$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft File: rehZrZQNGhc_pkzXBYZ9SH5nNog.mft (raw, json) Hash identifier: FQkJXq9PSoVM7YQG5ke8pRRLoWBR/3xT0ssf9K4yHnc= Subject key identifier: 87:67:F9:7A:F6:98:22:46:74:0E:FD:51:79:25:B2:83:6F:6D:BF:BD Authority key identifier: AD:E8:59:AD:94:0D:1A:17:3F:A6:4C:D7:05:86:7D:48:7E:67:36:88 Certificate issuer: /CN=A91FDAD4/serialNumber=ADE859AD940D1A173FA64CD705867D487E673688 Certificate serial: 01FB Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft Manifest number: 01F6 Signing time: Tue 03 Jun 2025 00:42:41 +0000 Manifest this update: Tue 03 Jun 2025 00:42:40 +0000 Manifest next update: Tue 10 Jun 2025 00:42:40 +0000 Files and hashes: 1: rehZrZQNGhc_pkzXBYZ9SH5nNog.crl (hash: rvNvEmw0SpiWWKGC4ltXBcqJWB4Oxh+Mlh0dkbiX/C8=) 2: A99BC9D64CAC11EDA3BF485AC4F9AE02.roa (hash: M0LQ0bOgsXho1IONj8CXX3n4kpo/nKJprHxKVrxONpQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.crl rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 00:42:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 507 (0x1fb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDAD4, serialNumber=ADE859AD940D1A173FA64CD705867D487E673688 Validity Not Before: Jun 3 00:42:40 2025 GMT Not After : Jun 10 00:42:40 2025 GMT Subject: CN=683e4500-eb17 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:a2:43:da:59:d5:83:9e:ee:10:4f:f2:26:a8: 0e:e9:78:8d:1b:67:4f:60:b1:6e:bd:1b:79:ee:dc: 8c:8f:4c:46:a0:e7:95:2a:b7:eb:b8:ba:62:64:ae: f9:bb:ab:b3:94:82:45:7b:54:a1:2b:9c:2a:38:3e: 51:f7:41:90:3f:d2:af:d6:a6:18:0a:65:2a:d9:03: 80:06:f6:68:c8:10:20:24:cd:25:77:19:d0:7d:56: 4a:57:6a:de:03:27:72:b0:1b:84:45:19:f5:48:63: 11:0d:31:d0:21:67:b6:e8:d1:0d:8c:e3:8b:5f:0e: d2:98:49:2c:8d:51:87:ce:88:c0:a7:14:c6:ce:7c: c1:71:3e:9e:24:d0:5f:ff:2c:c1:8e:c8:c8:93:47: 90:24:4c:c5:9a:bb:ea:02:ee:12:a5:38:54:6b:aa: 3f:47:c6:38:b4:24:62:18:a7:9f:ed:aa:34:33:92: d8:ab:40:90:1f:e5:c3:d9:35:9d:5d:60:6f:7d:c1: e3:75:c1:19:e6:cf:2b:e1:e2:d5:27:1c:96:1c:8b: cf:fa:27:1d:1a:b1:f3:b8:07:cb:c5:04:c9:47:b4: 04:08:72:87:b8:f2:82:d0:99:5a:cc:81:3f:70:c1: 9e:d9:3f:41:8a:63:15:74:5b:e9:2b:97:3f:fa:5f: cb:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:67:F9:7A:F6:98:22:46:74:0E:FD:51:79:25:B2:83:6F:6D:BF:BD X509v3 Authority Key Identifier: keyid:AD:E8:59:AD:94:0D:1A:17:3F:A6:4C:D7:05:86:7D:48:7E:67:36:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:c0:20:71:48:ef:8e:79:fe:7a:34:82:f5:9b:17:44:a1:5d: 