$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft File: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft (raw, json) Hash identifier: 7FEbTYwXLK7oWpPdmQqP8b7ihZ5PutKJ3OlyOG7IF8E= Subject key identifier: A1:A3:09:47:58:1D:B8:83:83:7C:0B:11:48:1B:37:A8:83:85:9D:7A Authority key identifier: AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 Certificate issuer: /CN=A91F3F02/serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661 Certificate serial: 0FB9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft Manifest number: 0F83 Signing time: Wed 04 Jun 2025 17:32:51 +0000 Manifest this update: Wed 04 Jun 2025 17:32:50 +0000 Manifest next update: Wed 11 Jun 2025 17:32:50 +0000 Files and hashes: 1: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl (hash: Ejz0PaPhBVgV1931id5IEi1UmxMjCMxFo5LrBSgbqjk=) 2: 4BF23558026D11EBB136622CC4F9AE02.roa (hash: QtpDimKOHqXsxnqa4q87zCBuPpMrfxyNN2d7cp4WlrA=) 3: B3876B1821C911EB991D562EC4F9AE02.roa (hash: 6uU1bRzcclFeMC/RnwQZxh3s9UKuJJHVwL7cdGjMFOc=) 4: B2B2930C21C911EB991D562EC4F9AE02.roa (hash: XWm8GaGIPPLP9AKtaT6KRszth65jZeSEF8vfSa7oAA0=) 5: 8663E8B6658A11E9930DC678C4F9AE02.roa (hash: PNhMIJG2WqhTSsHQs6Q3B5W+HPqAu/8Af4Ot4nkDDLQ=) 6: F98DEF9A231F11EB99F53580C4F9AE02.roa (hash: t18G/jUeuq8lptvTyxkqs2wnq4jb4g41EOSptQznrUs=) 7: E049FDF87A4511EBBB2D0A52C4F9AE02.roa (hash: Jk6V50ct0NhfCUNeq2rSB6SPY6PZ86y8Zd5FDESJ7kI=) 8: B490CD0621C911EB991D562EC4F9AE02.roa (hash: WNk4We2Ht/Om3rf3IbH7SVRsK901hQ7kL7sR1ONDJ8A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 17:32:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4025 (0xfb9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3F02, serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661 Validity Not Before: Jun 4 17:32:50 2025 GMT Not After : Jun 11 17:32:50 2025 GMT Subject: CN=68408342-7433 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:65:29:0c:d1:ae:00:9e:8e:cc:c2:aa:23:d3: e8:d9:86:24:40:25:23:71:65:d1:60:fb:ca:de:62: 40:ea:6d:9f:7b:9e:62:48:b9:b6:0d:43:d5:f7:4a: d4:11:74:27:ed:5a:33:ce:17:6a:fb:4f:4c:88:c0: 8c:e1:b4:fe:59:38:6c:9f:7f:a8:cb:2e:2f:79:24: 10:44:d6:6e:6c:09:9e:f6:6c:4c:ac:d8:49:57:36: d7:22:74:0f:48:81:9a:83:62:55:ac:cf:68:de:9d: d0:85:34:e2:64:f7:fa:3f:60:b8:b0:93:b5:ba:3c: e9:d7:58:9e:53:35:ac:45:7b:68:21:75:8f:f1:5d: 8c:91:a6:16:15:3d:95:1e:77:bf:9a:7b:e5:93:ad: f0:68:9e:23:c6:42:be:c2:b3:c6:0d:f7:bc:d0:ba: 86:45:7e:a8:a4:67:45:39:c0:25:94:d9:55:c2:40: 95:47:62:76:83:7b:ba:8a:fe:d0:b4:48:d8:27:1c: 27:1e:ba:1d:f8:96:95:f5:84:82:1c:7f:5a:cc:aa: e9:53:53:5f:18:10:3f:71:4f:de:67:82:60:5f:6a: 01:7c:1d:92:8b:32:28:97:e8:5d:a2:91:88:fa:04: 0d:4c:5a:09:66:2a:b0:cc:c2:43:22:66:4a:db:33: 