$ rpki-client -vvf rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft File: Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft (raw, json) Hash identifier: 55WH6ViaQMeTjp5tH2tZQaYGOt5bKAY8MDIJ7mE/LVM= Subject key identifier: D7:E9:67:F3:25:52:BA:50:BB:4B:6F:9D:25:F8:9B:59:EE:13:EE:B2 Authority key identifier: 29:AD:B3:9B:62:0E:AE:3C:B8:AF:CA:2C:A1:85:F5:C4:87:6F:D0:43 Certificate issuer: /CN=A91FC985/serialNumber=29ADB39B620EAE3CB8AFCA2CA185F5C4876FD043 Certificate serial: 34 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft Manifest number: 32 Signing time: Sat 31 May 2025 07:14:02 +0000 Manifest this update: Sat 31 May 2025 07:14:01 +0000 Manifest next update: Sat 07 Jun 2025 07:14:01 +0000 Files and hashes: 1: Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl (hash: l53Cj7Cs/sEaDvolIbUe2P9KT2uySutFmQ9Znvzivhc=) 2: DA3E289CF5B811EFA1046714C4F9AE02.roa (hash: ghtYYnHvBHOXjjafNw/o3b7nWMJznKoJtYacsPdc8uY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 07:14:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52 (0x34) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FC985, serialNumber=29ADB39B620EAE3CB8AFCA2CA185F5C4876FD043 Validity Not Before: May 31 07:14:01 2025 GMT Not After : Jun 7 07:14:01 2025 GMT Subject: CN=683aac39-fc8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:18:36:da:d3:f3:49:a4:2e:5d:40:2b:7b:a6: c3:03:34:2d:06:74:d5:ed:d5:3c:b2:15:fe:70:16: 6f:b5:e1:29:c1:36:60:c8:64:f6:88:95:d4:6b:62: 7f:1b:a4:f6:aa:3f:20:26:a9:a7:6c:17:2e:62:f3: 06:35:3c:f1:bf:91:f3:de:1d:e2:9f:22:e2:bf:66: 1b:6b:28:0d:41:03:65:ee:1e:d4:10:de:31:68:d9: cb:36:cb:58:ff:e3:52:1e:5c:d7:5f:92:82:ab:f3: cc:ac:2c:2b:c7:4f:f5:02:20:f7:09:4b:6f:2d:9f: 4c:bf:fa:d6:0d:1e:7d:11:81:78:3a:83:8a:cc:15: 2b:78:39:e4:c7:f9:5f:a5:13:79:ad:aa:0e:18:de: 75:d1:b7:b8:56:64:69:d7:3e:8c:ae:cd:ea:20:c3: 1f:ec:28:1f:35:c8:5b:36:db:7f:4b:0c:69:19:39: 7b:6c:c4:b2:66:2f:90:77:76:6f:49:d5:d9:d1:0a: 09:13:e1:09:70:ef:25:0c:d1:5e:53:96:39:d2:e3: 33:24:b7:4b:0c:da:d2:8a:4f:59:07:f1:c5:b2:61: 8b:cb:de:82:7a:72:41:da:b1:ba:78:d7:8b:2f:be: de:dd:2f:2a:78:86:0a:05:33:0a:ba:51:a5:ff:5e: 49:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:E9:67:F3:25:52:BA:50:BB:4B:6F:9D:25:F8:9B:59:EE:13:EE:B2 X509v3 Authority Key Identifier: keyid:29:AD:B3:9B:62:0E:AE:3C:B8:AF:CA:2C:A1:85:F5:C4:87:6F:D0:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5c:62:a5:bd:c6:68:57:52:6c:57:19:47:06:da:5d:ef:b6:cf: f7:29:82:f6:88:dd:71:c4:2d:4b:1c:cd:17:ab:41:55:cf:c7: da:de:58:c1:55:7a:b4:64:19:58:f7:5d:90:93:ba:24:bc:12: 1b:41:b4:1f:01:2f:b9:80:4a:7a:b2:e6:3e:85:8c:55:a2:86: 9e:b3:91:2e:ae:cc:fe:06:07:df:d8:23:fd:48:6b:8a:7a:bc: 7d:29:73:43:01:ee:f2:31:50:f5:32:c0:b5:b3:1c:2c:ff:fa: da:74:69:df:7a:bf:a9:86:a5:5f:9a:89:53:0d:d5:7d:1d:63: 1a:bf:d2:03:9a:2a:ae:f4:85:27:76:63:d0:68:2f:46:9a:68: da:e2:37:e2:b7:4d:d0:99:42:44:08:4d:e3:62:85:a8:12:02: 2c:f3:1a:81:15:96:05:56:9b:bc:d2:5b:56:2c:97:b6:c5:5c: 5d:6f:3e:d5:5a:8e:bb:02:04:fb:f8:b5:da:c9:1b:a9:a2:9e: f9:c5:b6:0a:9a:e4:8b:28:f8:9a:e4:23:04:80:15:80:fb:0a: 5f:34:5b:36:6f:9f:3e:7e:53:d5:cf:21:fd:0d:7b:b5:db:eb: b3:97:0c:df:7c:0e:b9:42:5e:78:85:fe:a3:c7:e2:97:08:db: b5:83:a4:ef -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG Qzk4NTExMC8GA1UEBRMoMjlBREIzOUI2MjBFQUUzQ0I4QUZDQTJDQTE4NUY1QzQ4 NzZGRDA0MzAeFw0yNTA1MzEwNzE0MDFaFw0yNTA2MDcwNzE0MDFaMBgxFjAUBgNV BAMTDTY4M2FhYzM5LWZjOGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDTGDba0/NJpC5dQCt7psMDNC0GdNXt1TyyFf5wFm+14SnBNmDIZPaIldRrYn8b pPaqPyAmqadsFy5i8wY1PPG/kfPeHeKfIuK/ZhtrKA1BA2XuHtQQ3jFo2cs2y1j/ 41IeXNdfkoKr88ysLCvHT/UCIPcJS28tn0y/+tYNHn0RgXg6g4rMFSt4OeTH+V+l E3mtqg4Y3nXRt7hWZGnXPoyuzeogwx/sKB81yFs2239LDGkZOXtsxLJmL5B3dm9J 1dnRCgkT4Qlw7yUM0V5TljnS4zMkt0sM2tKKT1kH8cWyYYvL3oJ6ckHasbp414sv vt7dLyp4hgoFMwq6UaX/XkmHAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU1+ln8yVS ulC7S2+dJfibWe4T7rIwHwYDVR0jBBgwFoAUKa2zm2IOrjy4r8osoYX1xIdv0EMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZDOTg1LzY3M0FBMkY0RjVC NzExRUY4QzFGRjYxMUM0RjlBRTAyL0thMnptMklPcmp5NHI4b3NvWVgxeElkdjBF TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS2Eyem0ySU9yank0cjhvc29ZWDF4SWR2MEVNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUZD OTg1LzY3M0FBMkY0RjVCNzExRUY4QzFGRjYxMUM0RjlBRTAyL0thMnptMklPcmp5 NHI4b3NvWVgxeElkdjBFTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFxipb3GaFdSbFcZRwbaXe+2z/cpgvaI3XHELUsczRerQVXPx9reWMFV erRkGVj3XZCTuiS8EhtBtB8BL7mASnqy5j6FjFWihp6zkS6uzP4GB9/YI/1Ia4p6 vH0pc0MB7vIxUPUywLWzHCz/+tp0ad96v6mGpV+aiVMN1X0dYxq/0gOaKq70hSd2 Y9BoL0aaaNriN+K3TdCZQkQITeNihagSAizzGoEVlgVWm7zSW1Ysl7bFXF1vPtVa jrsCBPv4tdrJG6minvnFtgqa5Iso+JrkIwSAFYD7Cl80WzZvnz5+U9XPIf0Ne7Xb 67OXDN98DrlCXniF/qPH4pcI27WDpO8= -----END CERTIFICATE-----Generated at Sat May 31 17:56:19 2025 by rpki-client