$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5972/9BF6C44EF03111EB95F76748C4F9AE02/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.mft File: r3mHQ9q2R4aKtmZzr3oTbC6g6ls.mft (raw, json) Hash identifier: cln6fhwtuB4WSrsevWxOZo3K23bnS+W4hf0ClROMs/k= Subject key identifier: DD:CC:70:3D:7F:4C:EA:97:14:32:94:82:78:89:59:4C:77:4A:32:34 Authority key identifier: AF:79:87:43:DA:B6:47:86:8A:B6:66:73:AF:7A:13:6C:2E:A0:EA:5B Certificate issuer: /CN=A91F5972/serialNumber=AF798743DAB647868AB66673AF7A136C2EA0EA5B Certificate serial: 055A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F5972/9BF6C44EF03111EB95F76748C4F9AE02/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.mft Manifest number: 0554 Signing time: Tue 10 Jun 2025 23:20:00 +0000 Manifest this update: Tue 10 Jun 2025 23:20:00 +0000 Manifest next update: Tue 17 Jun 2025 23:20:00 +0000 Files and hashes: 1: r3mHQ9q2R4aKtmZzr3oTbC6g6ls.crl (hash: 2fShGwkOTj9ZlMoDW1on/yJIqE3rn0XjXeRxX1SXwqA=) 2: B52EA19A6E0B11ECA6057963C4F9AE02.roa (hash: sRAPrM6e/yJbsGZwUamXGzz2TWejjmVOjZsdsTU0i6Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F5972/9BF6C44EF03111EB95F76748C4F9AE02/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.crl rsync://rpki.apnic.net/member_repository/A91F5972/9BF6C44EF03111EB95F76748C4F9AE02/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 17 Jun 2025 23:19:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1370 (0x55a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F5972, serialNumber=AF798743DAB647868AB66673AF7A136C2EA0EA5B Validity Not Before: Jun 10 23:20:00 2025 GMT Not After : Jun 17 23:20:00 2025 GMT Subject: CN=6848bda0-db26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:30:32:83:ce:3a:1b:05:6c:44:bd:62:15:5b: 20:d7:f2:1f:a0:75:0c:cf:9a:e8:03:1d:09:1a:ca: c3:5e:31:9c:2f:fc:d3:7c:00:5e:c5:f3:80:6b:ef: 48:d3:af:d7:82:6c:a4:23:4c:05:1d:74:d5:10:ac: 23:ff:d8:38:82:de:0f:94:b8:d4:e6:eb:a8:c3:69: 6d:24:77:f3:bf:46:0d:48:cc:df:30:cf:68:23:ec: 27:84:ae:52:ba:68:b6:1b:c6:d1:45:ce:90:00:3b: 69:f6:de:68:07:70:65:6a:a0:d1:43:67:79:53:4b: 5f:f7:85:cc:11:de:aa:4b:6a:07:d4:1d:f8:6c:75: 17:d0:85:7d:5f:0c:8a:c1:d0:84:12:c2:e0:99:9e: ef:28:92:e4:3c:90:a5:24:cb:1e:a2:4f:6d:dc:2a: bd:1a:ef:28:8f:c0:9c:e4:ef:09:f7:39:64:bc:79: 6d:e8:d7:a3:a7:6f:63:7f:23:68:9c:f4:83:78:cb: 4d:9c:2d:ce:f2:4d:30:1d:db:63:96:40:b1:81:90: 80:49:10:5e:f9:ca:36:0b:53:9a:1f:ff:5e:36:a5: 3c:7c:fe:fc:b1:fa:f6:8e:20:d3:d2:59:64:8b:c6: 4c:94:ee:6f:29:83:d7:dc:7a:6b:50:20:49:46:1c: 24:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:CC:70:3D:7F:4C:EA:97:14:32:94:82:78:89:59:4C:77:4A:32:34 X509v3 Authority Key Identifier: keyid:AF:79:87:43:DA:B6:47:86:8A:B6:66:73:AF:7A:13:6C:2E:A0:EA:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F5972/9BF6C44EF03111EB95F76748C4F9AE02/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5972/9BF6C44EF03111EB95F76748C4F9AE02/r3mHQ9q2R4aKtmZzr3oTbC6g6ls.