$ rpki-client -vvf rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft File: 1AI0WEr2BZHzfdP7on68uFzHZWo.mft (raw, json) Hash identifier: hS6Xfcl7L/ZTRX9r0yit9tzO0qH584pYQrmL+gvrXyw= Subject key identifier: 69:A0:32:18:6D:11:F8:B3:55:81:C9:B3:97:E2:0E:60:9E:F4:8D:3C Authority key identifier: D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A Certificate issuer: /CN=A91E27F3/serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Certificate serial: 3494 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft Manifest number: 348F Signing time: Fri 30 May 2025 15:10:29 +0000 Manifest this update: Fri 30 May 2025 15:10:29 +0000 Manifest next update: Fri 06 Jun 2025 15:10:29 +0000 Files and hashes: 1: 1AI0WEr2BZHzfdP7on68uFzHZWo.crl (hash: WtWvMGgdLFO2h6b7ug5QKCGdhH19Fh2nhgFiNJJ2G4w=) 2: 1B4B4FC2152F11ECB72E546FC4F9AE02.roa (hash: 08icoQFu/lUzJ7/49iluwBG/IFFfyhiQgRTkubc2rPw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 15:10:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13460 (0x3494) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E27F3, serialNumber=D40234584AF60591F37DD3FBA27EBCB85CC7656A Validity Not Before: May 30 15:10:29 2025 GMT Not After : Jun 6 15:10:29 2025 GMT Subject: CN=6839ca65-dad3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:a0:56:99:34:e9:d6:ea:b8:b7:7c:b9:0b:b9: 6a:d6:16:45:62:c6:dc:c3:99:b7:2c:92:2b:d5:c5: 65:b2:cd:21:74:48:fa:07:9b:d3:dd:3c:09:07:6f: f8:75:7a:36:78:b0:2b:2a:1e:a9:21:5b:db:0f:8b: 64:06:d4:2b:71:7a:ad:60:2c:08:cd:75:20:c8:0d: 2a:47:60:f1:2f:ca:a0:31:79:cc:58:0a:1a:49:bc: de:2d:fa:10:47:08:53:28:36:72:24:af:0f:a9:74: 67:c7:57:c2:9f:39:a3:bd:8b:5e:c2:ea:5a:cc:0a: 51:4f:50:7a:10:53:31:d5:95:12:ab:e4:02:63:d2: f2:29:35:49:b6:8d:ab:1e:ca:8d:bf:9c:f8:4a:1b: aa:03:c8:fb:5d:66:dc:4a:54:e4:26:f3:31:d5:6c: 02:aa:80:0e:e7:7c:d5:2d:d1:f8:32:13:d3:14:22: 4f:6e:d3:15:b3:04:59:31:a4:79:f0:34:aa:e5:2c: ba:8a:83:be:d7:88:37:35:7f:13:f0:2c:4b:61:f2: 4b:60:02:da:15:d4:90:d1:60:6a:92:d4:65:b8:41: 01:95:44:0d:7d:7a:b4:a2:bc:4e:36:db:8f:b9:c0: 53:68:9d:84:53:54:7c:17:c2:2b:bb:60:00:c6:d1: 1b:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:A0:32:18:6D:11:F8:B3:55:81:C9:B3:97:E2:0E:60:9E:F4:8D:3C X509v3 Authority Key Identifier: keyid:D4:02:34:58:4A:F6:05:91:F3:7D:D3:FB:A2:7E:BC:B8:5C:C7:65:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AI0WEr2BZHzfdP7on68uFzHZWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E27F3/A6DE1CE81DA111E2A32EF29308B02CD2/1AI0WEr2BZHzfdP7on68uFzHZWo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:8b:c9:b2:20:fc:94:e3:71:60:e7:d6:02:cc:86:5b:70:8b: ec:fa:60:cd:e5:d1:ca:af:80:67:2e:bb:ba:97:d8:43:84:a9: b9:c5:a2:90:28:23:c9:f8:73:37:13:eb:c0:53:69:d4:57:b9: cc:23:16:85:65:1a:89:c6:1f:18:ef:72:a8:ab:cf:35:fb:ba: 25:0a:9e:49:ab:54:aa:6f:5d:e2:81:b1:b7:45:cb:81:f7:7d: 27:96:ba:3e:5f:82:45:0c:9e:df:cd:f0:85:4e:da:ea:00:7e: 5d:7d:fc:89:41:ee:54:ee:9c:4c:82:b7:ed:ef:6b:a6:4e:9a: a0:63:a9:69:1a:f6:53:ef:8b:5e:f2:a5:84:cd:a7:cb:1a:1b: 6a:fa:95:04:f2:73:ba:0f:d4:7e:6b:31:10:5c:03:b6:b3:23: ff:27:3b:cf:a0:ad:98:a8:6f:c7:cc:76:af:f5:0b:af:0e:db: d9:03:84:6e:91:41:ae:e5:12:cb:d8:e8:eb:3c:a1:0b:68:c9: ad:50:98:2e:f3:f9:07:37:fe:6e:af:03:bd:f8:3a:96:41:41: 42:77:92:19:33:3a:35:df:78:29:04:45:d6:09:91:d1:53:7e: 58:a9:23:09:3f:c1:55:49:2b:02:ed:f2:d5:68:ec:53:13:cc: ff:32:f5:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTI3RjMxMTAvBgNVBAUTKEQ0MDIzNDU4NEFGNjA1OTFGMzdERDNGQkEyN0VCQ0I4 NUNDNzY1NkEwHhcNMjUwNTMwMTUxMDI5WhcNMjUwNjA2MTUxMDI5WjAYMRYwFAYD VQQDEw02ODM5Y2E2NS1kYWQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr6BWmTTp1uq4t3y5C7lq1hZFYsbcw5m3LJIr1cVlss0hdEj6B5vT3TwJB2/4 dXo2eLArKh6pIVvbD4tkBtQrcXqtYCwIzXUgyA0qR2DxL8qgMXnMWAoaSbzeLfoQ RwhTKDZyJK8PqXRnx1fCnzmjvYtewupazApRT1B6EFMx1ZUSq+QCY9LyKTVJto2r HsqNv5z4ShuqA8j7XWbcSlTkJvMx1WwCqoAO53zVLdH4MhPTFCJPbtMVswRZMaR5 8DSq5Sy6ioO+14g3NX8T8CxLYfJLYALaFdSQ0WBqktRluEEBlUQNfXq0orxONtuP ucBTaJ2EU1R8F8Iru2AAxtEbVQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGmgMhht EfizVYHJs5fiDmCe9I08MB8GA1UdIwQYMBaAFNQCNFhK9gWR833T+6J+vLhcx2Vq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMjdGMy9BNkRFMUNFODFE QTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJaSHpmZFA3b242OHVGekha V28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFBSTBXRXIyQlpIemZkUDdvbjY4dUZ6SFpXby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MjdGMy9BNkRFMUNFODFEQTExMUUyQTMyRUYyOTMwOEIwMkNEMi8xQUkwV0VyMkJa SHpmZFA3b242OHVGekhaV28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAAi8myIPyU43Fg59YCzIZbcIvs+mDN5dHKr4BnLru6l9hDhKm5xaKQ KCPJ+HM3E+vAU2nUV7nMIxaFZRqJxh8Y73Koq881+7olCp5Jq1Sqb13igbG3RcuB 930nlro+X4JFDJ7fzfCFTtrqAH5dffyJQe5U7pxMgrft72umTpqgY6lpGvZT74te 8qWEzafLGhtq+pUE8nO6D9R+azEQXAO2syP/JzvPoK2YqG/HzHav9QuvDtvZA4Ru kUGu5RLL2OjrPKELaMmtUJgu8/kHN/5urwO9+DqWQUFCd5IZMzo133gpBEXWCZHR U35YqSMJP8FVSSsC7fLVaOxTE8z/MvUG -----END CERTIFICATE-----Generated at Sat May 31 16:34:02 2025 by rpki-client