$ rpki-client -vvf rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft File: iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft (raw, json) Hash identifier: MR3v9wsEHFGSz0KK7EkSs6T0GA5UbmskEt6dlix2Kik= Subject key identifier: 34:18:17:75:A6:03:73:A7:1E:15:65:AA:BE:13:2A:93:D9:39:7C:EB Authority key identifier: 89:02:78:90:03:3D:5D:62:3B:D4:E4:39:86:E8:80:F6:AB:13:84:94 Certificate issuer: /CN=A91ECE62/serialNumber=89027890033D5D623BD4E43986E880F6AB138494 Certificate serial: 015B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQJ4kAM9XWI71OQ5huiA9qsThJQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft Manifest number: 0157 Signing time: Sat 31 May 2025 03:47:09 +0000 Manifest this update: Sat 31 May 2025 03:47:08 +0000 Manifest next update: Sat 07 Jun 2025 03:47:08 +0000 Files and hashes: 1: iQJ4kAM9XWI71OQ5huiA9qsThJQ.crl (hash: dLvNsGC6iNZg5lHUuWmU9YHXUD2B+NxQDiI5BlDM6ok=) 2: 047E1E9C341C11EE84F4D52CC4F9AE02.roa (hash: rbEk2KoFtT0uaq48+jo8FPtXO3/HKOrBaUxyg4fgBYU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.crl rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQJ4kAM9XWI71OQ5huiA9qsThJQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 03:47:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 347 (0x15b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ECE62, serialNumber=89027890033D5D623BD4E43986E880F6AB138494 Validity Not Before: May 31 03:47:08 2025 GMT Not After : Jun 7 03:47:08 2025 GMT Subject: CN=683a7bbc-b3ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:76:bc:3b:8c:02:94:92:93:9f:1c:28:7e:c0: 76:63:1b:71:d9:dd:a4:30:1e:50:14:a7:d8:cf:7b: fa:99:ec:d4:eb:bf:02:c8:c5:b6:bb:9c:78:ed:cd: 5d:b4:96:0e:3b:1d:82:20:72:21:cc:0b:fe:11:20: 97:80:56:7b:f1:ae:50:be:22:ac:e5:2d:a6:55:49: 86:a5:c9:2e:53:3b:4e:f1:2b:74:9b:87:1e:4b:b6: c2:c5:ae:66:10:71:7b:e8:8c:08:00:bf:a1:16:51: 0b:5b:f5:1f:e8:05:9c:a6:62:8c:df:44:b2:86:c3: e2:23:9f:7e:56:b3:c1:7b:7b:94:33:8e:fe:57:3e: 9f:45:6c:0f:6c:13:6a:93:23:27:01:9d:36:0b:5f: cb:d3:07:20:e3:76:b2:3b:e9:8e:99:6d:e4:02:6c: 30:0e:35:3c:5c:09:e5:47:be:76:94:3f:da:a8:5b: 9c:34:35:ec:96:61:8d:85:ee:ac:e3:1e:8d:ff:e0: d2:41:b9:a6:88:04:45:ea:bd:65:d2:c9:2f:fc:08: ea:d2:4a:e9:8d:40:38:f5:66:53:17:53:33:c5:58: e1:61:72:a0:33:35:06:b1:0c:db:96:b1:11:30:85: 3b:f0:91:7d:b6:ca:49:08:f6:40:48:83:d8:9d:8d: 35:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:18:17:75:A6:03:73:A7:1E:15:65:AA:BE:13:2A:93:D9:39:7C:EB X509v3 Authority Key Identifier: