$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft File: 3af4p0oKdM_262MEKLbJ1w1XvXY.mft (raw, json) Hash identifier: oPSgNUDIr8aKsGo0IiaHlzDcLWlyk0S76y8ZDikZS9I= Subject key identifier: BB:4F:B9:F4:B9:8A:0A:63:DA:DC:CE:EC:0A:BF:36:21:03:EC:70:C0 Authority key identifier: DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 Certificate issuer: /CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Certificate serial: 0DA8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft Manifest number: 0D6E Signing time: Fri 30 May 2025 18:11:33 +0000 Manifest this update: Fri 30 May 2025 18:11:32 +0000 Manifest next update: Fri 06 Jun 2025 18:11:32 +0000 Files and hashes: 1: 3af4p0oKdM_262MEKLbJ1w1XvXY.crl (hash: S+tg54xC5BJqakSHPLOpR+Cw3Bcilg878lNmU4ckYSY=) 2: CE83F0E6F0E411EAA47C3968C4F9AE02.roa (hash: ZQBdoWyO873LcT1vKoBchR3Mc6PGkjTHNlXwZK5KBUA=) 3: E69AF38AB11C11EAACC28D2EC4F9AE02.roa (hash: vmjmVmXjdkD0vxVvLQigcrFyWXDcETievw8r2QIVv8s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 18:11:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3496 (0xda8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BC4, serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Validity Not Before: May 30 18:11:32 2025 GMT Not After : Jun 6 18:11:32 2025 GMT Subject: CN=6839f4d4-e4b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:26:91:43:0e:ad:e5:ba:7c:3e:a3:7b:0a:fe: ef:0c:bb:4d:24:1d:90:fd:e9:d3:1d:09:e1:53:55: be:e0:88:6e:74:dd:4c:45:1c:b7:c0:f7:0b:9c:5a: 74:32:6d:05:e9:b0:cc:98:d5:04:3c:88:73:e1:d4: 7d:5f:69:09:d6:9c:81:02:85:b2:58:93:37:67:91: a5:b6:42:a5:47:98:0e:1b:5c:c8:47:c8:29:b2:7b: 2a:5c:8b:47:1b:b3:0d:3b:66:ff:bf:30:17:d3:b1: da:58:48:7d:ca:7f:4f:d9:2f:07:f5:d6:86:95:3c: 17:63:48:32:3f:f0:35:1f:05:95:68:c6:19:9c:f8: ef:a4:3b:c7:ac:ce:1f:4f:69:5c:7d:63:90:b4:a0: d7:ba:cc:da:06:92:e8:12:9b:03:89:81:90:cb:e8: 7c:e9:1f:f4:fc:7e:19:e4:a1:08:f2:31:6c:f8:c5: b5:7d:1c:e4:dc:61:e3:b7:77:03:d3:66:a7:97:85: 7e:ba:ff:33:6c:53:e7:21:f3:aa:fd:5e:2f:9a:c5: 81:e7:de:9b:1e:fe:0b:b9:f7:10:ae:74:94:8d:c7: b4:e3:66:8a:93:d1:14:ae:f8:14:09:a2:de:53:63: 61:59:92:8d:67:c4:bb:e2:4e:b4:ba:e3:dd:11:bf: 3c:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:4F:B9:F4:B9:8A:0A:63:DA:DC:CE:EC:0A:BF:36:21:03:EC:70:C0 X509v3 Authority Key Identifier: keyid:DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:2b:61:1b:47:81:18:fd:26:df:92:3d:36:dd:43:64:5b:2a: 