$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC93F/60A8F88CDEAD11ED8A6DF14DC4F9AE02/CUoNzYAqBb91c_96buCnqXIFUNE.mft File: CUoNzYAqBb91c_96buCnqXIFUNE.mft (raw, json) Hash identifier: hLaXcsYq7nPaDnFxvZpYPWwoRL95i7++ZAVzVuVdMAY= Subject key identifier: C5:3F:B8:08:EB:97:A2:04:BC:25:94:76:B5:42:48:C9:02:3B:1C:F3 Authority key identifier: 09:4A:0D:CD:80:2A:05:BF:75:73:FF:7A:6E:E0:A7:A9:72:05:50:D1 Certificate issuer: /CN=A91EC93F/serialNumber=094A0DCD802A05BF7573FF7A6EE0A7A9720550D1 Certificate serial: 018F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUoNzYAqBb91c_96buCnqXIFUNE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EC93F/60A8F88CDEAD11ED8A6DF14DC4F9AE02/CUoNzYAqBb91c_96buCnqXIFUNE.mft Manifest number: 018C Signing time: Sat 31 May 2025 03:13:50 +0000 Manifest this update: Sat 31 May 2025 03:13:49 +0000 Manifest next update: Sat 07 Jun 2025 03:13:49 +0000 Files and hashes: 1: CUoNzYAqBb91c_96buCnqXIFUNE.crl (hash: nz7QEZ5fSuVR/pshkl9w1qmivVqjn+1Klkf91Vwlyz8=) 2: 5BA557A6DEB011EDB7B0C04EC4F9AE02.roa (hash: SAjkukJRb4ZF5aM/fUJAbMY1lnAEeXzzgnRTsvAlM7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EC93F/60A8F88CDEAD11ED8A6DF14DC4F9AE02/CUoNzYAqBb91c_96buCnqXIFUNE.crl rsync://rpki.apnic.net/member_repository/A91EC93F/60A8F88CDEAD11ED8A6DF14DC4F9AE02/CUoNzYAqBb91c_96buCnqXIFUNE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUoNzYAqBb91c_96buCnqXIFUNE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:13:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 399 (0x18f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EC93F, serialNumber=094A0DCD802A05BF7573FF7A6EE0A7A9720550D1 Validity Not Before: May 31 03:13:49 2025 GMT Not After : Jun 7 03:13:49 2025 GMT Subject: CN=683a73ed-f6ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:fb:ef:8e:9e:20:ea:70:4b:ad:13:d8:48:2d: 95:f6:2b:7f:cb:a5:80:ce:07:46:7d:6e:88:04:da: 1a:a8:b9:17:6b:ff:a4:ff:ab:93:55:ab:12:1c:ca: 71:c8:2d:15:ca:0f:69:b0:1d:0d:4f:33:cf:31:1e: 96:f2:43:f3:a9:af:49:69:40:d6:a0:4e:03:db:c2: 6c:ec:66:d3:2c:3e:aa:ae:97:b5:de:13:45:54:ae: d3:bf:77:42:cb:ec:27:52:d0:80:0b:29:d4:db:bf: 9d:78:bf:7d:b8:26:6f:e6:ad:7e:10:d4:3f:4e:ba: e9:f2:ba:f6:da:a5:ef:49:2c:86:e3:0b:08:ca:b3: 29:5a:6a:a3:b1:6f:ba:0e:e8:87:31:d9:7e:0e:07: 58:ff:b7:ff:d3:84:23:57:18:4a:a2:42:9d:a9:7f: 01:e8:f8:ff:aa:f3:ef:a2:9d:b8:45:be:98:3d:b2: 46:ff:ad:a6:9b:b4:fd:0c:1a:ef:cf:f3:61:1c:eb: 85:a5:02:a8:7c:6d:ec:d7:cf:21:91:00:c3:9b:0b: 07:c2:42:f1:bc:fe:2e:4c:7a:37:b3:6c:b8:70:5d: a4:86:5d:bc:69:31:a2:26:c8:42:2f:ae:00:5d:fa: 2a:de:d7:38:87:8c:a9:0a:bf:52:b4:64:29:8f:8d: 4d:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:3F:B8:08:EB:97:A2:04:BC:25:94:76:B5:42:48:C9:02:3B:1C:F3 X509v3 Authority Key Identifier: keyid:09:4A:0D:CD:80:2A:05:BF:75:73:FF:7A:6E:E0:A7:A9:72:05:50:D1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EC93F/60A8F88CDEAD11ED8A6DF14DC4F9AE02/CUoNzYAqBb91c_96buCnqXIFUNE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUoNzYAqBb91c_96buCnqXIFUNE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC93F/60A8F88CDEAD11ED8A6DF14DC4F9AE02/CUoNzYAqBb91c_96buCnqXIFUNE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:51:5a:07:5e:83:af:ab:67:c2:a5:a6:a3:12:e8:fa:7b:e8: d1:95:bc:63:dd:4e:c5:66:9a:65:9d:03:56:51:15:18:a3:b7: 44:2e:c2:8e:dd:99:3a:d9:5c:04:22:35:89:26:e0:fe:28:45: e4:fb:b7:af:a5:99:4c:16:fe:eb:c6:cd:9c:f9:c1:a6:b0:11: b0:2d:de:8e:d2:b7:b0:b7:8a:c7:61:31:29:2a:5e:de:f8:95: 8e:2e:b4:20:c6:20:b2:c8:f5:8e:b7:9a:49:a0:74:7a:42:9d: bc:24:61:d0:78:04:7d:64:b8:4f:2e:a6:81:6f:9e:42:8a:a0: 48:07:68:b1:a1:90:04:64:69:69:19:b3:08:43:4c:09:c5:6c: 23:40:d5:f5:eb:38:b2:71:98:22:5b:1c:2e:31:ce:a5:df:64: 8c:47:a3:f7:78:f3:89:8f:0c:f7:2a:0c:df:ce:cf:bf:5c:2d: e3:73:f1:42:07:fc:ec:87:80:c4:c1:4b:f3:e9:34:2f:78:71: f4:9f:2a:79:7c:29:07:8b:99:78:b8:85:b9:bb:a7:68:5c:f1: 1d:6a:0d:56:29:11:5d:48:32:c9:99:ed:26:b3:cc:f0:2a:21: 43:40:c2:0c:e5:3a:22:80:46:8f:4f:79:f4:69:ce:5b:70:24: 65:11:ee:8e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAY8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUM5M0YxMTAvBgNVBAUTKDA5NEEwRENEODAyQTA1QkY3NTczRkY3QTZFRTBBN0E5 NzIwNTUwRDEwHhcNMjUwNTMxMDMxMzQ5WhcNMjUwNjA3MDMxMzQ5WjAYMRYwFAYD VQQDEw02ODNhNzNlZC1mNmFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApvvvjp4g6nBLrRPYSC2V9it/y6WAzgdGfW6IBNoaqLkXa/+k/6uTVasSHMpx yC0Vyg9psB0NTzPPMR6W8kPzqa9JaUDWoE4D28Js7GbTLD6qrpe13hNFVK7Tv3dC y+wnUtCACynU27+deL99uCZv5q1+ENQ/Trrp8rr22qXvSSyG4wsIyrMpWmqjsW+6 DuiHMdl+DgdY/7f/04QjVxhKokKdqX8B6Pj/qvPvop24Rb6YPbJG/62mm7T9DBrv z/NhHOuFpQKofG3s188hkQDDmwsHwkLxvP4uTHo3s2y4cF2khl28aTGiJshCL64A Xfoq3tc4h4ypCr9StGQpj41NdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMU/uAjr l6IEvCWUdrVCSMkCOxzzMB8GA1UdIwQYMBaAFAlKDc2AKgW/dXP/em7gp6lyBVDR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQzkzRi82MEE4Rjg4Q0RF QUQxMUVEOEE2REYxNERDNEY5QUUwMi9DVW9OellBcUJiOTFjXzk2YnVDbnFYSUZV TkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NVb056WUFxQmI5MWNfOTZidUNucVhJRlVORS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QzkzRi82MEE4Rjg4Q0RFQUQxMUVEOEE2REYxNERDNEY5QUUwMi9DVW9OellBcUJi OTFjXzk2YnVDbnFYSUZVTkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAiUVoHXoOvq2fCpaajEuj6e+jRlbxj3U7FZpplnQNWURUYo7dELsKO 3Zk62VwEIjWJJuD+KEXk+7evpZlMFv7rxs2c+cGmsBGwLd6O0rewt4rHYTEpKl7e +JWOLrQgxiCyyPWOt5pJoHR6Qp28JGHQeAR9ZLhPLqaBb55CiqBIB2ixoZAEZGlp GbMIQ0wJxWwjQNX16ziycZgiWxwuMc6l32SMR6P3ePOJjwz3Kgzfzs+/XC3jc/FC B/zsh4DEwUvz6TQveHH0nyp5fCkHi5l4uIW5u6doXPEdag1WKRFdSDLJme0ms8zw KiFDQMIM5ToigEaPT3n0ac5bcCRlEe6O -----END CERTIFICATE-----Generated at Sat May 31 16:25:57 2025 by rpki-client