$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB1F6/0F14015094C911EAB1DB627CC4F9AE02/CBzlpnA274VGmQv1lMzWMoB0BR0.mft File: CBzlpnA274VGmQv1lMzWMoB0BR0.mft (raw, json) Hash identifier: qtqGZSdIM8jxXgXbLouKyijmcqzfOE1oM+R8bDZo/5o= Subject key identifier: 5E:7B:B8:47:D0:B6:57:F4:52:79:05:8C:37:92:35:AA:DC:62:85:C3 Authority key identifier: 08:1C:E5:A6:70:36:EF:85:46:99:0B:F5:94:CC:D6:32:80:74:05:1D Certificate issuer: /CN=A91AB1F6/serialNumber=081CE5A67036EF8546990BF594CCD6328074051D Certificate serial: 0977 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CBzlpnA274VGmQv1lMzWMoB0BR0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB1F6/0F14015094C911EAB1DB627CC4F9AE02/CBzlpnA274VGmQv1lMzWMoB0BR0.mft Manifest number: 096D Signing time: Thu 12 Jun 2025 19:56:53 +0000 Manifest this update: Thu 12 Jun 2025 19:56:53 +0000 Manifest next update: Thu 19 Jun 2025 19:56:53 +0000 Files and hashes: 1: CBzlpnA274VGmQv1lMzWMoB0BR0.crl (hash: KTdoFwgjYYpvsyGJPP/K+OzqctUgyKNUdmp58hbXYD4=) 2: 59675AB20A4011F0AC302962C4F9AE02.roa (hash: tX8/5QgMtsCLrwoaol70And5FJnb3NLo6JwFspF8Ii4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB1F6/0F14015094C911EAB1DB627CC4F9AE02/CBzlpnA274VGmQv1lMzWMoB0BR0.crl rsync://rpki.apnic.net/member_repository/A91AB1F6/0F14015094C911EAB1DB627CC4F9AE02/CBzlpnA274VGmQv1lMzWMoB0BR0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CBzlpnA274VGmQv1lMzWMoB0BR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 19 Jun 2025 19:56:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2423 (0x977) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB1F6, serialNumber=081CE5A67036EF8546990BF594CCD6328074051D Validity Not Before: Jun 12 19:56:53 2025 GMT Not After : Jun 19 19:56:53 2025 GMT Subject: CN=684b3105-ede3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:aa:62:cd:04:23:b4:62:3e:62:6e:2e:9d:fd: a9:e7:f5:04:54:3f:b7:07:ce:b0:59:17:3b:83:43: c5:f1:03:04:00:be:84:0c:1a:10:1c:de:c4:7b:86: a0:37:3b:87:a5:03:69:77:cc:55:96:92:d1:7f:cb: 2d:5b:d9:f4:29:ce:75:32:04:51:85:49:e5:46:10: 35:b6:0e:d5:a5:df:f3:3e:83:84:4a:cf:0a:53:f7: 1e:0b:53:a2:dd:c9:44:37:cd:b1:97:cd:69:25:1f: 01:68:0a:e2:15:51:c5:3f:ca:d7:ff:94:91:a1:d8: e9:99:c1:25:4f:af:dd:e2:08:3c:1c:20:76:73:ec: a9:f2:0b:68:8d:07:84:49:84:d9:a1:02:40:83:c3: 63:3e:0b:02:cc:41:84:ef:5b:8c:e5:73:c8:be:7e: a7:62:b5:20:e2:71:b9:f8:1e:4d:69:0e:2f:2d:fb: 62:0a:34:28:6c:a0:98:32:f7:db:e1:8b:87:02:c8: 07:c0:a9:11:da:92:56:bf:b7:a0:07:76:0a:61:e0: 58:1f:36:0f:50:85:5b:bf:cc:94:23:7b:44:a8:5d: 9b:04:93:fb:3e:ab:30:68:dc:96:69:66:8f:cd:3d: 62:3f:47:bf:c8:57:1f:a9:cb:ce:82:f5:fd:a2:39: 26:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:7B:B8:47:D0:B6:57:F4:52:79:05:8C:37:92:35:AA:DC:62:85:C3 X509v3 Authority Key Identifier: keyid:08:1C:E5:A6:70:36:EF:85:46:99:0B:F5:94:CC:D6:32:80:74:05:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB1F6/0F14015094C911EAB1DB627CC4F9AE02/CBzlpnA274VGmQv1lMzWMoB0BR0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CBzlpnA274VGmQv1lMzWMoB0BR0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB1F6/0F14015094C911EAB1DB627CC4F9AE02/CBzlpnA274VGmQv1lMzWMoB0BR0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:4b:0c:ba:58:51:fc:db:48:84:d7:79:da:8b:c4:5d:0b:f9: b0:41:ab:7e:4e:18:e0:b8:68:89:06:d3:b8:a5:60:c4:0f:bc: db:f7:f1:a5:b5:bf:6b:3a:8d:f5:8a:dd:87:fb:c2:21:48:14: 2d:9f:83:ff:d0:7a:93:dc:83:8e:10:71:e8:8e:84:73:65:79: 37:67:5e:a8:fb:a8:75:01:1a:46:68:20:e1:9b:9d:e6:0b:6b: d2:e0:3e:62:95:8a:e2:72:db:41:44:f7:3a:32:81:22:9b:ec: 86:89:de:a5:c7:1a:e8:19:3e:36:0c:66:30:b6:55:34:6a:82: 95:79:0a:02:f4:e2:55:50:75:3c:e9:04:43:7a:d5:31:6a:de: 9f:a5:01:91:27:b5:dd:fd:45:6e:26:d7:0d:a2:79:d8:31:e4: 74:2c:cf:7f:9f:45:bd:d9:6b:94:32:69:a4:93:39:8c:54:01: ac:80:ac:bf:14:54:ec:16:72:ae:7f:1c:8f:a3:92:24:f8:25: 63:73:e5:27:6e:1d:06:a5:d8:65:4d:29:ad:ad:0d:2b:7d:99: 98:12:a5:8a:07:79:ed:e0:05:63:10:86:85:0b:6a:7b:84:ab: 25:d1:54:ce:f0:52:94:ae:f5:d0:5b:f0:5c:3e:12:27:56:e5: 23:16:a2:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCXcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIxRjYxMTAvBgNVBAUTKDA4MUNFNUE2NzAzNkVGODU0Njk5MEJGNTk0Q0NENjMy ODA3NDA1MUQwHhcNMjUwNjEyMTk1NjUzWhcNMjUwNjE5MTk1NjUzWjAYMRYwFAYD VQQDEw02ODRiMzEwNS1lZGUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqqpizQQjtGI+Ym4unf2p5/UEVD+3B86wWRc7g0PF8QMEAL6EDBoQHN7Ee4ag NzuHpQNpd8xVlpLRf8stW9n0Kc51MgRRhUnlRhA1tg7Vpd/zPoOESs8KU/ceC1Oi 3clEN82xl81pJR8BaAriFVHFP8rX/5SRodjpmcElT6/d4gg8HCB2c+yp8gtojQeE SYTZoQJAg8NjPgsCzEGE71uM5XPIvn6nYrUg4nG5+B5NaQ4vLftiCjQobKCYMvfb 4YuHAsgHwKkR2pJWv7egB3YKYeBYHzYPUIVbv8yUI3tEqF2bBJP7PqswaNyWaWaP zT1iP0e/yFcfqcvOgvX9ojkmEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF57uEfQ tlf0UnkFjDeSNarcYoXDMB8GA1UdIwQYMBaAFAgc5aZwNu+FRpkL9ZTM1jKAdAUd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjFGNi8wRjE0MDE1MDk0 QzkxMUVBQjFEQjYyN0NDNEY5QUUwMi9DQnpscG5BMjc0VkdtUXYxbE16V01vQjBC UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NCemxwbkEyNzRWR21RdjFsTXpXTW9CMEJSMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjFGNi8wRjE0MDE1MDk0QzkxMUVBQjFEQjYyN0NDNEY5QUUwMi9DQnpscG5BMjc0 VkdtUXYxbE16V01vQjBCUjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQATSwy6WFH820iE13nai8RdC/mwQat+ThjguGiJBtO4pWDED7zb9/Gl tb9rOo31it2H+8IhSBQtn4P/0HqT3IOOEHHojoRzZXk3Z16o+6h1ARpGaCDhm53m C2vS4D5ilYricttBRPc6MoEim+yGid6lxxroGT42DGYwtlU0aoKVeQoC9OJVUHU8 6QRDetUxat6fpQGRJ7Xd/UVuJtcNonnYMeR0LM9/n0W92WuUMmmkkzmMVAGsgKy/ FFTsFnKufxyPo5Ik+CVjc+Unbh0GpdhlTSmtrQ0rfZmYEqWKB3nt4AVjEIaFC2p7 hKsl0VTO8FKUrvXQW/BcPhInVuUjFqIG -----END CERTIFICATE-----Generated at Sat Jun 14 19:05:05 2025 by rpki-client