$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.mft File: n3tC7xjTQv3Vap_cXz2AHi0sGrc.mft (raw, json) Hash identifier: js9A0HXghBtSo182cs/Jbi46zN4TTc/z0s+CDgzR32c= Subject key identifier: DA:59:5A:34:21:1A:56:B3:ED:C6:E1:35:4D:E3:55:D0:D9:EB:82:10 Authority key identifier: 9F:7B:42:EF:18:D3:42:FD:D5:6A:9F:DC:5F:3D:80:1E:2D:2C:1A:B7 Certificate issuer: /CN=A91F8282/serialNumber=9F7B42EF18D342FDD56A9FDC5F3D801E2D2C1AB7 Certificate serial: 25 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n3tC7xjTQv3Vap_cXz2AHi0sGrc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.mft Manifest number: 24 Signing time: Sun 11 May 2025 06:34:39 +0000 Manifest this update: Sun 11 May 2025 06:34:39 +0000 Manifest next update: Sun 18 May 2025 06:34:39 +0000 Files and hashes: 1: n3tC7xjTQv3Vap_cXz2AHi0sGrc.crl (hash: VahdrmQGeMcMwyAaqhtkI5bOp2rQauMZms60f7DxtXU=) 2: 05EBB6CEFEF811EFB0C52572C4F9AE02.roa (hash: hHpuvEEfCl4OhjB2zfY/eTXHBtooIatBX5e91JuXgS8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.crl rsync://rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n3tC7xjTQv3Vap_cXz2AHi0sGrc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 18 May 2025 02:50:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37 (0x25) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8282, serialNumber=9F7B42EF18D342FDD56A9FDC5F3D801E2D2C1AB7 Validity Not Before: May 11 06:34:39 2025 GMT Not After : May 18 06:34:39 2025 GMT Subject: CN=682044ff-3b8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:d8:65:c8:cd:72:fe:09:f6:e6:87:ab:1a:11: 73:76:d5:08:2d:03:9a:cf:c4:20:33:c2:60:f2:e6: de:32:18:72:76:da:19:2c:b5:71:66:cc:b2:17:82: 36:ed:d4:2f:e5:2f:b7:5c:4a:65:fe:6f:c4:38:98: cb:e9:59:5f:8b:69:5b:34:b1:23:4c:d0:89:df:12: e3:0c:44:f8:97:f3:dc:bb:e0:0b:e4:82:a7:7a:2d: df:eb:da:3f:b9:f1:45:62:55:7c:33:ec:9d:f9:aa: 09:95:dd:0e:d9:fa:91:e5:d9:2b:1a:cd:0b:0a:e1: a9:eb:f0:fb:10:fd:6c:90:c6:ab:4b:08:f1:e3:41: 98:66:82:9b:82:fa:26:7c:3e:aa:f4:bf:18:70:95: 57:a2:9a:1a:40:c5:28:45:f8:54:8e:62:62:5f:d2: c4:f3:cf:81:c8:7a:f6:e8:99:34:03:17:bd:a9:05: 90:a4:66:a9:fc:2e:1a:13:9c:85:f8:43:53:69:d9: 65:db:b9:84:d7:ea:72:12:48:69:85:7c:cb:65:ec: 95:fa:04:f7:91:b9:f8:db:b5:ae:ab:1d:c5:2e:c5: b4:4a:1f:9d:e1:1b:bd:34:fa:fa:86:3f:1e:f1:ff: 7b:d9:b1:6e:f0:67:07:f2:55:c4:9f:9d:15:25:0e: 0d:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:59:5A:34:21:1A:56:B3:ED:C6:E1:35:4D:E3:55:D0:D9:EB:82:10 X509v3 Authority Key Identifier: keyid:9F:7B:42:EF:18:D3:42:FD:D5:6A:9F:DC:5F:3D:80:1E:2D:2C:1A:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/n3tC7xjTQv3Vap_cXz2AHi0sGrc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8282/061AAB52FBFE11EFB5520A12C4F9AE02/n3tC7xjTQv3Vap_cXz2AHi0sGrc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:8e:d8:d5:80:50:45:06:da:58:5c:22:e0:aa:8c:d9:68:eb: 5a:0a:6a:1e:20:42:eb:fa:b4:77:7f:e1:a0:d9:fe:d8:6d:ec: a5:0a:78:8a:60:c9:97:b2:fb:54:49:1f:fc:7f:56:99:73:89: 6c:5b:5d:4d:ba:50:ab:37:33:a4:26:a8:15:35:93:66:38:e0: 1d:fc:1c:4d:27:22:8e:29:dc:07:19:6a:42:1a:40:c3:49:11: 0e:7b:f6:a7:29:1b:85:85:50:39:98:9e:93:7a:5f:1b:cd:38: fc:62:47:3b:d0:f3:b5:c3:03:6d:e6:c9:07:77:b2:11:6d:33: 20:ca:66:d6:ff:03:23:a6:1c:22:0f:a7:6b:69:ef:32:33:09: 5a:03:45:c2:0e:ef:52:0e:79:9d:7c:d7:03:da:07:dc:55:0a: b2:a2:32:bb:13:bb:cc:53:66:a9:f9:1e:8c:da:23:d9:03:44: c0:e4:47:d7:31:82:a4:a6:5d:74:9a:42:2e:42:4c:09:cc:f2: 1b:23:da:36:bc:57:2f:07:06:4d:aa:82:f4:90:9c:68:f2:29: c4:77:55:aa:1d:8c:6f:23:fd:c1:6e:af:73:04:2d:2c:71:cb: 13:1a:9b:c8:ef:cf:eb:4e:7b:3a:c6:16:8b:cf:65:13:f4:57: 53:c0:ba:95 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG ODI4MjExMC8GA1UEBRMoOUY3QjQyRUYxOEQzNDJGREQ1NkE5RkRDNUYzRDgwMUUy RDJDMUFCNzAeFw0yNTA1MTEwNjM0MzlaFw0yNTA1MTgwNjM0MzlaMBgxFjAUBgNV BAMTDTY4MjA0NGZmLTNiOGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDM2GXIzXL+Cfbmh6saEXN21QgtA5rPxCAzwmDy5t4yGHJ22hkstXFmzLIXgjbt 1C/lL7dcSmX+b8Q4mMvpWV+LaVs0sSNM0InfEuMMRPiX89y74Avkgqd6Ld/r2j+5 8UViVXwz7J35qgmV3Q7Z+pHl2SsazQsK4anr8PsQ/WyQxqtLCPHjQZhmgpuC+iZ8 Pqr0vxhwlVeimhpAxShF+FSOYmJf0sTzz4HIevbomTQDF72pBZCkZqn8LhoTnIX4 Q1Np2WXbuYTX6nISSGmFfMtl7JX6BPeRufjbta6rHcUuxbRKH53hG700+vqGPx7x /3vZsW7wZwfyVcSfnRUlDg1TAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU2llaNCEa VrPtxuE1TeNV0NnrghAwHwYDVR0jBBgwFoAUn3tC7xjTQv3Vap/cXz2AHi0sGrcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4MjgyLzA2MUFBQjUyRkJG RTExRUZCNTUyMEExMkM0RjlBRTAyL24zdEM3eGpUUXYzVmFwX2NYejJBSGkwc0dy Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbjN0Qzd4alRRdjNWYXBfY1h6MkFIaTBzR3JjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUY4 MjgyLzA2MUFBQjUyRkJGRTExRUZCNTUyMEExMkM0RjlBRTAyL24zdEM3eGpUUXYz VmFwX2NYejJBSGkwc0dyYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFiO2NWAUEUG2lhcIuCqjNlo61oKah4gQuv6tHd/4aDZ/tht7KUKeIpg yZey+1RJH/x/VplziWxbXU26UKs3M6QmqBU1k2Y44B38HE0nIo4p3AcZakIaQMNJ EQ579qcpG4WFUDmYnpN6XxvNOPxiRzvQ87XDA23myQd3shFtMyDKZtb/AyOmHCIP p2tp7zIzCVoDRcIO71IOeZ181wPaB9xVCrKiMrsTu8xTZqn5HozaI9kDRMDkR9cx gqSmXXSaQi5CTAnM8hsj2ja8Vy8HBk2qgvSQnGjyKcR3VaodjG8j/cFur3MELSxx yxMam8jvz+tOezrGFovPZRP0V1PAupU= -----END CERTIFICATE-----Generated at Sun May 11 13:41:35 2025 by rpki-client