$ rpki-client -vvf rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft File: BNhIIeE7gDAzVMS-NDMdURHyvKY.mft (raw, json) Hash identifier: FThhTZ62y2iEUxHcmXrculmhE1ANopDl5ByVM2GVunw= Subject key identifier: 70:92:1A:06:A5:76:E8:4C:F0:A6:63:CA:8F:8F:90:0C:0F:90:83:36 Authority key identifier: 04:D8:48:21:E1:3B:80:30:33:54:C4:BE:34:33:1D:51:11:F2:BC:A6 Certificate issuer: /CN=A91F0721/serialNumber=04D84821E13B80303354C4BE34331D5111F2BCA6 Certificate serial: 01AE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BNhIIeE7gDAzVMS-NDMdURHyvKY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft Manifest number: 01AB Signing time: Sat 31 May 2025 02:54:25 +0000 Manifest this update: Sat 31 May 2025 02:54:24 +0000 Manifest next update: Sat 07 Jun 2025 02:54:24 +0000 Files and hashes: 1: BNhIIeE7gDAzVMS-NDMdURHyvKY.crl (hash: fACT+6vL5nq5yUNbjUcCxVhOi/cp9Cv7Jd3VGBtPhb8=) 2: 7659B89AADCC11ED84051211C4F9AE02.roa (hash: S0QCets6nYQwhXbRnwnSRy3OBYGEXLOm6h5sFxoClJ8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.crl rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BNhIIeE7gDAzVMS-NDMdURHyvKY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 02:54:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 430 (0x1ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F0721, serialNumber=04D84821E13B80303354C4BE34331D5111F2BCA6 Validity Not Before: May 31 02:54:24 2025 GMT Not After : Jun 7 02:54:24 2025 GMT Subject: CN=683a6f61-1fa7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:40:c3:43:87:9d:57:d4:23:e9:bf:89:13:10: 86:44:24:d5:ab:7b:20:a6:1e:5d:fe:f5:84:90:9d: 6a:37:ee:64:92:55:a5:d6:67:56:15:8b:04:45:e2: f8:aa:fd:91:d9:c7:c1:2e:44:ed:20:d5:be:18:4a: 2e:74:f8:02:e6:75:fa:7a:05:55:39:4d:15:14:44: e9:ea:90:ba:69:d8:b6:83:b2:40:37:cc:09:cd:4d: d9:e5:bc:0b:c2:51:1d:ef:9f:d9:e0:ba:36:a5:69: ac:55:d1:ed:9c:73:69:67:ce:0e:f6:07:af:a1:e4: 12:8b:0b:a9:63:8f:8f:1c:23:2d:a9:21:2e:58:63: 0d:86:d7:8e:c4:55:58:03:2b:7a:12:f4:bb:0d:41: 17:a3:49:45:96:a1:3a:f8:15:fc:6c:99:12:43:41: dd:30:84:de:f1:29:62:41:6d:5e:d7:ad:5d:6f:55: fa:39:3f:7c:90:e6:bb:a0:52:ca:ff:89:57:ea:03: 0d:f5:6b:c8:a8:3e:36:7e:c7:f5:21:f2:e4:cf:6c: 96:6e:5f:fe:85:39:ab:82:55:d3:ea:24:90:d1:d2: 31:d5:da:57:a5:3c:8d:70:8d:ae:e7:1a:ff:c8:2d: 6f:2a:a2:c1:31:1b:29:49:5b:c1:b9:0a:aa:71:e5: 4a:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:92:1A:06:A5:76:E8:4C:F0:A6:63:CA:8F:8F:90:0C:0F:90:83:36 X509v3 Authority Key Identifier: keyid:04:D8:48:21:E1:3B:80:30:33:54:C4:BE:34:33:1D:51:11:F2:BC:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BNhIIeE7gDAzVMS-NDMdURHyvKY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F0721/C9127B3EADC811ED9216220EC4F9AE02/BNhIIeE7gDAzVMS-NDMdURHyvKY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b1:a6:4d:88:0b:f4:d3:43:1a:af:79:90:ce:41:ff:c7:99:ad: 3f:a6:d0:65:35:b7:80:a2:67:11:c5:62:82:a6:d8:f7:e2:b6: 4d:d8:64:4a:bb:90:1d:34:50:11:50:a5:44:4d:31:c5:c2:b9: 60:31:9a:9c:12:b0:f9:fc:58:e3:9e:30:1f:e7:55:db:4b:a6: 33:b7:d7:fb:a1:f1:22:8f:02:dc:9b:f5:dc:f6:9a:04:ea:a7: f9:fb:ca:99:9a:52:7a:3e:47:7b:18:48:6f:31:0a:18:39:5a: f1:d0:7b:db:8f:c9:15:e9:42:bb:cb:09:0f:55:4a:a1:5d:5b: 16:5d:c1:74:8e:7b:c2:ad:9d:e2:da:98:83:c7:bd:bb:dd:24: 4b:db:79:34:c1:81:69:10:71:4d:ef:b8:48:76:2a:ee:3a:41: 4a:f1:30:3c:fd:57:73:90:9b:f4:bb:2f:d9:e4:18:cd:e8:dd: f3:ac:0a:13:f0:3d:cb:49:a6:e7:b5:54:c9:5a:3a:e5:4c:88: dc:d7:dc:f1:b6:d7:8d:25:48:86:c9:c2:7f:de:76:03:68:07: ef:27:f3:f5:f6:6c:e3:0a:4e:9e:71:30:90:c5:99:2d:2a:8d: 40:04:ab:2b:75:46:52:2a:bf:a8:a8:65:46:f1:37:d1:b0:34: d3:c3:dd:bb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAa4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjA3MjExMTAvBgNVBAUTKDA0RDg0ODIxRTEzQjgwMzAzMzU0QzRCRTM0MzMxRDUx MTFGMkJDQTYwHhcNMjUwNTMxMDI1NDI0WhcNMjUwNjA3MDI1NDI0WjAYMRYwFAYD VQQDEw02ODNhNmY2MS0xZmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyUDDQ4edV9Qj6b+JExCGRCTVq3sgph5d/vWEkJ1qN+5kklWl1mdWFYsEReL4 qv2R2cfBLkTtINW+GEoudPgC5nX6egVVOU0VFETp6pC6adi2g7JAN8wJzU3Z5bwL wlEd75/Z4Lo2pWmsVdHtnHNpZ84O9gevoeQSiwupY4+PHCMtqSEuWGMNhteOxFVY Ayt6EvS7DUEXo0lFlqE6+BX8bJkSQ0HdMITe8SliQW1e161db1X6OT98kOa7oFLK /4lX6gMN9WvIqD42fsf1IfLkz2yWbl/+hTmrglXT6iSQ0dIx1dpXpTyNcI2u5xr/ yC1vKqLBMRspSVvBuQqqceVKDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHCSGgal duhM8KZjyo+PkAwPkIM2MB8GA1UdIwQYMBaAFATYSCHhO4AwM1TEvjQzHVER8rym MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMDcyMS9DOTEyN0IzRUFE QzgxMUVEOTIxNjIyMEVDNEY5QUUwMi9CTmhJSWVFN2dEQXpWTVMtTkRNZFVSSHl2 S1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JOaElJZUU3Z0RBelZNUy1ORE1kVVJIeXZLWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MDcyMS9DOTEyN0IzRUFEQzgxMUVEOTIxNjIyMEVDNEY5QUUwMi9CTmhJSWVFN2dE QXpWTVMtTkRNZFVSSHl2S1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCxpk2IC/TTQxqveZDOQf/Hma0/ptBlNbeAomcRxWKCptj34rZN2GRK u5AdNFARUKVETTHFwrlgMZqcErD5/FjjnjAf51XbS6Yzt9f7ofEijwLcm/Xc9poE 6qf5+8qZmlJ6Pkd7GEhvMQoYOVrx0Hvbj8kV6UK7ywkPVUqhXVsWXcF0jnvCrZ3i 2piDx7273SRL23k0wYFpEHFN77hIdiruOkFK8TA8/VdzkJv0uy/Z5BjN6N3zrAoT 8D3LSabntVTJWjrlTIjc19zxtteNJUiGycJ/3nYDaAfvJ/P19mzjCk6ecTCQxZkt Ko1ABKsrdUZSKr+oqGVG8TfRsDTTw927 -----END CERTIFICATE-----Generated at Sat May 31 16:30:34 2025 by rpki-client