$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft File: tBFqjm2pkf3PcWJue-oR_2nLqEY.mft (raw, json) Hash identifier: ksNyXcO1d5QFmJJOplKHUMTGU+XgDX09kniGnes3pps= Subject key identifier: 13:61:00:6C:57:09:E0:65:37:3C:5A:6D:5E:DB:47:D2:3A:2F:75:69 Authority key identifier: B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 Certificate issuer: /CN=A91A4402/serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Certificate serial: 0BCD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft Manifest number: 0B72 Signing time: Sat 10 May 2025 18:59:43 +0000 Manifest this update: Sat 10 May 2025 18:59:43 +0000 Manifest next update: Sat 17 May 2025 18:59:43 +0000 Files and hashes: 1: tBFqjm2pkf3PcWJue-oR_2nLqEY.crl (hash: PRWtWSwOu2x9Pw7YciwHoT0NTxtxvtOtXoMmNy1+fb4=) 2: 6CAE0142092E11F094B4703FC4F9AE02.roa (hash: byY9F3PbnJNIoimN7egEeNickEL3qCj6OzKlPrHLyWI=) 3: 4283EC800E9A11F0A4CEB90AC4F9AE02.roa (hash: WaKafOz55Dy7N84Ha6z/9ygM1gQG3YThw4qCwUNSz/E=) 4: AFB0F1260F5E11F0ABB59D3DC4F9AE02.roa (hash: 5O0YXigo9eoWRtsR3EdxzwNwkKAx4QzihBZErFieQHg=) 5: 7A35195A0A1811F0ADFE8D2DC4F9AE02.roa (hash: kzCmoo+IjhlPEf88D9nrDgIHNSfXTuGVVGf2u6U7d4w=) 6: FDA1FF440E9911F08D37E709C4F9AE02.roa (hash: 6bU/Nb5/KOjdbvl4huRqc6WCdK++PkccLCcpT5AshY8=) 7: 4353C2FC0E9A11F0A4CEB90AC4F9AE02.roa (hash: 0+sKDOBipHkQz4nFhrXYbndaiKHptrj+HuFFMm1OOrQ=) 8: 9584CC888FD611ECB5BAF00AC4F9AE02.roa (hash: zOSU8HWzTX62npxk0Z0KI/TANc0CI5bXMVq+SzVjDCo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 18:59:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3021 (0xbcd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4402, serialNumber=B4116A8E6DA991FDCF71626E7BEA11FF69CBA846 Validity Not Before: May 10 18:59:43 2025 GMT Not After : May 17 18:59:43 2025 GMT Subject: CN=681fa21f-3b25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:58:25:dc:79:de:34:85:af:28:7a:8d:76:06: 9d:f6:6b:87:fb:2c:9c:fe:11:19:0f:5d:0a:d1:09: 67:38:53:d8:f1:26:80:72:eb:be:a7:41:86:27:89: ad:1f:58:db:86:fe:c7:f3:ae:ff:9a:d5:e9:a6:3a: 47:5f:a6:3f:7d:f7:11:64:dd:b5:e6:70:f6:db:0a: a8:c1:c1:aa:0a:91:37:60:62:6c:b9:59:1b:73:e1: 54:28:96:63:a0:b5:47:63:56:c5:54:24:a8:f9:b8: d6:b3:1b:7a:56:f1:70:b5:dc:d5:9d:80:bc:f7:d8: fe:6a:a6:84:33:4b:1b:08:8d:47:b0:91:6e:91:f6: 72:28:1a:6e:8b:7a:dc:b2:17:e9:97:4d:b7:4b:12: 25:64:3c:5d:2f:57:0c:c6:a0:d0:0e:bf:b5:5c:40: 84:f6:76:0a:2d:63:57:7d:01:c6:36:96:71:43:47: 48:98:c9:1d:c1:31:3f:88:f4:ad:ac:a5:20:e9:c9: 1f:44:0a:f1:a5:9a:0c:36:56:40:ab:11:41:e8:79: 79:a2:3c:47:1a:3b:1e:92:93:ec:c9:82:2f:b5:b8: a1:e3:75:18:8a:17:1e:48:c2:1d:f9:b6:5f:13:32: 5b:b1:59:5e:87:8d:aa:a4:8b:1f:04:d1:e7:c4:18: ca:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:61:00:6C:57:09:E0:65:37:3C:5A:6D:5E:DB:47:D2:3A:2F:75:69 X509v3 Authority Key