$ rpki-client -vvf rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/maB2Nu64AHCDMDGWpYxBvsxoj4A.mft File: maB2Nu64AHCDMDGWpYxBvsxoj4A.mft (raw, json) Hash identifier: DHlNwz13dO8uSyLIxdXEhOG31LgLW3BK8E/NH269xk8= Subject key identifier: 7F:F9:E2:FE:DB:65:3F:9B:F2:2E:0A:0A:A9:82:63:F6:42:3C:78:7F Authority key identifier: 99:A0:76:36:EE:B8:00:70:83:30:31:96:A5:8C:41:BE:CC:68:8F:80 Certificate issuer: /CN=A91EEC3B/serialNumber=99A07636EEB8007083303196A58C41BECC688F80 Certificate serial: 0BD0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/maB2Nu64AHCDMDGWpYxBvsxoj4A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/maB2Nu64AHCDMDGWpYxBvsxoj4A.mft Manifest number: 2C2C Signing time: Mon 12 May 2025 16:23:47 +0000 Manifest this update: Mon 12 May 2025 16:23:47 +0000 Manifest next update: Mon 19 May 2025 16:23:47 +0000 Files and hashes: 1: maB2Nu64AHCDMDGWpYxBvsxoj4A.crl (hash: hevaASpTN2HnCD1E5pQcHhSfxdy3dvsyPB9wrr7sgIs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/maB2Nu64AHCDMDGWpYxBvsxoj4A.crl rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/maB2Nu64AHCDMDGWpYxBvsxoj4A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/maB2Nu64AHCDMDGWpYxBvsxoj4A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 19 May 2025 16:23:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3024 (0xbd0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EEC3B, serialNumber=99A07636EEB8007083303196A58C41BECC688F80 Validity Not Before: May 12 16:23:47 2025 GMT Not After : May 19 16:23:47 2025 GMT Subject: CN=68222093-1e23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:52:ba:44:5b:83:56:93:6b:fa:11:87:45:b4: dc:39:74:af:68:80:3b:09:1c:85:34:85:2b:ed:ef: 30:03:53:dd:d0:ac:ef:4e:19:84:6c:f3:c8:00:af: d8:19:d3:5a:70:05:b9:30:7f:98:f5:ed:ce:98:9e: 52:ba:3b:5c:15:13:5c:cb:8c:9d:16:92:0e:1a:7b: a9:73:2c:23:25:c5:7f:09:b0:90:1a:e8:5c:08:8e: d9:93:a1:7b:fd:7c:28:f0:c0:fa:f0:2d:54:1c:60: 09:1b:29:ab:b5:75:7a:35:28:f8:0f:d8:1d:ca:b3: cc:05:81:a4:55:f5:66:07:fc:ca:9b:c7:77:e5:a4: 1e:1a:06:fe:96:2c:82:7a:58:b7:23:c3:78:35:43: fc:ff:71:35:73:47:39:58:f0:3d:d2:93:4c:6c:a7: b1:57:ef:a2:79:03:63:68:e2:27:63:f1:43:8d:d0: fc:c4:51:3f:63:9c:3b:c8:0b:77:7c:91:3d:d2:79: a0:00:04:6e:2b:0e:bf:ce:13:07:bf:e6:49:71:d2: 4a:fe:62:e5:35:58:97:1c:7d:12:80:b0:5d:84:63: 7a:88:c6:6d:41:55:ac:82:42:5d:bc:2f:c6:ed:91: 21:4f:44:34:b6:c5:fe:d6:76:a3:62:c9:7f:64:38: 83:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:F9:E2:FE:DB:65:3F:9B:F2:2E:0A:0A:A9:82:63:F6:42:3C:78:7F X509v3 Authority Key Identifier: keyid:99:A0:76:36:EE:B8:00:70:83:30:31:96:A5:8C:41:BE:CC:68:8F:80 