$ rpki-client -vvf rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/DfmeMksOOlPo5W1wIP9vvFvxywI.mft File: DfmeMksOOlPo5W1wIP9vvFvxywI.mft (raw, json) Hash identifier: ruzrBLXX6yM/ZRhVAOlSJJqTWd1JSHzNuJ6P1h0ZSNg= Subject key identifier: 56:95:94:27:53:DA:91:F8:41:FA:A6:C7:5B:AF:D1:3A:0E:3A:42:0A Authority key identifier: 0D:F9:9E:32:4B:0E:3A:53:E8:E5:6D:70:20:FF:6F:BC:5B:F1:CB:02 Certificate issuer: /CN=A91D72CC/serialNumber=0DF99E324B0E3A53E8E56D7020FF6FBC5BF1CB02 Certificate serial: 0DEC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DfmeMksOOlPo5W1wIP9vvFvxywI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/DfmeMksOOlPo5W1wIP9vvFvxywI.mft Manifest number: 0E25 Signing time: Mon 12 May 2025 17:46:34 +0000 Manifest this update: Mon 12 May 2025 17:46:34 +0000 Manifest next update: Mon 19 May 2025 17:46:34 +0000 Files and hashes: 1: DfmeMksOOlPo5W1wIP9vvFvxywI.crl (hash: cXA1LPUpZtGb+VctOusKfmj2DjKKApfW4P1DHrfMqCg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/DfmeMksOOlPo5W1wIP9vvFvxywI.crl rsync://rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/DfmeMksOOlPo5W1wIP9vvFvxywI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DfmeMksOOlPo5W1wIP9vvFvxywI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 17:46:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3564 (0xdec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D72CC, serialNumber=0DF99E324B0E3A53E8E56D7020FF6FBC5BF1CB02 Validity Not Before: May 12 17:46:34 2025 GMT Not After : May 19 17:46:34 2025 GMT Subject: CN=682233fa-e93a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:b1:42:06:3d:9a:b8:7f:6d:c6:70:c8:67:eb: ac:dd:ab:19:53:9e:04:c9:bc:90:94:81:4d:c0:ff: 5d:ee:47:d4:b7:fb:3a:0a:41:dd:f0:f8:52:ad:42: 66:74:e0:37:5f:59:4a:06:e9:5a:a4:77:b9:17:8c: 34:98:65:8b:ad:5c:25:6f:b8:7c:20:3b:70:41:91: c5:fd:c7:81:f1:d3:33:e1:b1:bd:10:87:70:91:70: 31:e6:0f:88:bf:7c:fe:e3:95:c7:a7:af:13:0d:7a: f4:5a:90:7b:2b:84:ad:d1:12:7b:4c:09:9a:b5:02: 92:b9:a2:b9:ba:c5:52:f4:76:d6:15:a0:1b:30:e7: 69:63:2e:34:a2:4e:d5:7d:ea:16:1a:af:e2:7d:0d: ea:30:45:57:5f:38:29:7c:32:d9:59:ba:d1:57:db: 88:4a:fa:7f:78:05:79:6e:d9:90:9f:8e:68:f9:e5: 24:47:30:04:0e:ec:8a:06:11:30:f1:83:1b:4d:f6: 0e:4b:08:16:a4:81:5c:29:87:fc:e2:02:69:94:b8: 00:c0:25:86:44:d6:3a:10:59:5d:3a:ea:b7:4f:f9: 05:99:c6:64:d1:a5:59:3d:69:cd:cb:e0:f5:d5:fc: ef:b3:71:90:ff:e6:60:46:e0:88:3a:d9:ba:23:8d: 14:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:95:94:27:53:DA:91:F8:41:FA:A6:C7:5B:AF:D1:3A:0E:3A:42:0A X509v3 Authority Key Identifier: keyid:0D:F9:9E:32:4B:0E:3A:53:E8:E5:6D:70:20:FF:6F:BC:5B:F1:CB:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/DfmeMksOOlPo5W1wIP9vvFvxywI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DfmeMksOOlPo5W1wIP9vvFvxywI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D72CC/4330AC9CB36D11E98246ED0AC4F9AE02/DfmeMksOOlPo5W1wIP9vvFvxywI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 78:b1:df:29:4c:01:dc:5f:33:31:8e:30:52:dc:1a:ec:39:4b: 67:c7:93:6c:30:c4:6a:01:60:f8:9a:00:a3:2e:82:47:17:22: a7:09:bf:69:05:1e:08:cd:ff:41:60:ca:c4:78:8a:2e:3d:8c: ef:94:89:c4:6a:53:b8:07:55:26:c0:88:9c:23:85:04:65:bc: f0:ca:60:58:fa:06:8b:2a:b8:59:2d:3a:bd:0d:f5:4a:cf:98: 53:1f:74:f4:a5:1b:00:e8:84:54:f5:9f:55:9e:14:d5:e6:e7: 28:6a:ad:b7:34:44:49:f8:32:4f:57:8b:db:4d:7f:73:47:37: 7b:2a:2c:27:69:09:88:4a:f0:c3:8c:eb:38:c0:46:5e:18:27: eb:b8:a4:fe:12:1c:9d:32:db:c1:2e:d4:cb:f0:fd:b0:7c:eb: 75:5c:8a:47:4a:e1:34:87:7f:b9:dc:4e:5d:c6:dd:4c:66:e5: ea:d3:0c:9d:a2:7f:6d:6f:42:27:29:f8:24:0c:e4:33:fa:7e: cf:7e:28:78:88:15:a5:24:78:39:58:85:9f:23:42:94:0f:be: 43:f9:f8:bb:4b:a4:9a:4b:db:30:0f:0a:7d:24:21:99:f6:d5: be:03:65:11:d6:fa:92:38:b9:86:27:ec:ac:27:dd:1e:bc:0b: 5d:b9:19:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDewwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDcyQ0MxMTAvBgNVBAUTKDBERjk5RTMyNEIwRTNBNTNFOEU1NkQ3MDIwRkY2RkJD NUJGMUNCMDIwHhcNMjUwNTEyMTc0NjM0WhcNMjUwNTE5MTc0NjM0WjAYMRYwFAYD VQQDEw02ODIyMzNmYS1lOTNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8LFCBj2auH9txnDIZ+us3asZU54EybyQlIFNwP9d7kfUt/s6CkHd8PhSrUJm dOA3X1lKBulapHe5F4w0mGWLrVwlb7h8IDtwQZHF/ceB8dMz4bG9EIdwkXAx5g+I v3z+45XHp68TDXr0WpB7K4St0RJ7TAmatQKSuaK5usVS9HbWFaAbMOdpYy40ok7V feoWGq/ifQ3qMEVXXzgpfDLZWbrRV9uISvp/eAV5btmQn45o+eUkRzAEDuyKBhEw 8YMbTfYOSwgWpIFcKYf84gJplLgAwCWGRNY6EFldOuq3T/kFmcZk0aVZPWnNy+D1 1fzvs3GQ/+ZgRuCIOtm6I40UOwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFaVlCdT 2pH4Qfqmx1uv0ToOOkIKMB8GA1UdIwQYMBaAFA35njJLDjpT6OVtcCD/b7xb8csC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENzJDQy80MzMwQUM5Q0Iz NkQxMUU5ODI0NkVEMEFDNEY5QUUwMi9EZm1lTWtzT09sUG81VzF3SVA5dnZGdnh5 d0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RmbWVNa3NPT2xQbzVXMXdJUDl2dkZ2eHl3SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NzJDQy80MzMwQUM5Q0IzNkQxMUU5ODI0NkVEMEFDNEY5QUUwMi9EZm1lTWtzT09s UG81VzF3SVA5dnZGdnh5d0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB4sd8pTAHcXzMxjjBS3BrsOUtnx5NsMMRqAWD4mgCjLoJHFyKnCb9p BR4Izf9BYMrEeIouPYzvlInEalO4B1UmwIicI4UEZbzwymBY+gaLKrhZLTq9DfVK z5hTH3T0pRsA6IRU9Z9VnhTV5ucoaq23NERJ+DJPV4vbTX9zRzd7KiwnaQmISvDD jOs4wEZeGCfruKT+EhydMtvBLtTL8P2wfOt1XIpHSuE0h3+53E5dxt1MZuXq0wyd on9tb0InKfgkDOQz+n7Pfih4iBWlJHg5WIWfI0KUD75D+fi7S6SaS9swDwp9JCGZ 9tW+A2UR1vqSOLmGJ+ysJ90evAtduRlo -----END CERTIFICATE-----Generated at Tue May 13 10:33:42 2025 by rpki-client