$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft File: -Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft (raw, json) Hash identifier: fjNgMWxOvjpgUSp8wnHC+X3xzQ7CnTUimztzeB/o58M= Subject key identifier: DD:B0:8D:E6:33:52:4E:FC:EB:2F:88:BC:EE:D5:58:4C:61:DA:83:3B Authority key identifier: F9:1A:3A:98:31:43:84:C4:03:A8:FF:22:A4:53:BC:A1:A3:BA:6C:D8 Certificate issuer: /CN=A91D3102/serialNumber=F91A3A98314384C403A8FF22A453BCA1A3BA6CD8 Certificate serial: 2DD0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft Manifest number: 2DB8 Signing time: Fri 16 May 2025 15:41:21 +0000 Manifest this update: Fri 16 May 2025 15:41:21 +0000 Manifest next update: Fri 23 May 2025 15:41:21 +0000 Files and hashes: 1: -Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl (hash: I/e5rDk/mn276k+k4ljwlPdOLDQQxENKAn0t6ez/Qiw=) 2: 611D8094B13D11E59299870AC4F9AE02.roa (hash: Ge8zFlpjpqEtuKQN0h56H1Urr1O0D0HMkBD9jJfCPmM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 23 May 2025 15:41:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11728 (0x2dd0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3102, serialNumber=F91A3A98314384C403A8FF22A453BCA1A3BA6CD8 Validity Not Before: May 16 15:41:21 2025 GMT Not After : May 23 15:41:21 2025 GMT Subject: CN=68275ca1-e230 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:4a:ac:2c:15:e1:29:05:74:fe:ba:7d:18:49: 8a:db:d0:03:7c:78:a8:dc:49:3a:fa:bd:ea:24:37: 8a:89:b9:cc:67:de:d1:9a:f1:53:92:31:aa:8a:01: 35:e7:91:f5:8b:f6:27:83:92:aa:c7:5d:b8:b1:96: 48:f1:65:2e:e8:df:8d:60:09:e6:86:ae:05:a3:ec: af:15:cb:d2:45:47:4a:41:2c:9e:65:71:b7:4e:47: cc:96:9f:0b:5b:81:bd:88:27:33:3a:57:21:02:f5: 5d:45:b4:62:ff:df:ea:bf:a5:45:f4:63:a1:b3:7e: 45:f1:ac:52:f5:68:b5:9b:ed:60:0c:8a:06:0b:90: 4a:ea:0c:53:85:58:f0:3f:dd:a0:77:08:c9:2c:77: 76:86:2d:f2:a9:1b:62:39:57:50:7b:4d:03:8e:04: ee:98:81:59:f3:fd:9c:d8:8c:81:3c:ca:bc:76:a7: f6:93:f7:21:c7:d3:a8:25:cc:00:74:42:23:27:5b: ec:2a:5a:db:0c:e2:14:05:9c:5f:18:2d:1c:87:66: 2e:c0:a2:ab:59:f9:92:92:8a:22:86:7e:98:97:47: 01:2f:08:f2:30:20:d9:f7:e3:94:f6:63:90:fc:40: d3:8e:94:98:70:bb:9a:f4:0d:e1:15:75:59:d2:17: 83:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:B0:8D:E6:33:52:4E:FC:EB:2F:88:BC:EE:D5:58:4C:61:DA:83:3B X509v3 Authority Key Identifier: keyid:F9:1A:3A:98:31:43:84:C4:03:A8:FF:22:A4:53:BC:A1:A3:BA:6C:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3102/D4AEE2C8768E11E399A957455911EA32/-Ro6mDFDhMQDqP8ipFO8oaO6bNg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 