$ rpki-client -vvf rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.mft File: 5HfTiqrEo3zG3xZlvxyICvmbe08.mft (raw, json) Hash identifier: dY95KN32zzaEmc0ezDOsmPR2u4zWXgSwZ7XUgDrLnZQ= Subject key identifier: 47:5A:61:16:36:F8:45:52:76:52:04:F3:72:80:47:CF:3C:72:5C:C6 Authority key identifier: E4:77:D3:8A:AA:C4:A3:7C:C6:DF:16:65:BF:1C:88:0A:F9:9B:7B:4F Certificate issuer: /CN=A91E504E/serialNumber=E477D38AAAC4A37CC6DF1665BF1C880AF99B7B4F Certificate serial: 03BF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5HfTiqrEo3zG3xZlvxyICvmbe08.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.mft Manifest number: 03B3 Signing time: Sun 01 Jun 2025 00:56:05 +0000 Manifest this update: Sun 01 Jun 2025 00:56:04 +0000 Manifest next update: Sun 08 Jun 2025 00:56:04 +0000 Files and hashes: 1: 5HfTiqrEo3zG3xZlvxyICvmbe08.crl (hash: fdYUTT0UnqRolzhzA2encwKDHF5jXCha4tj3aTgWHE4=) 2: 5F9FA12E0CA411ED96936D79C4F9AE02.roa (hash: 0ekBq+u3qTtCrN1H3WBpcyEBXqtT/nmRB1wnzUy864Q=) 3: 06820D08961011ECA540626AC4F9AE02.roa (hash: AajhgEbZBOC20FRVNZHV44NbIbhPj9V3ePlv/pPgwT4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.crl rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5HfTiqrEo3zG3xZlvxyICvmbe08.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 00:56:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 959 (0x3bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E504E, serialNumber=E477D38AAAC4A37CC6DF1665BF1C880AF99B7B4F Validity Not Before: Jun 1 00:56:04 2025 GMT Not After : Jun 8 00:56:04 2025 GMT Subject: CN=683ba525-cde4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:d0:fe:38:0d:e0:85:1c:ab:8b:14:74:55:27: 00:2d:05:f7:35:ab:c9:fb:5f:08:e4:8f:3b:88:9c: 9d:da:34:84:26:60:a9:c4:c0:5f:9e:4f:c7:53:e4: 63:cd:c1:9a:7f:49:25:cd:a8:ca:f4:2e:9e:61:cf: 8e:95:d4:ab:63:29:23:1c:7b:55:5f:9f:a9:54:fc: db:4b:6c:80:87:f4:f8:24:47:da:9d:b5:38:75:5d: 29:03:fc:d4:ce:cd:f4:30:5f:59:4c:56:0c:a1:40: b8:18:5b:b1:c8:ac:d5:92:9d:9d:37:8b:8b:43:5b: ae:f1:3c:51:b5:e8:49:96:26:82:cf:f1:a9:b5:39: 08:88:99:e8:a3:f0:33:04:49:1d:8d:0a:2c:6f:18: 45:a1:4d:c6:c2:d1:c7:46:4e:e5:48:68:47:8e:3f: 7f:35:4a:36:df:36:53:9c:3c:72:4f:8d:e4:3e:fb: 6b:1e:c2:e0:13:c0:95:c0:f5:0a:91:13:0e:92:1c: 53:cf:dc:84:66:8a:cd:50:da:8e:85:87:4b:d0:9d: c1:dd:fd:7b:b5:b3:47:70:f4:4b:d5:68:0d:61:1b: 34:e2:1b:fc:7d:00:0d:5f:c1:43:e2:ea:7f:dc:66: af:f7:2d:fe:58:b7:8d:4d:e5:43:91:a9:85:76:84: 11:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:5A:61:16:36:F8:45:52:76:52:04:F3:72:80:47:CF:3C:72:5C:C6 X509v3 Authority Key Identifier: keyid:E4:77:D3:8A:AA:C4:A3:7C:C6:DF:16:65:BF:1C:88:0A:F9:9B:7B:4F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5HfTiqrEo3zG3xZlvxyICvmbe08.