$ rpki-client -vvf rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.mft File: -D3DokbRIVGsh6dyzsoO3SFfhio.mft (raw, json) Hash identifier: cRWetIXIPihGu6oB7XJnOVAzsFRM5mGHzmRJpEZow1A= Subject key identifier: 9F:2C:1C:84:9B:DE:35:5C:E6:E9:CD:19:C8:76:0A:C2:D7:EE:C5:74 Authority key identifier: F8:3D:C3:A2:46:D1:21:51:AC:87:A7:72:CE:CA:0E:DD:21:5F:86:2A Certificate issuer: /CN=A91DDFF2/serialNumber=F83DC3A246D12151AC87A772CECA0EDD215F862A Certificate serial: D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-D3DokbRIVGsh6dyzsoO3SFfhio.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.mft Manifest number: D7 Signing time: Tue 13 May 2025 04:46:46 +0000 Manifest this update: Tue 13 May 2025 04:46:45 +0000 Manifest next update: Tue 20 May 2025 04:46:45 +0000 Files and hashes: 1: -D3DokbRIVGsh6dyzsoO3SFfhio.crl (hash: zpGvHn+b/mDk5aepO9bZ4uJ38Hk9WrgTU0UQ6GRSg+U=) 2: EC7311FEE5C311EEBF217685C4F9AE02.roa (hash: qmFjn7wAfMqWkF24WNm8IekVR4ecxQdIio3RLzGcoHo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.crl rsync://rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-D3DokbRIVGsh6dyzsoO3SFfhio.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 20 May 2025 04:46:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 217 (0xd9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DDFF2, serialNumber=F83DC3A246D12151AC87A772CECA0EDD215F862A Validity Not Before: May 13 04:46:45 2025 GMT Not After : May 20 04:46:45 2025 GMT Subject: CN=6822ceb6-5f0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:ca:ee:1f:9f:7e:f6:80:b7:85:9e:e1:cc:8c: bc:96:51:6d:8c:4e:23:69:31:70:40:fc:a4:1c:01: 8b:1f:ac:fd:04:78:64:29:02:bb:2c:22:4c:4d:ef: 86:41:95:3b:47:fb:83:a8:cf:31:a4:35:9e:cd:ab: 4c:17:03:7f:bc:d8:3a:d0:6e:9e:45:12:65:04:c8: a6:ee:f7:26:a7:1c:fd:57:58:01:2a:ff:f5:b2:34: aa:62:94:c7:2b:60:bb:3b:8f:cf:47:1e:8e:59:0a: b9:79:60:f3:44:e6:3c:fa:3e:ae:9d:80:48:58:5f: 57:8a:09:5b:56:0d:ad:90:be:7e:56:3f:79:62:78: 0a:5e:0b:e8:15:99:f4:db:6d:c1:3e:04:a3:ec:b2: 0d:d7:e2:7b:c7:f0:ab:7f:92:1c:5c:05:3a:d6:6a: c7:2d:6d:ba:3d:35:74:37:00:a9:ba:52:8a:97:bb: 28:5d:60:2f:df:13:89:aa:5a:5f:12:01:df:a4:8c: 3e:1a:b0:39:97:fa:a7:27:9b:2a:50:3c:22:11:92: 90:0b:b3:48:c7:03:8a:a8:ea:be:df:e8:28:1d:e4: 25:8e:c3:66:83:e0:2c:61:80:ca:45:23:2c:55:29: 54:99:c4:8e:39:28:97:d4:f4:97:b4:22:46:ca:40: 78:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:2C:1C:84:9B:DE:35:5C:E6:E9:CD:19:C8:76:0A:C2:D7:EE:C5:74 X509v3 Authority Key Identifier: keyid:F8:3D:C3:A2:46:D1:21:51:AC:87:A7:72:CE:CA:0E:DD:21:5F:86:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-D3DokbRIVGsh6dyzsoO3SFfhio.