$ rpki-client -vvf rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft File: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft (raw, json) Hash identifier: lHqaEOUDF8dK6u3PJOm5GC7KrC+QPwkUAwQFmlvRHXs= Subject key identifier: 91:92:A3:F0:6F:6C:7D:8B:81:53:D3:2C:E5:2A:10:EF:C5:C7:EE:3B Authority key identifier: AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 Certificate issuer: /CN=A91F3F02/serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661 Certificate serial: 0FA4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft Manifest number: 0F75 Signing time: Sat 10 May 2025 17:26:07 +0000 Manifest this update: Sat 10 May 2025 17:26:06 +0000 Manifest next update: Sat 17 May 2025 17:26:06 +0000 Files and hashes: 1: r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl (hash: MCBSe/AKh3i3we9o/Y+FKFWFnM2XfZ4XtKU+jlgJtCk=) 2: 4BF23558026D11EBB136622CC4F9AE02.roa (hash: dSSI9SuJi0kxWDguXGuvNHYcVsK2PtNwvDQAV3GyLYI=) 3: B3876B1821C911EB991D562EC4F9AE02.roa (hash: uBn0Hxz91FaVyD43QnMkuJqRyt7MMlvjQXxOWdloNks=) 4: B2B2930C21C911EB991D562EC4F9AE02.roa (hash: Qy0DDR285MRVUCU2wSq2l1CDAExHpBwuWLjgKYsgDgk=) 5: 8663E8B6658A11E9930DC678C4F9AE02.roa (hash: nnsGbqSAK23dzd+NhzAKnl4RNtdUbFKnIUPab2S+fr0=) 6: F98DEF9A231F11EB99F53580C4F9AE02.roa (hash: 5v8ULnLB7hAe2Fg8TDMfEBDhvjvsx+AYmHjpRnzhKsw=) 7: E049FDF87A4511EBBB2D0A52C4F9AE02.roa (hash: 01USCsNqqndn4P4yTkoqoN05MdA4R11oCs3iWFycohA=) 8: B490CD0621C911EB991D562EC4F9AE02.roa (hash: Juh4AVBFoxym4U719T7P+CRblg1s/scR/hB7gB0qaXY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 17 May 2025 17:26:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4004 (0xfa4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F3F02, serialNumber=AF44780813BB6C05E997545B08D37936FFAC4661 Validity Not Before: May 10 17:26:06 2025 GMT Not After : May 17 17:26:06 2025 GMT Subject: CN=681f8c2f-8d64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:1c:73:32:cf:5e:d7:5d:ea:e5:d5:b8:5e:2c: 3e:06:fc:47:ae:34:45:d6:d4:73:57:e1:99:93:6a: f1:ae:bf:f9:fa:76:a1:80:18:65:13:b8:69:7e:12: 7a:7b:ab:79:20:bf:b6:4c:ab:37:a3:b7:ff:62:3f: 97:76:c8:7f:a6:b0:89:80:98:b3:2c:b1:29:5d:b0: 2e:74:fa:b0:ae:0b:2d:3a:a7:09:3b:32:60:4b:ab: 1c:bc:86:52:c5:6b:8d:fc:3f:fb:35:d6:c4:d0:e1: 38:ab:c8:e4:94:e0:42:a5:e8:98:d1:f4:d0:69:26: f4:95:aa:5a:65:f3:50:ef:d8:2a:c9:39:de:be:24: 34:90:92:64:56:59:8e:ef:de:7c:1a:2b:9b:9d:1b: 14:92:1b:b9:79:8b:a0:a3:6b:30:e0:94:ed:c1:43: f6:91:6a:a0:18:93:9f:82:ac:61:70:93:dd:22:21: 3c:31:ed:63:12:77:a3:2f:5e:40:64:33:a9:d8:c3: cd:b4:da:ba:74:47:77:9e:a6:f8:74:81:ec:62:1d: 79:9d:4a:0a:92:cc:0e:a2:d2:fe:de:59:cf:51:e7: 6c:64:0b:8d:80:18:97:d8:90:45:0d:98:43:7d:c2: 1b:f7:03:7d:dd:80:fb:07:f5:11:73:4a:ad:7b:68: 59:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:92:A3:F0:6F:6C:7D:8B:81:53:D3:2C:E5:2A:10:EF:C5:C7:EE:3B