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E504E/4E3E367E960811ECA04A0086C4F9AE02/5HfTiqrEo3zG3xZlvxyICvmbe08.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:d8:b1:d9:25:7c:a3:8d:bf:27:dc:f8:c8:af:be:07:27:c9: 33:a5:fa:47:44:73:8f:5f:48:ad:25:cd:72:78:c0:48:42:01: 4d:e6:ce:9b:7b:ef:e9:76:88:27:7c:99:c5:66:44:57:60:dd: ef:80:25:a6:f2:4f:82:07:42:35:50:d9:1a:5d:4c:75:b1:c1: e8:df:f4:24:19:07:b1:94:e6:ff:c9:d3:36:7b:9c:1c:0d:63: 82:16:47:6a:2f:b1:ee:7b:ad:09:2e:a6:56:bb:92:84:c7:cf: 74:6a:18:a3:d6:6b:e3:65:f1:88:91:6f:c1:d1:cb:23:95:ae: 2a:b0:d9:25:33:58:88:7d:e3:9d:32:4b:ed:f5:96:45:fd:8d: 57:a0:97:54:7d:37:b8:f1:e6:15:a7:05:85:73:90:3d:79:e5: 72:27:96:53:02:30:a1:25:84:80:39:3b:36:7f:71:e7:1a:3f: b4:fb:5e:4e:e1:af:a6:b3:d7:55:1c:8c:b7:ac:3f:6a:3c:19: f4:47:47:01:d9:8b:a8:e2:0f:15:22:43:8c:01:7b:81:5d:cf: 2e:e3:44:b7:df:6a:4b:5a:49:a5:22:c2:7e:7d:15:cf:c9:2d: 1c:53:11:7e:19:c0:5f:80:f7:cf:da:8a:21:82:f5:6f:37:ed: 28:7a:07:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA78wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTUwNEUxMTAvBgNVBAUTKEU0NzdEMzhBQUFDNEEzN0NDNkRGMTY2NUJGMUM4ODBB Rjk5QjdCNEYwHhcNMjUwNjAxMDA1NjA0WhcNMjUwNjA4MDA1NjA0WjAYMRYwFAYD VQQDEw02ODNiYTUyNS1jZGU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7dD+OA3ghRyrixR0VScALQX3NavJ+18I5I87iJyd2jSEJmCpxMBfnk/HU+Rj zcGaf0klzajK9C6eYc+OldSrYykjHHtVX5+pVPzbS2yAh/T4JEfanbU4dV0pA/zU zs30MF9ZTFYMoUC4GFuxyKzVkp2dN4uLQ1uu8TxRtehJliaCz/GptTkIiJnoo/Az BEkdjQosbxhFoU3GwtHHRk7lSGhHjj9/NUo23zZTnDxyT43kPvtrHsLgE8CVwPUK kRMOkhxTz9yEZorNUNqOhYdL0J3B3f17tbNHcPRL1WgNYRs04hv8fQANX8FD4up/ 3Gav9y3+WLeNTeVDkamFdoQRFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEdaYRY2 +EVSdlIE83KAR888clzGMB8GA1UdIwQYMBaAFOR304qqxKN8xt8WZb8ciAr5m3tP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNTA0RS80RTNFMzY3RTk2 MDgxMUVDQTA0QTAwODZDNEY5QUUwMi81SGZUaXFyRW8zekczeFpsdnh5SUN2bWJl MDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzVIZlRpcXJFbzN6RzN4Wmx2eHlJQ3ZtYmUwOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NTA0RS80RTNFMzY3RTk2MDgxMUVDQTA0QTAwODZDNEY5QUUwMi81SGZUaXFyRW8z ekczeFpsdnh5SUN2bWJlMDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB82LHZJXyjjb8n3PjIr74HJ8kzpfpHRHOPX0itJc1yeMBIQgFN5s6b e+/pdognfJnFZkRXYN3vgCWm8k+CB0I1UNkaXUx1scHo3/QkGQexlOb/ydM2e5wc DWOCFkdqL7Hue60JLqZWu5KEx890ahij1mvjZfGIkW/B0csjla4qsNklM1iIfeOd Mkvt9ZZF/Y1XoJdUfTe48eYVpwWFc5A9eeVyJ5ZTAjChJYSAOTs2f3HnGj+0+15O 4a+ms9dVHIy3rD9qPBn0R0cB2Yuo4g8VIkOMAXuBXc8u40S332pLWkmlIsJ+fRXP yS0cUxF+GcBfgPfP2oohgvVvN+0oegcG -----END CERTIFICATE-----Generated at Mon Jun 2 20:47:06 2025 by rpki-client