$ rpki-client -vvf rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.mft File: Sn0mxMvxZwAkXWf79pULcSkYmTk.mft (raw, json) Hash identifier: /g1zJgxhCfFq+IATF/IIfDPKNgLh2GPMVFcEQMmnYjQ= Subject key identifier: 94:8B:4F:5F:DD:3C:A5:89:90:FD:40:B4:2D:01:B3:8F:D6:02:0E:ED Authority key identifier: 4A:7D:26:C4:CB:F1:67:00:24:5D:67:FB:F6:95:0B:71:29:18:99:39 Certificate issuer: /CN=A91839CF/serialNumber=4A7D26C4CBF16700245D67FBF6950B7129189939 Certificate serial: 6A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sn0mxMvxZwAkXWf79pULcSkYmTk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.mft Manifest number: 69 Signing time: Sun 15 Jun 2025 06:03:53 +0000 Manifest this update: Sun 15 Jun 2025 06:03:53 +0000 Manifest next update: Sun 22 Jun 2025 06:03:53 +0000 Files and hashes: 1: Sn0mxMvxZwAkXWf79pULcSkYmTk.crl (hash: KcvW9GgItuIx5bxEgzJ5BX4WV2xn084xlZRwtKJ2lWQ=) 2: 305EB30EA98D11EF8C023466C4F9AE02.roa (hash: Buuzt0i/kKtBaGkDf9aAUjvIwcQJfDzcstPOVS8Jm/I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.crl rsync://rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sn0mxMvxZwAkXWf79pULcSkYmTk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 22 Jun 2025 06:03:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 106 (0x6a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91839CF, serialNumber=4A7D26C4CBF16700245D67FBF6950B7129189939 Validity Not Before: Jun 15 06:03:53 2025 GMT Not After : Jun 22 06:03:53 2025 GMT Subject: CN=684e6249-0a53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d0:98:45:17:e3:05:60:65:fe:be:c6:23:aa: d6:69:68:98:03:b7:65:fa:80:f9:e1:8a:e3:af:f6: 94:48:26:a7:8a:f4:31:34:87:94:dd:d6:30:f8:30: 11:b7:4f:72:7a:bd:50:00:d0:97:77:cb:ad:c9:8d: 3e:46:a0:ed:1e:f6:69:8f:9d:9a:ff:9d:44:8d:65: c7:46:d9:0d:90:a2:3a:90:3f:2a:89:be:75:d5:9e: af:4c:ee:e2:8d:65:1c:64:32:66:e8:a4:bd:02:aa: 8b:0f:52:b0:e7:10:87:23:7a:f2:ae:23:50:1b:72: b5:ed:83:19:ac:2d:75:59:a4:94:c6:17:c5:bd:1c: 18:86:ae:80:52:a9:a5:53:75:2e:9b:e4:dd:d2:0a: 66:17:40:7d:90:fd:ae:57:49:44:d0:60:eb:45:6b: c6:0e:35:08:c0:60:98:13:d0:6f:7d:da:c2:a1:ad: 93:ee:d8:96:03:79:e4:8b:4e:32:82:37:67:82:c3: 2a:75:01:bd:29:b7:c5:1c:c5:c9:5e:f9:57:2f:a9: 31:60:2f:3f:6b:bc:e4:09:57:39:7a:31:32:73:71: a0:3e:58:4f:58:b1:29:1d:ea:21:df:a3:c6:08:ad: 91:ca:38:79:50:fd:b1:2f:70:c3:26:19:e1:3f:61: e4:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:8B:4F:5F:DD:3C:A5:89:90:FD:40:B4:2D:01:B3:8F:D6:02:0E:ED X509v3 Authority Key Identifier: keyid:4A:7D:26:C4:CB:F1:67:00:24:5D:67:FB:F6:95:0B:71:29:18:99:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sn0mxMvxZwAkXWf79pULcSkYmTk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91839CF/4DF2BE52A98C11EFBA068864C4F9AE02/Sn0mxMvxZwAkXWf79pULcSkYmTk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:53:1b:7c:15:53:6f:d9:3e:12:90:fe:93:75:67:9a:7a:d1: d4:fc:23:a7:7b:b1:34:81:4c:f9:b1:cf:d5:78:ae:bd:a6:49: 16:76:2d:55:33:ac:de:48:b3:cb:66:d4:fb:17:b9:bf:0a:96: 30:59:f5:dd:c7:49:e6:fb:e0:65:5b:ed:1f:00:d8:c1:a3:2a: 37:82:2c:62:bd:cb:50:53:38:ea:71:0e:9d:ce:ac:f3:fc:d6: d4:ed:d2:81:cf:65:51:f6:60:85:df:01:38:ab:ef:1a:09:5d: 5a:36:c4:67:1c:50:65:2c:32:33:65:21:23:80:0c:92:45:18: a2:85:3a:f8:b2:d4:3f:6c:c1:6b:78:ab:ff:8f:94:eb:fd:59: 89:5b:8b:0b:69:79:0a:b4:d1:92:b1:33:92:77:61:cd:fc:82: ff:d2:5d:67:5c:b1:a2:d0:22:c2:b1:1d:f7:ae:25:e2:89:7f: 70:a2:3d:51:1c:97:be:68:5a:03:9f:3d:7f:36:2a:74:f8:ff: 3e:78:d7:42:22:61:ad:ee:b5:e5:d6:87:64:e5:2d:41:e1:c6: ae:2f:2c:87:1a:37:16:3a:9b:eb:b8:46:74:9a:09:e9:40:79: 7f:d8:27:a5:9d:0c:75:91:1a:7e:6e:ef:52:74:22:da:b8:cc: 90:65:4f:e9 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBajANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 MzlDRjExMC8GA1UEBRMoNEE3RDI2QzRDQkYxNjcwMDI0NUQ2N0ZCRjY5NTBCNzEy OTE4OTkzOTAeFw0yNTA2MTUwNjAzNTNaFw0yNTA2MjIwNjAzNTNaMBgxFjAUBgNV BAMTDTY4NGU2MjQ5LTBhNTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC70JhFF+MFYGX+vsYjqtZpaJgDt2X6gPnhiuOv9pRIJqeK9DE0h5Td1jD4MBG3 T3J6vVAA0Jd3y63JjT5GoO0e9mmPnZr/nUSNZcdG2Q2QojqQPyqJvnXVnq9M7uKN ZRxkMmbopL0CqosPUrDnEIcjevKuI1AbcrXtgxmsLXVZpJTGF8W9HBiGroBSqaVT dS6b5N3SCmYXQH2Q/a5XSUTQYOtFa8YONQjAYJgT0G992sKhrZPu2JYDeeSLTjKC N2eCwyp1Ab0pt8Ucxcle+VcvqTFgLz9rvOQJVzl6MTJzcaA+WE9YsSkd6iHfo8YI rZHKOHlQ/bEvcMMmGeE/YeTdAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUlItPX908 pYmQ/UC0LQGzj9YCDu0wHwYDVR0jBBgwFoAUSn0mxMvxZwAkXWf79pULcSkYmTkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgzOUNGLzRERjJCRTUyQTk4 QzExRUZCQTA2ODg2NEM0RjlBRTAyL1NuMG14TXZ4WndBa1hXZjc5cFVMY1NrWW1U ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvU24wbXhNdnhad0FrWFdmNzlwVUxjU2tZbVRrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTgz OUNGLzRERjJCRTUyQTk4QzExRUZCQTA2ODg2NEM0RjlBRTAyL1NuMG14TXZ4WndB a1hXZjc5cFVMY1NrWW1Uay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADRTG3wVU2/ZPhKQ/pN1Z5p60dT8I6d7sTSBTPmxz9V4rr2mSRZ2LVUz rN5Is8tm1PsXub8KljBZ9d3HSeb74GVb7R8A2MGjKjeCLGK9y1BTOOpxDp3OrPP8 1tTt0oHPZVH2YIXfATir7xoJXVo2xGccUGUsMjNlISOADJJFGKKFOviy1D9swWt4 q/+PlOv9WYlbiwtpeQq00ZKxM5J3Yc38gv/SXWdcsaLQIsKxHfeuJeKJf3CiPVEc l75oWgOfPX82KnT4/z5410IiYa3uteXWh2TlLUHhxq4vLIcaNxY6m+u4RnSaCelA eX/YJ6WdDHWRGn5u71J0Itq4zJBlT+k= -----END CERTIFICATE-----Generated at Mon Jun 16 15:07:17 2025 by rpki-client