08:6a:2b:e2:1d:a6:f5:d9:8a:0e:51:64:98:31:72:34:4d:46: ce:2c:ef:91:a8:98:d7:61:e6:93:ff:6b:0e:3c:91:11:d2:bd: f1:29:14:7e:d2:c3:e1:77:a7:84:7f:8b:30:13:6f:c5:cf:99: 5d:85:f9:82:80:4d:58:28:d5:53:fa:0b:08:e0:4e:1d:c2:2b: 36:56:e2:00:cf:4d:3b:e4:aa:a4:d1:91:77:10:b9:2b:5d:4f: ca:38:68:3c:10:68:fb:78:0b:1d:8e:d3:32:11:29:14:c5:81: 1d:69:5b:47:eb:18:69:39:2d:6a:53:a4:f6:90:44:59:d6:fb: fd:91:c2:0f:e1:be:5a:9b:54:8b:f8:20:55:f9:39:46:98:da: 43:9d:34:bc:b0:ce:de:ed:96:49:56:76:02:83:0d:5c:21:9d: 02:5d:59:6c:5a:5c:2b:d3:75:bf:53:ca:e3:1d:ca:57:ee:9b: 66:22:da:17:2f:b9:22:ec:8b:c3:62:9a:16:e4:f0:6e:a0:ff: 99:d2:80:59:69:8a:fe:7b:26:1a:98:63:47:ef:9f:92:a9:50: c7:9d:2d:5e:58:77:66:dd:fb:0c:22:3c:db:16:35:63:13:df: 0a:8b:fc:27 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDagwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCQzQxMTAvBgNVBAUTKEREQTdGOEE3NEEwQTc0Q0ZGNkVCNjMwNDI4QjZDOUQ3 MEQ1N0JENzYwHhcNMjUwNTMwMTgxMTMyWhcNMjUwNjA2MTgxMTMyWjAYMRYwFAYD VQQDEw02ODM5ZjRkNC1lNGIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuyaRQw6t5bp8PqN7Cv7vDLtNJB2Q/enTHQnhU1W+4IhudN1MRRy3wPcLnFp0 Mm0F6bDMmNUEPIhz4dR9X2kJ1pyBAoWyWJM3Z5GltkKlR5gOG1zIR8gpsnsqXItH G7MNO2b/vzAX07HaWEh9yn9P2S8H9daGlTwXY0gyP/A1HwWVaMYZnPjvpDvHrM4f T2lcfWOQtKDXuszaBpLoEpsDiYGQy+h86R/0/H4Z5KEI8jFs+MW1fRzk3GHjt3cD 02anl4V+uv8zbFPnIfOq/V4vmsWB596bHv4LufcQrnSUjce042aKk9EUrvgUCaLe U2NhWZKNZ8S74k60uuPdEb88bwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLtPufS5 igpj2tzO7Aq/NiED7HDAMB8GA1UdIwQYMBaAFN2n+KdKCnTP9utjBCi2ydcNV712 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yRDFBNTk1QUQ1 MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RNXzI2Mk1FS0xiSjF3MVh2 WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNhZjRwMG9LZE1fMjYyTUVLTGJKMXcxWHZYWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0JDNC8yRDFBNTk1QUQ1MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RN XzI2Mk1FS0xiSjF3MVh2WFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBUK2EbR4EY/Sbfkj023UNkWyoIaiviHab12YoOUWSYMXI0TUbOLO+R qJjXYeaT/2sOPJER0r3xKRR+0sPhd6eEf4swE2/Fz5ldhfmCgE1YKNVT+gsI4E4d wis2VuIAz0075Kqk0ZF3ELkrXU/KOGg8EGj7eAsdjtMyESkUxYEdaVtH6xhpOS1q U6T2kERZ1vv9kcIP4b5am1SL+CBV+TlGmNpDnTS8sM7e7ZZJVnYCgw1cIZ0CXVls Wlwr03W/U8rjHcpX7ptmItoXL7ki7IvDYpoW5PBuoP+Z0oBZaYr+eyYamGNH75+S qVDHnS1eWHdm3fsMIjzbFjVjE98Ki/wn -----END CERTIFICATE-----Generated at Sat May 31 17:30:24 2025 by rpki-client