$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC3CA/81386046218311EA8CB84737C4F9AE02/7IKxn5B5ht6zu4AtInPQNNFBSy0.mft File: 7IKxn5B5ht6zu4AtInPQNNFBSy0.mft (raw, json) Hash identifier: TZgmlUzpqz3ZJil1F5Y27EZHHxqabC3SrzROAa2Bz+A= Subject key identifier: 2E:AB:3A:69:04:8A:0C:C7:09:0E:81:3B:FF:89:BB:E4:66:D2:6D:61 Authority key identifier: EC:82:B1:9F:90:79:86:DE:B3:BB:80:2D:22:73:D0:34:D1:41:4B:2D Certificate issuer: /CN=A91EC3CA/serialNumber=EC82B19F907986DEB3BB802D2273D034D1414B2D Certificate serial: 0BB3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7IKxn5B5ht6zu4AtInPQNNFBSy0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EC3CA/81386046218311EA8CB84737C4F9AE02/7IKxn5B5ht6zu4AtInPQNNFBSy0.mft Manifest number: 0BAD Signing time: Fri 30 May 2025 19:09:06 +0000 Manifest this update: Fri 30 May 2025 19:09:06 +0000 Manifest next update: Fri 06 Jun 2025 19:09:06 +0000 Files and hashes: 1: 7IKxn5B5ht6zu4AtInPQNNFBSy0.crl (hash: Bmu/rCPNo2TB6SKETeQt1Y1gsOTG1bqGS7+catOuj9A=) 2: 8C76CF46218411EAA6A8DB38C4F9AE02.roa (hash: ygQ6vfqXgCOjWaI/M9+8sSQcLe6CReohgnbLpV4rvKo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EC3CA/81386046218311EA8CB84737C4F9AE02/7IKxn5B5ht6zu4AtInPQNNFBSy0.crl rsync://rpki.apnic.net/member_repository/A91EC3CA/81386046218311EA8CB84737C4F9AE02/7IKxn5B5ht6zu4AtInPQNNFBSy0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7IKxn5B5ht6zu4AtInPQNNFBSy0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 19:09:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2995 (0xbb3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EC3CA, serialNumber=EC82B19F907986DEB3BB802D2273D034D1414B2D Validity Not Before: May 30 19:09:06 2025 GMT Not After : Jun 6 19:09:06 2025 GMT Subject: CN=683a0252-4455 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:29:f1:27:59:ed:f2:9b:37:46:68:45:04:45: 8a:86:16:7c:22:d6:dd:00:89:11:93:cf:00:12:bf: 77:83:6a:4c:8e:47:ba:04:ab:43:c9:29:a1:cc:a9: 7f:4c:f5:b4:25:25:0e:23:d1:f4:1d:30:3a:fb:df: da:37:4e:08:37:e2:67:40:a9:9a:95:fd:6e:11:41: a0:5f:71:57:4a:f3:55:45:f0:f2:bc:52:97:14:c8: 83:ae:3c:f0:09:d9:71:80:16:37:c4:aa:b5:68:cf: 2e:04:53:2a:0f:0e:29:54:f6:6f:0f:c6:75:71:00: 16:7b:e9:64:1d:d0:29:3f:41:70:61:cd:b1:c8:d8: 0e:42:ae:c8:2a:16:1b:db:ef:26:cf:61:1f:35:e7: 4d:79:65:ba:f2:6e:4f:a7:46:b7:30:99:95:d0:83: 02:f2:7e:a6:a8:a3:cb:c8:f0:5c:ed:e9:fb:b6:48: f2:72:60:49:69:db:75:e7:38:ae:a7:0a:88:72:df: 34:3b:b1:8e:08:21:05:eb:d2:92:cf:d2:a9:2b:80: d7:3c:cc:58:ab:38:d2:66:1b:79:e9:6c:d1:03:73: 82:58:c0:bb:57:04:8a:9a:9d:49:1d:e5:70:37:dd: d5:0b:a8:00:4c:5e:94:66:82:06:90:a2:17:f0:3a: b4:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:AB:3A:69:04:8A:0C:C7:09:0E:81:3B:FF:89:BB:E4:66:D2:6D:61 X509v3 Authority Key Identifier: keyid:EC:82:B1:9F:90:79:86:DE:B3:BB:80:2D:22:73:D0:34:D1:41:4B:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EC3CA/81386046218311EA8CB84737C4F9AE02/7IKxn5B5ht6zu4AtInPQNNFBSy0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7IKxn5B5ht6zu4AtInPQNNFBSy0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC3CA/81386046218311EA8CB84737C4F9AE02/7IKxn5B5ht6zu4AtInPQNNFBSy0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:1a:21:72:d0:23:b2:d4:75:e3:f8:7e:b7:25:bc:ae:45:0f: 16:46:37:bb:19:31:d1:21:d0:cf:93:76:3b:1d:5f:13:f8:a6: dc:e3:d1:24:42:36:b3:22:b5:db:3d:a8:e7:fb:34:5f:e8:d2: 5b:75:04:83:d5:b1:42:c9:2d:01:35:99:54:6f:c7:72:e9:dc: 87:d5:73:25:8b:24:77:70:96:23:dd:a2:0e:c5:7f:7b:ef:e0: 55:24:36:03:97:20:46:92:9c:a7:f9:fb:10:cf:3b:ec:bc:bb: 6d:1d:4d:a3:84:f5:29:8b:2f:47:97:b3:03:a5:10:62:fe:8e: d0:dc:75:e7:f8:81:b3:51:cd:b1:3e:ba:93:ec:c4:a3:b6:fd: 3d:57:d6:d9:28:1e:91:7a:93:3a:28:5c:59:0a:5d:15:43:12: 12:76:cb:ed:19:75:53:f3:f0:71:45:42:91:9e:14:41:da:d4: 65:01:7a:ae:cd:0c:92:09:e7:99:4b:95:3c:14:34:c0:14:73: 12:25:40:28:e3:9a:be:b8:03:91:a9:c4:18:e1:a6:9f:ed:2e: 5f:f9:12:15:e9:5b:ab:3f:16:29:eb:e3:d9:e7:b2:90:8b:29: a5:4c:7c:29:a6:25:e5:50:ee:14:bc:0b:c4:85:06:3d:28:c3: 53:84:b4:23 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC7MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUMzQ0ExMTAvBgNVBAUTKEVDODJCMTlGOTA3OTg2REVCM0JCODAyRDIyNzNEMDM0 RDE0MTRCMkQwHhcNMjUwNTMwMTkwOTA2WhcNMjUwNjA2MTkwOTA2WjAYMRYwFAYD VQQDEw02ODNhMDI1Mi00NDU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxCnxJ1nt8ps3RmhFBEWKhhZ8ItbdAIkRk88AEr93g2pMjke6BKtDySmhzKl/ TPW0JSUOI9H0HTA6+9/aN04IN+JnQKmalf1uEUGgX3FXSvNVRfDyvFKXFMiDrjzw CdlxgBY3xKq1aM8uBFMqDw4pVPZvD8Z1cQAWe+lkHdApP0FwYc2xyNgOQq7IKhYb 2+8mz2EfNedNeWW68m5Pp0a3MJmV0IMC8n6mqKPLyPBc7en7tkjycmBJadt15ziu pwqIct80O7GOCCEF69KSz9KpK4DXPMxYqzjSZht56WzRA3OCWMC7VwSKmp1JHeVw N93VC6gATF6UZoIGkKIX8Dq09QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC6rOmkE igzHCQ6BO/+Ju+Rm0m1hMB8GA1UdIwQYMBaAFOyCsZ+QeYbes7uALSJz0DTRQUst MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQzNDQS84MTM4NjA0NjIx ODMxMUVBOENCODQ3MzdDNEY5QUUwMi83SUt4bjVCNWh0Nnp1NEF0SW5QUU5ORkJT eTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdJS3huNUI1aHQ2enU0QXRJblBRTk5GQlN5MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QzNDQS84MTM4NjA0NjIxODMxMUVBOENCODQ3MzdDNEY5QUUwMi83SUt4bjVCNWh0 Nnp1NEF0SW5QUU5ORkJTeTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA7GiFy0COy1HXj+H63JbyuRQ8WRje7GTHRIdDPk3Y7HV8T+Kbc49Ek QjazIrXbPajn+zRf6NJbdQSD1bFCyS0BNZlUb8dy6dyH1XMliyR3cJYj3aIOxX97 7+BVJDYDlyBGkpyn+fsQzzvsvLttHU2jhPUpiy9Hl7MDpRBi/o7Q3HXn+IGzUc2x PrqT7MSjtv09V9bZKB6RepM6KFxZCl0VQxISdsvtGXVT8/BxRUKRnhRB2tRlAXqu zQySCeeZS5U8FDTAFHMSJUAo45q+uAORqcQY4aaf7S5f+RIV6VurPxYp6+PZ57KQ iymlTHwppiXlUO4UvAvEhQY9KMNThLQj -----END CERTIFICATE-----Generated at Sat May 31 15:55:05 2025 by rpki-client