$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.mft File: tDpaYNRoBqaf_vfGdiGexLqLo20.mft (raw, json) Hash identifier: cU/tVbe7j8kcWWgZSGqjGEk1cg28+kHIZytF/q8j8CY= Subject key identifier: 3C:C6:61:0F:85:03:05:CF:44:5D:BE:63:96:5E:70:56:E4:D3:80:37 Authority key identifier: B4:3A:5A:60:D4:68:06:A6:9F:FE:F7:C6:76:21:9E:C4:BA:8B:A3:6D Certificate issuer: /CN=A91E2AE5/serialNumber=B43A5A60D46806A69FFEF7C676219EC4BA8BA36D Certificate serial: 2B91 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.mft Manifest number: 2B6D Signing time: Sat 31 May 2025 15:31:37 +0000 Manifest this update: Sat 31 May 2025 15:31:36 +0000 Manifest next update: Sat 07 Jun 2025 15:31:36 +0000 Files and hashes: 1: tDpaYNRoBqaf_vfGdiGexLqLo20.crl (hash: Ok31/K2DUCXl77sgSw4RjyWkfM1RDed2Y1CKTSNuEWo=) 2: 2815E7D4BF4211E9A93A3957C4F9AE02.roa (hash: q2QK7nleDfVKJdydH1BhBELt50ggXZGsQHTMsb+GgzQ=) 3: 43487B18BF1811E9A2C00E63C4F9AE02.roa (hash: R7GiqDFWTFG5/KzmRDTnU8CgA9M5hlMTeWah7zEstzM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.crl rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 15:31:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11153 (0x2b91) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2AE5, serialNumber=B43A5A60D46806A69FFEF7C676219EC4BA8BA36D Validity Not Before: May 31 15:31:36 2025 GMT Not After : Jun 7 15:31:36 2025 GMT Subject: CN=683b20d8-cd5e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:c9:a6:d6:c3:c0:46:c9:7a:d9:5f:4d:1e:d0: 00:b7:8e:20:c0:4c:8f:0e:f1:29:24:03:24:59:8c: 5e:35:1c:31:28:18:55:41:a1:f3:6f:06:c4:8c:36: 53:f2:e5:43:9c:f4:d8:f0:c4:89:3c:0f:f0:9a:57: c4:7b:c0:eb:d5:c5:69:88:63:b0:7d:7a:8f:98:24: 26:a1:e4:a5:4e:8d:e9:92:38:c1:ff:49:83:7a:71: b3:30:8c:7c:47:f5:af:17:b2:5a:17:d5:5e:b3:a5: 95:9c:34:ca:78:c4:aa:79:22:03:28:a0:69:1a:42: e3:0c:5f:b9:90:45:ee:72:40:20:8a:55:ea:ef:8f: a4:d0:2c:eb:e6:b3:84:00:e1:9d:09:b2:74:ee:55: d0:1c:9f:a5:cf:9b:9e:92:1b:8d:96:1d:51:c7:fb: 79:2a:5b:a6:3c:6b:e4:9d:16:fa:62:9a:cf:bf:ef: 73:e8:3c:47:45:92:87:63:8b:13:fb:a3:cb:e5:b9: f9:73:d4:ed:c9:f7:e1:2c:ed:ad:70:95:57:93:1c: 3e:83:4f:62:e9:34:c7:44:2c:52:c0:5d:92:6e:85: 80:2b:c9:81:e1:d7:f8:69:24:5a:92:03:db:3f:50: 56:57:61:ae:19:b2:9c:64:b2:88:7b:cd:23:56:23: 4a:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:C6:61:0F:85:03:05:CF:44:5D:BE:63:96:5E:70:56:E4:D3:80:37 X509v3 Authority Key Identifier: keyid:B4:3A:5A:60:D4:68:06:A6:9F:FE:F7:C6:76:21:9E:C4:BA:8B:A3:6D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tDpaYNRoBqaf_vfGdiGexLqLo20.