64:aa:db:8c:b8:ca:86:a8:65:5b:48:08:2a:ec:ca:60:c5:85: a5:cf:f6:ff:2c:9e:4f:19:b9:19:66:28:24:b4:19:fe:7f:18: e6:9a:8b:fd:06:3d:5a:56:92:cd:5b:0d:c3:18:7b:b0:39:74: 6a:fb:75:5d:12:fb:c3:a4:aa:41:2b:e9:a2:23:0e:5e:9d:52: b5:b2:35:3d:7d:59:dd:6b:1d:46:80:80:89:75:c5:ee:87:f9: 3a:c8:1d:19:41:4b:44:07:20:34:4e:96:40:1b:08:39:66:3c: 6e:c1:6d:4f:a8:6d:4c:e9:6b:56:00:1d:7b:fc:4b:84:7a:3d: 69:b9:f7:1f:f0:a8:48:66:72:81:92:90:32:a7:ef:85:48:04: 72:2e:7f:e6:62:e6:59:5e:5b:19:7a:9b:ce:6e:19:b7:54:5a: 79:af:a6:7f:af:ac:98:c6:fd:27:5f:ef:86:a0:a4:66:02:af: fb:7a:a4:16:c0:83:86:83:17:50:62:19:e8:c8:0f:60:16:92: b1:00:fe:d2:5e:e6:36:2c:83:13:f9:67:df:4a:75:34:74:e9: 2b:03:df:77:46:30:04:0b:d6:c7:e1:10:bc:21:36:67:58:e2: 83:44:f0:95:7a:8c:74:e1:43:51:5a:fe:f7:a8:b6:2b:c3:22: ef:c1:dc:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICLdAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDMxMDIxMTAvBgNVBAUTKEY5MUEzQTk4MzE0Mzg0QzQwM0E4RkYyMkE0NTNCQ0Ex QTNCQTZDRDgwHhcNMjUwNTE2MTU0MTIxWhcNMjUwNTIzMTU0MTIxWjAYMRYwFAYD VQQDEw02ODI3NWNhMS1lMjMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArkqsLBXhKQV0/rp9GEmK29ADfHio3Ek6+r3qJDeKibnMZ97RmvFTkjGqigE1 55H1i/Yng5Kqx124sZZI8WUu6N+NYAnmhq4Fo+yvFcvSRUdKQSyeZXG3TkfMlp8L W4G9iCczOlchAvVdRbRi/9/qv6VF9GOhs35F8axS9Wi1m+1gDIoGC5BK6gxThVjw P92gdwjJLHd2hi3yqRtiOVdQe00DjgTumIFZ8/2c2IyBPMq8dqf2k/chx9OoJcwA dEIjJ1vsKlrbDOIUBZxfGC0ch2YuwKKrWfmSkooihn6Yl0cBLwjyMCDZ9+OU9mOQ /EDTjpSYcLua9A3hFXVZ0heDOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN2wjeYz Uk786y+IvO7VWExh2oM7MB8GA1UdIwQYMBaAFPkaOpgxQ4TEA6j/IqRTvKGjumzY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMzEwMi9ENEFFRTJDODc2 OEUxMUUzOTlBOTU3NDU1OTExRUEzMi8tUm82bURGRGhNUURxUDhpcEZPOG9hTzZi TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1SbzZtREZEaE1RRHFQOGlwRk84b2FPNmJOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MzEwMi9ENEFFRTJDODc2OEUxMUUzOTlBOTU3NDU1OTExRUEzMi8tUm82bURGRGhN UURxUDhpcEZPOG9hTzZiTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBkqtuMuMqGqGVbSAgq7MpgxYWlz/b/LJ5PGbkZZigktBn+fxjmmov9 Bj1aVpLNWw3DGHuwOXRq+3VdEvvDpKpBK+miIw5enVK1sjU9fVndax1GgICJdcXu h/k6yB0ZQUtEByA0TpZAGwg5ZjxuwW1PqG1M6WtWAB17/EuEej1pufcf8KhIZnKB kpAyp++FSARyLn/mYuZZXlsZepvObhm3VFp5r6Z/r6yYxv0nX++GoKRmAq/7eqQW wIOGgxdQYhnoyA9gFpKxAP7SXuY2LIMT+WffSnU0dOkrA993RjAEC9bH4RC8ITZn WOKDRPCVeox04UNRWv73qLYrwyLvwdxT -----END CERTIFICATE-----Generated at Fri May 16 19:22:19 2025 by rpki-client