$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft File: 5bRMaejecz32GWYFbn5BXsfHDSo.mft (raw, json) Hash identifier: M3ULjrYLbjAZWyLno9UZSYRWkKPRJYwrGIPAW+I2oBU= Subject key identifier: CF:B4:33:30:24:8E:B3:2A:8B:6B:C7:77:F0:81:45:01:47:F7:88:08 Authority key identifier: E5:B4:4C:69:E8:DE:73:3D:F6:19:66:05:6E:7E:41:5E:C7:C7:0D:2A Certificate issuer: /CN=A91B4873/serialNumber=E5B44C69E8DE733DF61966056E7E415EC7C70D2A Certificate serial: B4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft Manifest number: B3 Signing time: Thu 19 Jun 2025 05:19:17 +0000 Manifest this update: Thu 19 Jun 2025 05:19:16 +0000 Manifest next update: Thu 26 Jun 2025 05:19:16 +0000 Files and hashes: 1: 5bRMaejecz32GWYFbn5BXsfHDSo.crl (hash: lxAZzjHpehPXkVpuEZq+of1vGj3EjeLONTKG2teQaM0=) 2: 01F62A6438F011EF9A82662BC4F9AE02.roa (hash: 6ibBV+FsUpvviGFZhtbUaWu715IOaDD6qWu96emn7VA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.crl rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Jun 2025 05:19:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 180 (0xb4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4873, serialNumber=E5B44C69E8DE733DF61966056E7E415EC7C70D2A Validity Not Before: Jun 19 05:19:16 2025 GMT Not After : Jun 26 05:19:16 2025 GMT Subject: CN=68539dd4-abec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:67:71:c8:b8:9d:01:d9:a1:f4:60:4d:2f:d3: 20:89:4e:4e:3a:e4:b4:b6:b8:a3:94:35:e6:d2:39: 14:9f:c8:de:df:43:73:7b:1a:85:de:1a:ef:07:2d: 2e:b6:76:da:74:27:60:da:bd:37:e0:2d:14:5c:99: 88:45:de:36:f9:d4:fc:5d:95:de:0a:54:98:3c:db: 1d:7c:ec:b5:2a:5a:d0:f4:28:19:39:b7:79:08:16: 5e:da:5c:8f:3f:e4:a7:fd:cb:43:2a:8b:ea:63:64: b3:9d:6f:fd:aa:2b:2c:9a:32:d6:08:a5:ba:71:ce: cd:a8:2b:24:5b:ff:9e:77:bd:f8:f7:92:78:80:38: b2:21:6f:bb:d8:d0:85:e9:c1:bd:a6:f6:c1:0e:e8: 8a:03:9d:01:76:95:e0:2d:8b:08:be:b5:36:6d:e4: 6a:8a:41:82:48:81:8a:c1:08:e8:e0:10:dc:2c:1a: c6:87:cc:5f:9a:e5:8a:b7:31:5a:0f:dd:c7:39:f2: 1b:85:72:34:f9:b6:85:22:cd:d2:22:af:58:7a:57: 89:15:1d:9a:06:2a:83:a7:b4:53:20:16:ee:a1:50: 93:67:00:19:f2:c1:bd:93:45:15:3d:e4:8f:50:c6: 40:bf:b1:f3:56:a8:ba:e9:2d:96:39:ce:3d:1d:a5: 8a:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:B4:33:30:24:8E:B3:2A:8B:6B:C7:77:F0:81:45:01:47:F7:88:08 X509v3 Authority Key Identifier: keyid:E5:B4:4C:69:E8:DE:73:3D:F6:19:66:05:6E:7E:41:5E:C7:C7:0D:2A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/5bRMaejecz32GWYFbn5BXsfHDSo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4873/4E25C8BC38E711EF844B4F65C4F9AE02/5bRMaejecz32GWYFbn5BXsfHDSo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:64:b7:5c:4f:63:ae:4c:44:9d:bd:11:81:a9:f6:fb:de:7b: 