$ rpki-client -vvf rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft File: oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft (raw, json) Hash identifier: 9zwX3Ao+5g9l+zyUyBkIbb6T3sVQurEPBKADhyda4OQ= Subject key identifier: 88:CC:48:1B:AB:45:87:C7:1A:71:74:DA:0E:42:9D:4D:83:B2:5C:25 Authority key identifier: A2:24:36:84:22:3D:2C:25:C6:AF:17:6A:5F:02:FA:02:B2:4F:68:0B Certificate issuer: /CN=A91E953B/serialNumber=A2243684223D2C25C6AF176A5F02FA02B24F680B Certificate serial: 0131 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft Manifest number: 012F Signing time: Sat 31 May 2025 04:10:49 +0000 Manifest this update: Sat 31 May 2025 04:10:49 +0000 Manifest next update: Sat 07 Jun 2025 04:10:49 +0000 Files and hashes: 1: oiQ2hCI9LCXGrxdqXwL6ArJPaAs.crl (hash: PIcdfXFsbixwaowlApZ1VRg7O6ybP0YsG1wRAkbQzEA=) 2: 12E1FD886C9C11EE9F3C5653C4F9AE02.roa (hash: QQ5QrwGTURdTMG/7o8+lIRwrf/ztbEh4ekM9cA/bz/4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.crl rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 04:10:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 305 (0x131) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E953B, serialNumber=A2243684223D2C25C6AF176A5F02FA02B24F680B Validity Not Before: May 31 04:10:49 2025 GMT Not After : Jun 7 04:10:49 2025 GMT Subject: CN=683a8149-8b5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:34:40:c0:e8:60:20:0f:ca:56:b9:35:b5:fe: a2:5b:01:ba:da:d0:5d:55:5a:c3:66:18:a5:b4:8b: 66:d1:ff:46:c1:31:e5:10:9c:99:9d:a4:cd:0c:67: b2:94:77:56:74:f2:30:8c:80:a6:0d:e9:37:94:5e: a8:99:d1:71:2a:73:c7:89:9d:f0:0d:c0:a9:e7:ea: 58:bc:b4:0e:3a:14:b4:27:ed:5b:a6:5d:84:56:90: 6a:13:e7:21:95:d7:93:0d:a3:94:51:b8:7a:14:3a: 51:e7:4a:29:2c:78:20:cb:c2:ee:5d:a4:d0:c2:4f: 54:28:b3:5d:ff:86:ff:b4:a2:ce:e9:28:b0:d9:f2: ef:e1:4c:60:a4:56:cc:d0:bf:54:a0:59:ad:94:d3: c1:ac:d7:34:9a:31:8d:6d:f1:fb:7b:12:4e:7e:f8: c7:b5:d9:94:42:b7:60:b1:52:b1:95:a1:de:16:c7: 76:ee:a8:cb:79:6e:02:cf:fc:03:e5:f2:35:a9:2d: 35:ad:c1:3e:80:69:16:8c:88:66:31:aa:97:12:eb: e5:e0:c1:36:f6:e9:e8:86:97:d7:9b:8c:ef:ef:e8: ed:4f:25:9b:7d:6b:c7:fb:a2:08:7d:0a:05:02:d8: 19:cb:53:34:be:73:2a:18:b6:68:9a:68:92:32:17: 9e:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:CC:48:1B:AB:45:87:C7:1A:71:74:DA:0E:42:9D:4D:83:B2:5C:25 X509v3 Authority Key Identifier: keyid:A2:24:36:84:22:3D:2C:25:C6:AF:17:6A:5F:02:FA:02:B2:4F:68:0B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E953B/C8D039226C9A11EE85BFDF4FC4F9AE02/oiQ2hCI9LCXGrxdqXwL6ArJPaAs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:65:b8:1d:60:81:6e:14:1f:54:54:5b:51:89:6b:09:57:0d: dc:d9:f5:2a:bc:ef:1a:0b:0f:a0:21:8c:ce:49:32:c8:20:ea: 5f:32:7d:31:4b:ca:86:c3:b5:d3:10:2d:2a:59:5f:d6:96:83: 97:c7:31:03:ef:35:f3:f2:af:b0:ee:07:3b:4b:a7:79:fa:fa: cf:46:33:4d:65:f1:79:7a:9a:d6:da:7e:dc:e0:bc:8a:4f:ba: 7c:a7:66:eb:64:80:c0:49:11:30:71:aa:f2:bd:fc:e7:30:2e: 97:ee:a0:ba:16:c2:dd:e3:60:46:de:d9:4a:15:d6:fc:41:70: 01:a9:95:77:4b:e2:da:c8:b7:4a:7d:cb:6e:af:c8:c2:03:77: 17:bc:e8:43:79:6e:be:94:97:c0:3c:db:ac:0f:d7:92:e0:de: 4b:e1:70:ea:0b:c7:9b:c7:bf:6c:53:ea:eb:ab:35:60:04:c8: a4:2b:7f:3c:7a:e1:72:26:b9:12:08:4e:d1:2c:f6:a3:cb:09: d5:06:a6:fb:18:a9:f1:29:22:13:9d:30:d9:2e:c6:11:93:7e: b0:19:cb:a1:30:7b:e5:d7:0c:2d:6d:db:46:de:77:d1:51:8e: 1f:0d:3c:80:d6:4e:39:47:9d:a2:af:71:1e:f3:1f:87:0a:3a: 44:75:1d:fb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk1M0IxMTAvBgNVBAUTKEEyMjQzNjg0MjIzRDJDMjVDNkFGMTc2QTVGMDJGQTAy QjI0RjY4MEIwHhcNMjUwNTMxMDQxMDQ5WhcNMjUwNjA3MDQxMDQ5WjAYMRYwFAYD VQQDEw02ODNhODE0OS04YjViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmzRAwOhgIA/KVrk1tf6iWwG62tBdVVrDZhiltItm0f9GwTHlEJyZnaTNDGey lHdWdPIwjICmDek3lF6omdFxKnPHiZ3wDcCp5+pYvLQOOhS0J+1bpl2EVpBqE+ch ldeTDaOUUbh6FDpR50opLHggy8LuXaTQwk9UKLNd/4b/tKLO6Siw2fLv4UxgpFbM 0L9UoFmtlNPBrNc0mjGNbfH7exJOfvjHtdmUQrdgsVKxlaHeFsd27qjLeW4Cz/wD 5fI1qS01rcE+gGkWjIhmMaqXEuvl4ME29unohpfXm4zv7+jtTyWbfWvH+6IIfQoF AtgZy1M0vnMqGLZommiSMheeSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIjMSBur RYfHGnF02g5CnU2DslwlMB8GA1UdIwQYMBaAFKIkNoQiPSwlxq8Xal8C+gKyT2gL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTUzQi9DOEQwMzkyMjZD OUExMUVFODVCRkRGNEZDNEY5QUUwMi9vaVEyaENJOUxDWEdyeGRxWHdMNkFySlBh QXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29pUTJoQ0k5TENYR3J4ZHFYd0w2QXJKUGFBcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OTUzQi9DOEQwMzkyMjZDOUExMUVFODVCRkRGNEZDNEY5QUUwMi9vaVEyaENJOUxD WEdyeGRxWHdMNkFySlBhQXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBaZbgdYIFuFB9UVFtRiWsJVw3c2fUqvO8aCw+gIYzOSTLIIOpfMn0x S8qGw7XTEC0qWV/WloOXxzED7zXz8q+w7gc7S6d5+vrPRjNNZfF5eprW2n7c4LyK T7p8p2brZIDASREwcaryvfznMC6X7qC6FsLd42BG3tlKFdb8QXABqZV3S+LayLdK fctur8jCA3cXvOhDeW6+lJfAPNusD9eS4N5L4XDqC8ebx79sU+rrqzVgBMikK388 euFyJrkSCE7RLPajywnVBqb7GKnxKSITnTDZLsYRk36wGcuhMHvl1wwtbdtG3nfR UY4fDTyA1k45R52ir3Ee8x+HCjpEdR37 -----END CERTIFICATE-----Generated at Sat May 31 14:35:08 2025 by rpki-client