X509v3 Authority Key Identifier: keyid:AF:44:78:08:13:BB:6C:05:E9:97:54:5B:08:D3:79:36:FF:AC:46:61 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F3F02/CCAB575063F011E9A9BCA141C4F9AE02/r0R4CBO7bAXpl1RbCNN5Nv-sRmE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8b:a5:41:1d:aa:09:a8:ea:cd:50:5f:02:be:3a:db:3b:ec:78: c0:d6:06:0c:12:cb:73:bc:7a:53:4c:a7:9e:c9:06:09:5f:0c: ef:6b:b9:b6:54:d9:ec:21:7f:5b:b0:7e:85:d3:09:2b:14:75: 88:46:7f:de:3c:8d:a5:b3:17:ff:be:7f:ee:f7:87:ea:90:03: ef:f9:57:aa:02:36:a4:83:df:be:f3:a1:d1:5f:45:1a:20:a6: db:f3:30:2b:ee:cd:5e:e0:45:a6:21:a9:c5:a5:c9:61:0d:3b: 4d:af:0a:45:c9:0c:82:1d:1b:b4:36:dc:be:34:85:50:08:cd: 36:0f:13:56:4d:fc:44:3e:cb:ad:1f:a1:1e:b6:24:34:84:7e: 11:d4:07:d8:61:59:df:a9:a2:83:70:ef:0e:50:e0:9f:3d:f2: c0:17:84:05:b3:73:7f:a2:c1:ab:be:01:1e:06:e4:89:38:de: 73:a3:df:26:20:2a:6e:63:6b:73:65:66:b6:15:ca:fc:6b:6e: 90:31:cf:c3:16:f6:c3:2c:e5:9f:dd:fb:76:05:33:fc:df:fd: 07:6a:98:2d:5e:57:96:2f:43:33:8b:79:72:73:99:6a:28:a3: 65:54:63:04:83:28:d5:80:db:65:e7:32:a9:b4:e2:22:4f:23: 5d:39:b7:3b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD6QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjNGMDIxMTAvBgNVBAUTKEFGNDQ3ODA4MTNCQjZDMDVFOTk3NTQ1QjA4RDM3OTM2 RkZBQzQ2NjEwHhcNMjUwNTEwMTcyNjA2WhcNMjUwNTE3MTcyNjA2WjAYMRYwFAYD VQQDEw02ODFmOGMyZi04ZDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsBxzMs9e113q5dW4Xiw+BvxHrjRF1tRzV+GZk2rxrr/5+nahgBhlE7hpfhJ6 e6t5IL+2TKs3o7f/Yj+Xdsh/prCJgJizLLEpXbAudPqwrgstOqcJOzJgS6scvIZS xWuN/D/7NdbE0OE4q8jklOBCpeiY0fTQaSb0lapaZfNQ79gqyTneviQ0kJJkVlmO 7958GiubnRsUkhu5eYugo2sw4JTtwUP2kWqgGJOfgqxhcJPdIiE8Me1jEnejL15A ZDOp2MPNtNq6dEd3nqb4dIHsYh15nUoKkswOotL+3lnPUedsZAuNgBiX2JBFDZhD fcIb9wN93YD7B/URc0qte2hZEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJGSo/Bv bH2LgVPTLOUqEO/Fx+47MB8GA1UdIwQYMBaAFK9EeAgTu2wF6ZdUWwjTeTb/rEZh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGM0YwMi9DQ0FCNTc1MDYz RjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JBWHBsMVJiQ05ONU52LXNS bUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3IwUjRDQk83YkFYcGwxUmJDTk41TnYtc1JtRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG M0YwMi9DQ0FCNTc1MDYzRjAxMUU5QTlCQ0ExNDFDNEY5QUUwMi9yMFI0Q0JPN2JB WHBsMVJiQ05ONU52LXNSbUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCLpUEdqgmo6s1QXwK+Ots77HjA1gYMEstzvHpTTKeeyQYJXwzva7m2 VNnsIX9bsH6F0wkrFHWIRn/ePI2lsxf/vn/u94fqkAPv+VeqAjakg9++86HRX0Ua IKbb8zAr7s1e4EWmIanFpclhDTtNrwpFyQyCHRu0Nty+NIVQCM02DxNWTfxEPsut H6EetiQ0hH4R1AfYYVnfqaKDcO8OUOCfPfLAF4QFs3N/osGrvgEeBuSJON5zo98m ICpuY2tzZWa2Fcr8a26QMc/DFvbDLOWf3ft2BTP83/0HapgtXleWL0Mzi3lyc5lq KKNlVGMEgyjVgNtl5zKptOIiTyNdObc7 -----END CERTIFICATE-----Generated at Sun May 11 16:57:44 2025 by rpki-client