$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft File: IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft (raw, json) Hash identifier: o8kBeyCoP+BVCQvhxfE+QLzeEl6M2812sCwPM7kQhsc= Subject key identifier: 27:4E:B7:3E:D2:7E:00:33:29:7C:28:6F:FD:4C:AC:1A:75:89:4F:56 Authority key identifier: 21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA Certificate issuer: /CN=A91EA409/serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Certificate serial: 70 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft Manifest number: 6E Signing time: Tue 03 Jun 2025 06:42:18 +0000 Manifest this update: Tue 03 Jun 2025 06:42:17 +0000 Manifest next update: Tue 10 Jun 2025 06:42:17 +0000 Files and hashes: 1: IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl (hash: JsFLKnkZ4DLt5EK3xPe6SsxaTJsrHLZUdz6zSpt06CY=) 2: E9F177B89D9C11EFA9526A6CC4F9AE02.roa (hash: /L7H1H9bfON5bqOj4q1pWVjciM/BYtStadHGVAVA9LE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 06:42:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 112 (0x70) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA409, serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Validity Not Before: Jun 3 06:42:17 2025 GMT Not After : Jun 10 06:42:17 2025 GMT Subject: CN=683e994a-d049 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:c4:90:38:1e:c6:57:4e:d5:80:89:74:57:31: 84:ba:8d:c5:db:5f:e3:b0:9d:60:d6:20:d3:d5:d0: ca:64:90:fc:11:d8:65:a0:86:3c:79:2d:34:61:4e: 37:39:73:65:8d:da:49:9b:2b:0e:30:c7:a4:a5:7e: 76:57:5e:fc:13:dc:d3:50:57:da:ca:39:c1:10:41: e2:15:3f:f0:50:ae:19:52:55:8f:bb:ba:c2:af:f9: 05:5b:20:56:65:4b:d3:64:cf:d3:82:44:14:49:5e: 56:7d:82:06:16:26:5b:c1:c0:9c:c0:86:f7:40:f1: bd:a7:c8:72:35:87:b5:b8:dd:08:3d:04:7c:5f:9c: 93:c4:ac:2d:2e:b8:e1:34:f4:35:cc:60:c9:f3:76: 86:db:12:90:52:13:67:9b:82:3d:41:e0:ee:89:7d: 5f:9a:d6:29:b8:cb:1b:5d:1d:08:b8:c4:3f:8c:4a: 73:bc:76:f3:4c:71:87:0b:de:e2:24:97:16:d2:ba: 43:09:69:8d:f2:2c:59:a3:a7:b4:42:12:29:57:c8: 57:2a:e3:d9:f1:e4:6e:1d:cb:ca:34:50:db:7b:52: 11:23:61:f2:46:21:82:42:79:70:26:e1:1c:b6:5b: 46:e4:83:15:aa:e6:2a:ac:a7:d3:c9:90:85:3e:03: be:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:4E:B7:3E:D2:7E:00:33:29:7C:28:6F:FD:4C:AC:1A:75:89:4F:56 X509v3 Authority Key Identifier: keyid:21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:74:9c:e8:e0:74:00:a0:1d:6c:cc:3c:5d:7b:4f:62:d6:51: 90:2b:f5:31:96:38:b0:ff:b6:b3:41:0b:0a:32:cc:87:a3:87: 23:25:f0:48:97:98:1c:26:ff:4e:b7:56:2f:a0:1f:8a:88:9c: f5:37:01:5e:a4:03:a2:22:f0:1f:75:7f:5d:23:63:c4:af:46: 6d:93:4e:5c:d4:87:4c:cc:e7:f6:10:76:d9:82:0e:57:64:9f: 23:22:43:8b:7b:65:e5:b7:11:b7:9e:3a:23:f5:8c:ea:2b:03: 45:67:37:65:26:7a:bf:fb:63:2f:91:ba:4f:a1:80:36:8f:4c: 50:f2:61:10:c6:75:a6:3a:b2:09:2d:08:c7:0c:df:74:a5:27: 4d:bf:c8:4d:d9:ad:cf:a3:00:9b:6e:dd:80:12:10:09:5e:ac: dd:ea:23:54:6f:ae:ab:b6:41:55:98:ca:05:61:7e:64:d3:d8: 08:59:dc:ee:40:82:c7:ff:7d:ee:45:a6:d1:0b:17:c8:58:c3: a8:49:1c:0f:42:28:85:ee:df:8f:87:24:5f:47:91:39:5e:3a: db:52:e1:78:a6:a8:b7:88:69:79:d4:00:8f:bc:a8:46:2f:2e: 29:dc:0a:ff:35:dc:66:71:15:86:16:51:d4:47:6f:d8:6f:fe: 17:3e:2b:72 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBcDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QTQwOTExMC8GA1UEBRMoMjE2NERENTlBNjE1RDVGMkUzMzkzRTcyMDk4QTczQUQ4 NjhFNzhEQTAeFw0yNTA2MDMwNjQyMTdaFw0yNTA2MTAwNjQyMTdaMBgxFjAUBgNV BAMTDTY4M2U5OTRhLWQwNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCvxJA4HsZXTtWAiXRXMYS6jcXbX+OwnWDWINPV0MpkkPwR2GWghjx5LTRhTjc5 c2WN2kmbKw4wx6SlfnZXXvwT3NNQV9rKOcEQQeIVP/BQrhlSVY+7usKv+QVbIFZl S9Nkz9OCRBRJXlZ9ggYWJlvBwJzAhvdA8b2nyHI1h7W43Qg9BHxfnJPErC0uuOE0 9DXMYMnzdobbEpBSE2ebgj1B4O6JfV+a1im4yxtdHQi4xD+MSnO8dvNMcYcL3uIk lxbSukMJaY3yLFmjp7RCEilXyFcq49nx5G4dy8o0UNt7UhEjYfJGIYJCeXAm4Ry2 W0bkgxWq5iqsp9PJkIU+A74FAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUJ063PtJ+ ADMpfChv/UysGnWJT1YwHwYDVR0jBBgwFoAUIWTdWaYV1fLjOT5yCYpzrYaOeNow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBNDA5L0Y5NDRFM0NDOUNB QjExRUZBQjU5NTUxNkM0RjlBRTAyL0lXVGRXYVlWMWZMak9UNXlDWXB6cllhT2VO by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSVdUZFdhWVYxZkxqT1Q1eUNZcHpyWWFPZU5vLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVB NDA5L0Y5NDRFM0NDOUNBQjExRUZBQjU5NTUxNkM0RjlBRTAyL0lXVGRXYVlWMWZM ak9UNXlDWXB6cllhT2VOby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAC10nOjgdACgHWzMPF17T2LWUZAr9TGWOLD/trNBCwoyzIejhyMl8EiX mBwm/063Vi+gH4qInPU3AV6kA6Ii8B91f10jY8SvRm2TTlzUh0zM5/YQdtmCDldk nyMiQ4t7ZeW3EbeeOiP1jOorA0VnN2Umer/7Yy+Ruk+hgDaPTFDyYRDGdaY6sgkt CMcM33SlJ02/yE3Zrc+jAJtu3YASEAlerN3qI1Rvrqu2QVWYygVhfmTT2AhZ3O5A gsf/fe5FptELF8hYw6hJHA9CKIXu34+HJF9HkTleOttS4XimqLeIaXnUAI+8qEYv LincCv813GZxFYYWUdRHb9hv/hc+K3I= -----END CERTIFICATE-----Generated at Tue Jun 3 23:54:44 2025 by rpki-client