$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF8DB/6579378C993411E8A0373724C4F9AE02/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.mft File: l9KbDTJFW7XG8SV4X0D1vCcJ99Q.mft (raw, json) Hash identifier: kCypr9uHN2qQ/+ZkOSzpDbZYO87V1iqqHdvlzcmM+oQ= Subject key identifier: 72:49:1B:3F:DA:92:66:AE:10:AD:74:82:0F:D4:5E:DC:3D:97:EE:B1 Authority key identifier: 97:D2:9B:0D:32:45:5B:B5:C6:F1:25:78:5F:40:F5:BC:27:09:F7:D4 Certificate issuer: /CN=A91DF8DB/serialNumber=97D29B0D32455BB5C6F125785F40F5BC2709F7D4 Certificate serial: 137D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF8DB/6579378C993411E8A0373724C4F9AE02/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.mft Manifest number: 1375 Signing time: Sat 10 May 2025 16:52:40 +0000 Manifest this update: Sat 10 May 2025 16:52:40 +0000 Manifest next update: Sat 17 May 2025 16:52:40 +0000 Files and hashes: 1: l9KbDTJFW7XG8SV4X0D1vCcJ99Q.crl (hash: aOdmbBZ4n4VG7rlgq1vVrIRRHNyScG/6/G2dJVYiLbk=) 2: A6C9934CA74111E88B3EAB2BC4F9AE02.roa (hash: YR3r/r5s57l7vc1QAVpusxxc4M0J/72ZS6UJiTG3pTc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF8DB/6579378C993411E8A0373724C4F9AE02/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.crl rsync://rpki.apnic.net/member_repository/A91DF8DB/6579378C993411E8A0373724C4F9AE02/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 16:52:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4989 (0x137d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF8DB, serialNumber=97D29B0D32455BB5C6F125785F40F5BC2709F7D4 Validity Not Before: May 10 16:52:40 2025 GMT Not After : May 17 16:52:40 2025 GMT Subject: CN=681f8458-3cdb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:5c:71:93:be:fc:b3:0a:fd:9f:52:93:e3:fc: f9:67:27:03:ae:36:94:cf:fa:60:a1:34:ac:04:6f: b2:ac:29:57:7a:b9:1c:97:35:0b:89:ad:a0:77:e8: ee:4b:5c:27:6e:d9:84:2d:ba:2c:7b:3b:71:81:bf: 6a:13:ec:db:3d:80:c6:c1:ac:03:f5:f3:5c:0b:cc: b7:32:32:30:95:65:e8:01:de:9f:3d:92:8b:64:f4: 8c:a9:5f:84:b0:50:df:9f:0e:60:00:5d:8f:45:b9: 33:0f:b7:89:bf:c9:93:77:d1:da:a4:72:fe:68:e1: 86:92:d6:4d:46:b2:e6:09:42:55:8a:d5:1a:cb:10: 20:07:b2:16:53:bd:9a:af:99:1c:0d:55:44:af:24: ab:a8:65:65:54:c7:d9:9a:4b:54:c7:e2:c4:71:fd: 50:f9:26:ee:1e:ca:40:b1:c4:48:55:2d:9e:76:7b: 25:e4:e1:bf:06:4a:2e:8e:08:97:93:84:01:14:1d: b2:c7:07:de:99:71:27:d6:dc:3b:d1:97:6f:c0:86: d6:31:80:c4:c5:fb:79:bf:7f:8b:b2:80:3f:14:ae: 2b:6d:7e:49:6c:07:11:41:56:e5:93:70:ce:03:4a: e4:92:ae:6f:f3:dd:e4:20:05:c9:55:3a:59:f0:10: cd:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:49:1B:3F:DA:92:66:AE:10:AD:74:82:0F:D4:5E:DC:3D:97:EE:B1 X509v3 Authority Key Identifier: keyid:97:D2:9B:0D:32:45:5B:B5:C6:F1:25:78:5F:40:F5:BC:27:09:F7:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF8DB/6579378C993411E8A0373724C4F9AE02/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF8DB/6579378C993411E8A0373724C4F9AE02/l9KbDTJFW7XG8SV4X0D1vCcJ99Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:f4:f7:c0:60:53:ae:61:c2:c2:d0:c2:11:f3:9e:95:89:94: 6b:d8:c7:ab:02:04:b6:bc:21:f3:82:78:23:11:2a:07:dc:d9: 84:8f:76:63:3f:50:b5:44:2c:bf:e3:4b:4d:1f:4d:c8:dd:03: a9:8d:fd:aa:71:1d:5a:a8:6f:32:e7:46:13:76:e8:15:82:bd: d7:bd:e0:97:54:90:b2:bb:55:21:3d:b7:d3:01:42:9d:e8:d4: 70:59:39:07:9e:0e:3e:30:c2:46:59:b5:2e:5d:40:65:67:10: 12:b7:cb:f0:c9:e4:79:68:01:db:c1:25:76:bd:f6:33:e1:fe: c2:22:6f:ce:a6:6e:50:fc:75:17:2a:47:3a:9d:b1:bf:9b:e6: e4:0e:8a:11:eb:c7:ca:22:58:fb:88:34:26:87:06:2a:8f:d7: 41:de:53:a7:37:9e:fa:4d:a4:ab:77:4d:8a:cc:db:02:eb:e2: 3b:10:77:ec:ce:6d:00:cb:2c:ee:d9:d8:66:72:66:30:83:91: d3:05:85:48:b9:56:81:80:53:d7:5a:22:c5:a0:96:1b:f9:cb: af:09:3a:9e:27:d3:8d:16:5b:73:96:32:c9:91:f1:48:11:d0: 04:8e:93:d2:8f:61:4d:0f:24:f3:4c:f8:3b:8e:2a:d9:4e:b5: 48:bc:49:ac -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE30wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REY4REIxMTAvBgNVBAUTKDk3RDI5QjBEMzI0NTVCQjVDNkYxMjU3ODVGNDBGNUJD MjcwOUY3RDQwHhcNMjUwNTEwMTY1MjQwWhcNMjUwNTE3MTY1MjQwWjAYMRYwFAYD VQQDEw02ODFmODQ1OC0zY2RiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvlxxk778swr9n1KT4/z5ZycDrjaUz/pgoTSsBG+yrClXerkclzULia2gd+ju S1wnbtmELboseztxgb9qE+zbPYDGwawD9fNcC8y3MjIwlWXoAd6fPZKLZPSMqV+E sFDfnw5gAF2PRbkzD7eJv8mTd9HapHL+aOGGktZNRrLmCUJVitUayxAgB7IWU72a r5kcDVVErySrqGVlVMfZmktUx+LEcf1Q+SbuHspAscRIVS2ednsl5OG/BkoujgiX k4QBFB2yxwfemXEn1tw70ZdvwIbWMYDExft5v3+LsoA/FK4rbX5JbAcRQVblk3DO A0rkkq5v893kIAXJVTpZ8BDNNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHJJGz/a kmauEK10gg/UXtw9l+6xMB8GA1UdIwQYMBaAFJfSmw0yRVu1xvEleF9A9bwnCffU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjhEQi82NTc5Mzc4Qzk5 MzQxMUU4QTAzNzM3MjRDNEY5QUUwMi9sOUtiRFRKRlc3WEc4U1Y0WDBEMXZDY0o5 OVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2w5S2JEVEpGVzdYRzhTVjRYMEQxdkNjSjk5US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RjhEQi82NTc5Mzc4Qzk5MzQxMUU4QTAzNzM3MjRDNEY5QUUwMi9sOUtiRFRKRlc3 WEc4U1Y0WDBEMXZDY0o5OVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCz9PfAYFOuYcLC0MIR856ViZRr2MerAgS2vCHzgngjESoH3NmEj3Zj P1C1RCy/40tNH03I3QOpjf2qcR1aqG8y50YTdugVgr3XveCXVJCyu1UhPbfTAUKd 6NRwWTkHng4+MMJGWbUuXUBlZxASt8vwyeR5aAHbwSV2vfYz4f7CIm/Opm5Q/HUX Kkc6nbG/m+bkDooR68fKIlj7iDQmhwYqj9dB3lOnN576TaSrd02KzNsC6+I7EHfs zm0Ayyzu2dhmcmYwg5HTBYVIuVaBgFPXWiLFoJYb+cuvCTqeJ9ONFltzljLJkfFI EdAEjpPSj2FNDyTzTPg7jirZTrVIvEms -----END CERTIFICATE-----Generated at Sun May 11 16:30:31 2025 by rpki-client