$ rpki-client -vvf rpki.apnic.net/member_repository/A917C36A/40934280C7B211ED9357A23CC4F9AE02/R1MAyW65ok4zHQs5AHDEWinJXmk.mft File: R1MAyW65ok4zHQs5AHDEWinJXmk.mft (raw, json) Hash identifier: oirgv7iSXoPWk+R3dYomBr22AWwiRilCJHVSRGIPN1A= Subject key identifier: C9:A9:DE:01:89:F1:90:CF:5C:4A:DF:70:10:01:7E:FE:22:2F:84:C3 Authority key identifier: 47:53:00:C9:6E:B9:A2:4E:33:1D:0B:39:00:70:C4:5A:29:C9:5E:69 Certificate issuer: /CN=A917C36A/serialNumber=475300C96EB9A24E331D0B390070C45A29C95E69 Certificate serial: 01B0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1MAyW65ok4zHQs5AHDEWinJXmk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C36A/40934280C7B211ED9357A23CC4F9AE02/R1MAyW65ok4zHQs5AHDEWinJXmk.mft Manifest number: 01AA Signing time: Fri 13 Jun 2025 02:29:54 +0000 Manifest this update: Fri 13 Jun 2025 02:29:53 +0000 Manifest next update: Fri 20 Jun 2025 02:29:53 +0000 Files and hashes: 1: R1MAyW65ok4zHQs5AHDEWinJXmk.crl (hash: mCOLbEucK8tSxJsYNyN+oUinVUICSUELXnbB3Of22to=) 2: 9CB879ECC7B511ED9411183FC4F9AE02.roa (hash: vTjIWL+7U0681ZWCBVmHMtqcTBbPy9kNb1m5t3OENUI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C36A/40934280C7B211ED9357A23CC4F9AE02/R1MAyW65ok4zHQs5AHDEWinJXmk.crl rsync://rpki.apnic.net/member_repository/A917C36A/40934280C7B211ED9357A23CC4F9AE02/R1MAyW65ok4zHQs5AHDEWinJXmk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1MAyW65ok4zHQs5AHDEWinJXmk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 20 Jun 2025 02:29:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 432 (0x1b0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C36A, serialNumber=475300C96EB9A24E331D0B390070C45A29C95E69 Validity Not Before: Jun 13 02:29:53 2025 GMT Not After : Jun 20 02:29:53 2025 GMT Subject: CN=684b8d21-8e64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:a2:3c:ac:fa:47:e1:32:84:98:22:ba:4e:b9: c8:69:c8:2e:7b:8d:c1:1f:74:27:a8:85:b9:c9:3d: c6:71:b2:38:07:4a:aa:24:ec:ed:82:21:73:42:99: 0b:37:81:59:15:c8:4c:90:c9:1d:01:f7:90:7f:33: 82:37:8f:6b:29:9d:fd:fa:86:51:90:3d:80:27:4b: fe:18:fc:3d:a9:31:94:03:b7:39:b4:e9:48:cd:ef: e9:2d:cb:c7:b8:f7:fe:99:7b:f7:7c:3b:93:52:d6: 2c:62:5f:fd:a1:d7:f6:c6:4d:17:83:44:3b:27:2c: 1a:c7:14:07:5f:93:fa:86:bf:ed:2a:c9:50:95:65: a5:18:ce:7c:fd:ea:e2:cc:aa:19:97:a9:f8:4f:6f: 70:1c:45:37:80:ad:33:a8:60:ee:49:3d:dc:0b:e5: 4f:57:b0:57:7e:5b:af:38:cd:4d:03:2d:79:dd:8a: 96:6a:de:ec:ff:55:e6:93:67:ec:0a:9e:98:f2:7f: 07:d3:db:26:16:ce:e2:c3:6c:90:46:0f:74:91:28: bb:c4:63:da:9c:8a:50:69:63:da:39:09:af:38:ba: e2:a0:8f:8a:ba:29:35:f7:be:04:df:13:13:49:bc: 85:23:b4:74:22:fa:35:f6:77:12:20:91:7e:32:94: 4f:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:A9:DE:01:89:F1:90:CF:5C:4A:DF:70:10:01:7E:FE:22:2F:84:C3 X509v3 Authority Key Identifier: keyid:47:53:00:C9:6E:B9:A2:4E:33:1D:0B:39:00:70:C4:5A:29:C9:5E:69 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C36A/40934280C7B211ED9357A23CC4F9AE02/R1MAyW65ok4zHQs5AHDEWinJXmk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R1MAyW65ok4zHQs5AHDEWinJXmk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C36A/40934280C7B211ED9357A23CC4F9AE02/R1MAyW65ok4zHQs5AHDEWinJXmk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:9a:68:d1:9b:7d:39:4b:c8:b1:8f:57:1c:c1:62:88:53:93: d6:f0:f4:0e:ea:c4:4c:02:0b:1d:9e:e5:6a:90:c9:bc:79:3d: 9c:92:02:44:1b:c3:de:59:95:2c:45:c8:88:dc:8f:fa:b1:3e: c0:34:b9:74:5d:40:65:44:e4:5a:94:ec:c4:2b:d3:88:12:2b: ba:81:2f:b1:df:6e:62:d2:18:3d:5d:87:34:8b:82:8f:99:71: f9:dd:d4:4b:a5:0c:86:31:ee:eb:fd:6a:4e:dd:eb:df:26:27: 39:56:46:db:3f:3d:fc:1a:09:8a:98:9b:c2:34:b3:a5:07:de: 25:f1:05:a7:51:5b:56:eb:89:17:34:68:01:71:b7:da:aa:52: 4e:6d:54:0e:81:da:f3:99:a8:4d:cb:bd:e8:53:a1:1e:6b:89: be:cd:fc:51:4a:4b:56:4a:41:c5:3c:d4:b3:d1:02:88:8f:76: 24:1b:7c:dc:24:5f:2f:8e:fb:09:e6:13:5c:30:c5:0d:2f:50: 76:5b:78:cf:7c:7f:bf:08:88:b0:90:5a:7f:f4:cd:3b:77:99: a3:cd:1b:1d:51:b1:3f:a9:0e:b4:cc:1e:24:43:d2:d9:e1:5b: 07:cf:e3:e3:39:e0:05:67:eb:fa:7b:8e:0b:05:6c:c2:99:7c: 8a:f9:7a:36 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0MzNkExMTAvBgNVBAUTKDQ3NTMwMEM5NkVCOUEyNEUzMzFEMEIzOTAwNzBDNDVB MjlDOTVFNjkwHhcNMjUwNjEzMDIyOTUzWhcNMjUwNjIwMDIyOTUzWjAYMRYwFAYD VQQDEw02ODRiOGQyMS04ZTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7qI8rPpH4TKEmCK6TrnIacgue43BH3QnqIW5yT3GcbI4B0qqJOztgiFzQpkL N4FZFchMkMkdAfeQfzOCN49rKZ39+oZRkD2AJ0v+GPw9qTGUA7c5tOlIze/pLcvH uPf+mXv3fDuTUtYsYl/9odf2xk0Xg0Q7JywaxxQHX5P6hr/tKslQlWWlGM58/eri zKoZl6n4T29wHEU3gK0zqGDuST3cC+VPV7BXfluvOM1NAy153YqWat7s/1Xmk2fs Cp6Y8n8H09smFs7iw2yQRg90kSi7xGPanIpQaWPaOQmvOLrioI+Kuik1974E3xMT SbyFI7R0Ivo19ncSIJF+MpRPkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMmp3gGJ 8ZDPXErfcBABfv4iL4TDMB8GA1UdIwQYMBaAFEdTAMluuaJOMx0LOQBwxFopyV5p MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzM2QS80MDkzNDI4MEM3 QjIxMUVEOTM1N0EyM0NDNEY5QUUwMi9SMU1BeVc2NW9rNHpIUXM1QUhERVdpbkpY bWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1IxTUF5VzY1b2s0ekhRczVBSERFV2luSlhtay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzM2QS80MDkzNDI4MEM3QjIxMUVEOTM1N0EyM0NDNEY5QUUwMi9SMU1BeVc2NW9r NHpIUXM1QUhERVdpbkpYbWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApmmjRm305S8ixj1ccwWKIU5PW8PQO6sRMAgsdnuVqkMm8eT2ckgJE G8PeWZUsRciI3I/6sT7ANLl0XUBlRORalOzEK9OIEiu6gS+x325i0hg9XYc0i4KP mXH53dRLpQyGMe7r/WpO3evfJic5VkbbPz38GgmKmJvCNLOlB94l8QWnUVtW64kX NGgBcbfaqlJObVQOgdrzmahNy73oU6Eea4m+zfxRSktWSkHFPNSz0QKIj3YkG3zc JF8vjvsJ5hNcMMUNL1B2W3jPfH+/CIiwkFp/9M07d5mjzRsdUbE/qQ60zB4kQ9LZ 4VsHz+PjOeAFZ+v6e44LBWzCmXyK+Xo2 -----END CERTIFICATE-----Generated at Sat Jun 14 18:38:13 2025 by rpki-client