$ rpki-client -vvf rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft File: FION2NTh_gMXFCZnF24W4KW2hlE.mft (raw, json) Hash identifier: /lXZqPfAiP8KFUGgP1AbcXNgP6WbQJG81czQOK54b1A= Subject key identifier: 4E:DC:37:A2:F8:F7:F1:9B:7E:AD:F2:A9:7F:0F:45:76:2D:39:64:45 Authority key identifier: 14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 Certificate issuer: /CN=A91991D9/serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Certificate serial: 0DF6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft Manifest number: 0DEF Signing time: Wed 02 Jul 2025 18:04:56 +0000 Manifest this update: Wed 02 Jul 2025 18:04:55 +0000 Manifest next update: Wed 09 Jul 2025 18:04:55 +0000 Files and hashes: 1: FION2NTh_gMXFCZnF24W4KW2hlE.crl (hash: Mo3SUm+Y+nb4UZNsnISqwZ+6TWN+N5/1XVJ68cQfNTQ=) 2: 14E68648B42D11E9A44FF25BC4F9AE02.roa (hash: +BalFw2CiL7uapLNj20tx3YBjmyA4tVc26LM7UMELNs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 18:04:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3574 (0xdf6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91991D9, serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Validity Not Before: Jul 2 18:04:55 2025 GMT Not After : Jul 9 18:04:55 2025 GMT Subject: CN=686574c8-85bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:89:59:45:76:3d:ee:03:2d:b3:e3:25:9f:ac: e0:47:ed:54:d8:48:e7:28:50:19:6a:f7:4a:e7:df: b5:36:cb:59:be:e3:08:5d:43:ba:a5:a0:e9:ea:4e: ff:ca:34:c3:56:f7:7b:b6:95:ef:58:f9:44:05:ca: 9b:d3:11:7a:19:bb:8d:23:be:6e:3e:6a:df:22:d2: 88:69:5d:af:a5:34:e3:6e:22:59:c5:01:dc:24:e4: 89:59:46:be:6e:45:06:10:25:e7:fa:61:ca:0d:0a: 2e:2a:c0:99:9d:d2:b2:67:e5:57:1e:d8:03:3d:42: 32:4b:f8:a9:5a:d7:94:ab:cf:8b:dc:52:63:fa:a5: f4:99:84:ff:e6:ca:12:3a:f7:91:17:18:aa:1a:fe: 52:be:ba:c6:a0:18:a4:f8:29:0c:37:90:de:35:d6: 7f:12:f5:74:88:d1:31:e2:62:38:78:3a:74:51:08: a7:2b:4c:69:b5:5d:af:6c:dd:d3:59:8a:e7:74:87: fe:56:8b:7a:64:21:89:5d:ed:44:8f:14:04:cb:62: f9:62:82:4e:2a:77:2d:e8:29:2d:6a:77:79:76:5a: de:28:dc:7b:0f:96:73:c7:99:00:d2:a0:8a:dc:39: 8b:56:7e:e9:1c:8f:52:f4:e4:fc:34:78:a2:3e:c0: 6e:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:DC:37:A2:F8:F7:F1:9B:7E:AD:F2:A9:7F:0F:45:76:2D:39:64:45 X509v3 Authority Key Identifier: keyid:14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:e7:09:04:b1:13:f0:f2:20:5e:ce:01:c8:ee:17:a3:1a:25: c4:ea:a5:fe:de:31:ed:05:4c:87:b3:54:2b:01:12:f2:37:4d: 43:c8:ba:2e:da:43:6c:24:e4:8e:6c:1a:0f:86:a2:06:bf:66: 88:b8:91:f0:9e:bd:d3:73:c6:6a:35:0f:da:c3:02:67:76:d0: 80:8c:5f:36:12:a7:25:0c:2b:09:55:3e:1d:ad:6c:bb:08:0e: 34:f6:46:fa:c9:57:ca:d7:81:2d:e4:5b:3a:a0:16:fa:69:21: ee:78:e2:dc:d1:a9:0b:f1:f9:3a:b6:59:32:9e:8b:17:cc:71: bc:1b:a8:51:58:00:e2:60:db:99:d2:ef:6f:2c:a9:54:e3:d6: fe:c9:f2:fc:b7:18:b5:83:ac:75:0b:5a:3b:b5:0d:49:52:ac: 36:64:09:1d:a6:16:57:7b:da:1d:ab:10:8a:1b:8b:fb:15:c3: eb:ac:92:6e:49:31:7a:c0:f6:33:8b:41:3c:b2:fe:fa:65:42: 63:ad:2a:e0:e9:fa:8f:cb:a5:7c:f5:c0:38:c1:6f:a5:24:e4: 74:b8:24:6b:b1:e0:91:8e:6c:b4:57:87:dd:01:0a:f2:7a:79: 7e:e3:1f:ea:52:11:bf:18:88:fb:b4:34:fc:9e:f6:3c:2f:40: 99:f6:c6:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDfYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTkxRDkxMTAvBgNVBAUTKDE0ODM4REQ4RDRFMUZFMDMxNzE0MjY2NzE3NkUxNkUw QTVCNjg2NTEwHhcNMjUwNzAyMTgwNDU1WhcNMjUwNzA5MTgwNDU1WjAYMRYwFAYD VQQDEw02ODY1NzRjOC04NWJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7olZRXY97gMts+Mln6zgR+1U2EjnKFAZavdK59+1NstZvuMIXUO6paDp6k7/ yjTDVvd7tpXvWPlEBcqb0xF6GbuNI75uPmrfItKIaV2vpTTjbiJZxQHcJOSJWUa+ bkUGECXn+mHKDQouKsCZndKyZ+VXHtgDPUIyS/ipWteUq8+L3FJj+qX0mYT/5soS OveRFxiqGv5SvrrGoBik+CkMN5DeNdZ/EvV0iNEx4mI4eDp0UQinK0xptV2vbN3T WYrndIf+Vot6ZCGJXe1EjxQEy2L5YoJOKnct6Cktand5dlreKNx7D5Zzx5kA0qCK 3DmLVn7pHI9S9OT8NHiiPsBu9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE7cN6L4 9/Gbfq3yqX8PRXYtOWRFMB8GA1UdIwQYMBaAFBSDjdjU4f4DFxQmZxduFuCltoZR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTFEOS8xQzNERDk2NkI0 MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9nTVhGQ1puRjI0VzRLVzJo bEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZJT04yTlRoX2dNWEZDWm5GMjRXNEtXMmhsRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OTFEOS8xQzNERDk2NkI0MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9n TVhGQ1puRjI0VzRLVzJobEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBM5wkEsRPw8iBezgHI7hejGiXE6qX+3jHtBUyHs1QrARLyN01DyLou 2kNsJOSObBoPhqIGv2aIuJHwnr3Tc8ZqNQ/awwJndtCAjF82EqclDCsJVT4drWy7 CA409kb6yVfK14Et5Fs6oBb6aSHueOLc0akL8fk6tlkynosXzHG8G6hRWADiYNuZ 0u9vLKlU49b+yfL8txi1g6x1C1o7tQ1JUqw2ZAkdphZXe9odqxCKG4v7FcPrrJJu STF6wPYzi0E8sv76ZUJjrSrg6fqPy6V89cA4wW+lJOR0uCRrseCRjmy0V4fdAQry enl+4x/qUhG/GIj7tDT8nvY8L0CZ9sbG -----END CERTIFICATE-----Generated at Fri Jul 4 18:28:07 2025 by rpki-client