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/maB2Nu64AHCDMDGWpYxBvsxoj4A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/maB2Nu64AHCDMDGWpYxBvsxoj4A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EEC3B/6B37E19C841711E785F17080C4F9AE02/maB2Nu64AHCDMDGWpYxBvsxoj4A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:a6:f1:c2:e5:3e:3e:cc:b5:8f:ba:90:f0:03:76:87:36:f6: 17:da:1e:22:3c:aa:ab:b9:c2:29:b6:6c:5c:b2:f7:85:e1:20: db:55:b7:87:6c:28:96:b1:95:90:02:b2:c4:f1:f3:0c:7d:72: 33:04:7a:fd:31:7d:93:72:59:5b:33:6e:ed:ad:17:e9:34:bb: c6:16:15:6b:60:df:00:a3:a6:bd:1c:40:cb:f4:52:1a:88:d3: 74:41:98:e3:a8:63:8d:62:de:d8:35:36:64:08:dc:91:2a:c5: 20:3f:bf:ea:bc:9e:f1:38:ee:16:f1:3a:c4:6f:f6:a3:5f:cb: f1:1d:83:e2:ff:ac:b3:cd:bf:27:d0:54:06:50:53:0e:09:a4: 59:ef:76:f8:a7:76:1b:14:4c:05:4f:26:80:47:86:03:60:db: 36:3c:37:92:78:12:81:29:e9:8a:25:3d:ab:f9:1f:26:86:3a: 79:19:2e:cd:78:66:e0:ca:ce:ef:8c:da:fa:2b:34:09:ab:17: 07:06:71:45:5a:4f:b5:f8:50:9e:7d:bf:20:25:72:26:5d:1c: 09:52:22:76:fc:35:d3:19:ea:51:52:8d:a6:87:12:51:e4:54: 3e:14:f4:48:24:db:3b:09:74:20:c7:6c:f5:9e:c2:42:fe:c1: 10:cb:66:66 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC9AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUVDM0IxMTAvBgNVBAUTKDk5QTA3NjM2RUVCODAwNzA4MzMwMzE5NkE1OEM0MUJF Q0M2ODhGODAwHhcNMjUwNTEyMTYyMzQ3WhcNMjUwNTE5MTYyMzQ3WjAYMRYwFAYD VQQDEw02ODIyMjA5My0xZTIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxFK6RFuDVpNr+hGHRbTcOXSvaIA7CRyFNIUr7e8wA1Pd0KzvThmEbPPIAK/Y GdNacAW5MH+Y9e3OmJ5SujtcFRNcy4ydFpIOGnupcywjJcV/CbCQGuhcCI7Zk6F7 /Xwo8MD68C1UHGAJGymrtXV6NSj4D9gdyrPMBYGkVfVmB/zKm8d35aQeGgb+liyC eli3I8N4NUP8/3E1c0c5WPA90pNMbKexV++ieQNjaOInY/FDjdD8xFE/Y5w7yAt3 fJE90nmgAARuKw6/zhMHv+ZJcdJK/mLlNViXHH0SgLBdhGN6iMZtQVWsgkJdvC/G 7ZEhT0Q0tsX+1najYsl/ZDiDiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH/54v7b ZT+b8i4KCqmCY/ZCPHh/MB8GA1UdIwQYMBaAFJmgdjbuuABwgzAxlqWMQb7MaI+A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRUMzQi82QjM3RTE5Qzg0 MTcxMUU3ODVGMTcwODBDNEY5QUUwMi9tYUIyTnU2NEFIQ0RNREdXcFl4QnZzeG9q NEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21hQjJOdTY0QUhDRE1ER1dwWXhCdnN4b2o0QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RUMzQi82QjM3RTE5Qzg0MTcxMUU3ODVGMTcwODBDNEY5QUUwMi9tYUIyTnU2NEFI Q0RNREdXcFl4QnZzeG9qNEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBbpvHC5T4+zLWPupDwA3aHNvYX2h4iPKqrucIptmxcsveF4SDbVbeH bCiWsZWQArLE8fMMfXIzBHr9MX2TcllbM27trRfpNLvGFhVrYN8Ao6a9HEDL9FIa iNN0QZjjqGONYt7YNTZkCNyRKsUgP7/qvJ7xOO4W8TrEb/ajX8vxHYPi/6yzzb8n 0FQGUFMOCaRZ73b4p3YbFEwFTyaAR4YDYNs2PDeSeBKBKemKJT2r+R8mhjp5GS7N eGbgys7vjNr6KzQJqxcHBnFFWk+1+FCefb8gJXImXRwJUiJ2/DXTGepRUo2mhxJR 5FQ+FPRIJNs7CXQgx2z1nsJC/sEQy2Zm -----END CERTIFICATE-----Generated at Mon May 12 18:45:45 2025 by rpki-client