6e:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:A3:09:47:58:1D:B8:83:83:7C:0B:11:48:1B:37:A8:83:85:9D:7A X509v3 Authority Key Identifier: keyid:AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:be:f6:68:82:6e:22:33:de:e5:3d:2b:64:38:06:8d:79:b7: 6d:c1:55:ae:49:aa:da:25:00:af:4f:b5:74:c0:ab:b3:ac:70: c6:a6:89:40:1e:8c:3b:d0:fa:70:fc:f6:86:3c:0b:cf:c9:21: f0:af:5b:e0:f1:c9:a2:92:56:21:b5:98:fb:af:64:a8:b4:30: 94:0c:d2:f5:94:fd:fe:21:67:28:44:f8:c1:f6:a1:50:44:54: 98:89:d4:a1:4e:3b:bb:1a:37:f9:c6:80:7d:bf:95:52:8b:86: 7a:9d:96:be:f4:23:66:64:8f:dc:28:04:1b:fb:97:d2:c8:69: 15:1d:ce:72:e7:29:9e:6c:b4:fb:df:2b:b2:8e:17:63:a8:84: 8c:52:ab:3d:65:3a:5e:2a:3c:c5:3a:09:9c:41:92:dc:04:9a: 97:c2:e6:dd:c9:1b:68:ea:52:49:70:f3:64:1f:72:9f:67:9f: 7d:43:dc:cd:13:9c:0d:5e:3c:2b:69:ef:33:4e:52:f6:eb:44: 9f:45:70:3e:03:a0:af:13:4d:e3:c9:43:55:86:52:99:03:bf: 64:45:5e:ae:bd:40:41:0c:c8:13:99:fe:6d:e6:3d:50:87:90: c1:32:6e:15:ea:db:5c:d1:0e:2f:b8:c7:bf:99:7b:97:a6:06: 52:5d:33:ba -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD7kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjNGMDIxMTAvBgNVBAUTKEFGNDQ3ODA4MTNCQjZDMDVFOTk3NTQ1QjA4RDM3OTM2 RkZBQzQ2NjEwHhcNMjUwNjA0MTczMjUwWhcNMjUwNjExMTczMjUwWjAYMRYwFAYD VQQDEw02ODQwODM0Mi03NDMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7GUpDNGuAJ6OzMKqI9Po2YYkQCUjcWXRYPvK3mJA6m2fe55iSLm2DUPV90rU EXQn7Vozzhdq+09MiMCM4bT+WThsn3+oyy4veSQQRNZubAme9mxMrNhJVzbXInQP SIGag2JVrM9o3p3QhTTiZPf6P2C4sJO1ujzp11ieUzWsRXtoIXWP8V2MkaYWFT2V Hne/mnvlk63waJ4jxkK+wrPGDfe80LqGRX6opGdFOcAllNlVwkCVR2J2g3u6iv7Q tEjYJxwnHrod+JaV9YSCHH9azKrpU1NfGBA/cU/eZ4JgX2oBfB2SizIol+hdopGI +gQNTFoJZiqwzMJDImZK2zNuEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKGjCUdY HbiDg3wLEUgbN6iDhZ16MB8GA1UdIwQYMBaAFK9EeAgTu2wF6ZdUWwjTeTb/rEZh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0YwMi9DQ0FCNTc1MDYz RjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JBWHBsMVJiQ05ONU52LXNS bUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3IwUjRDQk83YkFYcGwxUmJDTk41TnYtc1JtRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG M0YwMi9DQ0FCNTc1MDYzRjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JB WHBsMVJiQ05ONU52LXNSbUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBMvvZogm4iM97lPStkOAaNebdtwVWuSaraJQCvT7V0wKuzrHDGpolA How70Ppw/PaGPAvPySHwr1vg8cmiklYhtZj7r2SotDCUDNL1lP3+IWcoRPjB9qFQ RFSYidShTju7Gjf5xoB9v5VSi4Z6nZa+9CNmZI/cKAQb+5fSyGkVHc5y5ymebLT7 3yuyjhdjqISMUqs9ZTpeKjzFOgmcQZLcBJqXwubdyRto6lJJcPNkH3KfZ599Q9zN E5wNXjwrae8zTlL260SfRXA+A6CvE03jyUNVhlKZA79kRV6uvUBBDMgTmf5t5j1Q h5DBMm4V6ttc0Q4vuMe/mXuXpgZSXTO6 -----END CERTIFICATE-----Generated at Fri Jun 6 14:18:21 2025 by rpki-client