$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft File: 2itDzBg8qOD2qPbapUzdcwb4Yig.mft (raw, json) Hash identifier: D5pgtuioWUO0+GqyQFRhbNoS2VVSJYrpTG5/Dh9hHgw= Subject key identifier: 52:F5:6E:8C:B0:2F:D2:60:41:88:C0:AA:CA:41:1F:DA:60:FC:A4:4B Authority key identifier: DA:2B:43:CC:18:3C:A8:E0:F6:A8:F6:DA:A5:4C:DD:73:06:F8:62:28 Certificate issuer: /CN=A91DF0EC/serialNumber=DA2B43CC183CA8E0F6A8F6DAA54CDD7306F86228 Certificate serial: 0A02 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft Manifest number: 09F1 Signing time: Mon 12 May 2025 19:44:14 +0000 Manifest this update: Mon 12 May 2025 19:44:14 +0000 Manifest next update: Mon 19 May 2025 19:44:13 +0000 Files and hashes: 1: 2itDzBg8qOD2qPbapUzdcwb4Yig.crl (hash: dQ3nts63I8D+bYd0rM5PKKo64BclXRhtzfhNvtPmxw8=) 2: FD114232912711EFBCB4ED6EC4F9AE02.roa (hash: TxCwNFrh+xkaqDR3M5kqqPa5bX7FhYwp1p0wkxa1CxU=) 3: 0D6FFE56BA3511ECA20A3817C4F9AE02.roa (hash: JxcjLdYbfNpLt4XJbaeEwHRAAk7SbV4Cw+ExyqNKBV4=) 4: C8A0E422831611EA95762453C4F9AE02.roa (hash: yUwouY97arbHx1ysSRkQtB3/fVJX2BMSgtA5eI1eKIg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.crl rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 19:44:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2562 (0xa02) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF0EC, serialNumber=DA2B43CC183CA8E0F6A8F6DAA54CDD7306F86228 Validity Not Before: May 12 19:44:14 2025 GMT Not After : May 19 19:44:13 2025 GMT Subject: CN=68224f8e-2f08 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:eb:48:94:db:49:40:e4:09:76:12:a9:14:4e: c2:0a:17:50:f8:17:08:51:18:e8:46:d9:46:c0:c1: 01:b9:b2:d7:d7:7b:6d:fb:29:e8:13:75:bc:94:24: b9:da:ca:cd:6f:3f:9e:59:91:d3:f1:47:28:3d:bb: fd:7c:43:3b:81:be:ed:0a:65:4f:7e:5c:73:79:09: b0:0b:6e:2a:c7:75:49:1f:3c:64:c1:d7:64:d9:4a: 32:41:f6:8c:b4:9e:06:c6:15:f4:5b:76:44:31:e1: 12:37:92:5e:8a:5b:80:05:9f:2f:c3:9b:b4:fe:8c: 46:eb:c5:f3:63:9f:81:2d:f6:f5:2a:fd:1d:e8:3d: 65:cb:0f:1f:fc:60:d1:7e:4b:87:01:2c:a3:02:58: 47:e3:63:8b:4f:54:57:fc:b5:d5:d8:c5:c6:eb:63: 9c:10:08:0b:6f:25:7a:4e:c7:38:50:e1:c0:87:ae: 0c:67:8c:b5:c7:b2:89:76:b0:8c:18:b4:aa:46:11: db:7e:ab:33:23:eb:02:77:2d:d6:1d:ba:51:94:1e: 1b:1a:1e:21:c4:b1:4d:77:5b:e1:a2:c5:b0:b9:56: b3:93:4e:11:88:0d:60:33:b4:91:b7:37:9e:0e:72: 97:ef:f3:df:d7:f9:50:c5:3c:cd:e1:a8:66:1a:ac: ab:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:F5:6E:8C:B0:2F:D2:60:41:88:C0:AA:CA:41:1F:DA:60:FC:A4:4B X509v3 Authority Key Identifier: keyid:DA:2B:43:CC:18:3C:A8:E0:F6:A8:F6:DA:A5:4C:DD:73:06:F8:62:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:f4:13:1e:36:cd:cd:57:05:30:6e:3f:4e:31:8b:b9:fe:d7: a6:ed:2d:cf:db:c0:69:ae:78:d8:b5:f1:27:ba:f0:4b:d5:5c: 42:b1:c9:3e:e3:5a:3a:4e:9e:27:a9:6b:71:79:a2:dd:de:a6: 52:89:eb:d2:db:8e:9d:1d:23:db:ed:8f:67:c9:1b:b1:08:57: 07:7d:60:3e:23:35:31:7e:ec:ac:dd:54:9f:0b:f5:00:35:92: 23:47:84:10:22:4a:75:26:f3:e0:a5:e2:08:e6:da:25:92:34: ac:dd:6e:d6:8c:15:11:b8:09:af:91:c1:fe:ae:82:ba:9f:fb: c1:3d:79:a9:59:f4:c0:01:8c:f3:cf:53:36:53:d3:0e:53:df: f9:07:6a:89:14:f5:23:ba:83:e3:1f:90:ff:c1:8d:db:fb:d4: ec:1d:50:84:b9:64:64:3d:b2:d9:95:ae:92:88:cc:d3:75:4e: c8:e0:17:9e:a1:29:fd:7d:f4:e8:c1:06:16:b0:41:86:5a:7d: cf:aa:08:95:59:ca:66:43:ae:18:f2:0e:3e:6d:2a:71:aa:3e: d9:a7:cd:7d:a0:6f:5d:fd:a8:d4:38:35:d9:da:35:25:bc:52: f0:54:35:46:a1:d8:65:3f:69:08:f4:64:db:b6:00:c0:f3:2f: 79:fb:f3:2b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCgIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REYwRUMxMTAvBgNVBAUTKERBMkI0M0NDMTgzQ0E4RTBGNkE4RjZEQUE1NENERDcz MDZGODYyMjgwHhcNMjUwNTEyMTk0NDE0WhcNMjUwNTE5MTk0NDEzWjAYMRYwFAYD VQQDEw02ODIyNGY4ZS0yZjA4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAputIlNtJQOQJdhKpFE7CChdQ+BcIURjoRtlGwMEBubLX13tt+ynoE3W8lCS5 2srNbz+eWZHT8UcoPbv9fEM7gb7tCmVPflxzeQmwC24qx3VJHzxkwddk2UoyQfaM tJ4GxhX0W3ZEMeESN5JeiluABZ8vw5u0/oxG68XzY5+BLfb1Kv0d6D1lyw8f/GDR fkuHASyjAlhH42OLT1RX/LXV2MXG62OcEAgLbyV6Tsc4UOHAh64MZ4y1x7KJdrCM GLSqRhHbfqszI+sCdy3WHbpRlB4bGh4hxLFNd1vhosWwuVazk04RiA1gM7SRtzee DnKX7/Pf1/lQxTzN4ahmGqyrgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFL1boyw L9JgQYjAqspBH9pg/KRLMB8GA1UdIwQYMBaAFNorQ8wYPKjg9qj22qVM3XMG+GIo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjBFQy85OTFDRUY3RTc5 NTgxMUVBOTNBRTk2NDZDNEY5QUUwMi8yaXREekJnOHFPRDJxUGJhcFV6ZGN3YjRZ aWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJpdER6Qmc4cU9EMnFQYmFwVXpkY3diNFlpZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RjBFQy85OTFDRUY3RTc5NTgxMUVBOTNBRTk2NDZDNEY5QUUwMi8yaXREekJnOHFP RDJxUGJhcFV6ZGN3YjRZaWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBb9BMeNs3NVwUwbj9OMYu5/tem7S3P28BprnjYtfEnuvBL1VxCsck+ 41o6Tp4nqWtxeaLd3qZSievS246dHSPb7Y9nyRuxCFcHfWA+IzUxfuys3VSfC/UA NZIjR4QQIkp1JvPgpeII5tolkjSs3W7WjBURuAmvkcH+roK6n/vBPXmpWfTAAYzz z1M2U9MOU9/5B2qJFPUjuoPjH5D/wY3b+9TsHVCEuWRkPbLZla6SiMzTdU7I4Bee oSn9ffTowQYWsEGGWn3PqgiVWcpmQ64Y8g4+bSpxqj7Zp819oG9d/ajUODXZ2jUl vFLwVDVGodhlP2kI9GTbtgDA8y95+/Mr -----END CERTIFICATE-----Generated at Wed May 14 19:59:41 2025 by rpki-client