$ rpki-client -vvf rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft File: PB_di6MB3OPbPwvMJchpTOG83H0.mft (raw, json) Hash identifier: Kqi17gLedpg+jniu6pRYkOqpyCisCGAlJfEOKttm6Dc= Subject key identifier: E8:34:A4:86:19:9E:3C:C5:E3:4D:F5:58:E9:4C:07:F5:DE:E2:5C:D6 Authority key identifier: 3C:1F:DD:8B:A3:01:DC:E3:DB:3F:0B:CC:25:C8:69:4C:E1:BC:DC:7D Certificate issuer: /CN=A91A08FD/serialNumber=3C1FDD8BA301DCE3DB3F0BCC25C8694CE1BCDC7D Certificate serial: 0D73 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PB_di6MB3OPbPwvMJchpTOG83H0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft Manifest number: 0D6A Signing time: Sun 04 May 2025 17:52:16 +0000 Manifest this update: Sun 04 May 2025 17:52:15 +0000 Manifest next update: Sun 11 May 2025 17:52:15 +0000 Files and hashes: 1: PB_di6MB3OPbPwvMJchpTOG83H0.crl (hash: 7DB6085Neuy3sI2x8sralXVWqctzP2X1u3YYEGBEmyQ=) 2: 3802A98EC8AC11E9877DCE2FC4F9AE02.roa (hash: pTMoVBZCsEARFbs1aGExyarMu+r7tLUk6ACYjZUvCyg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.crl rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PB_di6MB3OPbPwvMJchpTOG83H0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 11 May 2025 17:52:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3443 (0xd73) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A08FD, serialNumber=3C1FDD8BA301DCE3DB3F0BCC25C8694CE1BCDC7D Validity Not Before: May 4 17:52:15 2025 GMT Not After : May 11 17:52:15 2025 GMT Subject: CN=6817a950-8b10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:95:f3:27:7d:16:5f:3b:2e:49:c0:1c:fd:a0: b1:79:6f:1a:c8:ab:2d:6c:27:84:26:d3:bd:e5:f1: 86:39:5d:e8:59:be:fd:10:a7:e2:ac:81:25:a3:b2: 47:b5:52:5e:bc:92:16:26:95:f7:0b:a7:28:96:7f: db:19:1e:22:ec:90:62:29:41:0b:b7:31:3c:70:bd: 62:69:55:df:64:0b:bb:90:a4:4d:2e:49:ae:42:e4: 6e:3f:2e:ae:ce:b4:86:76:72:9f:61:2a:f1:fa:76: 80:1d:14:5d:f0:64:0e:22:a3:79:5a:25:75:a9:3e: ad:d3:91:e7:ed:c7:ce:bc:dc:1b:ea:26:a3:37:34: f9:96:52:c5:81:9d:dc:4d:df:6c:4e:de:86:24:8f: 38:cd:58:06:75:7a:aa:43:88:d1:3e:4d:84:f2:9f: 42:f4:06:53:c1:c8:6c:c6:f2:ec:dd:38:c5:d7:50: 47:1c:51:fa:50:f6:ae:f5:7b:9f:89:59:fb:91:9c: 5d:89:91:66:72:fa:00:23:a3:04:6e:1b:cc:6d:29: 3d:a3:bc:43:7c:4a:d7:13:65:de:6f:6d:79:d8:8c: 01:7b:ab:c3:ba:b9:3b:21:21:80:6e:6f:9a:fd:6b: 0d:6a:a3:0d:48:fb:87:69:d9:ea:3e:c5:83:6a:3b: 57:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:34:A4:86:19:9E:3C:C5:E3:4D:F5:58:E9:4C:07:F5:DE:E2:5C:D6 X509v3 Authority Key Identifier: keyid:3C:1F:DD:8B:A3:01:DC:E3:DB:3F:0B:CC:25:C8:69:4C:E1:BC:DC:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PB_di6MB3OPbPwvMJchpTOG83H0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:af:b1:3f:ef:78:52:a0:50:24:73:52:36:4a:4e:db:1a:c7: 40:9c:94:4b:7a:04:c7:6f:ac:18:8a:17:5f:17:da:d5:d9:4d: 0f:f0:b3:0a:ac:e2:d3:a2:40:0d:b3:4a:0a:19:52:29:65:1a: 5b:1e:b5:8a:2c:81:99:f0:57:a3:c5:63:32:f2:94:c5:21:e8: 77:5a:51:d4:71:8b:f2:35:f9:bd:4f:8f:20:77:87:3c:da:14: ab:7f:18:6b:11:9d:90:76:01:05:d3:34:3b:a9:7d:9f:c9:a2: 14:08:1c:05:b9:33:35:21:95:fe:29:61:fa:20:fd:3e:c0:22: 7f:a0:04:bd:48:bb:7f:81:6d:92:02:19:cf:77:93:f5:9e:db: eb:1d:88:5a:e1:0e:51:aa:ea:66:5e:2e:5b:86:ea:a5:f2:85: 81:41:86:e0:98:e7:29:38:d3:f5:cc:9a:2b:5d:5d:2d:19:13: a4:b3:9d:fa:fe:da:f9:90:5e:0a:ae:dc:54:2c:ea:5e:3f:5c: 14:e7:15:10:a2:fd:08:d3:14:06:6f:0f:3a:1a:ef:61:77:55: 03:be:01:c8:6d:d6:5f:d2:14:2d:7a:1c:9f:42:72:18:91:98: 2b:fd:36:d9:cf:b3:06:7d:d2:5c:35:11:46:a2:25:3e:7c:84: 75:4b:db:9d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDXMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTA4RkQxMTAvBgNVBAUTKDNDMUZERDhCQTMwMURDRTNEQjNGMEJDQzI1Qzg2OTRD RTFCQ0RDN0QwHhcNMjUwNTA0MTc1MjE1WhcNMjUwNTExMTc1MjE1WjAYMRYwFAYD VQQDEw02ODE3YTk1MC04YjEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw5XzJ30WXzsuScAc/aCxeW8ayKstbCeEJtO95fGGOV3oWb79EKfirIElo7JH tVJevJIWJpX3C6coln/bGR4i7JBiKUELtzE8cL1iaVXfZAu7kKRNLkmuQuRuPy6u zrSGdnKfYSrx+naAHRRd8GQOIqN5WiV1qT6t05Hn7cfOvNwb6iajNzT5llLFgZ3c Td9sTt6GJI84zVgGdXqqQ4jRPk2E8p9C9AZTwchsxvLs3TjF11BHHFH6UPau9Xuf iVn7kZxdiZFmcvoAI6MEbhvMbSk9o7xDfErXE2Xeb2152IwBe6vDurk7ISGAbm+a /WsNaqMNSPuHadnqPsWDajtX6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOg0pIYZ njzF4031WOlMB/Xe4lzWMB8GA1UdIwQYMBaAFDwf3YujAdzj2z8LzCXIaUzhvNx9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDhGRC85RjQyRUFEOEM4 QUIxMUU5ODI5RDI4MkZDNEY5QUUwMi9QQl9kaTZNQjNPUGJQd3ZNSmNocFRPRzgz SDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BCX2RpNk1CM09QYlB3dk1KY2hwVE9HODNIMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MDhGRC85RjQyRUFEOEM4QUIxMUU5ODI5RDI4MkZDNEY5QUUwMi9QQl9kaTZNQjNP UGJQd3ZNSmNocFRPRzgzSDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVr7E/73hSoFAkc1I2Sk7bGsdAnJRLegTHb6wYihdfF9rV2U0P8LMK rOLTokANs0oKGVIpZRpbHrWKLIGZ8FejxWMy8pTFIeh3WlHUcYvyNfm9T48gd4c8 2hSrfxhrEZ2QdgEF0zQ7qX2fyaIUCBwFuTM1IZX+KWH6IP0+wCJ/oAS9SLt/gW2S AhnPd5P1ntvrHYha4Q5RqupmXi5bhuql8oWBQYbgmOcpONP1zJorXV0tGROks536 /tr5kF4KrtxULOpeP1wU5xUQov0I0xQGbw86Gu9hd1UDvgHIbdZf0hQtehyfQnIY kZgr/TbZz7MGfdJcNRFGoiU+fIR1S9ud -----END CERTIFICATE-----Generated at Mon May 5 14:38:31 2025 by rpki-client