$ rpki-client -vvf rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft File: L9JLb9eYBEVzVDhmYs4w3aOyALU.mft (raw, json) Hash identifier: PULDWxLt8HDBiGgwXCAj70DjZhxNa+tXDCMJcZsx9Pk= Subject key identifier: 2B:E3:D0:67:E0:6A:5F:92:07:1D:05:8C:CF:24:A9:8A:53:F4:3E:65 Authority key identifier: 2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5 Certificate issuer: /CN=A91A29DA/serialNumber=2FD24B6FD79804457354386662CE30DDA3B200B5 Certificate serial: F2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft Manifest number: F0 Signing time: Tue 17 Jun 2025 04:17:01 +0000 Manifest this update: Tue 17 Jun 2025 04:17:00 +0000 Manifest next update: Tue 24 Jun 2025 04:17:00 +0000 Files and hashes: 1: L9JLb9eYBEVzVDhmYs4w3aOyALU.crl (hash: c9bz/zYcNxepqAU/ZHbVusHnje1xiILJXO14y+08bSg=) 2: AE2FD9C4DA5411EE83E9E67EC4F9AE02.roa (hash: tK5HTPbAj/ZNMX+j7tcaCGQxo/xqwq0UKtlHWscWUVg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.crl rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 24 Jun 2025 04:17:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 242 (0xf2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A29DA, serialNumber=2FD24B6FD79804457354386662CE30DDA3B200B5 Validity Not Before: Jun 17 04:17:00 2025 GMT Not After : Jun 24 04:17:00 2025 GMT Subject: CN=6850ec3c-dc86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:2f:a1:40:e5:b6:f0:d9:22:af:59:83:55:9d: 6f:16:a6:bd:33:d7:77:f7:2e:26:66:7f:67:e7:fc: ec:d3:b9:19:af:91:a3:80:e1:74:b3:43:e4:90:ab: e8:a2:67:e8:7b:54:3d:7b:b3:1d:ea:fa:40:91:31: ed:a4:cc:25:81:ed:49:35:85:99:05:55:2d:33:f1: 34:56:3a:30:18:c7:c5:b5:eb:8b:dc:31:34:9b:c0: 51:e5:ae:45:b3:0c:44:51:e9:15:19:56:0f:91:12: 88:8d:46:e9:d7:13:bd:6c:ab:68:1c:6c:ab:b4:8f: 1a:e1:97:c5:40:3c:71:57:8e:5f:c3:b7:45:39:aa: 4b:62:6d:ab:a1:97:ca:69:27:47:cc:07:59:f0:d4: d2:a9:1f:a5:6b:72:93:5a:b4:20:2a:43:9a:92:92: b6:fb:af:d5:5e:aa:e2:66:13:a0:c6:76:3e:13:de: d6:75:c8:5a:88:26:43:4f:56:39:6b:01:1b:e6:1f: a0:f6:fe:f2:7e:f1:48:0c:44:67:97:ed:d8:39:e6: 35:91:22:a8:7f:cb:f7:65:f6:71:cc:a7:3b:a3:de: ed:cb:32:b8:bd:c5:00:a4:01:d8:7a:56:2b:51:65: f8:96:53:36:60:53:de:f2:14:fd:6e:10:2a:2d:4e: df:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:E3:D0:67:E0:6A:5F:92:07:1D:05:8C:CF:24:A9:8A:53:F4:3E:65 X509v3 Authority Key Identifier: keyid:2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:33:69:07:9a:c4:ba:ea:53:ca:08:32:13:ee:70:6a:01:db: 