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:89:28:83:a2:2f:6d:86:b9:a4:1d:4a:b2:92:da:f7:91:2d: aa:4b:d4:f7:91:15:0c:22:d8:99:e9:9d:83:af:a1:32:c0:b3: 6d:8c:7d:3e:ab:83:0f:4e:a0:df:cf:71:d9:78:cf:0b:80:c8: 6d:15:2e:25:03:3e:96:aa:56:65:d4:45:68:a8:f4:28:55:3a: de:b7:01:9c:3d:ef:d3:1f:7e:68:57:e1:09:a8:e5:af:be:7f: a7:24:67:7c:1c:6b:1f:10:22:e6:2f:dc:17:0e:a5:19:86:6e: b1:82:90:32:3a:ef:95:80:78:00:27:0a:dc:58:4a:06:b5:3e: f9:e7:c9:2e:f4:17:3f:8b:bd:51:1f:9f:88:5f:27:e4:69:67: d5:45:25:40:39:0b:a9:e8:e2:eb:bd:af:de:9e:af:77:8a:1c: 19:c0:97:a4:68:b8:4a:0a:39:ce:fc:50:72:ce:fe:1c:5e:15: e1:e1:42:ea:d5:44:6c:b9:ad:de:77:60:da:9a:75:9a:35:a8: d0:75:6c:74:70:f6:f2:3c:c7:69:72:13:06:8e:8f:12:84:1d: 64:0b:a8:ae:5d:4f:38:ba:d9:f3:e3:92:81:bd:0a:5c:5c:a2: 17:28:0b:12:77:38:b2:b2:b2:5e:85:c8:8d:2b:36:65:c3:ec: da:b0:04:03 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBVowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjU5NzIxMTAvBgNVBAUTKEFGNzk4NzQzREFCNjQ3ODY4QUI2NjY3M0FGN0ExMzZD MkVBMEVBNUIwHhcNMjUwNjEwMjMyMDAwWhcNMjUwNjE3MjMyMDAwWjAYMRYwFAYD VQQDEw02ODQ4YmRhMC1kYjI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwzAyg846GwVsRL1iFVsg1/IfoHUMz5roAx0JGsrDXjGcL/zTfABexfOAa+9I 06/XgmykI0wFHXTVEKwj/9g4gt4PlLjU5uuow2ltJHfzv0YNSMzfMM9oI+wnhK5S umi2G8bRRc6QADtp9t5oB3BlaqDRQ2d5U0tf94XMEd6qS2oH1B34bHUX0IV9XwyK wdCEEsLgmZ7vKJLkPJClJMseok9t3Cq9Gu8oj8Cc5O8J9zlkvHlt6Nejp29jfyNo nPSDeMtNnC3O8k0wHdtjlkCxgZCASRBe+co2C1OaH/9eNqU8fP78sfr2jiDT0llk i8ZMlO5vKYPX3HprUCBJRhwk1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN3McD1/ TOqXFDKUgniJWUx3SjI0MB8GA1UdIwQYMBaAFK95h0PatkeGirZmc696E2wuoOpb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTk3Mi85QkY2QzQ0RUYw MzExMUVCOTVGNzY3NDhDNEY5QUUwMi9yM21IUTlxMlI0YUt0bVp6cjNvVGJDNmc2 bHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3IzbUhROXEyUjRhS3RtWnpyM29UYkM2ZzZscy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NTk3Mi85QkY2QzQ0RUYwMzExMUVCOTVGNzY3NDhDNEY5QUUwMi9yM21IUTlxMlI0 YUt0bVp6cjNvVGJDNmc2bHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQARiSiDoi9thrmkHUqyktr3kS2qS9T3kRUMItiZ6Z2Dr6EywLNtjH0+ q4MPTqDfz3HZeM8LgMhtFS4lAz6WqlZl1EVoqPQoVTretwGcPe/TH35oV+EJqOWv vn+nJGd8HGsfECLmL9wXDqUZhm6xgpAyOu+VgHgAJwrcWEoGtT7558ku9Bc/i71R H5+IXyfkaWfVRSVAOQup6OLrva/enq93ihwZwJekaLhKCjnO/FByzv4cXhXh4ULq 1URsua3ed2DamnWaNajQdWx0cPbyPMdpchMGjo8ShB1kC6iuXU84utnz45KBvQpc XKIXKAsSdziysrJehciNKzZlw+zasAQD -----END CERTIFICATE-----Generated at Thu Jun 12 20:53:28 2025 by rpki-client