$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBF76/A6DE097C852311EBB7E9F383C4F9AE02/0NbEemjLQdEG6wQtcma5y7_Bpzs.mft File: 0NbEemjLQdEG6wQtcma5y7_Bpzs.mft (raw, json) Hash identifier: bmIctIPuALU7U4y7ibyiubB5itrb8kJznT6FzMkbzFM= Subject key identifier: 3D:B0:A4:35:AF:32:6A:00:61:55:61:C9:B1:AE:B7:6D:68:84:DB:B0 Authority key identifier: D0:D6:C4:7A:68:CB:41:D1:06:EB:04:2D:72:66:B9:CB:BF:C1:A7:3B Certificate issuer: /CN=A91EBF76/serialNumber=D0D6C47A68CB41D106EB042D7266B9CBBFC1A73B Certificate serial: 0655 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NbEemjLQdEG6wQtcma5y7_Bpzs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBF76/A6DE097C852311EBB7E9F383C4F9AE02/0NbEemjLQdEG6wQtcma5y7_Bpzs.mft Manifest number: 0650 Signing time: Mon 12 May 2025 22:17:26 +0000 Manifest this update: Mon 12 May 2025 22:17:26 +0000 Manifest next update: Mon 19 May 2025 22:17:26 +0000 Files and hashes: 1: 0NbEemjLQdEG6wQtcma5y7_Bpzs.crl (hash: gk2/aOsVpBOBUVejioRiYm0o4hEoOOcTFTCvioPeT0g=) 2: 5FBDA400853011EBA1AF1D76C4F9AE02.roa (hash: av1fp+B0Rvyyl/M+tQ87N6LBAVDY2pJUK/6gF5bMDYg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBF76/A6DE097C852311EBB7E9F383C4F9AE02/0NbEemjLQdEG6wQtcma5y7_Bpzs.crl rsync://rpki.apnic.net/member_repository/A91EBF76/A6DE097C852311EBB7E9F383C4F9AE02/0NbEemjLQdEG6wQtcma5y7_Bpzs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NbEemjLQdEG6wQtcma5y7_Bpzs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 22:17:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1621 (0x655) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBF76, serialNumber=D0D6C47A68CB41D106EB042D7266B9CBBFC1A73B Validity Not Before: May 12 22:17:26 2025 GMT Not After : May 19 22:17:26 2025 GMT Subject: CN=68227376-2d1b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:bf:be:70:4c:39:97:77:05:6b:50:96:ff:7c: 68:fc:6c:2a:88:7e:fc:95:71:03:ed:69:c0:fb:e1: d4:4d:8b:30:e2:48:6e:01:5d:8e:02:a5:b6:cf:0b: 28:23:be:ea:fe:2a:7c:d9:52:58:17:f4:56:64:c9: fe:9d:4e:82:20:bc:18:f4:e7:63:7b:c2:68:ba:36: 67:c5:e2:6d:62:09:f1:c6:e9:8f:d0:c1:ab:52:b2: 31:6e:b3:46:bd:14:e1:c7:6b:69:6c:a2:6c:7e:e5: a2:1f:32:71:0c:dc:70:ba:05:cd:c0:5c:ef:ab:ba: 48:99:2b:3b:3a:3e:30:e1:87:fc:68:3f:4e:b9:ea: 83:f1:a6:fb:97:55:d8:e7:8f:42:e0:a1:dd:65:cd: 0e:3c:38:df:2d:ef:fc:6b:5f:50:d5:3b:3e:6e:ad: 6c:c4:b4:e4:ee:d2:b9:67:22:1f:20:4e:15:6d:b1: 46:6a:b2:4d:cb:c6:ce:c6:03:4c:0c:6c:da:a3:f1: fd:d5:3f:51:ca:b7:05:fb:f7:f4:de:bc:40:34:47: d2:53:6b:a2:9a:74:09:27:08:ea:8e:90:56:b9:75: 17:dd:8e:87:16:f0:20:37:ca:11:9d:3d:e7:57:04: 73:c6:ff:3b:a3:b9:b7:08:c9:7c:90:42:6f:97:e5: df:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:B0:A4:35:AF:32:6A:00:61:55:61:C9:B1:AE:B7:6D:68:84:DB:B0 X509v3 Authority Key Identifier: keyid:D0:D6:C4:7A:68:CB:41:D1:06:EB:04:2D:72:66:B9:CB:BF:C1:A7:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBF76/A6DE097C852311EBB7E9F383C4F9AE02/0NbEemjLQdEG6wQtcma5y7_Bpzs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0NbEemjLQdEG6wQtcma5y7_Bpzs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBF76/A6DE097C852311EBB7E9F383C4F9AE02/0NbEemjLQdEG6wQtcma5y7_Bpzs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:ab:fa:fd:08:13:3c:e3:b4:89:13:23:a0:69:8c:1d:26:a1: 4a:2d:aa:db:14:a4:fd:b4:19:cb:6a:22:40:e4:f9:87:1a:e5: 83:a6:04:f9:3a:b2:a9:8c:41:26:3e:51:fc:ac:4f:18:45:ed: 23:fc:fb:a2:56:24:4e:2d:84:e0:56:12:44:d3:1d:f6:e7:5b: 04:c6:ba:a6:8a:d4:f0:53:a7:8b:5b:06:28:c2:a0:ed:7b:1c: a7:af:c6:a6:15:d1:0a:c4:e3:24:57:9d:29:b6:5f:22:c5:71: f0:25:54:f6:40:95:02:ff:2d:03:9b:50:9a:d8:81:9f:83:17: 6e:14:59:51:eb:ee:29:32:c1:7b:62:d4:11:a3:12:09:bc:86: ef:1b:8e:03:0f:0e:e8:6a:5c:8e:d6:13:b2:cc:2b:85:26:4f: 23:60:42:9c:18:75:2f:fa:17:cc:a2:f2:a8:3b:d3:4c:1e:24: 54:05:5b:05:b6:dd:0a:63:48:5b:c4:94:cf:21:d9:e7:63:ec: a0:fd:d9:36:07:76:50:40:cf:24:b5:f0:f9:85:43:01:6d:90: 95:68:ee:5f:26:4f:d8:09:2f:81:64:40:6c:61:98:e6:40:9b: 20:eb:b2:a3:62:7b:2d:c3:9c:40:77:3a:73:2e:5e:e1:1b:95: b7:84:23:54 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBlUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJGNzYxMTAvBgNVBAUTKEQwRDZDNDdBNjhDQjQxRDEwNkVCMDQyRDcyNjZCOUNC QkZDMUE3M0IwHhcNMjUwNTEyMjIxNzI2WhcNMjUwNTE5MjIxNzI2WjAYMRYwFAYD VQQDEw02ODIyNzM3Ni0yZDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArb++cEw5l3cFa1CW/3xo/GwqiH78lXED7WnA++HUTYsw4khuAV2OAqW2zwso I77q/ip82VJYF/RWZMn+nU6CILwY9Odje8JoujZnxeJtYgnxxumP0MGrUrIxbrNG vRThx2tpbKJsfuWiHzJxDNxwugXNwFzvq7pImSs7Oj4w4Yf8aD9OueqD8ab7l1XY 549C4KHdZc0OPDjfLe/8a19Q1Ts+bq1sxLTk7tK5ZyIfIE4VbbFGarJNy8bOxgNM DGzao/H91T9RyrcF+/f03rxANEfSU2uimnQJJwjqjpBWuXUX3Y6HFvAgN8oRnT3n VwRzxv87o7m3CMl8kEJvl+XflQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD2wpDWv MmoAYVVhybGut21ohNuwMB8GA1UdIwQYMBaAFNDWxHpoy0HRBusELXJmucu/wac7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkY3Ni9BNkRFMDk3Qzg1 MjMxMUVCQjdFOUYzODNDNEY5QUUwMi8wTmJFZW1qTFFkRUc2d1F0Y21hNXk3X0Jw enMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzBOYkVlbWpMUWRFRzZ3UXRjbWE1eTdfQnB6cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkY3Ni9BNkRFMDk3Qzg1MjMxMUVCQjdFOUYzODNDNEY5QUUwMi8wTmJFZW1qTFFk RUc2d1F0Y21hNXk3X0JwenMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB0q/r9CBM847SJEyOgaYwdJqFKLarbFKT9tBnLaiJA5PmHGuWDpgT5 OrKpjEEmPlH8rE8YRe0j/PuiViROLYTgVhJE0x3251sExrqmitTwU6eLWwYowqDt exynr8amFdEKxOMkV50ptl8ixXHwJVT2QJUC/y0Dm1Ca2IGfgxduFFlR6+4pMsF7 YtQRoxIJvIbvG44DDw7oalyO1hOyzCuFJk8jYEKcGHUv+hfMovKoO9NMHiRUBVsF tt0KY0hbxJTPIdnnY+yg/dk2B3ZQQM8ktfD5hUMBbZCVaO5fJk/YCS+BZEBsYZjm QJsg67KjYnstw5xAdzpzLl7hG5W3hCNU -----END CERTIFICATE-----Generated at Wed May 14 07:55:12 2025 by rpki-client