22:23:75:f2:0e:d5:43:e3:28:37:ae:4a:28:2c:cb:4f:97:00: 15:c7:1b:93:ee:f1:bd:e4:47:26:53:f0:64:ee:28:4a:96:6c: b2:5c:b2:1f:df:d4:41:49:d6:07:16:c6:d8:6d:cc:fa:9a:16: 68:41:ae:e0:3a:94:61:9f:9a:3c:d5:8a:08:56:1e:5f:31:6a: 7e:be:fe:ce:7c:28:b5:94:e9:fb:a4:5d:3b:d9:8c:c8:17:87: cd:2b:de:df:ea:55:5b:8a:de:e3:48:c8:0a:0a:92:83:47:97: 31:55:fc:04:53:f6:15:1c:36:39:d9:47:16:fa:91:96:e6:9b: 93:34:9e:18:7e:02:de:ff:c7:27:5f:0c:b9:c5:67:88:e1:ff: f2:bb:2d:2c:44:2b:74:d2:e4:4b:dd:1b:79:ac:55:47:60:a1: 1b:8c:a2:6b:48:28:d2:3c:fb:73:0a:29:c1:a7:db:b1:f3:2c: 8d:fa:9f:b9:b6:6a:93:7f:ee:5f:75:a1:2c:94:99:18:58:2a: 64:09:71:ed:3e:01:80:43:90:55:5b:a5:b4:20:65:d0:f0:ca: 98:b7:77:3f:bd:da:d7:4e:5d:ab:be:10:a7:75:d3:37:95:6e: 61:b7:54:f5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTI5REExMTAvBgNVBAUTKDJGRDI0QjZGRDc5ODA0NDU3MzU0Mzg2NjYyQ0UzMERE QTNCMjAwQjUwHhcNMjUwNjE3MDQxNzAwWhcNMjUwNjI0MDQxNzAwWjAYMRYwFAYD VQQDEw02ODUwZWMzYy1kYzg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxi+hQOW28Nkir1mDVZ1vFqa9M9d39y4mZn9n5/zs07kZr5GjgOF0s0PkkKvo omfoe1Q9e7Md6vpAkTHtpMwlge1JNYWZBVUtM/E0VjowGMfFteuL3DE0m8BR5a5F swxEUekVGVYPkRKIjUbp1xO9bKtoHGyrtI8a4ZfFQDxxV45fw7dFOapLYm2roZfK aSdHzAdZ8NTSqR+la3KTWrQgKkOakpK2+6/VXqriZhOgxnY+E97WdchaiCZDT1Y5 awEb5h+g9v7yfvFIDERnl+3YOeY1kSKof8v3ZfZxzKc7o97tyzK4vcUApAHYelYr UWX4llM2YFPe8hT9bhAqLU7f5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCvj0Gfg al+SBx0FjM8kqYpT9D5lMB8GA1UdIwQYMBaAFC/SS2/XmARFc1Q4ZmLOMN2jsgC1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMjlEQS8zNEI1QjUxNERB NTQxMUVFODI3Q0E1N0RDNEY5QUUwMi9MOUpMYjllWUJFVnpWRGhtWXM0dzNhT3lB TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0w5SkxiOWVZQkVWelZEaG1ZczR3M2FPeUFMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MjlEQS8zNEI1QjUxNERBNTQxMUVFODI3Q0E1N0RDNEY5QUUwMi9MOUpMYjllWUJF VnpWRGhtWXM0dzNhT3lBTFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCgM2kHmsS66lPKCDIT7nBqAdsiI3XyDtVD4yg3rkooLMtPlwAVxxuT 7vG95EcmU/Bk7ihKlmyyXLIf39RBSdYHFsbYbcz6mhZoQa7gOpRhn5o81YoIVh5f MWp+vv7OfCi1lOn7pF072YzIF4fNK97f6lVbit7jSMgKCpKDR5cxVfwEU/YVHDY5 2UcW+pGW5puTNJ4YfgLe/8cnXwy5xWeI4f/yuy0sRCt00uRL3Rt5rFVHYKEbjKJr SCjSPPtzCinBp9ux8yyN+p+5tmqTf+5fdaEslJkYWCpkCXHtPgGAQ5BVW6W0IGXQ 8MqYt3c/vdrXTl2rvhCnddM3lW5ht1T1 -----END CERTIFICATE-----Generated at Wed Jun 18 11:07:29 2025 by rpki-client