$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.mft File: v3H1vxFop4QFduAAbzu8ZfxINAs.mft (raw, json) Hash identifier: kYy0zvOSXIx888A0L3Ndj67OFCkJrhfmUCae47hT2i4= Subject key identifier: 4A:79:34:05:41:4F:F3:55:FD:CD:EC:AB:6C:4A:29:21:62:8E:58:64 Authority key identifier: BF:71:F5:BF:11:68:A7:84:05:76:E0:00:6F:3B:BC:65:FC:48:34:0B Certificate issuer: /CN=A91ED596/serialNumber=BF71F5BF1168A7840576E0006F3BBC65FC48340B Certificate serial: 96 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/v3H1vxFop4QFduAAbzu8ZfxINAs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.mft Manifest number: 95 Signing time: Sun 01 Jun 2025 06:03:33 +0000 Manifest this update: Sun 01 Jun 2025 06:03:32 +0000 Manifest next update: Sun 08 Jun 2025 06:03:32 +0000 Files and hashes: 1: v3H1vxFop4QFduAAbzu8ZfxINAs.crl (hash: Yja/+zVtQFfUJDe7BXn998U9m2Ad2B24Cqhr7c76lk0=) 2: 8580DC705AE311EF86351430C4F9AE02.roa (hash: tNd1A1Pa4JpDSAJTUxSzKVvWvdR5TDXaWTiFNabeiYY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.crl rsync://rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/v3H1vxFop4QFduAAbzu8ZfxINAs.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Jun 2025 06:03:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 150 (0x96) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ED596, serialNumber=BF71F5BF1168A7840576E0006F3BBC65FC48340B Validity Not Before: Jun 1 06:03:32 2025 GMT Not After : Jun 8 06:03:32 2025 GMT Subject: CN=683bed35-d9d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:35:6a:13:af:12:3a:1f:ca:56:b6:40:70:cc: e9:4c:c8:96:6f:07:16:0d:db:74:d2:3d:10:5f:da: db:c5:a1:cc:e4:8d:b0:f4:4f:67:39:89:e1:b9:b5: ee:83:90:ce:8e:da:63:7e:04:f7:4f:1a:9d:7d:25: 36:89:d8:60:38:20:b1:46:74:8e:c6:02:ea:87:be: fd:c1:49:d6:b3:23:2c:1f:84:1e:2f:72:7c:54:d5: 9b:5c:a2:ba:ac:e4:2e:28:d9:8f:b9:e0:5e:b2:d0: c4:9f:4a:55:b2:20:39:04:50:67:7f:0c:98:04:27: 75:fe:67:c1:25:00:07:e5:a9:6d:82:ef:ad:7f:2c: a6:56:ef:f1:1f:6e:0d:25:44:b4:3d:de:f7:0d:f9: 5c:10:63:9f:c3:c4:ed:99:dc:0e:8a:a4:5e:82:75: d7:76:18:fe:7c:82:84:ec:1f:60:13:6a:52:76:d3: 1c:52:49:76:e1:69:6a:19:0e:c5:21:c2:c7:57:02: 8a:21:bc:b4:f4:50:8c:75:ee:cb:a9:c9:62:05:fd: dd:91:a0:1c:59:4f:04:0b:29:5f:49:d0:52:d3:e9: 96:aa:4e:1a:11:56:af:06:95:49:58:f5:ca:97:09: f5:20:bd:9f:84:8a:92:33:84:13:62:b5:72:1d:8a: 96:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:79:34:05:41:4F:F3:55:FD:CD:EC:AB:6C:4A:29:21:62:8E:58:64 X509v3 Authority Key Identifier: keyid:BF:71:F5:BF:11:68:A7:84:05:76:E0:00:6F:3B:BC:65:FC:48:34:0B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/v3H1vxFop4QFduAAbzu8ZfxINAs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED596/0572DD8A5AE311EF932C232FC4F9AE02/v3H1vxFop4QFduAAbzu8ZfxINAs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8d:7a:8b:5f:80:2c:43:9d:0e:fa:53:81:12:9e:5b:d5:9d:85: c9:95:3b:d7:c3:d0:8f:8c:3d:8c:58:16:13:a1:fc:29:f4:d3: 5e:11:c7:e1:56:28:a7:39:09:62:2e:a3:54:4a:7b:f1:c5:bc: a6:b1:66:e5:c9:fc:dc:ef:5a:e5:e4:5a:ac:be:e0:eb:6a:35: 03:46:0c:ed:a7:cc:cb:49:aa:97:5e:35:20:ab:04:61:0b:55: 60:c1:55:0f:06:41:07:14:46:a3:2e:c6:bc:0e:d6:95:62:4f: f1:fb:d1:63:51:ff:fe:fa:c1:f0:f8:7e:24:23:68:1d:4e:cd: e7:37:63:01:af:dc:a2:08:9b:43:8d:7e:a2:b7:64:11:49:8c: ee:51:a5:e1:5d:3a:fa:81:0f:bd:3d:eb:7f:5f:bf:b1:4f:af: ea:5d:45:19:a5:ad:0f:fb:43:57:d2:30:d7:a8:ce:d7:ca:11: 03:8c:ba:b5:ec:c1:e9:8f:35:b4:24:7d:2c:d6:e9:80:ec:5e: ad:c0:88:9a:8f:a0:93:db:61:17:73:72:11:9f:08:ba:1e:b5: 2c:f1:a9:80:a6:6c:8e:34:e4:f0:c2:ed:60:b4:3a:d9:c1:09: 02:3a:d6:73:4d:2d:ff:ce:97:69:52:c2:eb:9f:21:e0:41:47: db:5a:5d:cd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUQ1OTYxMTAvBgNVBAUTKEJGNzFGNUJGMTE2OEE3ODQwNTc2RTAwMDZGM0JCQzY1 RkM0ODM0MEIwHhcNMjUwNjAxMDYwMzMyWhcNMjUwNjA4MDYwMzMyWjAYMRYwFAYD VQQDEw02ODNiZWQzNS1kOWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3zVqE68SOh/KVrZAcMzpTMiWbwcWDdt00j0QX9rbxaHM5I2w9E9nOYnhubXu g5DOjtpjfgT3TxqdfSU2idhgOCCxRnSOxgLqh779wUnWsyMsH4QeL3J8VNWbXKK6 rOQuKNmPueBestDEn0pVsiA5BFBnfwyYBCd1/mfBJQAH5altgu+tfyymVu/xH24N JUS0Pd73DflcEGOfw8TtmdwOiqRegnXXdhj+fIKE7B9gE2pSdtMcUkl24WlqGQ7F IcLHVwKKIby09FCMde7LqcliBf3dkaAcWU8ECylfSdBS0+mWqk4aEVavBpVJWPXK lwn1IL2fhIqSM4QTYrVyHYqWNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEp5NAVB T/NV/c3sq2xKKSFijlhkMB8GA1UdIwQYMBaAFL9x9b8RaKeEBXbgAG87vGX8SDQL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDU5Ni8wNTcyREQ4QTVB RTMxMUVGOTMyQzIzMkZDNEY5QUUwMi92M0gxdnhGb3A0UUZkdUFBYnp1OFpmeElO QXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3YzSDF2eEZvcDRRRmR1QUFienU4WmZ4SU5Bcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RDU5Ni8wNTcyREQ4QTVBRTMxMUVGOTMyQzIzMkZDNEY5QUUwMi92M0gxdnhGb3A0 UUZkdUFBYnp1OFpmeElOQXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCNeotfgCxDnQ76U4ESnlvVnYXJlTvXw9CPjD2MWBYTofwp9NNeEcfh ViinOQliLqNUSnvxxbymsWblyfzc71rl5FqsvuDrajUDRgztp8zLSaqXXjUgqwRh C1VgwVUPBkEHFEajLsa8DtaVYk/x+9FjUf/++sHw+H4kI2gdTs3nN2MBr9yiCJtD jX6it2QRSYzuUaXhXTr6gQ+9Pet/X7+xT6/qXUUZpa0P+0NX0jDXqM7XyhEDjLq1 7MHpjzW0JH0s1umA7F6twIiaj6CT22EXc3IRnwi6HrUs8amApmyONOTwwu1gtDrZ wQkCOtZzTS3/zpdpUsLrnyHgQUfbWl3N -----END CERTIFICATE-----Generated at Mon Jun 2 19:33:23 2025 by rpki-client