$ rpki-client -vvf rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft File: 4CEd1HfFtNoX56IChgOs2OcWZrU.mft (raw, json) Hash identifier: Wps+PKNggrylrysMDxyZlb5vxd7k2h4GghdomrBzNYU= Subject key identifier: 98:F5:AC:8C:39:E1:DF:04:0D:04:34:25:F3:7C:CD:49:5B:CC:5F:F6 Authority key identifier: E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5 Certificate issuer: /CN=A91EB1BE/serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5 Certificate serial: 12DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft Manifest number: 12CC Signing time: Sat 14 Jun 2025 17:00:45 +0000 Manifest this update: Sat 14 Jun 2025 17:00:45 +0000 Manifest next update: Sat 21 Jun 2025 17:00:45 +0000 Files and hashes: 1: 4CEd1HfFtNoX56IChgOs2OcWZrU.crl (hash: 7l6GZravK/bjGAkB2RYnvdCbYn3yU7ITi2AREdNZMLc=) 2: 31E1DE72B04B11EE9F3B384BC4F9AE02.roa (hash: SUqha04b2ntyDAUGFXYiqHZijUV69AXBCBCtIkXQ4as=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 21 Jun 2025 17:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4829 (0x12dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EB1BE, serialNumber=E0211DD477C5B4DA17E7A2028603ACD8E71666B5 Validity Not Before: Jun 14 17:00:45 2025 GMT Not After : Jun 21 17:00:45 2025 GMT Subject: CN=684daabd-8975 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:1c:01:f0:15:85:f1:bc:50:87:07:31:a6:82: 2e:85:87:60:4a:62:a8:fc:3d:44:95:e0:53:98:cf: 90:b7:94:5e:73:94:51:d8:ff:e5:70:fd:93:e0:eb: 6a:26:85:1b:d1:e0:18:22:a1:b5:74:be:54:70:7f: 33:09:30:14:2d:08:fc:30:f2:19:0e:4d:9b:02:e7: c9:87:1f:87:b4:40:98:53:78:32:cc:7b:16:88:51: e8:09:ab:03:d7:df:b4:bf:34:b0:81:7a:dc:e4:57: 2f:f6:92:a7:26:82:3a:9d:4a:cd:d2:8e:fe:fe:40: ed:45:79:ef:5e:6b:4b:6a:18:e5:69:d8:7b:74:d5: d8:04:16:31:aa:a9:bd:7e:73:53:c3:fe:25:4d:8e: 2f:2f:5e:ba:82:7d:f2:91:bf:8e:27:4f:a0:4a:38: 68:75:dd:25:d9:b5:eb:81:56:7e:5a:70:5a:f1:54: aa:4f:9f:07:b8:7f:77:23:cb:54:80:50:9d:e1:3e: 1b:29:52:e7:cf:35:63:8d:f9:21:62:36:44:0a:61: 36:07:cb:6b:34:0b:34:9a:45:d3:79:c6:4e:9a:06: 68:bd:6f:e6:d2:c4:25:7b:45:1b:ef:ca:e5:fc:2d: 58:34:7f:08:5f:50:f2:e4:c6:cb:39:4f:c5:6c:8e: 08:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:F5:AC:8C:39:E1:DF:04:0D:04:34:25:F3:7C:CD:49:5B:CC:5F:F6 X509v3 Authority Key Identifier: keyid:E0:21:1D:D4:77:C5:B4:DA:17:E7:A2:02:86:03:AC:D8:E7:16:66:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4CEd1HfFtNoX56IChgOs2OcWZrU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EB1BE/5A57786CC0C811E8AE805334C4F9AE02/4CEd1HfFtNoX56IChgOs2OcWZrU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:ce:1e:2d:fb:76:28:97:04:de:1f:4e:c4:fd:38:6d:eb:a5: c9:f8:e6:82:0b:29:1b:01:ee:fc:01:1c:de:cc:ba:76:c7:d1: 62:f8:c2:f7:d3:d8:87:08:f9:14:43:e2:ac:74:e0:99:df:6b: 75:93:89:ad:a3:c5:4e:9a:4d:26:a6:db:19:df:8e:bb:2f:50: 33:07:d8:e2:a7:b3:95:30:91:04:ab:fa:4d:0f:ea:f6:7c:ce: 48:7b:a6:7f:1d:f2:20:56:6d:15:5c:78:47:cf:52:37:58:0f: 46:81:48:8f:4b:29:2f:61:ea:29:d7:ca:c8:a7:51:bc:16:9d: c9:4f:76:58:a0:3e:9a:79:2c:5f:9a:57:f6:d2:ad:4f:c6:e4: 46:8e:79:28:49:7e:45:bb:22:52:f5:9e:19:6a:9e:63:4d:77: 94:d7:44:3a:4f:6c:17:24:5b:44:be:14:cb:1a:f2:08:13:1e: ee:3c:47:46:ac:2e:08:9a:e0:81:62:35:ed:95:01:21:55:eb: f4:93:9a:0a:e3:40:8d:21:c8:ad:4d:a7:30:5e:95:82:da:9b: 5e:fd:83:42:fd:f6:ca:93:f9:75:cf:40:01:42:0f:c6:88:57: e9:62:4e:cc:67:b3:15:37:12:58:63:b6:03:83:13:8a:68:85: 3c:3a:f2:25 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEt0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUIxQkUxMTAvBgNVBAUTKEUwMjExREQ0NzdDNUI0REExN0U3QTIwMjg2MDNBQ0Q4 RTcxNjY2QjUwHhcNMjUwNjE0MTcwMDQ1WhcNMjUwNjIxMTcwMDQ1WjAYMRYwFAYD VQQDEw02ODRkYWFiZC04OTc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArRwB8BWF8bxQhwcxpoIuhYdgSmKo/D1EleBTmM+Qt5Rec5RR2P/lcP2T4Otq JoUb0eAYIqG1dL5UcH8zCTAULQj8MPIZDk2bAufJhx+HtECYU3gyzHsWiFHoCasD 19+0vzSwgXrc5Fcv9pKnJoI6nUrN0o7+/kDtRXnvXmtLahjladh7dNXYBBYxqqm9 fnNTw/4lTY4vL166gn3ykb+OJ0+gSjhodd0l2bXrgVZ+WnBa8VSqT58HuH93I8tU gFCd4T4bKVLnzzVjjfkhYjZECmE2B8trNAs0mkXTecZOmgZovW/m0sQle0Ub78rl /C1YNH8IX1Dy5MbLOU/FbI4ILQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJj1rIw5 4d8EDQQ0JfN8zUlbzF/2MB8GA1UdIwQYMBaAFOAhHdR3xbTaF+eiAoYDrNjnFma1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQjFCRS81QTU3Nzg2Q0Mw QzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnROb1g1NklDaGdPczJPY1da clUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRDRWQxSGZGdE5vWDU2SUNoZ09zMk9jV1pyVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QjFCRS81QTU3Nzg2Q0MwQzgxMUU4QUU4MDUzMzRDNEY5QUUwMi80Q0VkMUhmRnRO b1g1NklDaGdPczJPY1daclUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAdzh4t+3YolwTeH07E/Tht66XJ+OaCCykbAe78ARzezLp2x9Fi+ML3 09iHCPkUQ+KsdOCZ32t1k4mto8VOmk0mptsZ3467L1AzB9jip7OVMJEEq/pND+r2 fM5Ie6Z/HfIgVm0VXHhHz1I3WA9GgUiPSykvYeop18rIp1G8Fp3JT3ZYoD6aeSxf mlf20q1PxuRGjnkoSX5FuyJS9Z4Zap5jTXeU10Q6T2wXJFtEvhTLGvIIEx7uPEdG rC4ImuCBYjXtlQEhVev0k5oK40CNIcitTacwXpWC2pte/YNC/fbKk/l1z0ABQg/G iFfpYk7MZ7MVNxJYY7YDgxOKaIU8OvIl -----END CERTIFICATE-----Generated at Sun Jun 15 11:24:16 2025 by rpki-client