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DDFF2/C9AF2934E5C111EE98DBE962C4F9AE02/-D3DokbRIVGsh6dyzsoO3SFfhio.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:0f:9d:6b:4b:ae:c4:f6:c2:d5:a3:59:ae:d8:57:16:65:4a: 38:ad:9c:b7:07:58:87:3b:2d:04:6e:6b:ff:dc:52:af:d0:2d: 59:aa:43:a2:d8:7a:26:7b:47:cc:e5:43:17:4f:81:f0:0e:04: a1:e5:0f:12:72:d6:29:6f:f7:49:6f:75:59:e5:9f:63:c1:60: 49:fb:b6:d7:86:6a:83:33:15:33:42:58:e6:b5:75:90:db:e5: c3:8c:19:31:39:e3:b4:5d:06:43:94:37:3e:fb:c1:3b:18:7f: 6b:6f:e3:bb:e9:5f:d6:93:2d:8d:dc:24:83:6b:af:0c:15:b9: 2c:c7:3a:12:61:1e:6f:bb:7f:e1:f8:ec:7c:ef:71:60:6e:23: a6:91:14:ca:2c:0f:9a:29:95:ba:ec:fe:52:92:d8:fd:db:ee: 0a:74:98:23:62:85:fe:d4:9b:1b:61:8c:3d:6b:ec:64:7d:94: 9a:b4:0c:cf:fc:da:b2:1b:e7:8d:5c:11:1a:c2:f2:cc:50:9b: 18:73:6d:b4:d2:72:76:64:3f:3e:54:4d:9d:2a:4d:7c:aa:aa: ea:97:76:5c:7b:83:06:40:6f:85:04:5a:23:97:2c:f8:32:a2: a9:f6:eb:1c:08:60:8e:36:45:34:c0:d8:5d:74:38:c0:fa:d0: 34:b4:be:a9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RERGRjIxMTAvBgNVBAUTKEY4M0RDM0EyNDZEMTIxNTFBQzg3QTc3MkNFQ0EwRURE MjE1Rjg2MkEwHhcNMjUwNTEzMDQ0NjQ1WhcNMjUwNTIwMDQ0NjQ1WjAYMRYwFAYD VQQDEw02ODIyY2ViNi01ZjBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvcruH59+9oC3hZ7hzIy8llFtjE4jaTFwQPykHAGLH6z9BHhkKQK7LCJMTe+G QZU7R/uDqM8xpDWezatMFwN/vNg60G6eRRJlBMim7vcmpxz9V1gBKv/1sjSqYpTH K2C7O4/PRx6OWQq5eWDzROY8+j6unYBIWF9XiglbVg2tkL5+Vj95YngKXgvoFZn0 223BPgSj7LIN1+J7x/Crf5IcXAU61mrHLW26PTV0NwCpulKKl7soXWAv3xOJqlpf EgHfpIw+GrA5l/qnJ5sqUDwiEZKQC7NIxwOKqOq+3+goHeQljsNmg+AsYYDKRSMs VSlUmcSOOSiX1PSXtCJGykB4DQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ8sHISb 3jVc5unNGch2CsLX7sV0MB8GA1UdIwQYMBaAFPg9w6JG0SFRrIencs7KDt0hX4Yq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEREZGMi9DOUFGMjkzNEU1 QzExMUVFOThEQkU5NjJDNEY5QUUwMi8tRDNEb2tiUklWR3NoNmR5enNvTzNTRmZo aW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1EM0Rva2JSSVZHc2g2ZHl6c29PM1NGZmhpby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE REZGMi9DOUFGMjkzNEU1QzExMUVFOThEQkU5NjJDNEY5QUUwMi8tRDNEb2tiUklW R3NoNmR5enNvTzNTRmZoaW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVD51rS67E9sLVo1mu2FcWZUo4rZy3B1iHOy0Ebmv/3FKv0C1ZqkOi 2Home0fM5UMXT4HwDgSh5Q8SctYpb/dJb3VZ5Z9jwWBJ+7bXhmqDMxUzQljmtXWQ 2+XDjBkxOeO0XQZDlDc++8E7GH9rb+O76V/Wky2N3CSDa68MFbksxzoSYR5vu3/h +Ox873FgbiOmkRTKLA+aKZW67P5Sktj92+4KdJgjYoX+1JsbYYw9a+xkfZSatAzP /NqyG+eNXBEawvLMUJsYc2200nJ2ZD8+VE2dKk18qqrql3Zce4MGQG+FBFojlyz4 MqKp9uscCGCONkU0wNhddDjA+tA0tL6p -----END CERTIFICATE-----Generated at Tue May 13 10:43:54 2025 by rpki-client