$ rpki-client -vvf rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.mft File: 09Fa7ppPiuXCgRCKfS062B1Oec0.mft (raw, json) Hash identifier: ULHeX/dWJNs8VcItP/S5SxUY0MQF1jv0wEoxpmBMYFM= Subject key identifier: 86:60:09:25:99:61:F2:C7:FC:91:BD:31:5B:E3:64:A4:54:26:26:48 Authority key identifier: D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD Certificate issuer: /CN=A91397C2/serialNumber=D3D15AEE9A4F8AE5C281108A7D2D3AD81D4E79CD Certificate serial: 07EA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.mft Manifest number: 07C8 Signing time: Sat 10 May 2025 20:51:09 +0000 Manifest this update: Sat 10 May 2025 20:51:08 +0000 Manifest next update: Sat 17 May 2025 20:51:08 +0000 Files and hashes: 1: 09Fa7ppPiuXCgRCKfS062B1Oec0.crl (hash: AEbn9FTyDZcIgee3TFucA5QOOWYBO9bp6+pP9kTcrpk=) 2: BF07B0DA16AF11F08B8C4061C4F9AE02.roa (hash: m5fvUWDyLmphSj+hveftDjH5v8ZvHtc3dCRNArmrofc=) 3: 29BC840E002711EB8FA6A142C4F9AE02.roa (hash: RVujGjgRtNml2s4B1MbyglZHc1wuuQ8z+GSwbNfvR2o=) 4: 1070E6CA9A8311EF8BE0F826C4F9AE02.roa (hash: 5usMHuwC29/GKSbCm/Fabiikjfpjet0V04t/dPRj3vM=) 5: BE79CDCE16AF11F08B8C4061C4F9AE02.roa (hash: AjNKnPWs+wQxA57p7oeqhPGR6IMIStHtSJ7A+NHTTwU=) 6: 38BE1074FC0F11EA8DEF4D28C4F9AE02.roa (hash: iWWPKNMJez26/4BW7/wljyQN/N1JrdnLJYQsd0J35V0=) 7: 3AA556009A8411EFB791ED77C4F9AE02.roa (hash: vJqvl3p3GZGjPo1+bFOu/lz3UGNmQtiNtsOQmfP7QoU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.crl rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 20:51:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2026 (0x7ea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91397C2, serialNumber=D3D15AEE9A4F8AE5C281108A7D2D3AD81D4E79CD Validity Not Before: May 10 20:51:08 2025 GMT Not After : May 17 20:51:08 2025 GMT Subject: CN=681fbc3c-266c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:bd:e8:07:14:bd:69:70:35:e8:42:6b:43:c7: 25:23:b4:a4:9b:f6:07:53:50:b5:99:99:c5:4c:c2: 33:ad:91:29:6f:b4:59:18:dd:26:cc:21:9f:0f:c1: 8e:df:2f:06:62:e9:60:77:39:4c:c1:eb:13:c9:e9: 2f:ab:ab:08:28:b8:a1:b8:40:1f:6c:dd:2c:af:2b: a5:24:e7:17:71:ad:e9:3a:64:80:7f:3f:d3:e7:7c: bb:ae:7b:9c:41:9a:bc:f6:ba:1e:cd:60:6b:bc:ac: 12:3d:e2:ac:7f:3a:b3:1e:bf:a0:c5:62:ae:b8:ec: 1b:4a:13:f0:b2:c1:ba:e7:87:54:91:8f:1a:90:5a: 7e:4b:ff:12:fe:05:38:bb:9b:0d:06:b0:c8:1c:8e: 36:b5:f4:10:cb:4d:6a:31:60:44:2a:93:c3:b9:2e: c0:80:ad:fc:d3:25:9e:18:94:55:ec:c9:f8:ac:39: 0b:3f:6b:0c:af:ca:62:2e:b2:ce:46:ed:b8:2d:53: c9:4c:c4:68:d1:81:c7:49:10:f2:88:89:3c:3c:6b: 0e:f7:6b:51:5a:d7:07:2c:9a:67:8c:c4:53:ea:1b: a7:56:b5:f9:30:0e:4f:a7:e6:80:a3:0c:78:78:8b: 40:76:7e:ab:ae:60:2c:1c:73:d6:37:ca:5c:b0:ef: b3:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:60:09:25:99:61:F2:C7:FC:91:BD:31:5B:E3:64:A4:54:26:26:48 X509v3 Authority Key Identifier: keyid:D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:6b:a2:06:c9:4a:d9:ee:f0:4a:fd:0e:c9:ff:07:4b:3b:b9: 33:90:a0:9a:dd:6c:ee:0b:0c:d7:63:77:7d:49:f7:5c:e3:b0: 94:9d:7d:d9:c1:2a:09:48:8b:f2:68:2b:51:7e:9d:92:fd:5e: 77:12:1f:4d:b9:5b:49:f2:7b:9d:6a:4d:d6:65:38:ad:71:2d: 8b:7c:99:36:8e:c1:d7:e7:1e:79:4d:7f:da:e9:08:38:9d:0b: 2e:39:f3:11:dd:38:53:98:a5:58:60:28:b9:e6:9a:f6:c1:b7: 42:4e:8f:19:73:f3:67:13:40:56:e4:5e:f4:50:64:ae:14:8e: 60:6a:bc:d5:41:77:ae:38:07:cb:a0:cb:c1:14:dd:a4:60:08: d2:eb:af:bf:e9:84:67:7f:0f:e5:55:5c:00:b5:ad:95:33:6d: 68:08:15:3e:b8:62:0e:3b:52:36:54:ef:0c:82:71:72:38:d7: e2:3b:72:13:44:8d:56:c2:78:d6:2a:12:75:81:b3:e8:b4:ee: 35:9d:fb:bf:a9:30:b0:5e:6a:27:93:3d:b9:36:77:12:17:fd: 25:31:66:ee:91:3e:57:be:15:8e:c9:e1:0b:d5:18:11:89:5b: b9:db:8d:73:9d:1c:9b:73:a4:d2:25:e1:36:51:2c:bb:03:cf: 78:5d:fb:89 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB+owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mzk3QzIxMTAvBgNVBAUTKEQzRDE1QUVFOUE0RjhBRTVDMjgxMTA4QTdEMkQzQUQ4 MUQ0RTc5Q0QwHhcNMjUwNTEwMjA1MTA4WhcNMjUwNTE3MjA1MTA4WjAYMRYwFAYD VQQDEw02ODFmYmMzYy0yNjZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1b3oBxS9aXA16EJrQ8clI7Skm/YHU1C1mZnFTMIzrZEpb7RZGN0mzCGfD8GO 3y8GYulgdzlMwesTyekvq6sIKLihuEAfbN0sryulJOcXca3pOmSAfz/T53y7rnuc QZq89roezWBrvKwSPeKsfzqzHr+gxWKuuOwbShPwssG654dUkY8akFp+S/8S/gU4 u5sNBrDIHI42tfQQy01qMWBEKpPDuS7AgK380yWeGJRV7Mn4rDkLP2sMr8piLrLO Ru24LVPJTMRo0YHHSRDyiIk8PGsO92tRWtcHLJpnjMRT6hunVrX5MA5Pp+aAowx4 eItAdn6rrmAsHHPWN8pcsO+zMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIZgCSWZ YfLH/JG9MVvjZKRUJiZIMB8GA1UdIwQYMBaAFNPRWu6aT4rlwoEQin0tOtgdTnnN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTdDMi80RTQyNkRFOEZC RUExMUVBOTQwQTFEMTlDNEY5QUUwMi8wOUZhN3BwUGl1WENnUkNLZlMwNjJCMU9l YzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzA5RmE3cHBQaXVYQ2dSQ0tmUzA2MkIxT2VjMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz OTdDMi80RTQyNkRFOEZCRUExMUVBOTQwQTFEMTlDNEY5QUUwMi8wOUZhN3BwUGl1 WENnUkNLZlMwNjJCMU9lYzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBta6IGyUrZ7vBK/Q7J/wdLO7kzkKCa3WzuCwzXY3d9Sfdc47CUnX3Z wSoJSIvyaCtRfp2S/V53Eh9NuVtJ8nudak3WZTitcS2LfJk2jsHX5x55TX/a6Qg4 nQsuOfMR3ThTmKVYYCi55pr2wbdCTo8Zc/NnE0BW5F70UGSuFI5garzVQXeuOAfL oMvBFN2kYAjS66+/6YRnfw/lVVwAta2VM21oCBU+uGIOO1I2VO8MgnFyONfiO3IT RI1WwnjWKhJ1gbPotO41nfu/qTCwXmonkz25NncSF/0lMWbukT5XvhWOyeEL1RgR iVu5241znRybc6TSJeE2USy7A894XfuJ -----END CERTIFICATE-----Generated at Sun May 11 18:58:11 2025 by rpki-client