$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft File: 5bRMaejecz32GWYFbn5BXsfHDSo.mft (raw, json) Hash identifier: Fqvsle/Ehekaqfh9/Bl5hVYWmRo013rQALGiMQs0yKY= Subject key identifier: CA:AE:24:D1:63:55:EA:0C:64:21:5C:68:06:E6:56:AB:6E:F9:61:AD Authority key identifier: E5:B4:4C:69:E8:DE:73:3D:F6:19:66:05:6E:7E:41:5E:C7:C7:0D:2A Certificate issuer: /CN=A91B4873/serialNumber=E5B44C69E8DE733DF61966056E7E415EC7C70D2A Certificate serial: BB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft Manifest number: BA Signing time: Thu 03 Jul 2025 06:04:15 +0000 Manifest this update: Thu 03 Jul 2025 06:04:15 +0000 Manifest next update: Thu 10 Jul 2025 06:04:15 +0000 Files and hashes: 1: 5bRMaejecz32GWYFbn5BXsfHDSo.crl (hash: FroLHuDImgR2sFVZ+93iqVCcGTIZLPPgXyr6RM5v2oE=) 2: 01F62A6438F011EF9A82662BC4F9AE02.roa (hash: 6ibBV+FsUpvviGFZhtbUaWu715IOaDD6qWu96emn7VA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.crl rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 187 (0xbb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4873, serialNumber=E5B44C69E8DE733DF61966056E7E415EC7C70D2A Validity Not Before: Jul 3 06:04:15 2025 GMT Not After : Jul 10 06:04:15 2025 GMT Subject: CN=68661d5f-62e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:d4:04:2f:50:16:43:31:d5:82:34:6d:b5:99: 15:1f:a5:38:91:74:1e:1b:a9:00:89:02:b1:02:4a: a3:3b:8c:d4:35:c6:5b:2c:8b:52:f9:13:87:98:09: 64:e7:b2:3f:73:7c:2f:b3:91:77:3e:7d:fd:cb:4e: ad:8b:80:89:55:03:19:b4:73:6b:e2:de:8c:7a:64: f9:39:af:f8:60:7c:f3:4b:04:36:09:5c:2a:60:a6: 54:42:69:c9:8c:a7:be:0d:38:ba:f2:12:91:85:a6: 34:79:6a:dc:e2:25:dd:f7:df:bb:55:16:06:fc:19: 1b:83:77:49:dd:0d:3b:77:4d:b1:06:03:ba:7f:ba: e9:4f:b0:62:98:64:b9:e4:de:fe:d1:3c:83:45:4d: 60:b4:84:85:f6:ff:11:30:11:e0:7a:30:35:0f:50: 3c:2b:54:97:93:6c:be:d3:01:ab:01:a1:bc:d2:64: 27:60:cd:48:92:cc:de:ea:d3:67:39:cb:aa:ac:b6: 23:0d:83:2e:0b:66:f0:22:1b:75:c5:85:42:ba:13: 4c:b3:92:da:1e:09:ef:a3:d2:82:fc:b8:d5:aa:58: 94:7b:f2:41:75:49:19:cd:8e:68:0c:a5:cc:81:ab: 35:37:0a:2e:17:83:c5:d5:ea:82:4f:88:73:36:0a: 48:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:AE:24:D1:63:55:EA:0C:64:21:5C:68:06:E6:56:AB:6E:F9:61:AD X509v3 Authority Key Identifier: keyid:E5:B4:4C:69:E8:DE:73:3D:F6:19:66:05:6E:7E:41:5E:C7:C7:0D:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a8:4a:41:a4:3d:d0:6e:12:4c:30:cf:8f:c0:16:92:97:0c:f6: 