18:ad:3d:83:de:4a:8b:af:ff:87:6d:66:f2:b0:9c:a2:15:e3: df:35:8d:90:78:89:d9:18:da:31:b5:58:fc:6c:69:79:10:37: de:74:60:6e:8a:c1:85:1c:cf:e2:da:93:a2:e8:6c:53:7c:77: 4e:8d:cd:60:07:33:b3:c5:a0:f7:1b:1d:1b:16:af:fc:7a:13: 4d:48:cb:6a:de:11:90:9c:e7:7b:23:2c:f3:b3:88:7c:82:0b: 7e:35:c1:8a:7d:c0:c0:4e:57:e4:eb:0e:4e:d9:92:e7:24:22: cb:b4:17:fb:37:df:66:4b:6c:11:e6:8d:6b:ff:a3:d1:a3:a1: 41:3c:98:e1:d0:6a:bf:f6:98:e1:32:45:82:c7:dc:f6:aa:27: f2:8f:fc:40:bc:0a:cd:0f:6f:02:bf:f7:dd:6b:e0:40:21:02: fa:69:9d:82:a0:14:28:4b:10:1d:31:7e:1a:24:c5:5b:92:3d: ad:b0:96:c2:c4:aa:a6:42:e4:3c:dc:96:b0:f1:c8:53:6f:8f: 15:fe:99:be:a2:b6:d5:7b:66:f5:2b:78:c3:5b:4d:7c:62:6f: 3e:7d:7f:b8:61:f9:05:2c:e4:24:c1:df:18:c0:92:af:86:8c: 9d:67:30:a3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAfswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRBRDQxMTAvBgNVBAUTKEFERTg1OUFEOTQwRDFBMTczRkE2NENENzA1ODY3RDQ4 N0U2NzM2ODgwHhcNMjUwNjAzMDA0MjQwWhcNMjUwNjEwMDA0MjQwWjAYMRYwFAYD VQQDEw02ODNlNDUwMC1lYjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA16JD2lnVg57uEE/yJqgO6XiNG2dPYLFuvRt57tyMj0xGoOeVKrfruLpiZK75 u6uzlIJFe1ShK5wqOD5R90GQP9Kv1qYYCmUq2QOABvZoyBAgJM0ldxnQfVZKV2re AydysBuERRn1SGMRDTHQIWe26NENjOOLXw7SmEksjVGHzojApxTGznzBcT6eJNBf /yzBjsjIk0eQJEzFmrvqAu4SpThUa6o/R8Y4tCRiGKef7ao0M5LYq0CQH+XD2TWd XWBvfcHjdcEZ5s8r4eLVJxyWHIvP+icdGrHzuAfLxQTJR7QECHKHuPKC0JlazIE/ cMGe2T9BimMVdFvpK5c/+l/LuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIdn+Xr2 mCJGdA79UXklsoNvbb+9MB8GA1UdIwQYMBaAFK3oWa2UDRoXP6ZM1wWGfUh+ZzaI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREFENC9DODVFODM3QTQz OTkxMUVEODM5RDcyMEVDNEY5QUUwMi9yZWhaclpRTkdoY19wa3pYQllaOVNINW5O b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL3JlaFpyWlFOR2hjX3BrelhCWVo5U0g1bk5vZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REFENC9DODVFODM3QTQzOTkxMUVEODM5RDcyMEVDNEY5QUUwMi9yZWhaclpRTkdo Y19wa3pYQllaOVNINW5Ob2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJwCBxSO+Oef56NIL1mxdEoV0YrT2D3kqLr/+HbWbysJyiFePfNY2Q eInZGNoxtVj8bGl5EDfedGBuisGFHM/i2pOi6GxTfHdOjc1gBzOzxaD3Gx0bFq/8 ehNNSMtq3hGQnOd7Iyzzs4h8ggt+NcGKfcDATlfk6w5O2ZLnJCLLtBf7N99mS2wR 5o1r/6PRo6FBPJjh0Gq/9pjhMkWCx9z2qifyj/xAvArND28Cv/fda+BAIQL6aZ2C oBQoSxAdMX4aJMVbkj2tsJbCxKqmQuQ83Jaw8chTb48V/pm+orbVe2b1K3jDW018 Ym8+fX+4YfkFLOQkwd8YwJKvhoydZzCj -----END CERTIFICATE-----Generated at Tue Jun 3 23:58:46 2025 by rpki-client