$ rpki-client -vvf rpki.apnic.net/member_repository/A91FBC89/9E7262BEEFCE11EF893FF70EC4F9AE02/sXSj1LqbR24rMeR8cqKY0ETZh4U.mft File: sXSj1LqbR24rMeR8cqKY0ETZh4U.mft (raw, json) Hash identifier: ZD/cVio2QnE+bp+337Un3ZdsYFdo/C9xBx7Ca8oFh9o= Subject key identifier: DF:64:C1:55:8D:F5:D5:86:84:77:69:67:44:6A:B9:0D:B8:38:84:89 Authority key identifier: B1:74:A3:D4:BA:9B:47:6E:2B:31:E4:7C:72:A2:98:D0:44:D9:87:85 Certificate issuer: /CN=A91FBC89/serialNumber=B174A3D4BA9B476E2B31E47C72A298D044D98785 Certificate serial: 40 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sXSj1LqbR24rMeR8cqKY0ETZh4U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FBC89/9E7262BEEFCE11EF893FF70EC4F9AE02/sXSj1LqbR24rMeR8cqKY0ETZh4U.mft Manifest number: 3C Signing time: Sat 31 May 2025 07:11:40 +0000 Manifest this update: Sat 31 May 2025 07:11:39 +0000 Manifest next update: Sat 07 Jun 2025 07:11:39 +0000 Files and hashes: 1: sXSj1LqbR24rMeR8cqKY0ETZh4U.crl (hash: DCQHJ2932U/zUkY3d8s2/wTpekQHf2mnxmkzxqPnLDg=) 2: BCC26F6EF07F11EFB25D2369C4F9AE02.roa (hash: AqnZuSs/50ixsQ8+UDuWtRAVxmvXUcEXRK8qwpmaDLs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FBC89/9E7262BEEFCE11EF893FF70EC4F9AE02/sXSj1LqbR24rMeR8cqKY0ETZh4U.crl rsync://rpki.apnic.net/member_repository/A91FBC89/9E7262BEEFCE11EF893FF70EC4F9AE02/sXSj1LqbR24rMeR8cqKY0ETZh4U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sXSj1LqbR24rMeR8cqKY0ETZh4U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:11:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64 (0x40) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FBC89, serialNumber=B174A3D4BA9B476E2B31E47C72A298D044D98785 Validity Not Before: May 31 07:11:39 2025 GMT Not After : Jun 7 07:11:39 2025 GMT Subject: CN=683aabab-12aa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:39:47:53:ed:9a:a7:30:86:78:b3:62:c2:82: 4e:74:c3:04:48:7e:16:2a:6b:79:5c:a1:c5:cf:d7: 25:43:e9:d0:1a:c3:e1:38:be:c8:a2:a1:5d:14:54: 26:8b:31:ea:5a:62:9f:28:d1:52:49:17:cb:9f:35: 13:50:40:87:09:b2:cf:1d:8e:91:9c:c2:00:b2:c2: 34:cc:94:9c:b6:c6:a0:16:51:8e:01:c3:93:3e:d7: 23:a5:88:9c:a4:90:6c:99:1d:32:5c:3f:2a:24:00: ff:ce:fd:77:03:e5:89:74:16:96:44:e6:90:89:20: dd:25:5d:75:fd:e7:71:86:1c:1e:36:87:e3:4b:67: 50:2c:d3:de:a6:c4:d8:33:c1:9c:af:b7:83:dc:1c: 98:a5:66:ba:8f:01:92:6c:a0:88:f7:c1:66:6e:9f: 63:66:cd:0e:02:45:ef:78:e9:fd:45:d2:9d:8e:9c: 8f:54:da:72:32:5e:47:28:21:7a:00:9b:bb:e9:44: 93:a4:38:6e:bf:f4:33:d2:db:84:de:a4:ec:0d:8c: 15:ca:c2:a5:2f:80:4c:7d:80:28:8f:3f:dd:a9:94: 73:4d:d2:42:68:d2:19:de:66:94:1d:11:2f:86:18: 9a:61:d3:e2:f5:ab:11:7c:20:13:06:09:73:95:4d: 52:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:64:C1:55:8D:F5:D5:86:84:77:69:67:44:6A:B9:0D:B8:38:84:89 X509v3 Authority Key Identifier: keyid:B1:74:A3:D4:BA:9B:47:6E:2B:31:E4:7C:72:A2:98:D0:44:D9:87:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FBC89/9E7262BEEFCE11EF893FF70EC4F9AE02/sXSj1LqbR24rMeR8cqKY0ETZh4U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sXSj1LqbR24rMeR8cqKY0ETZh4U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FBC89/9E7262BEEFCE11EF893FF70EC4F9AE02/sXSj1LqbR24rMeR8cqKY0ETZh4U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:11:63:1f:eb:36:30:00:36:7f:f1:05:57:76:ba:f7:bf:35: ce:37:57:79:8e:ce:d3:e8:47:aa:60:e2:23:dd:30:ed:93:b5: 25:a0:7e:34:0c:f9:33:c3:12:cf:de:3a:02:5f:94:af:60:4e: 82:c0:bd:19:40:85:b9:b0:aa:89:86:3d:64:e5:01:6f:74:ac: 20:4a:d6:f0:af:b3:72:ac:c5:77:8a:6d:22:b8:31:51:57:68: ad:db:68:58:96:a3:7a:26:01:b1:41:cf:5f:c3:b7:53:f3:d8: 5a:84:ff:62:1e:ca:99:ce:d2:4c:d9:39:b5:09:02:29:d1:da: 2e:bb:84:71:a8:fa:63:13:12:52:5f:e4:f2:98:eb:3a:84:5b: 92:80:e6:f1:a8:e1:c8:dd:7e:a8:ed:6c:55:24:ef:69:5d:2b: 30:d5:68:28:4b:13:25:98:4c:1a:1f:a4:79:ad:91:e2:ac:44: 52:b2:d5:0e:e5:01:f3:6f:35:83:0b:5f:d4:ad:1f:eb:38:e5: 98:fb:a7:81:56:68:38:2c:6f:1c:6a:5a:69:3f:a1:1f:3c:92: fd:f7:94:c6:e0:b7:30:7f:3c:04:b0:31:5a:e0:59:dc:f7:7c: 2e:9a:23:52:27:e4:7e:ca:ca:83:61:a0:23:dc:84:e3:84:0a: bd:0e:89:90 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG QkM4OTExMC8GA1UEBRMoQjE3NEEzRDRCQTlCNDc2RTJCMzFFNDdDNzJBMjk4RDA0 NEQ5ODc4NTAeFw0yNTA1MzEwNzExMzlaFw0yNTA2MDcwNzExMzlaMBgxFjAUBgNV BAMTDTY4M2FhYmFiLTEyYWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCpOUdT7ZqnMIZ4s2LCgk50wwRIfhYqa3lcocXP1yVD6dAaw+E4vsiioV0UVCaL MepaYp8o0VJJF8ufNRNQQIcJss8djpGcwgCywjTMlJy2xqAWUY4Bw5M+1yOliJyk kGyZHTJcPyokAP/O/XcD5Yl0FpZE5pCJIN0lXXX953GGHB42h+NLZ1As096mxNgz wZyvt4PcHJilZrqPAZJsoIj3wWZun2NmzQ4CRe946f1F0p2OnI9U2nIyXkcoIXoA m7vpRJOkOG6/9DPS24TepOwNjBXKwqUvgEx9gCiPP92plHNN0kJo0hneZpQdES+G GJph0+L1qxF8IBMGCXOVTVJnAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU32TBVY31 1YaEd2lnRGq5Dbg4hIkwHwYDVR0jBBgwFoAUsXSj1LqbR24rMeR8cqKY0ETZh4Uw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZCQzg5LzlFNzI2MkJFRUZD RTExRUY4OTNGRjcwRUM0RjlBRTAyL3NYU2oxTHFiUjI0ck1lUjhjcUtZMEVUWmg0 VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvc1hTajFMcWJSMjRyTWVSOGNxS1kwRVRaaDRVLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZC Qzg5LzlFNzI2MkJFRUZDRTExRUY4OTNGRjcwRUM0RjlBRTAyL3NYU2oxTHFiUjI0 ck1lUjhjcUtZMEVUWmg0VS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABARYx/rNjAANn/xBVd2uve/Nc43V3mOztPoR6pg4iPdMO2TtSWgfjQM +TPDEs/eOgJflK9gToLAvRlAhbmwqomGPWTlAW90rCBK1vCvs3KsxXeKbSK4MVFX aK3baFiWo3omAbFBz1/Dt1Pz2FqE/2IeypnO0kzZObUJAinR2i67hHGo+mMTElJf 5PKY6zqEW5KA5vGo4cjdfqjtbFUk72ldKzDVaChLEyWYTBofpHmtkeKsRFKy1Q7l AfNvNYMLX9StH+s45Zj7p4FWaDgsbxxqWmk/oR88kv33lMbgtzB/PASwMVrgWdz3 fC6aI1In5H7KyoNhoCPchOOECr0OiZA= -----END CERTIFICATE-----Generated at Sat May 31 16:50:35 2025 by rpki-client