$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.mft File: -gfo6rqEcKil_kuhPnXZ5f6jOyc.mft (raw, json) Hash identifier: /XSBWzaDBdR0KQWccLeOQHURUGAvWu1ELf9yS8C5kCg= Subject key identifier: 91:9B:E5:47:92:62:A3:D3:0C:04:8A:93:2B:D5:0A:8B:35:E6:E4:B3 Authority key identifier: FA:07:E8:EA:BA:84:70:A8:A5:FE:4B:A1:3E:75:D9:E5:FE:A3:3B:27 Certificate issuer: /CN=A91F9FA2/serialNumber=FA07E8EABA8470A8A5FE4BA13E75D9E5FEA33B27 Certificate serial: 09BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-gfo6rqEcKil_kuhPnXZ5f6jOyc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.mft Manifest number: 09B4 Signing time: Fri 30 May 2025 20:12:58 +0000 Manifest this update: Fri 30 May 2025 20:12:58 +0000 Manifest next update: Fri 06 Jun 2025 20:12:58 +0000 Files and hashes: 1: -gfo6rqEcKil_kuhPnXZ5f6jOyc.crl (hash: ws6TS+mmlMHDK4gNHSzT4Ut/9qOnUeiu6FgtiS+4W5I=) 2: 0893031C846611EA9B99E043C4F9AE02.roa (hash: 3hay+KNg/2l74ymUeo3rJ7DbBbo6k73NfQvBnuqkfBY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.crl rsync://rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-gfo6rqEcKil_kuhPnXZ5f6jOyc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 06 Jun 2025 20:12:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2492 (0x9bc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F9FA2, serialNumber=FA07E8EABA8470A8A5FE4BA13E75D9E5FEA33B27 Validity Not Before: May 30 20:12:58 2025 GMT Not After : Jun 6 20:12:58 2025 GMT Subject: CN=683a114a-2145 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:fa:cd:d3:5f:0b:55:c9:61:b6:d7:27:99:73: d0:ee:eb:ae:9d:cf:76:1b:cb:5b:b2:33:1d:ac:44: 4b:33:d3:31:99:6e:80:f0:3b:6f:ee:cf:0a:e5:7f: f2:d5:c5:a6:17:d8:75:fb:93:21:71:88:77:28:35: 37:87:be:4c:12:d1:90:a3:d1:b9:00:25:a6:89:b9: 59:39:ec:45:57:00:4a:2c:5e:8a:95:95:ac:63:1f: e7:67:74:d6:85:f7:07:e9:d7:32:98:1d:3f:d6:fb: 65:ff:78:00:0b:35:06:ef:a9:62:78:e8:e7:9e:f4: 23:5a:8b:54:5b:4f:eb:1a:51:32:18:39:6c:7f:b8: a6:e6:cf:d2:8e:08:46:2b:69:b2:fa:77:47:69:69: 6e:a3:d6:0d:45:6c:dc:5a:bb:e7:9a:1e:d1:d7:44: 30:f4:66:14:0d:c2:2b:00:bf:f1:d5:a7:70:95:82: 40:57:5e:51:e3:d4:7e:99:46:82:09:ed:cd:58:36: 85:e4:44:8e:ed:26:71:94:c0:e8:ad:4c:fb:52:f3: 38:16:5b:34:3d:57:13:c9:dd:5d:ef:bc:50:8b:35: b0:77:26:cb:2f:fd:46:d4:ea:61:79:9f:fa:a3:cb: a8:2f:76:eb:8d:9a:01:d6:7d:56:ef:29:fa:9d:70: c7:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:9B:E5:47:92:62:A3:D3:0C:04:8A:93:2B:D5:0A:8B:35:E6:E4:B3 X509v3 Authority Key Identifier: keyid:FA:07:E8:EA:BA:84:70:A8:A5:FE:4B:A1:3E:75:D9:E5:FE:A3:3B:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-gfo6rqEcKil_kuhPnXZ5f6jOyc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9FA2/1C88B03A846411EAA9941540C4F9AE02/-gfo6rqEcKil_kuhPnXZ5f6jOyc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:36:31:6e:3a:02:dc:b9:67:8c:97:bc:f4:62:6c:21:15:33: b7:88:7a:41:32:da:27:74:06:25:a3:e3:b3:8e:6b:3c:3d:f9: bb:54:82:72:af:ea:78:a8:c4:9a:31:3a:44:a0:dc:37:9d:36: 98:51:d6:99:de:f4:b5:bf:6e:f7:48:b9:53:62:78:fe:e2:1b: 52:95:69:1b:bf:ff:8a:a8:24:8b:12:69:b4:48:55:d8:69:eb: cd:9b:87:10:17:5d:e5:27:c0:fb:bf:1e:58:41:80:a1:a2:db: 46:e9:ae:6d:8b:6e:f0:6f:7f:64:41:df:12:46:61:a0:f2:f6: 74:fb:14:38:44:e2:22:c0:16:fd:13:80:7d:91:1c:2d:00:19: 72:59:94:1f:2d:7b:46:b0:c5:cf:ca:b6:52:10:d1:a6:9c:6d: 2c:b4:52:31:a0:27:9d:32:d9:e1:08:46:39:83:79:27:fc:92: f5:bd:a4:a4:df:16:1f:d5:c2:86:d8:4e:a1:f9:50:78:c5:f6: 3c:95:2c:11:62:da:fb:3b:3e:e9:f1:ba:09:12:ea:2a:51:26: 93:cc:46:d9:f2:95:2a:9a:50:ff:90:e1:d1:e3:3c:d9:10:28: af:97:05:39:45:62:e4:00:86:5b:a6:c7:00:2d:ad:13:3c:cf: 92:87:cf:cf -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCbwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjlGQTIxMTAvBgNVBAUTKEZBMDdFOEVBQkE4NDcwQThBNUZFNEJBMTNFNzVEOUU1 RkVBMzNCMjcwHhcNMjUwNTMwMjAxMjU4WhcNMjUwNjA2MjAxMjU4WjAYMRYwFAYD VQQDEw02ODNhMTE0YS0yMTQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv/rN018LVclhttcnmXPQ7uuunc92G8tbsjMdrERLM9MxmW6A8Dtv7s8K5X/y 1cWmF9h1+5MhcYh3KDU3h75MEtGQo9G5ACWmiblZOexFVwBKLF6KlZWsYx/nZ3TW hfcH6dcymB0/1vtl/3gACzUG76lieOjnnvQjWotUW0/rGlEyGDlsf7im5s/SjghG K2my+ndHaWluo9YNRWzcWrvnmh7R10Qw9GYUDcIrAL/x1adwlYJAV15R49R+mUaC Ce3NWDaF5ESO7SZxlMDorUz7UvM4Fls0PVcTyd1d77xQizWwdybLL/1G1OpheZ/6 o8uoL3brjZoB1n1W7yn6nXDHHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJGb5UeS YqPTDASKkyvVCos15uSzMB8GA1UdIwQYMBaAFPoH6Oq6hHCopf5LoT512eX+ozsn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOUZBMi8xQzg4QjAzQTg0 NjQxMUVBQTk5NDE1NDBDNEY5QUUwMi8tZ2ZvNnJxRWNLaWxfa3VoUG5YWjVmNmpP eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1nZm82cnFFY0tpbF9rdWhQblhaNWY2ak95Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OUZBMi8xQzg4QjAzQTg0NjQxMUVBQTk5NDE1NDBDNEY5QUUwMi8tZ2ZvNnJxRWNL aWxfa3VoUG5YWjVmNmpPeWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAONjFuOgLcuWeMl7z0YmwhFTO3iHpBMtondAYlo+Ozjms8Pfm7VIJy r+p4qMSaMTpEoNw3nTaYUdaZ3vS1v273SLlTYnj+4htSlWkbv/+KqCSLEmm0SFXY aevNm4cQF13lJ8D7vx5YQYChottG6a5ti27wb39kQd8SRmGg8vZ0+xQ4ROIiwBb9 E4B9kRwtABlyWZQfLXtGsMXPyrZSENGmnG0stFIxoCedMtnhCEY5g3kn/JL1vaSk 3xYf1cKG2E6h+VB4xfY8lSwRYtr7Oz7p8boJEuoqUSaTzEbZ8pUqmlD/kOHR4zzZ ECivlwU5RWLkAIZbpscALa0TPM+Sh8/P -----END CERTIFICATE-----Generated at Sat May 31 17:53:09 2025 by rpki-client