$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft File: 4CEd1HfFtNoX56IChgOs2OcWZrU.mft (raw, json) Hash identifier: ckGsnjpRHvfGlL4sH+Kvv5EwaKgqiWbqXlDbV/t9jzw= Subject key identifier: 1C:F2:3D:1B:55:D1:8B:1C:82:8B:2B:60:E0:DD:33:CF:EF:46:F1:AE Authority key identifier: E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5 Certificate issuer: /CN=A91EB1BE/serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5 Certificate serial: 12DB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft Manifest number: 12CA Signing time: Tue 10 Jun 2025 17:03:13 +0000 Manifest this update: Tue 10 Jun 2025 17:03:13 +0000 Manifest next update: Tue 17 Jun 2025 17:03:13 +0000 Files and hashes: 1: 4CEd1HfFtNoX56IChgOs2OcWZrU.crl (hash: chzkkAGfktm+/ZUg6QiYlDRaWlRUSJYAOnIxVhoIcfs=) 2: 31E1DE72B04B11EE9F3B384BC4F9AE02.roa (hash: SUqha04b2ntyDAUGFXYiqHZijUV69AXBCBCtIkXQ4as=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 17 Jun 2025 17:03:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4827 (0x12db) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB1BE, serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5 Validity Not Before: Jun 10 17:03:13 2025 GMT Not After : Jun 17 17:03:13 2025 GMT Subject: CN=68486551-fcbc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:00:99:e3:84:18:29:f2:95:f4:f7:98:56:0f: 52:90:0c:eb:57:0e:16:8c:20:1e:07:76:b3:41:94: 43:40:d6:6c:24:2e:80:f8:a6:4a:83:a3:1c:36:94: 7a:bd:ab:9e:5c:93:6c:9e:61:b5:ea:42:ac:06:9a: fd:a6:3e:9c:a3:53:55:1f:a7:a6:4e:e5:db:22:7a: 40:78:22:f8:0c:31:6e:5a:9a:b3:b4:94:45:34:e4: 46:a3:db:4e:94:78:71:4b:16:6e:96:d3:8c:13:2a: 75:02:3f:ee:86:0c:e7:de:e6:86:59:b2:12:13:dd: 49:49:1b:69:2e:71:37:61:b3:98:06:e6:87:e3:92: 5a:8f:86:09:32:50:1a:c2:87:da:4a:75:78:a3:c6: 23:d3:a6:09:f5:7e:2f:2c:a6:65:a2:79:7e:c9:b4: 5a:97:44:10:cc:b2:51:ad:68:1e:98:cf:26:03:3b: 66:a8:42:ac:2b:f9:77:6b:34:d3:23:20:d9:86:7c: 4a:f4:44:40:b5:97:6a:34:34:7c:8d:08:ae:1a:de: b7:34:c2:a9:d0:7e:0d:76:11:12:d2:3b:92:87:a1: 40:c8:3e:eb:c3:07:c8:97:45:f8:c5:14:53:60:c1: 57:08:b4:a3:74:20:04:37:a7:9f:42:21:96:4e:2f: 09:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:F2:3D:1B:55:D1:8B:1C:82:8B:2B:60:E0:DD:33:CF:EF:46:F1:AE X509v3 Authority Key Identifier: keyid:E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:56:21:47:55:e7:63:d5:b0:72:20:2e:d0:5f:1e:59:a7:4b: 7c:6f:fc:64:98:82:74:95:dd:da:13:09:6d:ec:b1:3c:46:05: 0b:18:d4:85:97:11:e5:32:41:3d:bf:2c:d6:d2:ba:7f:8d:d0: 1b:13:98:87:9f:d4:41:48:3c:44:d4:52:39:90:57:42:c9:e4: 91:6e:dd:bc:60:a3:c6:ff:0a:e0:f0:2b:c1:c1:64:6c:f9:1a: 84:55:9f:f5:f2:8e:a9:66:d6:73:25:af:04:d0:97:44:8d:76: e1:f7:41:47:59:69:6f:fd:6a:9c:e3:e2:cb:5d:6d:a5:c3:10: 26:a7:a7:d0:a3:28:db:4f:52:0a:73:fd:51:27:af:c6:1b:7f: 6c:e5:71:04:e4:ae:84:29:f2:de:d9:d5:57:2e:36:a8:03:d8: 46:95:86:9c:e8:fe:9b:db:90:d1:c7:35:fb:23:2d:c9:2e:13: 8f:67:82:b8:56:57:56:2a:d2:df:c2:aa:51:3f:8e:79:2e:65: be:67:d0:13:5a:ee:b7:80:cf:2a:9d:62:3c:f3:30:64:f5:ed: 3d:27:02:ce:ab:0e:69:40:1d:0b:55:fa:50:fa:6e:a1:bb:6e: 9a:6c:4f:07:5e:e9:26:1c:ac:9c:cf:d4:7a:73:c2:9b:27:f8: 46:5a:e8:26 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEtswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUIxQkUxMTAvBgNVBAUTKEUwMjExREQ0NzdDNUI0REExN0U3QTIwMjg2MDNBQ0Q4 RTcxNjY2QjUwHhcNMjUwNjEwMTcwMzEzWhcNMjUwNjE3MTcwMzEzWjAYMRYwFAYD VQQDEw02ODQ4NjU1MS1mY2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvgCZ44QYKfKV9PeYVg9SkAzrVw4WjCAeB3azQZRDQNZsJC6A+KZKg6McNpR6 vaueXJNsnmG16kKsBpr9pj6co1NVH6emTuXbInpAeCL4DDFuWpqztJRFNORGo9tO lHhxSxZultOMEyp1Aj/uhgzn3uaGWbISE91JSRtpLnE3YbOYBuaH45Jaj4YJMlAa wofaSnV4o8Yj06YJ9X4vLKZlonl+ybRal0QQzLJRrWgemM8mAztmqEKsK/l3azTT IyDZhnxK9ERAtZdqNDR8jQiuGt63NMKp0H4NdhES0juSh6FAyD7rwwfIl0X4xRRT YMFXCLSjdCAEN6efQiGWTi8JjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBzyPRtV 0YscgosrYODdM8/vRvGuMB8GA1UdIwQYMBaAFOAhHdR3xbTaF+eiAoYDrNjnFma1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjFCRS81QTU3Nzg2Q0Mw QzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnROb1g1NklDaGdPczJPY1da clUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRDRWQxSGZGdE5vWDU2SUNoZ09zMk9jV1pyVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QjFCRS81QTU3Nzg2Q0MwQzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnRO b1g1NklDaGdPczJPY1daclUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAiViFHVedj1bByIC7QXx5Zp0t8b/xkmIJ0ld3aEwlt7LE8RgULGNSF lxHlMkE9vyzW0rp/jdAbE5iHn9RBSDxE1FI5kFdCyeSRbt28YKPG/wrg8CvBwWRs +RqEVZ/18o6pZtZzJa8E0JdEjXbh90FHWWlv/Wqc4+LLXW2lwxAmp6fQoyjbT1IK c/1RJ6/GG39s5XEE5K6EKfLe2dVXLjaoA9hGlYac6P6b25DRxzX7Iy3JLhOPZ4K4 VldWKtLfwqpRP455LmW+Z9ATWu63gM8qnWI88zBk9e09JwLOqw5pQB0LVfpQ+m6h u26abE8HXukmHKycz9R6c8KbJ/hGWugm -----END CERTIFICATE-----Generated at Wed Jun 11 07:23:32 2025 by rpki-client