$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8981/272B4C706C7F11EF914D7D57C4F9AE02/MhTiYKePfRZ36DATfBBlcwAxz2Y.mft File: MhTiYKePfRZ36DATfBBlcwAxz2Y.mft (raw, json) Hash identifier: w/AKONxayKdCU+vlvHevpVIY3fjFNEQ2RXrZQsBhyA4= Subject key identifier: F3:7D:55:B7:CB:17:14:C7:03:DD:78:EC:DC:C1:F4:99:05:1C:63:5A Authority key identifier: 32:14:E2:60:A7:8F:7D:16:77:E8:30:13:7C:10:65:73:00:31:CF:66 Certificate issuer: /CN=A91F8981/serialNumber=3214E260A78F7D1677E830137C1065730031CF66 Certificate serial: 89 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MhTiYKePfRZ36DATfBBlcwAxz2Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8981/272B4C706C7F11EF914D7D57C4F9AE02/MhTiYKePfRZ36DATfBBlcwAxz2Y.mft Manifest number: 88 Signing time: Sat 31 May 2025 06:06:59 +0000 Manifest this update: Sat 31 May 2025 06:06:58 +0000 Manifest next update: Sat 07 Jun 2025 06:06:58 +0000 Files and hashes: 1: MhTiYKePfRZ36DATfBBlcwAxz2Y.crl (hash: FA7eyhHR4W+TVphd0SK68uZIFeQ+BIN1h9yMzoQh+Gs=) 2: D80D96066C7F11EF92105459C4F9AE02.roa (hash: 7pF3uHzaE+Wewnte+bG2KwxN3eFFLWjZ6eq6MYtYcWc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8981/272B4C706C7F11EF914D7D57C4F9AE02/MhTiYKePfRZ36DATfBBlcwAxz2Y.crl rsync://rpki.apnic.net/member_repository/A91F8981/272B4C706C7F11EF914D7D57C4F9AE02/MhTiYKePfRZ36DATfBBlcwAxz2Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MhTiYKePfRZ36DATfBBlcwAxz2Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 06:06:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 137 (0x89) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8981, serialNumber=3214E260A78F7D1677E830137C1065730031CF66 Validity Not Before: May 31 06:06:58 2025 GMT Not After : Jun 7 06:06:58 2025 GMT Subject: CN=683a9c82-dac3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:30:94:62:7c:2e:7e:71:f0:41:32:ae:0b:0c: 75:77:76:5a:2a:b0:e0:d6:ff:db:ca:9a:77:f0:3a: bd:3a:3d:59:78:71:bd:cf:09:8f:85:93:e4:9a:ae: 5d:c3:8b:32:2b:0d:92:60:c9:3b:d2:96:72:89:e8: 9f:1c:13:1f:e3:68:79:78:87:27:d6:f3:5b:24:fa: 35:92:55:85:c8:05:a5:5e:08:78:05:74:40:69:55: 0f:25:01:1f:4f:3e:da:ac:81:fb:d8:19:59:44:0e: 8c:5f:63:16:cc:1d:41:ce:3b:d6:b6:42:81:e4:67: d1:3b:60:48:d7:41:1a:df:d2:9b:d5:98:4b:19:a0: 23:89:e2:11:8f:0d:ab:65:58:fb:37:66:57:a2:46: 4d:f5:13:96:c9:d1:fc:37:7e:c1:96:70:40:cf:45: d4:51:84:78:23:d4:7b:28:7f:df:ad:d6:35:90:6c: 21:bb:f5:34:13:73:88:e4:1b:f9:56:e8:ac:af:82: 0c:e1:d2:b7:b5:40:1a:c9:e0:e8:e3:d7:cc:98:bd: 8c:f1:dc:51:80:81:6b:6f:0e:8d:7c:84:8e:f8:fc: bb:02:b2:53:35:c8:16:ee:7d:fc:dc:78:66:63:b1: 93:1b:78:00:7e:9f:8c:bf:8d:96:1f:62:46:80:af: e7:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:7D:55:B7:CB:17:14:C7:03:DD:78:EC:DC:C1:F4:99:05:1C:63:5A X509v3 Authority Key Identifier: keyid:32:14:E2:60:A7:8F:7D:16:77:E8:30:13:7C:10:65:73:00:31:CF:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8981/272B4C706C7F11EF914D7D57C4F9AE02/MhTiYKePfRZ36DATfBBlcwAxz2Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MhTiYKePfRZ36DATfBBlcwAxz2Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8981/272B4C706C7F11EF914D7D57C4F9AE02/MhTiYKePfRZ36DATfBBlcwAxz2Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:04:2c:51:cd:35:54:02:f8:c7:fa:c5:9f:9d:52:60:1d:15: 9c:9e:fe:19:d9:94:67:cb:35:6a:bf:13:ec:cf:49:0a:22:74: c2:c2:86:69:26:0e:b7:25:40:ff:de:1b:ff:42:1b:06:3c:9d: 08:df:a9:db:b5:cf:9e:f3:f6:fd:16:fe:a5:ad:7b:f7:f4:11: b5:87:8c:85:1c:fc:d0:63:f7:69:82:bf:d4:69:8c:eb:97:b0: 02:87:fb:33:93:c2:41:6b:78:99:78:04:d0:a3:4d:1b:1e:1f: e5:66:12:bc:f7:e0:e9:4a:ca:97:05:54:dd:11:04:75:75:0d: 5f:1d:2e:a5:7e:09:53:55:1c:73:72:2e:88:3a:99:f2:eb:29: ab:ec:1a:9c:f3:dd:26:85:4a:e3:7a:be:24:8b:9f:68:c1:2b: 3f:5f:94:43:2f:17:76:31:52:5d:ba:ca:2a:82:95:ec:f8:aa: 0d:9f:1e:f0:b6:16:b4:de:8f:72:76:ab:fc:eb:bd:e9:03:0a: 13:84:de:ff:cd:b1:e0:35:c1:98:7c:66:ed:83:78:34:b4:57: c5:4e:52:a6:39:93:a5:6f:82:05:9b:64:52:79:28:23:33:cb: b1:c5:9f:16:b3:32:60:3e:62:53:96:9c:3d:ba:71:cb:9e:2b: 93:3e:84:f6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Rjg5ODExMTAvBgNVBAUTKDMyMTRFMjYwQTc4RjdEMTY3N0U4MzAxMzdDMTA2NTcz MDAzMUNGNjYwHhcNMjUwNTMxMDYwNjU4WhcNMjUwNjA3MDYwNjU4WjAYMRYwFAYD VQQDEw02ODNhOWM4Mi1kYWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtDCUYnwufnHwQTKuCwx1d3ZaKrDg1v/bypp38Dq9Oj1ZeHG9zwmPhZPkmq5d w4syKw2SYMk70pZyieifHBMf42h5eIcn1vNbJPo1klWFyAWlXgh4BXRAaVUPJQEf Tz7arIH72BlZRA6MX2MWzB1BzjvWtkKB5GfRO2BI10Ea39Kb1ZhLGaAjieIRjw2r ZVj7N2ZXokZN9ROWydH8N37BlnBAz0XUUYR4I9R7KH/frdY1kGwhu/U0E3OI5Bv5 Vuisr4IM4dK3tUAayeDo49fMmL2M8dxRgIFrbw6NfISO+Py7ArJTNcgW7n383Hhm Y7GTG3gAfp+Mv42WH2JGgK/nMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPN9VbfL FxTHA9147NzB9JkFHGNaMB8GA1UdIwQYMBaAFDIU4mCnj30Wd+gwE3wQZXMAMc9m MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODk4MS8yNzJCNEM3MDZD N0YxMUVGOTE0RDdENTdDNEY5QUUwMi9NaFRpWUtlUGZSWjM2REFUZkJCbGN3QXh6 MlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01oVGlZS2VQZlJaMzZEQVRmQkJsY3dBeHoyWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODk4MS8yNzJCNEM3MDZDN0YxMUVGOTE0RDdENTdDNEY5QUUwMi9NaFRpWUtlUGZS WjM2REFUZkJCbGN3QXh6MlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhBCxRzTVUAvjH+sWfnVJgHRWcnv4Z2ZRnyzVqvxPsz0kKInTCwoZp Jg63JUD/3hv/QhsGPJ0I36nbtc+e8/b9Fv6lrXv39BG1h4yFHPzQY/dpgr/UaYzr l7ACh/szk8JBa3iZeATQo00bHh/lZhK89+DpSsqXBVTdEQR1dQ1fHS6lfglTVRxz ci6IOpny6ymr7Bqc890mhUrjer4ki59owSs/X5RDLxd2MVJdusoqgpXs+KoNnx7w tha03o9ydqv8673pAwoThN7/zbHgNcGYfGbtg3g0tFfFTlKmOZOlb4IFm2RSeSgj M8uxxZ8WszJgPmJTlpw9unHLniuTPoT2 -----END CERTIFICATE-----Generated at Sat May 31 16:35:51 2025 by rpki-client