$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.mft File: iUgJYwlWkkOCzDnUYPpHZLAXWTQ.mft (raw, json) Hash identifier: 07zmmyd77rcnYOO+QQw+UrHDZD6NIYXLYk/UaKvxPUQ= Subject key identifier: 39:6F:42:10:53:19:F1:13:A1:C3:0A:54:F2:77:6E:4E:79:A5:B4:CC Authority key identifier: 89:48:09:63:09:56:92:43:82:CC:39:D4:60:FA:47:64:B0:17:59:34 Certificate issuer: /CN=A91F2046/serialNumber=894809630956924382CC39D460FA4764B0175934 Certificate serial: 0BF8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.mft Manifest number: 0BF1 Signing time: Fri 30 May 2025 18:56:33 +0000 Manifest this update: Fri 30 May 2025 18:56:32 +0000 Manifest next update: Fri 06 Jun 2025 18:56:32 +0000 Files and hashes: 1: iUgJYwlWkkOCzDnUYPpHZLAXWTQ.crl (hash: InvE+iC5njceF4r44i/AAiiG3hcZ098r6Y5idV7P6eo=) 2: 0D2573FA173E11EA947B2976C4F9AE02.roa (hash: LIAL0RVUWvTNgpPqawClJ1GtfpOkeD0nFPnq/+uTw9c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.crl rsync://rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 18:56:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3064 (0xbf8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2046, serialNumber=894809630956924382CC39D460FA4764B0175934 Validity Not Before: May 30 18:56:32 2025 GMT Not After : Jun 6 18:56:32 2025 GMT Subject: CN=6839ff61-63c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:db:7b:a4:4b:ef:6d:ec:a7:49:58:84:de:1c: ca:1e:c6:71:1b:16:18:f5:f3:cd:1e:83:dc:e4:b9: 58:c6:14:f4:5d:94:a3:a2:bc:f7:29:27:ca:13:d0: 2e:71:de:40:7c:df:16:10:91:68:5b:c2:8c:42:f8: 2d:f1:c0:6f:dc:b1:52:9e:ae:fd:f6:57:03:a0:27: f6:bd:85:ae:2a:dc:9d:99:d1:d1:58:cf:3e:ac:43: 38:ef:62:91:5f:d4:11:7b:7a:68:d7:2f:a4:33:8e: 5a:4b:4a:f9:2a:c5:92:4f:09:5f:15:ea:e6:22:34: 63:2f:92:b8:93:b7:00:c9:b7:27:9d:fc:36:44:20: d8:48:b0:c2:7b:2b:98:bd:db:7c:f2:52:5a:7f:ad: 7f:f3:bd:48:d3:d0:29:5f:cd:4d:74:49:c9:a1:18: a6:4d:6e:6e:e2:31:1c:87:f3:fc:75:3c:59:b3:ea: 56:bc:a5:97:50:28:3c:2e:dc:ed:77:b3:da:de:ee: 91:25:29:ea:6a:40:21:a8:a1:d3:36:1d:9e:23:13: d1:e4:92:c4:6f:b4:7c:0d:26:1c:cd:1b:b3:b2:30: ff:07:e6:9e:0e:d4:a7:58:02:37:54:4b:8b:c4:8e: bb:da:29:89:4e:dd:41:49:b7:bf:ed:97:da:51:fb: 8d:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:6F:42:10:53:19:F1:13:A1:C3:0A:54:F2:77:6E:4E:79:A5:B4:CC X509v3 Authority Key Identifier: keyid:89:48:09:63:09:56:92:43:82:CC:39:D4:60:FA:47:64:B0:17:59:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2046/3FB02AE214D511EA8126400DC4F9AE02/iUgJYwlWkkOCzDnUYPpHZLAXWTQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7d:44:6e:85:85:fb:ca:00:96:4d:54:3a:16:72:e4:9d:24:fa: c6:86:7b:f2:37:98:ac:d0:14:27:27:63:ec:cf:5b:96:3d:9f: 6a:53:5d:ef:b2:80:be:4f:a2:75:6f:81:3f:9e:90:7e:5a:82: 68:c4:b5:76:7b:1d:c6:f6:17:6d:53:35:f7:6f:70:2e:2d:eb: ef:16:03:9a:52:30:18:61:0b:6c:63:7f:a7:9c:99:fd:99:b5: 43:d4:d9:7f:b4:1d:6d:ea:be:f7:c5:12:82:9b:cd:c7:5b:98: 9e:9d:25:98:50:a4:d3:ff:ab:da:81:c5:89:d1:61:70:69:25: 16:54:a7:1e:19:7a:3b:d4:7f:36:f2:f8:10:7e:fa:26:56:19: cf:d0:e0:0b:4e:2b:19:aa:53:85:8f:8a:bd:05:0f:a6:48:c2: e9:5a:a2:ac:a3:37:9a:59:b5:06:1c:0d:44:82:2b:23:8a:d2: 6e:57:f3:4a:d9:e1:84:94:aa:f0:b6:a6:41:ae:58:6b:22:ff: 30:cd:31:68:47:fb:82:ba:c5:dd:9c:eb:f2:b2:be:49:20:c0: 41:d1:4f:b3:67:21:06:bf:54:d6:fa:6f:b1:76:8f:81:50:1f: e2:22:31:02:ed:e0:47:c1:a5:54:cb:eb:79:47:86:31:28:85: 47:f9:dc:0e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIwNDYxMTAvBgNVBAUTKDg5NDgwOTYzMDk1NjkyNDM4MkNDMzlENDYwRkE0NzY0 QjAxNzU5MzQwHhcNMjUwNTMwMTg1NjMyWhcNMjUwNjA2MTg1NjMyWjAYMRYwFAYD VQQDEw02ODM5ZmY2MS02M2MzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1tt7pEvvbeynSViE3hzKHsZxGxYY9fPNHoPc5LlYxhT0XZSjorz3KSfKE9Au cd5AfN8WEJFoW8KMQvgt8cBv3LFSnq799lcDoCf2vYWuKtydmdHRWM8+rEM472KR X9QRe3po1y+kM45aS0r5KsWSTwlfFermIjRjL5K4k7cAybcnnfw2RCDYSLDCeyuY vdt88lJaf61/871I09ApX81NdEnJoRimTW5u4jEch/P8dTxZs+pWvKWXUCg8Ltzt d7Pa3u6RJSnqakAhqKHTNh2eIxPR5JLEb7R8DSYczRuzsjD/B+aeDtSnWAI3VEuL xI672imJTt1BSbe/7ZfaUfuNXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDlvQhBT GfETocMKVPJ3bk55pbTMMB8GA1UdIwQYMBaAFIlICWMJVpJDgsw51GD6R2SwF1k0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjA0Ni8zRkIwMkFFMjE0 RDUxMUVBODEyNjQwMERDNEY5QUUwMi9pVWdKWXdsV2trT0N6RG5VWVBwSFpMQVhX VFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lVZ0pZd2xXa2tPQ3pEblVZUHBIWkxBWFdUUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjA0Ni8zRkIwMkFFMjE0RDUxMUVBODEyNjQwMERDNEY5QUUwMi9pVWdKWXdsV2tr T0N6RG5VWVBwSFpMQVhXVFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB9RG6FhfvKAJZNVDoWcuSdJPrGhnvyN5is0BQnJ2Psz1uWPZ9qU13v soC+T6J1b4E/npB+WoJoxLV2ex3G9hdtUzX3b3AuLevvFgOaUjAYYQtsY3+nnJn9 mbVD1Nl/tB1t6r73xRKCm83HW5ienSWYUKTT/6vagcWJ0WFwaSUWVKceGXo71H82 8vgQfvomVhnP0OALTisZqlOFj4q9BQ+mSMLpWqKsozeaWbUGHA1EgisjitJuV/NK 2eGElKrwtqZBrlhrIv8wzTFoR/uCusXdnOvysr5JIMBB0U+zZyEGv1TW+m+xdo+B UB/iIjEC7eBHwaVUy+t5R4YxKIVH+dwO -----END CERTIFICATE-----Generated at Sat May 31 17:49:44 2025 by rpki-client