$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft File: 5bsti54YaXwBWe2BMuXzS4axN7E.mft (raw, json) Hash identifier: 9dM3UTLTjMAg5+WlsNeNcRzvf01EEgFXOIeg09RQLys= Subject key identifier: 29:82:2F:8B:46:78:20:E5:08:66:A5:B0:31:5D:44:56:79:31:E0:8C Authority key identifier: E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 Certificate issuer: /CN=A91E0C2B/serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Certificate serial: 01B0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft Manifest number: 01AC Signing time: Thu 03 Jul 2025 03:18:50 +0000 Manifest this update: Thu 03 Jul 2025 03:18:49 +0000 Manifest next update: Thu 10 Jul 2025 03:18:49 +0000 Files and hashes: 1: 5bsti54YaXwBWe2BMuXzS4axN7E.crl (hash: c4JDgjeX74Zextie5vT/9KrG3Tv6Tr+RboHQFXrnd1I=) 2: 12B9A5DECBC211EDB6F09516C4F9AE02.roa (hash: GC2+Qt2m2cOxU2MSwTfp+OhWSqEwAQ14izm/J1/ZU5o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 432 (0x1b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0C2B, serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Validity Not Before: Jul 3 03:18:49 2025 GMT Not After : Jul 10 03:18:49 2025 GMT Subject: CN=6865f69a-c09c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:f2:4b:1d:c7:13:e2:3c:ce:43:fa:e0:6e:4f: 7e:44:77:20:2f:32:be:d3:18:44:51:7d:32:e5:6d: 94:04:e0:b7:e3:fd:0b:6d:f8:a9:a4:c7:a8:2d:b4: 6e:a2:ba:c2:8e:60:bb:21:47:e6:78:fc:84:10:64: 96:dc:37:34:07:d6:b4:6f:a8:11:d5:63:4d:f9:00: b0:9b:52:ae:d1:4d:c2:fb:7b:3c:37:de:e8:ab:9f: a1:ba:7b:37:d7:7b:87:80:24:54:e7:53:41:77:21: 4a:9b:57:f6:70:c3:a4:99:f6:bf:56:c7:f4:b9:46: b9:e0:5f:70:88:0c:23:ea:a4:8d:5f:ae:f6:53:00: f1:a5:3b:86:55:f6:ad:6a:d2:f3:19:e9:42:71:aa: f9:ee:f7:2b:34:69:f8:68:68:b1:98:8f:9d:ae:05: 70:c1:b9:63:7d:76:69:07:81:a0:8a:29:28:b3:f3: 17:6e:72:d6:cb:47:83:a2:0d:e0:ec:04:d9:70:0c: 13:b1:f6:36:3b:b6:16:6f:df:0d:54:83:6f:aa:ed: 8f:8f:6c:50:5b:df:a9:54:58:c1:73:26:04:6d:68: 02:6f:3e:30:20:ef:dd:f5:84:07:48:32:15:db:8f: 5b:c6:c8:5d:b8:42:fc:82:e2:5d:7a:2d:53:a8:5c: 86:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:82:2F:8B:46:78:20:E5:08:66:A5:B0:31:5D:44:56:79:31:E0:8C X509v3 Authority Key Identifier: keyid:E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 50:4d:ca:d7:51:34:65:42:a1:9c:d0:72:63:5e:8f:05:41:0a: 7d:a7:74:29:0c:e5:1a:cc:f1:29:0b:6a:d6:2e:6f:72:77:85: b8:b7:89:4d:65:1b:12:c6:e9:30:2d:a9:5b:c2:1c:31:b3:ed: 8d:a7:5c:fe:d2:a0:60:a7:36:77:3a:11:8c:19:84:fc:be:df: 5a:cc:ce:82:2c:80:d1:e7:40:6d:31:94:66:7b:6d:cf:ce:c6: 73:ef:b8:38:cd:11:2d:c3:47:d8:68:8a:15:3d:d2:e5:8d:43: 41:71:70:92:ea:ae:2d:cc:b7:c8:26:09:be:59:ab:01:39:3a: 86:88:10:48:a2:2f:2d:27:05:63:18:4b:57:81:47:2d:95:3e: 46:d6:a9:1e:3d:51:f3:f4:5e:48:e6:c9:b1:a0:ea:41:f3:d6: e6:fe:75:2d:c5:c5:5e:0e:11:17:bd:7a:d1:b5:57:52:84:5e: 73:e0:7c:ba:3d:be:c2:55:63:14:ee:52:b4:60:6e:5d:b1:ba: 18:34:87:0d:97:6f:c1:a4:ac:e5:1a:aa:23:cb:46:05:54:e2: 97:56:9a:6c:12:96:f9:c8:7e:46:82:8f:21:29:02:6a:60:f9: 2f:29:71:62:18:4f:d1:f3:25:65:22:ed:ed:cf:b7:c8:38:4e: e1:f4:4c:d7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTBDMkIxMTAvBgNVBAUTKEU1QkIyRDhCOUUxODY5N0MwMTU5RUQ4MTMyRTVGMzRC ODZCMTM3QjEwHhcNMjUwNzAzMDMxODQ5WhcNMjUwNzEwMDMxODQ5WjAYMRYwFAYD VQQDEw02ODY1ZjY5YS1jMDljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8vJLHccT4jzOQ/rgbk9+RHcgLzK+0xhEUX0y5W2UBOC34/0LbfippMeoLbRu orrCjmC7IUfmePyEEGSW3Dc0B9a0b6gR1WNN+QCwm1Ku0U3C+3s8N97oq5+huns3 13uHgCRU51NBdyFKm1f2cMOkmfa/Vsf0uUa54F9wiAwj6qSNX672UwDxpTuGVfat atLzGelCcar57vcrNGn4aGixmI+drgVwwbljfXZpB4Ggiikos/MXbnLWy0eDog3g 7ATZcAwTsfY2O7YWb98NVINvqu2Pj2xQW9+pVFjBcyYEbWgCbz4wIO/d9YQHSDIV 249bxshduEL8guJdei1TqFyGFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCmCL4tG eCDlCGalsDFdRFZ5MeCMMB8GA1UdIwQYMBaAFOW7LYueGGl8AVntgTLl80uGsTex MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMEMyQi9EMjdFNkVEMENC OTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFYd0JXZTJCTXVYelM0YXhO N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVic3RpNTRZYVh3QldlMkJNdVh6UzRheE43RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MEMyQi9EMjdFNkVEMENCOTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFY d0JXZTJCTXVYelM0YXhON0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBQTcrXUTRlQqGc0HJjXo8FQQp9p3QpDOUazPEpC2rWLm9yd4W4t4lN ZRsSxukwLalbwhwxs+2Np1z+0qBgpzZ3OhGMGYT8vt9azM6CLIDR50BtMZRme23P zsZz77g4zREtw0fYaIoVPdLljUNBcXCS6q4tzLfIJgm+WasBOTqGiBBIoi8tJwVj GEtXgUctlT5G1qkePVHz9F5I5smxoOpB89bm/nUtxcVeDhEXvXrRtVdShF5z4Hy6 Pb7CVWMU7lK0YG5dsboYNIcNl2/BpKzlGqojy0YFVOKXVppsEpb5yH5Ggo8hKQJq YPkvKXFiGE/R8yVlIu3tz7fIOE7h9EzX -----END CERTIFICATE-----Generated at Fri Jul 4 14:43:01 2025 by rpki-client