$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft File: fNlYoAf08OVuSo0kV2aIYiurciE.mft (raw, json) Hash identifier: mGbiQ6m1j8wXx1scuKy1GkM4NmepWA+36MFC3e1o7ag= Subject key identifier: 7C:A2:A7:61:31:81:05:86:B4:C6:93:E6:9D:DC:A7:29:01:47:48:06 Authority key identifier: 7C:D9:58:A0:07:F4:F0:E5:6E:4A:8D:24:57:66:88:62:2B:AB:72:21 Certificate issuer: /CN=A91E8AF2/serialNumber=7CD958A007F4F0E56E4A8D24576688622BAB7221 Certificate serial: 0127 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft Manifest number: 0123 Signing time: Sat 31 May 2025 04:21:53 +0000 Manifest this update: Sat 31 May 2025 04:21:52 +0000 Manifest next update: Sat 07 Jun 2025 04:21:52 +0000 Files and hashes: 1: fNlYoAf08OVuSo0kV2aIYiurciE.crl (hash: ZF54OlNHBYL5IMj+xUFhtXUtNXHb/6AEyv+3enAdRJg=) 2: E7021416B54B11EE86895416C4F9AE02.roa (hash: vzHahXAFIekcStIbFKvBTMDftL9nSsfmNUK1qbKIERQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.crl rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 04:21:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 295 (0x127) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8AF2, serialNumber=7CD958A007F4F0E56E4A8D24576688622BAB7221 Validity Not Before: May 31 04:21:52 2025 GMT Not After : Jun 7 04:21:52 2025 GMT Subject: CN=683a83e1-f8ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:ef:e4:9f:bf:7a:e2:ef:77:f2:f9:db:fc:d7: d1:f6:26:6e:1f:fc:7e:ab:cc:f2:4c:3f:df:ad:9f: 99:fa:86:1e:ff:91:20:e7:c2:1f:1e:a1:b4:58:ec: 8c:73:ad:5d:67:f6:1c:9b:ea:95:ad:10:c4:c1:03: cb:ff:fe:87:1f:09:19:cc:4e:09:cd:c6:20:32:2d: db:dc:fd:48:bc:5d:03:d4:f6:ac:43:49:0a:49:d6: c1:c1:0d:a2:07:01:b8:55:eb:b5:75:d6:1b:46:4e: 3b:d3:1c:04:78:d3:98:c2:78:b9:64:46:9a:7d:c5: 23:53:ee:8b:52:34:64:5e:68:80:a5:37:5c:2b:fa: a0:55:ec:3c:60:f7:b6:ac:f8:f1:14:f9:de:4b:2a: bb:34:9b:05:11:c4:1d:17:4d:da:4a:95:68:49:56: 00:e3:63:6c:70:29:5a:66:b5:77:b2:a9:c3:92:0c: c7:64:fa:63:ab:04:6b:15:b5:43:be:8a:52:d3:fb: e7:62:f3:24:cb:60:9c:7a:52:9e:6f:90:39:73:2d: 53:70:dc:af:31:d6:dd:d4:b2:6a:98:b1:3f:7b:97: d6:cb:7c:9d:6c:5e:9b:30:b9:45:d7:37:76:b6:20: 2f:9a:2b:75:b2:13:01:55:4a:c9:b7:ac:36:42:bc: d1:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:A2:A7:61:31:81:05:86:B4:C6:93:E6:9D:DC:A7:29:01:47:48:06 X509v3 Authority Key Identifier: keyid:7C:D9:58:A0:07:F4:F0:E5:6E:4A:8D:24:57:66:88:62:2B:AB:72:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/fNlYoAf08OVuSo0kV2aIYiurciE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8AF2/5732C838844C11EEB1F2CA29C4F9AE02/fNlYoAf08OVuSo0kV2aIYiurciE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:1c:23:8f:7b:84:d9:99:4f:58:b4:bb:90:ce:ad:29:82:21: a9:12:9b:82:4f:8b:29:2a:5b:71:5a:ed:f4:57:56:2e:54:8e: b6:61:c8:df:a8:13:c0:97:df:1d:ce:7d:83:7a:d9:65:98:b4: e5:f0:ca:b2:b3:95:4b:86:52:62:50:28:9d:47:1b:f4:e2:2c: 49:c1:69:04:f5:6a:b6:15:94:6c:1c:09:6b:75:ee:fb:f2:e6: e9:c3:f8:f0:b5:42:ee:27:fb:43:90:20:b6:fb:55:9c:3f:2a: f3:4f:96:63:db:ff:cc:69:5e:c8:7f:5f:a4:27:af:96:eb:92: a1:a3:91:a0:5d:64:16:42:39:6b:ec:c1:87:88:96:5c:96:a0: 3b:ec:9c:50:c1:7f:e8:ac:8e:ce:a4:80:e5:9c:0c:3d:7f:54: 43:ff:eb:a0:f4:22:0d:1d:ac:56:6b:eb:57:ab:48:e8:4c:e9: cd:bd:4c:ae:05:2a:97:af:a6:d6:d1:34:d1:50:be:d4:08:65: c0:b1:ad:79:84:39:58:5f:c2:8c:79:90:bf:f4:10:b9:61:12: 36:6c:dc:ba:f5:bb:cf:7d:85:76:45:a2:b1:60:6a:62:26:39: b7:bd:b3:0c:6e:1d:1f:f9:da:d7:72:e4:58:32:3e:a0:d6:d2: c3:5e:d5:fe -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAScwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThBRjIxMTAvBgNVBAUTKDdDRDk1OEEwMDdGNEYwRTU2RTRBOEQyNDU3NjY4ODYy MkJBQjcyMjEwHhcNMjUwNTMxMDQyMTUyWhcNMjUwNjA3MDQyMTUyWjAYMRYwFAYD VQQDEw02ODNhODNlMS1mOGJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxu/kn7964u938vnb/NfR9iZuH/x+q8zyTD/frZ+Z+oYe/5Eg58IfHqG0WOyM c61dZ/Ycm+qVrRDEwQPL//6HHwkZzE4JzcYgMi3b3P1IvF0D1PasQ0kKSdbBwQ2i BwG4Veu1ddYbRk470xwEeNOYwni5ZEaafcUjU+6LUjRkXmiApTdcK/qgVew8YPe2 rPjxFPneSyq7NJsFEcQdF03aSpVoSVYA42NscClaZrV3sqnDkgzHZPpjqwRrFbVD vopS0/vnYvMky2CcelKeb5A5cy1TcNyvMdbd1LJqmLE/e5fWy3ydbF6bMLlF1zd2 tiAvmit1shMBVUrJt6w2QrzRCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHyip2Ex gQWGtMaT5p3cpykBR0gGMB8GA1UdIwQYMBaAFHzZWKAH9PDlbkqNJFdmiGIrq3Ih MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEFGMi81NzMyQzgzODg0 NEMxMUVFQjFGMkNBMjlDNEY5QUUwMi9mTmxZb0FmMDhPVnVTbzBrVjJhSVlpdXJj aUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ZObFlvQWYwOE9WdVNvMGtWMmFJWWl1cmNpRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEFGMi81NzMyQzgzODg0NEMxMUVFQjFGMkNBMjlDNEY5QUUwMi9mTmxZb0FmMDhP VnVTbzBrVjJhSVlpdXJjaUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAdHCOPe4TZmU9YtLuQzq0pgiGpEpuCT4spKltxWu30V1YuVI62Ycjf qBPAl98dzn2DetllmLTl8Mqys5VLhlJiUCidRxv04ixJwWkE9Wq2FZRsHAlrde77 8ubpw/jwtULuJ/tDkCC2+1WcPyrzT5Zj2//MaV7If1+kJ6+W65Kho5GgXWQWQjlr 7MGHiJZclqA77JxQwX/orI7OpIDlnAw9f1RD/+ug9CINHaxWa+tXq0joTOnNvUyu BSqXr6bW0TTRUL7UCGXAsa15hDlYX8KMeZC/9BC5YRI2bNy69bvPfYV2RaKxYGpi Jjm3vbMMbh0f+drXcuRYMj6g1tLDXtX+ -----END CERTIFICATE-----Generated at Sat May 31 17:17:22 2025 by rpki-client