$ rpki-client -vvf rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft File: _thOn-AVmpk3ohk6C326I7bCZbg.mft (raw, json) Hash identifier: UmJb7IeN77cTb7HgVwZ11HJ8xNcJ/EMPRya8d+r+U2Y= Subject key identifier: F3:B1:A8:0A:76:C5:CE:AA:FC:B5:B9:4D:23:02:1D:22:A4:C3:50:5E Authority key identifier: FE:D8:4E:9F:E0:15:9A:99:37:A2:19:3A:0B:7D:BA:23:B6:C2:65:B8 Certificate issuer: /CN=A91EDBB0/serialNumber=FED84E9FE0159A9937A2193A0B7DBA23B6C265B8 Certificate serial: 26 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_thOn-AVmpk3ohk6C326I7bCZbg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft Manifest number: 25 Signing time: Sat 31 May 2025 07:23:50 +0000 Manifest this update: Sat 31 May 2025 07:23:49 +0000 Manifest next update: Sat 07 Jun 2025 07:23:49 +0000 Files and hashes: 1: _thOn-AVmpk3ohk6C326I7bCZbg.crl (hash: XhHn1CuQVE6A3N1IVIOQzNGS6e9lznvfxoK/hT0SaS8=) 2: 18317928083911F0A2909A72C4F9AE02.roa (hash: fPnd9TCItmXimGuCENGl/4MsqPzHHL+sjFkQjjF93Kg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.crl rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_thOn-AVmpk3ohk6C326I7bCZbg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:23:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38 (0x26) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EDBB0, serialNumber=FED84E9FE0159A9937A2193A0B7DBA23B6C265B8 Validity Not Before: May 31 07:23:49 2025 GMT Not After : Jun 7 07:23:49 2025 GMT Subject: CN=683aae86-0cff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:78:1a:38:b8:b1:82:40:98:99:0c:78:09:fc: 78:96:3c:67:00:52:58:90:a2:9f:82:c9:d2:92:78: 7c:1c:e7:3f:f1:91:cb:87:fd:66:1b:e5:3a:e5:54: 9f:b7:2f:9d:3a:5f:69:75:b9:11:ef:64:49:5f:95: f5:a1:92:f8:a2:76:53:9f:59:76:09:26:ef:5f:de: 87:72:83:53:54:16:13:54:d8:ad:4b:be:d8:ec:ff: 2f:c4:5b:75:83:98:8e:20:b3:b9:d4:e1:c1:9f:a7: 0a:0f:1a:fb:53:0a:74:18:24:5d:fc:b2:43:9c:51: e7:72:06:38:1e:8b:08:eb:42:92:2c:4f:ff:52:81: c3:01:5c:a2:f7:d7:14:ab:16:02:6b:23:c0:e7:98: 10:90:7e:8c:13:48:87:17:45:f1:f4:f4:bd:f3:02: 32:53:77:cf:32:72:22:fb:a6:82:be:b4:a0:1b:19: d9:f3:0d:d0:8d:9a:a2:a6:d8:2d:31:f7:b6:3b:fc: e9:d0:73:2d:10:31:8c:b6:e1:53:57:39:86:63:03: 24:4c:ae:d7:e4:3e:b9:05:95:6d:74:99:b6:0a:be: 9e:10:81:17:4f:20:d1:7c:de:f3:6b:69:40:64:c2: 12:dc:9d:04:3c:4b:d8:69:13:eb:06:f1:98:33:a5: 9a:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:B1:A8:0A:76:C5:CE:AA:FC:B5:B9:4D:23:02:1D:22:A4:C3:50:5E X509v3 Authority Key Identifier: keyid:FE:D8:4E:9F:E0:15:9A:99:37:A2:19:3A:0B:7D:BA:23:B6:C2:65:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_thOn-AVmpk3ohk6C326I7bCZbg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EDBB0/E653E51207ED11F0B0A68764C4F9AE02/_thOn-AVmpk3ohk6C326I7bCZbg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 87:f6:ac:52:7f:7d:ef:63:01:5c:12:e4:e0:e2:ec:62:59:b0: 6a:e0:8f:1c:21:d8:5f:1b:e9:b1:62:ff:81:cd:d9:13:df:2e: e6:b9:86:4e:d4:a3:18:6f:9f:9f:45:08:19:31:6f:8a:ca:66: da:36:92:e4:a4:3f:fa:65:87:c6:ad:34:9f:71:89:73:92:c9: 7c:53:80:d1:4a:36:1a:a3:40:79:86:8e:8c:a7:6f:aa:eb:bd: 0e:eb:69:28:59:1f:ca:3c:71:b2:3f:02:c8:66:69:4a:61:54: 9f:0d:b7:cb:09:59:b0:3c:5c:f0:57:24:9f:f0:9c:fe:b7:40: 32:a5:ec:b9:d3:bd:ea:e3:c7:bb:50:0f:91:8f:f2:3f:15:2f: 10:ce:b2:ab:7a:64:2a:bf:72:bc:8c:77:a6:87:4e:90:72:5d: cd:92:10:f7:af:fd:7f:31:51:a0:ee:68:05:2f:59:84:32:e9: 03:73:50:ff:d0:09:64:5f:8c:cd:e2:ed:29:69:ad:2d:22:a2: df:ca:db:5b:1c:0d:ae:dd:cc:32:c0:6b:d3:76:7c:45:bc:54: 18:f3:ba:93:d7:c2:65:ee:fd:2f:fc:95:e8:b8:de:17:b4:3e: 15:95:26:7f:ef:23:e8:e3:7b:49:35:42:86:f4:1b:ad:33:51: 7d:44:5b:8a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF REJCMDExMC8GA1UEBRMoRkVEODRFOUZFMDE1OUE5OTM3QTIxOTNBMEI3REJBMjNC NkMyNjVCODAeFw0yNTA1MzEwNzIzNDlaFw0yNTA2MDcwNzIzNDlaMBgxFjAUBgNV BAMTDTY4M2FhZTg2LTBjZmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCYeBo4uLGCQJiZDHgJ/HiWPGcAUliQop+CydKSeHwc5z/xkcuH/WYb5TrlVJ+3 L506X2l1uRHvZElflfWhkviidlOfWXYJJu9f3odyg1NUFhNU2K1Lvtjs/y/EW3WD mI4gs7nU4cGfpwoPGvtTCnQYJF38skOcUedyBjgeiwjrQpIsT/9SgcMBXKL31xSr FgJrI8DnmBCQfowTSIcXRfH09L3zAjJTd88yciL7poK+tKAbGdnzDdCNmqKm2C0x 97Y7/OnQcy0QMYy24VNXOYZjAyRMrtfkPrkFlW10mbYKvp4QgRdPINF83vNraUBk whLcnQQ8S9hpE+sG8ZgzpZqPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU87GoCnbF zqr8tblNIwIdIqTDUF4wHwYDVR0jBBgwFoAU/thOn+AVmpk3ohk6C326I7bCZbgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVEQkIwL0U2NTNFNTEyMDdF RDExRjBCMEE2ODc2NEM0RjlBRTAyL190aE9uLUFWbXBrM29oazZDMzI2STdiQ1pi Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvX3RoT24tQVZtcGszb2hrNkMzMjZJN2JDWmJnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVE QkIwL0U2NTNFNTEyMDdFRDExRjBCMEE2ODc2NEM0RjlBRTAyL190aE9uLUFWbXBr M29oazZDMzI2STdiQ1piZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIf2rFJ/fe9jAVwS5ODi7GJZsGrgjxwh2F8b6bFi/4HN2RPfLua5hk7U oxhvn59FCBkxb4rKZto2kuSkP/plh8atNJ9xiXOSyXxTgNFKNhqjQHmGjoynb6rr vQ7raShZH8o8cbI/AshmaUphVJ8Nt8sJWbA8XPBXJJ/wnP63QDKl7LnTverjx7tQ D5GP8j8VLxDOsqt6ZCq/cryMd6aHTpByXc2SEPev/X8xUaDuaAUvWYQy6QNzUP/Q CWRfjM3i7SlprS0iot/K21scDa7dzDLAa9N2fEW8VBjzupPXwmXu/S/8lei43he0 PhWVJn/vI+jje0k1Qob0G60zUX1EW4o= -----END CERTIFICATE-----Generated at Sat May 31 17:27:51 2025 by rpki-client