$ rpki-client -vvf rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft File: FION2NTh_gMXFCZnF24W4KW2hlE.mft (raw, json) Hash identifier: Jk6tRxtLWsEKYn8iThfzD4pXNpeuD7rFONOjGccRCSM= Subject key identifier: 16:18:58:04:64:64:F7:A6:4E:8A:7D:9B:95:02:2F:34:81:43:48:CE Authority key identifier: 14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 Certificate issuer: /CN=A91991D9/serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Certificate serial: 0DDD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft Manifest number: 0DD6 Signing time: Mon 12 May 2025 17:46:59 +0000 Manifest this update: Mon 12 May 2025 17:46:58 +0000 Manifest next update: Mon 19 May 2025 17:46:58 +0000 Files and hashes: 1: FION2NTh_gMXFCZnF24W4KW2hlE.crl (hash: Jv/CX8aOf5FqZwqTuq0iusGwbkpvV49ywVu6ju3e3oM=) 2: 14E68648B42D11E9A44FF25BC4F9AE02.roa (hash: +BalFw2CiL7uapLNj20tx3YBjmyA4tVc26LM7UMELNs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 17:46:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3549 (0xddd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91991D9, serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Validity Not Before: May 12 17:46:58 2025 GMT Not After : May 19 17:46:58 2025 GMT Subject: CN=68223413-90ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:e6:d2:c6:d0:b3:af:21:57:e9:13:65:8b:ce: cf:81:6d:4a:10:bd:95:5d:e3:3b:dc:08:ef:64:9e: 06:28:cf:1f:f5:22:ce:8c:77:4f:6b:08:ad:91:bf: a6:cf:34:f1:24:12:3f:55:fd:b5:93:e2:07:22:e2: 14:31:dd:41:1b:53:bf:42:6c:0c:a5:6b:17:9e:e8: 01:b9:1e:12:27:43:bd:e7:3f:24:cd:bb:a6:45:ee: e3:be:7d:6f:2e:6d:88:80:f7:af:8a:09:08:4e:34: 7a:8b:7d:fe:95:d0:17:7b:13:98:56:e2:31:92:70: 8f:ee:08:86:b1:9a:1a:cc:ee:53:e6:20:43:13:7b: dc:f3:b6:a6:37:dc:5c:ae:75:26:2c:88:70:0d:a7: bf:4a:14:75:7b:6f:82:78:2b:29:63:6f:c9:e3:43: f6:56:e7:3a:26:9d:fa:97:02:33:a5:39:df:97:42: 9f:23:39:98:62:df:eb:0e:9d:c5:54:fe:c3:fb:00: 70:a2:d4:b0:21:8f:38:d8:72:91:25:26:e1:eb:c9: 56:e2:11:9a:fa:c6:c2:91:b0:eb:29:e9:e0:41:8d: 85:ec:5a:81:d4:b0:49:1c:6f:3b:48:be:c9:a9:d5: 42:f7:73:2f:c0:7f:c3:e4:a0:63:a6:73:39:5f:70: 18:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:18:58:04:64:64:F7:A6:4E:8A:7D:9B:95:02:2F:34:81:43:48:CE X509v3 Authority Key Identifier: keyid:14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:89:db:fc:7c:fb:47:d6:ce:f7:7b:00:c4:0d:4c:cb:05:b9: b3:8b:ed:70:f3:b0:90:86:8d:5b:95:ec:87:1d:7e:07:44:9d: e2:f2:7a:e9:c3:7c:b2:d1:9b:9f:3d:28:71:37:48:a9:3a:cc: d4:14:0b:e5:86:4d:13:e5:b2:c0:a7:d2:4f:91:81:d7:d9:e2: d8:d9:f5:54:05:2b:c0:fb:e6:90:9e:97:34:14:06:ef:7b:44: 82:ae:a9:01:16:37:e2:ab:c6:46:44:c2:81:29:6c:f0:7d:61: a8:de:f5:84:7d:41:5a:8f:64:ca:5b:0f:cc:85:fa:63:d1:d5: 04:25:64:7b:83:16:12:39:ac:43:ae:23:f3:65:b6:57:31:bd: fe:4d:07:99:5e:04:a5:ed:c6:3f:c1:d5:0b:eb:88:ef:5c:bd: ab:7f:e5:e5:90:3e:93:00:d8:fd:4f:53:20:6e:d9:72:89:92: 8d:0f:03:f9:6c:64:a3:51:b4:82:f4:54:08:78:35:8e:71:fc: a6:20:df:45:31:5c:dc:1c:19:0c:19:d3:b7:ad:12:e8:11:96: de:c2:da:3a:ba:1f:a1:e1:98:b1:c9:1a:1f:9a:b5:c7:15:fb: dc:3a:30:52:0e:33:4c:eb:89:8c:c8:2d:8d:d5:b5:01:96:a0: fc:d1:1b:5e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDd0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTkxRDkxMTAvBgNVBAUTKDE0ODM4REQ4RDRFMUZFMDMxNzE0MjY2NzE3NkUxNkUw QTVCNjg2NTEwHhcNMjUwNTEyMTc0NjU4WhcNMjUwNTE5MTc0NjU4WjAYMRYwFAYD VQQDEw02ODIyMzQxMy05MGNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvebSxtCzryFX6RNli87PgW1KEL2VXeM73AjvZJ4GKM8f9SLOjHdPawitkb+m zzTxJBI/Vf21k+IHIuIUMd1BG1O/QmwMpWsXnugBuR4SJ0O95z8kzbumRe7jvn1v Lm2IgPevigkITjR6i33+ldAXexOYVuIxknCP7giGsZoazO5T5iBDE3vc87amN9xc rnUmLIhwDae/ShR1e2+CeCspY2/J40P2Vuc6Jp36lwIzpTnfl0KfIzmYYt/rDp3F VP7D+wBwotSwIY842HKRJSbh68lW4hGa+sbCkbDrKengQY2F7FqB1LBJHG87SL7J qdVC93MvwH/D5KBjpnM5X3AYgwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBYYWARk ZPemTop9m5UCLzSBQ0jOMB8GA1UdIwQYMBaAFBSDjdjU4f4DFxQmZxduFuCltoZR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTFEOS8xQzNERDk2NkI0 MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9nTVhGQ1puRjI0VzRLVzJo bEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZJT04yTlRoX2dNWEZDWm5GMjRXNEtXMmhsRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OTFEOS8xQzNERDk2NkI0MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9n TVhGQ1puRjI0VzRLVzJobEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQASidv8fPtH1s73ewDEDUzLBbmzi+1w87CQho1bleyHHX4HRJ3i8nrp w3yy0ZufPShxN0ipOszUFAvlhk0T5bLAp9JPkYHX2eLY2fVUBSvA++aQnpc0FAbv e0SCrqkBFjfiq8ZGRMKBKWzwfWGo3vWEfUFaj2TKWw/Mhfpj0dUEJWR7gxYSOaxD riPzZbZXMb3+TQeZXgSl7cY/wdUL64jvXL2rf+XlkD6TANj9T1MgbtlyiZKNDwP5 bGSjUbSC9FQIeDWOcfymIN9FMVzcHBkMGdO3rRLoEZbewto6uh+h4ZixyRofmrXH FfvcOjBSDjNM64mMyC2N1bUBlqD80Rte -----END CERTIFICATE-----Generated at Tue May 13 16:00:07 2025 by rpki-client