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2AE5/8D3E54EAED5911E3B09011925911EA32/tDpaYNRoBqaf_vfGdiGexLqLo20.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:00:d8:36:3d:93:86:10:13:55:f7:35:7d:10:67:5c:5a:79: 6b:a9:6b:23:d3:ba:da:a7:6b:e2:74:53:06:17:1b:54:82:17: c6:8d:0c:e0:be:1c:09:92:83:a8:f2:c4:f9:ba:f4:e4:33:e3: 27:72:2d:ab:44:c9:b4:39:4d:c5:6c:5f:35:5a:7f:29:5e:53: 10:e8:99:ac:21:b5:d6:2b:48:e0:9c:9f:de:d5:8d:01:23:54: c6:57:d9:17:af:ec:81:e4:c4:41:87:22:47:84:11:c7:c1:97: 25:c5:5a:a4:9d:c9:58:58:ef:f7:5d:17:da:e6:cb:72:ac:b0: fd:c4:af:0f:5b:ed:c7:6d:59:d9:b3:f0:08:d1:19:c7:87:1e: b0:4e:dc:89:59:d9:91:6c:27:05:e6:71:1f:1f:40:0a:b5:d9: 71:9f:41:6e:67:af:8b:c5:e7:30:fd:30:ba:5d:44:15:d5:01: 4d:cc:24:20:04:0b:5a:a3:b3:d0:db:8e:8c:96:0c:7b:31:80: ec:24:a3:92:a7:e4:78:10:45:8e:de:8b:79:3b:61:14:41:9f: 78:2c:8f:89:d9:58:41:7d:d9:cc:e5:da:9c:bb:07:db:9e:b3: da:06:30:fa:5c:60:b7:c2:fc:a5:bc:4c:38:7f:ca:2e:25:5b: f6:db:54:39 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICK5EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTJBRTUxMTAvBgNVBAUTKEI0M0E1QTYwRDQ2ODA2QTY5RkZFRjdDNjc2MjE5RUM0 QkE4QkEzNkQwHhcNMjUwNTMxMTUzMTM2WhcNMjUwNjA3MTUzMTM2WjAYMRYwFAYD VQQDEw02ODNiMjBkOC1jZDVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4cmm1sPARsl62V9NHtAAt44gwEyPDvEpJAMkWYxeNRwxKBhVQaHzbwbEjDZT 8uVDnPTY8MSJPA/wmlfEe8Dr1cVpiGOwfXqPmCQmoeSlTo3pkjjB/0mDenGzMIx8 R/WvF7JaF9Ves6WVnDTKeMSqeSIDKKBpGkLjDF+5kEXuckAgilXq74+k0Czr5rOE AOGdCbJ07lXQHJ+lz5uekhuNlh1Rx/t5KlumPGvknRb6YprPv+9z6DxHRZKHY4sT +6PL5bn5c9TtyffhLO2tcJVXkxw+g09i6TTHRCxSwF2SboWAK8mB4df4aSRakgPb P1BWV2GuGbKcZLKIe80jViNKLwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDzGYQ+F AwXPRF2+Y5ZecFbk04A3MB8GA1UdIwQYMBaAFLQ6WmDUaAamn/73xnYhnsS6i6Nt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMkFFNS84RDNFNTRFQUVE NTkxMUUzQjA5MDExOTI1OTExRUEzMi90RHBhWU5Sb0JxYWZfdmZHZGlHZXhMcUxv MjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3REcGFZTlJvQnFhZl92ZkdkaUdleExxTG8yMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MkFFNS84RDNFNTRFQUVENTkxMUUzQjA5MDExOTI1OTExRUEzMi90RHBhWU5Sb0Jx YWZfdmZHZGlHZXhMcUxvMjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCmANg2PZOGEBNV9zV9EGdcWnlrqWsj07rap2vidFMGFxtUghfGjQzg vhwJkoOo8sT5uvTkM+Mnci2rRMm0OU3FbF81Wn8pXlMQ6JmsIbXWK0jgnJ/e1Y0B I1TGV9kXr+yB5MRBhyJHhBHHwZclxVqknclYWO/3XRfa5styrLD9xK8PW+3HbVnZ s/AI0RnHhx6wTtyJWdmRbCcF5nEfH0AKtdlxn0FuZ6+Lxecw/TC6XUQV1QFNzCQg BAtao7PQ246Mlgx7MYDsJKOSp+R4EEWO3ot5O2EUQZ94LI+J2VhBfdnM5dqcuwfb nrPaBjD6XGC3wvylvEw4f8ouJVv221Q5 -----END CERTIFICATE-----Generated at Sat May 31 17:44:12 2025 by rpki-client