$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft File: 30fOzFfqiK65ajhlVgufImC6mQ4.mft (raw, json) Hash identifier: iJOXIXxdkGZFlY6d9JPZjkbJ1tqPHBRjrosHSXvG+84= Subject key identifier: 1C:7C:A7:E2:D2:3E:F1:B3:CF:CD:A1:C5:EA:7C:AD:FB:EE:43:26:08 Authority key identifier: DF:47:CE:CC:57:EA:88:AE:B9:6A:38:65:56:0B:9F:22:60:BA:99:0E Certificate issuer: /CN=A91DBA5B/serialNumber=DF47CECC57EA88AEB96A3865560B9F2260BA990E Certificate serial: 7E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/30fOzFfqiK65ajhlVgufImC6mQ4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft Manifest number: 7D Signing time: Sun 11 May 2025 05:27:00 +0000 Manifest this update: Sun 11 May 2025 05:27:00 +0000 Manifest next update: Sun 18 May 2025 05:27:00 +0000 Files and hashes: 1: 30fOzFfqiK65ajhlVgufImC6mQ4.crl (hash: iRFq6QaVe59FelCbXD+ATap62S94z7+PQzsCFBI7Mps=) 2: 02389B7670E811EFA8DBE571C4F9AE02.roa (hash: AxDsA8rt+K98y/uEnY4JUiHZ0XXqFDNJTlI0IgqxxqQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.crl rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/30fOzFfqiK65ajhlVgufImC6mQ4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 05:27:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 126 (0x7e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBA5B, serialNumber=DF47CECC57EA88AEB96A3865560B9F2260BA990E Validity Not Before: May 11 05:27:00 2025 GMT Not After : May 18 05:27:00 2025 GMT Subject: CN=68203524-034b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:b8:63:a3:5a:bf:c2:d2:38:e5:9b:a2:a8:cc: 91:59:44:7c:ea:8f:45:8d:28:84:47:9b:c7:3c:97: dc:93:14:a8:eb:e4:c1:f2:73:17:1c:e2:cd:2b:fb: 69:0a:38:c4:20:a6:12:b9:15:6e:19:ca:30:84:ee: b8:48:39:55:57:64:e4:00:53:d9:7c:78:03:b7:98: e6:5c:db:0d:03:62:ef:f6:bc:07:1f:35:21:1f:d6: 19:8f:dd:bc:81:91:e6:20:f1:14:79:33:f3:72:5c: 45:e5:d6:d8:9d:55:6a:20:87:18:e4:a6:46:53:03: b8:41:f5:18:6b:38:e8:91:3f:fc:da:3d:0b:b1:7d: 65:e1:31:4a:34:91:5e:1a:ff:6c:5b:d1:f2:76:33: 1b:f5:88:2c:50:a1:5f:35:a0:a9:4f:7b:4e:8d:52: 4d:ad:d5:25:39:7c:58:c5:24:7c:f0:0c:ca:14:cc: 6b:f6:b1:f2:16:33:ad:aa:3f:e4:81:43:ed:ee:9a: c0:86:81:ff:1c:40:9e:7a:99:a9:56:56:8a:5f:cb: 10:95:51:38:bb:10:5d:52:f7:20:7c:33:7f:71:0f: 4c:79:db:cf:de:94:a7:70:66:f0:6e:14:d4:c7:ae: ab:79:3f:da:90:b5:65:10:09:a1:64:5e:80:f4:3a: 54:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:7C:A7:E2:D2:3E:F1:B3:CF:CD:A1:C5:EA:7C:AD:FB:EE:43:26:08 X509v3 Authority Key Identifier: keyid:DF:47:CE:CC:57:EA:88:AE:B9:6A:38:65:56:0B:9F:22:60:BA:99:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/30fOzFfqiK65ajhlVgufImC6mQ4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:77:98:d2:73:de:51:77:06:ee:fb:8b:d2:72:3f:f9:bc:25: 9a:8d:ae:0f:87:91:3c:d4:f2:03:b2:5a:df:2b:db:9a:13:cf: 2a:02:1b:a6:3c:d1:85:0d:55:97:a4:62:04:bd:b5:3a:ec:4a: f9:6c:7a:02:ee:e0:34:df:d4:f6:00:a0:32:82:35:16:8d:97: fe:ee:7f:43:26:fa:1a:40:17:52:ef:ee:e8:f9:22:29:14:dc: 01:85:38:4b:38:b5:1b:86:bf:64:13:69:a0:39:03:a9:f1:5b: a4:81:29:c2:db:f3:b0:57:c4:c8:c8:83:d8:d9:9c:34:d1:36: d0:29:02:0c:22:d2:3a:ee:be:a3:07:91:43:5e:f2:3c:34:74: 9f:8e:cb:58:2b:f8:ec:f2:81:54:f6:31:c5:6f:2a:66:3d:94: bf:83:ce:77:f4:3a:98:a9:6c:18:67:14:05:79:b8:d1:c7:47: 4d:9b:1a:c1:83:ad:50:48:7f:7a:69:d0:40:99:64:6f:16:e6: dc:ab:87:94:7b:cb:1e:24:21:ad:1f:3d:8f:b5:15:22:7c:03: 39:99:41:23:ec:38:f4:60:30:54:e3:aa:3b:91:51:8c:8a:6f: 89:5a:c3:ae:d9:08:cd:c9:ed:f9:45:e2:27:71:2f:8f:51:5f: 8c:92:4b:c1 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBfjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QkE1QjExMC8GA1UEBRMoREY0N0NFQ0M1N0VBODhBRUI5NkEzODY1NTYwQjlGMjI2 MEJBOTkwRTAeFw0yNTA1MTEwNTI3MDBaFw0yNTA1MTgwNTI3MDBaMBgxFjAUBgNV BAMTDTY4MjAzNTI0LTAzNGIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCquGOjWr/C0jjlm6KozJFZRHzqj0WNKIRHm8c8l9yTFKjr5MHycxcc4s0r+2kK OMQgphK5FW4ZyjCE7rhIOVVXZOQAU9l8eAO3mOZc2w0DYu/2vAcfNSEf1hmP3byB keYg8RR5M/NyXEXl1tidVWoghxjkpkZTA7hB9RhrOOiRP/zaPQuxfWXhMUo0kV4a /2xb0fJ2Mxv1iCxQoV81oKlPe06NUk2t1SU5fFjFJHzwDMoUzGv2sfIWM62qP+SB Q+3umsCGgf8cQJ56malWVopfyxCVUTi7EF1S9yB8M39xD0x528/elKdwZvBuFNTH rqt5P9qQtWUQCaFkXoD0OlTxAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUHHyn4tI+ 8bPPzaHF6nyt++5DJggwHwYDVR0jBBgwFoAU30fOzFfqiK65ajhlVgufImC6mQ4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURCQTVCLzU4MDA0QUFBNzBF NzExRUZCNDQ0QUY3MEM0RjlBRTAyLzMwZk96RmZxaUs2NWFqaGxWZ3VmSW1DNm1R NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvMzBmT3pGZnFpSzY1YWpobFZndWZJbUM2bVE0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURC QTVCLzU4MDA0QUFBNzBFNzExRUZCNDQ0QUY3MEM0RjlBRTAyLzMwZk96RmZxaUs2 NWFqaGxWZ3VmSW1DNm1RNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABN3mNJz3lF3Bu77i9JyP/m8JZqNrg+HkTzU8gOyWt8r25oTzyoCG6Y8 0YUNVZekYgS9tTrsSvlsegLu4DTf1PYAoDKCNRaNl/7uf0Mm+hpAF1Lv7uj5IikU 3AGFOEs4tRuGv2QTaaA5A6nxW6SBKcLb87BXxMjIg9jZnDTRNtApAgwi0jruvqMH kUNe8jw0dJ+Oy1gr+OzygVT2McVvKmY9lL+Dznf0OpipbBhnFAV5uNHHR02bGsGD rVBIf3pp0ECZZG8W5tyrh5R7yx4kIa0fPY+1FSJ8AzmZQSPsOPRgMFTjqjuRUYyK b4law67ZCM3J7flF4idxL49RX4ySS8E= -----END CERTIFICATE-----Generated at Mon May 12 13:24:07 2025 by rpki-client