95:fe:3a:29:33:f0:d2:65:85:26:1e:02:dd:b5:43:88:ff:a5: 55:09:9b:71:65:bc:b2:84:9d:8e:59:dd:95:c5:79:67:7c:38: d1:cf:aa:ad:7a:51:8d:f2:84:21:e8:a7:9c:ca:8e:31:0f:f9: 99:0d:e8:43:73:49:1c:64:08:0a:02:37:80:1a:b2:5e:49:74: cb:47:c2:42:4d:24:1d:21:a7:db:2d:16:54:f4:07:0b:df:31: 1c:69:94:d0:8b:62:28:84:a0:ed:9b:49:f2:e4:80:52:60:27: 79:95:35:8d:9c:27:8c:2b:5e:a4:15:3f:f8:a1:83:74:ba:da: c0:fe:28:ad:33:76:de:7b:e6:b8:cb:fa:3c:5d:ee:b0:f5:c8: ea:42:3f:40:ca:58:e4:a2:d0:56:69:43:30:c3:12:51:d8:e6: d6:34:65:4e:01:de:51:b7:10:c3:e9:46:0f:95:f8:22:42:2b: 81:37:c9:24:e2:c8:6c:6f:df:ff:a1:73:54:e9:67:12:e7:d2: dc:5b:0d:93:96:d3:25:6e:ae:3f:d4:60:f4:83:35:f1:34:9e: 77:ab:d7:56:a0:06:91:9d:37:8c:4c:24:7d:c3:94:02:da:da: e3:1b:d9:a3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQ4NzMxMTAvBgNVBAUTKEU1QjQ0QzY5RThERTczM0RGNjE5NjYwNTZFN0U0MTVF QzdDNzBEMkEwHhcNMjUwNjE5MDUxOTE2WhcNMjUwNjI2MDUxOTE2WjAYMRYwFAYD VQQDEw02ODUzOWRkNC1hYmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAomdxyLidAdmh9GBNL9MgiU5OOuS0trijlDXm0jkUn8je30NzexqF3hrvBy0u tnbadCdg2r034C0UXJmIRd42+dT8XZXeClSYPNsdfOy1KlrQ9CgZObd5CBZe2lyP P+Sn/ctDKovqY2SznW/9qissmjLWCKW6cc7NqCskW/+ed73495J4gDiyIW+72NCF 6cG9pvbBDuiKA50BdpXgLYsIvrU2beRqikGCSIGKwQjo4BDcLBrGh8xfmuWKtzFa D93HOfIbhXI0+baFIs3SIq9YeleJFR2aBiqDp7RTIBbuoVCTZwAZ8sG9k0UVPeSP UMZAv7HzVqi66S2WOc49HaWK+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM+0MzAk jrMqi2vHd/CBRQFH94gIMB8GA1UdIwQYMBaAFOW0TGno3nM99hlmBW5+QV7Hxw0q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDg3My80RTI1QzhCQzM4 RTcxMUVGODQ0QjRGNjVDNEY5QUUwMi81YlJNYWVqZWN6MzJHV1lGYm41QlhzZkhE U28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzViUk1hZWplY3ozMkdXWUZibjVCWHNmSERTby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDg3My80RTI1QzhCQzM4RTcxMUVGODQ0QjRGNjVDNEY5QUUwMi81YlJNYWVqZWN6 MzJHV1lGYm41QlhzZkhEU28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQACZLdcT2OuTESdvRGBqfb73nuV/jopM/DSZYUmHgLdtUOI/6VVCZtx ZbyyhJ2OWd2VxXlnfDjRz6qtelGN8oQh6Kecyo4xD/mZDehDc0kcZAgKAjeAGrJe SXTLR8JCTSQdIafbLRZU9AcL3zEcaZTQi2IohKDtm0ny5IBSYCd5lTWNnCeMK16k FT/4oYN0utrA/iitM3bee+a4y/o8Xe6w9cjqQj9AyljkotBWaUMwwxJR2ObWNGVO Ad5RtxDD6UYPlfgiQiuBN8kk4shsb9//oXNU6WcS59LcWw2TltMlbq4/1GD0gzXx NJ53q9dWoAaRnTeMTCR9w5QC2trjG9mj -----END CERTIFICATE-----Generated at Fri Jun 20 10:06:08 2025 by rpki-client