e:5d:e1:56:8e: e8:53:a4:26:66:f0:eb:8b:28:6b:e7:0d:c3:50:82:a5:f5:cb: 15:ef:45:8c:95:98:39:3e:c2:b7:48:49:a6:c8:fc:a0:1c:8f: 91:f5:ab:87:9c:b6:ac:21:6e:81:f6:4f:25:8c:7e:ab:30:15: 7a:96:eb:81:bc:45:8c:25:d4:df:c3:87:4b:4d:57:42:fd:01: f3:fb:b4:01:c5:d6:aa:e2:72:4b:41:73:e1:2e:d2:3f:5e:22: 75:9d:43:b8:4a:84:45:f5:e7:49:b7:7a:30:2c:98:92:67:5e: f5:98:a7:43:85:56:1e:6f:42:e8:c2:54:68:45:d8:09:d6:6b: d4:9d:77:f0:7b:c3:88:90:c2:c2:21:aa:b3:68:4e:59:fe:34: 3f:ef:76:f8:83:ac:bf:9d:8c:fc:68:1a:25:98:67:ad:80:7f: 85:d2:40:50:d7:dd:54:65:e3:d0:86:6a:e0:c5:8e:a9:e4:dd: 7c:1b:d5:0a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REJBNUIxMTAvBgNVBAUTKERGNDdDRUNDNTdFQTg4QUVCOTZBMzg2NTU2MEI5RjIy NjBCQTk5MEUwHhcNMjUwNTMxMDYwODU1WhcNMjUwNjA3MDYwODU1WjAYMRYwFAYD VQQDEw02ODNhOWNmNy01M2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvGvkG5yDI1P2YdvOgXyWnquUCxnAIVuZFoabQb7kwqERGK0jMF4XSBaxQS0A dwKGZQFII6me6XEJweKcMkOUH+dHNtvrP1kL4tk0egUGaVOPYO0Tn8iHuTecdf8l AlvqjL3sBDxeX466qKOqFi+eiwu3L3zzgIJKEdf0mCYDoMVFkekI2EMzC/plLMDS +DOFifql5j1H4K477CooD783neUmbv1Y1usaDftMuC8+sz9pMI/j/+MjyqYfzqC3 OQzB7TgEa1lNZtUHDEOgWUuJrNTrTTsYFyT+IRF8uM2avO+NpMt09dhm60aNEacJ tNvIhtyY6nUmleszDPZ+vpZPZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHtJj9ML 0paGjB+LgBMAZAoP3C/CMB8GA1UdIwQYMBaAFN9HzsxX6oiuuWo4ZVYLnyJgupkO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQkE1Qi81ODAwNEFBQTcw RTcxMUVGQjQ0NEFGNzBDNEY5QUUwMi8zMGZPekZmcWlLNjVhamhsVmd1ZkltQzZt UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMwZk96RmZxaUs2NWFqaGxWZ3VmSW1DNm1RNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QkE1Qi81ODAwNEFBQTcwRTcxMUVGQjQ0NEFGNzBDNEY5QUUwMi8zMGZPekZmcWlL NjVhamhsVmd1ZkltQzZtUTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCctfkb5kVnIK2Jc01PFS7Xz2aYEJfMa4wxfiITEpDg+eyTy2ogC/XM 3gIwp6Cwv/4Vh5zobxmMP9ll60N/SPm39v6Kbl3hVo7oU6QmZvDriyhr5w3DUIKl 9csV70WMlZg5PsK3SEmmyPygHI+R9auHnLasIW6B9k8ljH6rMBV6luuBvEWMJdTf w4dLTVdC/QHz+7QBxdaq4nJLQXPhLtI/XiJ1nUO4SoRF9edJt3owLJiSZ171mKdD hVYeb0LowlRoRdgJ1mvUnXfwe8OIkMLCIaqzaE5Z/jQ/73b4g6y/nYz8aBolmGet gH+F0kBQ191UZePQhmrgxY6p5N18G9UK -----END CERTIFICATE-----Generated at Sat May 31 16:53:48 2025 by rpki-client