Identifier: keyid:B4:11:6A:8E:6D:A9:91:FD:CF:71:62:6E:7B:EA:11:FF:69:CB:A8:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tBFqjm2pkf3PcWJue-oR_2nLqEY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4402/FDBFD0203D9611EA8EA0702FC4F9AE02/tBFqjm2pkf3PcWJue-oR_2nLqEY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:fc:07:4b:9f:b0:cb:95:27:7a:5a:1b:b0:c7:30:0b:1b:8f: 10:a7:cc:f1:81:3b:86:60:6f:a7:ee:cf:a3:64:a8:8a:b2:a3: b9:71:f1:fc:6d:82:d2:a4:98:42:50:e5:8a:83:2a:5c:35:70: ba:11:6f:f0:76:96:29:8a:b1:04:94:2a:99:c6:4a:44:a7:3e: 23:82:15:31:8b:7c:04:02:36:5b:02:79:fc:6f:16:cf:d5:1b: 4a:27:ab:d2:84:a9:a5:d5:c0:db:15:51:17:25:40:45:61:0f: c2:eb:80:b7:f2:a0:86:bd:3a:f3:95:54:70:66:9c:b8:a4:ac: d8:db:cb:88:a2:ea:1f:1a:e9:d7:39:7b:6c:42:43:f7:8a:aa: 3b:59:d3:dd:d3:a5:e7:fb:92:8e:37:ca:60:83:9e:32:19:49: e1:b4:95:5d:72:4f:d0:af:0f:b5:bd:30:93:39:7c:ad:94:d6: 99:84:68:83:da:4b:35:d7:bc:4c:3f:df:07:37:f4:e2:9f:7c: 95:6f:26:47:ab:d5:8c:16:95:fe:5e:4d:fc:02:a5:55:ed:55: 69:b4:7a:d4:1f:11:02:dc:1a:3d:c0:7f:d1:4c:f8:85:6f:03: 78:8b:a5:eb:f1:7d:08:77:22:d2:65:a1:a6:de:a3:43:c8:72: 2c:c0:60:6f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC80wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ0MDIxMTAvBgNVBAUTKEI0MTE2QThFNkRBOTkxRkRDRjcxNjI2RTdCRUExMUZG NjlDQkE4NDYwHhcNMjUwNTEwMTg1OTQzWhcNMjUwNTE3MTg1OTQzWjAYMRYwFAYD VQQDEw02ODFmYTIxZi0zYjI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1Vgl3HneNIWvKHqNdgad9muH+yyc/hEZD10K0QlnOFPY8SaAcuu+p0GGJ4mt H1jbhv7H867/mtXppjpHX6Y/ffcRZN215nD22wqowcGqCpE3YGJsuVkbc+FUKJZj oLVHY1bFVCSo+bjWsxt6VvFwtdzVnYC899j+aqaEM0sbCI1HsJFukfZyKBpui3rc shfpl023SxIlZDxdL1cMxqDQDr+1XECE9nYKLWNXfQHGNpZxQ0dImMkdwTE/iPSt rKUg6ckfRArxpZoMNlZAqxFB6Hl5ojxHGjsekpPsyYIvtbih43UYihceSMId+bZf EzJbsVleh42qpIsfBNHnxBjK2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBNhAGxX CeBlNzxabV7bR9I6L3VpMB8GA1UdIwQYMBaAFLQRao5tqZH9z3FibnvqEf9py6hG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQwMi9GREJGRDAyMDNE OTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtmM1BjV0p1ZS1vUl8ybkxx RVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RCRnFqbTJwa2YzUGNXSnVlLW9SXzJuTHFFWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NDQwMi9GREJGRDAyMDNEOTYxMUVBOEVBMDcwMkZDNEY5QUUwMi90QkZxam0ycGtm M1BjV0p1ZS1vUl8ybkxxRVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAL/AdLn7DLlSd6WhuwxzALG48Qp8zxgTuGYG+n7s+jZKiKsqO5cfH8 bYLSpJhCUOWKgypcNXC6EW/wdpYpirEElCqZxkpEpz4jghUxi3wEAjZbAnn8bxbP 1RtKJ6vShKml1cDbFVEXJUBFYQ/C64C38qCGvTrzlVRwZpy4pKzY28uIouofGunX OXtsQkP3iqo7WdPd06Xn+5KON8pgg54yGUnhtJVdck/Qrw+1vTCTOXytlNaZhGiD 2ks117xMP98HN/Tin3yVbyZHq9WMFpX+Xk38AqVV7VVptHrUHxEC3Bo9wH/RTPiF bwN4i6Xr8X0IdyLSZaGm3qNDyHIswGBv -----END CERTIFICATE-----Generated at Sun May 11 19:13:50 2025 by rpki-client