$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft File: CB6icKn0s2sOyJai0hSO5Ok-Xys.mft (raw, json) Hash identifier: yCEJCZWs5WgYKiOl0Cumb6FFYQ6es/uwEoK57SpXbEY= Subject key identifier: 4E:F5:7C:82:39:A4:2B:E9:91:85:F1:72:F4:3F:26:39:92:64:B3:18 Authority key identifier: 08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B Certificate issuer: /CN=A91BB921/serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Certificate serial: 0123 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft Manifest number: 0121 Signing time: Tue 13 May 2025 03:55:39 +0000 Manifest this update: Tue 13 May 2025 03:55:38 +0000 Manifest next update: Tue 20 May 2025 03:55:38 +0000 Files and hashes: 1: CB6icKn0s2sOyJai0hSO5Ok-Xys.crl (hash: ZOqG/2MhcO9ws+C4IwM7bVGRgPlb3X/ouc1JtG7vOE0=) 2: 5A387584756311EEA256FD57C4F9AE02.roa (hash: UFjrfeuvHWS1oxtfXr6IVRfPvTnGzzV9TdVJHu2o8cI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 03:55:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 291 (0x123) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB921, serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Validity Not Before: May 13 03:55:38 2025 GMT Not After : May 20 03:55:38 2025 GMT Subject: CN=6822c2ba-c362 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b2:d1:36:fa:12:63:5e:4e:10:a5:aa:40:f1: 76:16:6c:f0:29:0f:2b:55:cb:e2:38:42:57:62:d8: 09:ea:4f:8a:6a:9e:dd:7a:94:35:71:e7:29:00:5c: ce:f5:bd:5f:c2:da:53:59:fe:f5:32:85:5b:45:cf: 10:db:f3:eb:54:ec:c2:f8:c4:25:d9:8e:1e:ee:72: 80:0b:5f:20:ef:4d:11:24:43:70:1e:7a:b8:dc:d2: 08:5e:1e:66:83:43:d6:7d:e7:71:24:9f:5e:cd:dc: 0c:5e:7d:01:8a:32:c2:db:9b:76:15:46:9a:8f:e9: 98:3f:e9:07:66:10:6f:a0:4f:1f:a1:05:62:bb:68: 14:95:83:b8:22:93:0e:e1:8b:8b:f3:50:f6:2f:89: dd:42:00:1d:97:f1:6d:fd:4e:e2:5d:9e:0c:8a:40: 20:59:60:81:e0:c9:14:a6:ce:83:24:be:05:37:5a: 22:d2:ea:0f:cb:d3:23:7d:d1:78:62:8a:cc:9a:1f: 19:fc:9f:ee:fa:93:0c:dd:cf:80:bf:d8:ea:24:7a: 2e:d2:b4:47:16:bc:e6:e3:8c:a5:97:c0:99:11:16: c4:12:42:a2:0a:19:34:73:83:6a:9f:c5:de:c2:20: eb:56:8f:e6:b7:4f:57:84:ba:11:f0:cf:6c:0b:7c: 5b:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:F5:7C:82:39:A4:2B:E9:91:85:F1:72:F4:3F:26:39:92:64:B3:18 X509v3 Authority Key Identifier: keyid:08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:2e:74:9d:8d:bb:72:b5:b4:de:cb:f9:5d:a4:71:c6:be:2b: d6:c7:42:bb:39:0d:99:71:80:6e:4e:f2:da:77:6e:57:c4:f6: 5e:6b:9e:f5:24:1a:b7:a1:c4:9a:ab:a0:f7:1c:d2:3a:6a:3a: a4:ab:ea:f2:25:ca:e1:33:b3:ff:07:5d:ac:ae:c0:f2:3d:ea: 12:8f:74:17:54:02:c1:25:6f:85:25:27:4a:51:94:f3:f6:dd: 30:0c:cf:af:00:ba:7b:6b:30:ca:88:9a:96:46:b4:92:75:7f: be:db:50:60:e0:1f:a9:d9:b1:51:42:09:f5:32:d6:b2:c1:2b: f2:f8:0a:3b:11:b0:6e:f9:b5:a8:aa:7a:c4:d6:7b:d1:cf:c9: 9f:92:e5:e9:da:2b:73:e8:f3:90:1c:43:a1:6b:10:86:ea:2f: 28:46:37:30:e5:02:66:a3:2d:ed:09:a7:17:80:b3:75:7d:a9: c4:32:1e:2e:8d:8c:80:bd:9a:93:7a:fa:63:51:1e:b5:7e:1b: ce:ba:15:5d:b1:c2:a9:1f:21:7d:28:8e:b6:c1:de:77:58:46: a2:3e:2a:ad:c2:9f:cc:00:32:19:75:10:ef:c0:b5:c9:e6:85: 0d:c7:01:f5:4e:22:9a:2a:c0:c5:cf:a5:97:a3:7f:44:29:3b: 1c:99:0a:0c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI5MjExMTAvBgNVBAUTKDA4MUVBMjcwQTlGNEIzNkIwRUM4OTZBMkQyMTQ4RUU0 RTkzRTVGMkIwHhcNMjUwNTEzMDM1NTM4WhcNMjUwNTIwMDM1NTM4WjAYMRYwFAYD VQQDEw02ODIyYzJiYS1jMzYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsrLRNvoSY15OEKWqQPF2FmzwKQ8rVcviOEJXYtgJ6k+Kap7depQ1cecpAFzO 9b1fwtpTWf71MoVbRc8Q2/PrVOzC+MQl2Y4e7nKAC18g700RJENwHnq43NIIXh5m g0PWfedxJJ9ezdwMXn0BijLC25t2FUaaj+mYP+kHZhBvoE8foQViu2gUlYO4IpMO 4YuL81D2L4ndQgAdl/Ft/U7iXZ4MikAgWWCB4MkUps6DJL4FN1oi0uoPy9MjfdF4 YorMmh8Z/J/u+pMM3c+Av9jqJHou0rRHFrzm44yll8CZERbEEkKiChk0c4Nqn8Xe wiDrVo/mt09XhLoR8M9sC3xbuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE71fII5 pCvpkYXxcvQ/JjmSZLMYMB8GA1UdIwQYMBaAFAgeonCp9LNrDsiWotIUjuTpPl8r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjkyMS9EREI4RTE0Qzc1 NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMyc095SmFpMGhTTzVPay1Y eXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NCNmljS24wczJzT3lKYWkwaFNPNU9rLVh5cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjkyMS9EREI4RTE0Qzc1NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMy c095SmFpMGhTTzVPay1YeXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJLnSdjbtytbTey/ldpHHGvivWx0K7OQ2ZcYBuTvLad25XxPZea571 JBq3ocSaq6D3HNI6ajqkq+ryJcrhM7P/B12srsDyPeoSj3QXVALBJW+FJSdKUZTz 9t0wDM+vALp7azDKiJqWRrSSdX++21Bg4B+p2bFRQgn1MtaywSvy+Ao7EbBu+bWo qnrE1nvRz8mfkuXp2itz6POQHEOhaxCG6i8oRjcw5QJmoy3tCacXgLN1fanEMh4u jYyAvZqTevpjUR61fhvOuhVdscKpHyF9KI62wd53WEaiPiqtwp/MADIZdRDvwLXJ 5oUNxwH1TiKaKsDFz6WXo39EKTscmQoM -----END CERTIFICATE-----Generated at Tue May 13 18:54:34 2025 by rpki-client