2a:49:38:4c:49:1e:9e:31:04:e8:77:18:2f:b7:d7:f6:cd:d5: 75:a5:21:0b:48:2e:07:70:cc:cd:50:37:63:7d:6f:ff:06:f4: 42:82:2e:4b:00:cd:f1:52:77:a3:c0:e8:75:50:17:ae:b2:9a: cb:35:9f:2a:b0:f8:e1:dd:01:36:20:da:63:74:ca:9d:4d:ba: 47:93:9b:6d:d0:21:f8:59:80:3c:2f:13:8f:59:07:26:42:82: 32:90:98:64:1b:78:8c:1a:17:8b:57:64:a6:7b:75:ca:2c:68: 1e:a2:ab:ae:92:62:fd:68:3d:1d:fa:c6:e4:bf:80:05:b9:59: 51:1c:52:bd:04:9b:05:bb:7c:bc:ab:7b:c2:c0:6b:c3:13:43: a4:1e:9b:9b:16:3f:01:01:50:c4:2a:c6:73:d1:83:c3:7b:59: e4:e0:43:0e:2d:32:6e:12:a8:0b:f9:0d:1c:48:85:c4:94:9f: b6:d8:de:30:8b:1b:ba:a9:82:0e:c4:0d:93:00:39:74:61:0e: 13:a9:fa:b7:9c:f4:29:b7:7b:91:a5:0c:00:cd:8b:ed:99:9d: 7e:ee:3a:3a:a2:96:cc:6d:80:97:39:37:5b:19:23:2b:af:35: 86:05:d4:56 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQ4NzMxMTAvBgNVBAUTKEU1QjQ0QzY5RThERTczM0RGNjE5NjYwNTZFN0U0MTVF QzdDNzBEMkEwHhcNMjUwNzAzMDYwNDE1WhcNMjUwNzEwMDYwNDE1WjAYMRYwFAYD VQQDEw02ODY2MWQ1Zi02MmU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq9QEL1AWQzHVgjRttZkVH6U4kXQeG6kAiQKxAkqjO4zUNcZbLItS+ROHmAlk 57I/c3wvs5F3Pn39y06ti4CJVQMZtHNr4t6MemT5Oa/4YHzzSwQ2CVwqYKZUQmnJ jKe+DTi68hKRhaY0eWrc4iXd99+7VRYG/Bkbg3dJ3Q07d02xBgO6f7rpT7BimGS5 5N7+0TyDRU1gtISF9v8RMBHgejA1D1A8K1SXk2y+0wGrAaG80mQnYM1Iksze6tNn OcuqrLYjDYMuC2bwIht1xYVCuhNMs5LaHgnvo9KC/LjVqliUe/JBdUkZzY5oDKXM gas1NwouF4PF1eqCT4hzNgpIEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMquJNFj VeoMZCFcaAbmVqtu+WGtMB8GA1UdIwQYMBaAFOW0TGno3nM99hlmBW5+QV7Hxw0q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDg3My80RTI1QzhCQzM4 RTcxMUVGODQ0QjRGNjVDNEY5QUUwMi81YlJNYWVqZWN6MzJHV1lGYm41QlhzZkhE U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzViUk1hZWplY3ozMkdXWUZibjVCWHNmSERTby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDg3My80RTI1QzhCQzM4RTcxMUVGODQ0QjRGNjVDNEY5QUUwMi81YlJNYWVqZWN6 MzJHV1lGYm41QlhzZkhEU28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCoSkGkPdBuEkwwz4/AFpKXDPYqSThMSR6eMQTodxgvt9f2zdV1pSEL SC4HcMzNUDdjfW//BvRCgi5LAM3xUnejwOh1UBeusprLNZ8qsPjh3QE2INpjdMqd TbpHk5tt0CH4WYA8LxOPWQcmQoIykJhkG3iMGheLV2Sme3XKLGgeoquukmL9aD0d +sbkv4AFuVlRHFK9BJsFu3y8q3vCwGvDE0OkHpubFj8BAVDEKsZz0YPDe1nk4EMO LTJuEqgL+Q0cSIXElJ+22N4wixu6qYIOxA2TADl0YQ4Tqfq3nPQpt3uRpQwAzYvt mZ1+7jo6opbMbYCXOTdbGSMrrzWGBdRW -----END CERTIFICATE-----Generated at Thu Jul 3 17:31:38 2025 by rpki-client