keyid:89:02:78:90:03:3D:5D:62:3B:D4:E4:39:86:E8:80:F6:AB:13:84:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iQJ4kAM9XWI71OQ5huiA9qsThJQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ECE62/21D5CCDE341B11EE9F849028C4F9AE02/iQJ4kAM9XWI71OQ5huiA9qsThJQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:11:21:4e:49:55:78:f7:24:86:e9:49:aa:ed:a4:25:37:06: 1e:f5:9b:cf:c2:10:83:c8:de:f2:be:dd:de:4b:f7:21:a3:8b: 60:5c:7a:bf:1c:d7:d9:92:38:9b:72:1d:77:86:6f:17:dc:7e: e4:98:2e:9d:11:2b:7b:e2:5b:35:85:9f:61:11:22:7a:c6:28: fa:61:ec:b7:db:f6:bb:a8:c8:3f:58:7c:15:0c:02:1d:24:7a: 15:44:b0:b2:64:c1:0d:62:0b:9c:16:91:5f:d5:dc:41:62:20: 15:35:90:c0:8d:7a:5a:eb:af:92:11:0e:dd:f2:31:19:3f:78: d3:08:99:77:e4:17:5d:ba:ac:44:ea:c2:17:34:29:3e:ba:50: 6c:d7:a9:dc:af:7b:90:19:38:ee:34:d0:13:95:a2:7c:74:25: 5e:69:9b:1e:5a:6c:b1:41:f5:02:fd:87:2c:5b:9c:56:c8:7e: 62:c6:01:fc:06:9e:b2:6c:36:d5:5f:0f:8e:cd:67:b5:4c:b2: 84:b5:ce:53:66:2d:f1:26:43:a3:74:43:c8:d8:0d:96:da:d4: b2:b4:f7:40:a7:39:42:3e:6f:12:87:85:95:c0:47:e2:4f:89: e9:d5:78:70:a5:d1:85:e1:8f:78:56:b6:c0:14:61:31:e2:e0: ea:5f:42:ae -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUNFNjIxMTAvBgNVBAUTKDg5MDI3ODkwMDMzRDVENjIzQkQ0RTQzOTg2RTg4MEY2 QUIxMzg0OTQwHhcNMjUwNTMxMDM0NzA4WhcNMjUwNjA3MDM0NzA4WjAYMRYwFAYD VQQDEw02ODNhN2JiYy1iM2FjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz3a8O4wClJKTnxwofsB2Yxtx2d2kMB5QFKfYz3v6mezU678CyMW2u5x47c1d tJYOOx2CIHIhzAv+ESCXgFZ78a5QviKs5S2mVUmGpckuUztO8St0m4ceS7bCxa5m EHF76IwIAL+hFlELW/Uf6AWcpmKM30SyhsPiI59+VrPBe3uUM47+Vz6fRWwPbBNq kyMnAZ02C1/L0wcg43ayO+mOmW3kAmwwDjU8XAnlR752lD/aqFucNDXslmGNhe6s 4x6N/+DSQbmmiARF6r1l0skv/Ajq0krpjUA49WZTF1MzxVjhYXKgMzUGsQzblrER MIU78JF9tspJCPZASIPYnY01iwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDQYF3Wm A3OnHhVlqr4TKpPZOXzrMB8GA1UdIwQYMBaAFIkCeJADPV1iO9TkOYbogParE4SU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQ0U2Mi8yMUQ1Q0NERTM0 MUIxMUVFOUY4NDkwMjhDNEY5QUUwMi9pUUo0a0FNOVhXSTcxT1E1aHVpQTlxc1Ro SlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lRSjRrQU05WFdJNzFPUTVodWlBOXFzVGhKUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF Q0U2Mi8yMUQ1Q0NERTM0MUIxMUVFOUY4NDkwMjhDNEY5QUUwMi9pUUo0a0FNOVhX STcxT1E1aHVpQTlxc1RoSlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCWESFOSVV49ySG6Umq7aQlNwYe9ZvPwhCDyN7yvt3eS/cho4tgXHq/ HNfZkjibch13hm8X3H7kmC6dESt74ls1hZ9hESJ6xij6Yey32/a7qMg/WHwVDAId JHoVRLCyZMENYgucFpFf1dxBYiAVNZDAjXpa66+SEQ7d8jEZP3jTCJl35BdduqxE 6sIXNCk+ulBs16ncr3uQGTjuNNATlaJ8dCVeaZseWmyxQfUC/YcsW5xWyH5ixgH8 Bp6ybDbVXw+OzWe1TLKEtc5TZi3xJkOjdEPI2A2W2tSytPdApzlCPm8Sh4WVwEfi T4np1XhwpdGF4Y94VrbAFGEx4uDqX0Ku -----END CERTIFICATE-----Generated at Sat May 31 16:49:07 2025 by rpki-client