$ rpki-client -vvf rpki.apnic.net/member_repository/A91B8E38/51F0DB3C3FFE11ED9A87A315C4F9AE02/ck4fZGxFGwGeHNo21DRq25tf2_g.mft File: ck4fZGxFGwGeHNo21DRq25tf2_g.mft (raw, json) Hash identifier: 8WMDmvqJ6Xoc/7VNBW2BoLuTQUSbVagRRinW93USxeo= Subject key identifier: 79:E5:A0:40:7D:8B:05:A7:68:D8:17:68:C8:EB:5B:FC:BE:B9:C2:DC Authority key identifier: 72:4E:1F:64:6C:45:1B:01:9E:1C:DA:36:D4:34:6A:DB:9B:5F:DB:F8 Certificate issuer: /CN=A91B8E38/serialNumber=724E1F646C451B019E1CDA36D4346ADB9B5FDBF8 Certificate serial: 0201 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ck4fZGxFGwGeHNo21DRq25tf2_g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B8E38/51F0DB3C3FFE11ED9A87A315C4F9AE02/ck4fZGxFGwGeHNo21DRq25tf2_g.mft Manifest number: 01FE Signing time: Tue 17 Jun 2025 01:34:33 +0000 Manifest this update: Tue 17 Jun 2025 01:34:33 +0000 Manifest next update: Tue 24 Jun 2025 01:34:33 +0000 Files and hashes: 1: ck4fZGxFGwGeHNo21DRq25tf2_g.crl (hash: 3JK4e7/iJuSvxvBaFfvwJsMJFbHTkEaBq7W1A8A9+rA=) 2: A6789038400211ED808CCF0DC4F9AE02.roa (hash: AFcbY0/3GFwr3EcAHIPw3DWr7uIr3rpZ3pX3o3qycLQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B8E38/51F0DB3C3FFE11ED9A87A315C4F9AE02/ck4fZGxFGwGeHNo21DRq25tf2_g.crl rsync://rpki.apnic.net/member_repository/A91B8E38/51F0DB3C3FFE11ED9A87A315C4F9AE02/ck4fZGxFGwGeHNo21DRq25tf2_g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ck4fZGxFGwGeHNo21DRq25tf2_g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 24 Jun 2025 01:34:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 513 (0x201) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B8E38, serialNumber=724E1F646C451B019E1CDA36D4346ADB9B5FDBF8 Validity Not Before: Jun 17 01:34:33 2025 GMT Not After : Jun 24 01:34:33 2025 GMT Subject: CN=6850c629-783b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:70:31:5b:9b:4a:da:1c:f8:a0:1d:9e:76:7c: 08:b3:88:be:cc:82:ab:40:b2:a4:35:19:74:79:eb: d3:38:11:35:80:9e:6a:29:86:f9:31:00:fd:6b:d8: 4f:92:ea:46:b2:22:2c:57:01:d3:e3:19:f6:70:d1: de:64:3b:4a:b7:66:59:84:20:3a:95:ae:72:f3:fe: dc:92:23:8a:c7:c1:e7:8c:ef:10:81:6a:da:c7:05: 13:f2:c3:a0:2d:f6:f4:70:0c:32:55:b4:a6:77:82: 87:fa:f0:e4:57:b4:8a:e7:db:65:26:d8:9c:0b:d4: 5a:44:94:1d:5d:40:df:bc:19:59:a7:df:1d:a7:d9: c9:25:2c:38:91:61:50:b4:85:f6:fb:79:e9:a6:32: 5d:af:a1:d7:67:3c:58:68:bf:fc:8a:99:e8:53:31: 05:6d:aa:fc:0d:9e:92:77:a6:97:02:ff:fd:68:4a: cc:e2:67:c5:a4:e4:a2:c8:d4:6f:38:2c:21:de:13: 6e:3c:2f:ba:95:14:72:6c:e4:76:82:1f:8f:4c:aa: 2b:d1:24:0b:a7:6d:8a:3c:94:8e:8f:43:62:02:f5: d3:78:6d:ce:9e:bc:f7:9d:d5:c1:c8:b8:e5:dd:09: 7d:a0:29:dd:55:0f:ae:5f:d9:59:c0:86:b9:77:20: 13:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:E5:A0:40:7D:8B:05:A7:68:D8:17:68:C8:EB:5B:FC:BE:B9:C2:DC X509v3 Authority Key Identifier: keyid:72:4E:1F:64:6C:45:1B:01:9E:1C:DA:36:D4:34:6A:DB:9B:5F:DB:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B8E38/51F0DB3C3FFE11ED9A87A315C4F9AE02/ck4fZGxFGwGeHNo21DRq25tf2_g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ck4fZGxFGwGeHNo21DRq25tf2_g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B8E38/51F0DB3C3FFE11ED9A87A315C4F9AE02/ck4fZGxFGwGeHNo21DRq25tf2_g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:e7:a8:8b:9d:a8:fc:b6:a3:2a:8e:d0:b5:7a:0e:36:a2:26: 0a:b4:0d:73:2c:d0:98:6a:ef:53:fd:10:eb:62:56:9e:f2:3f: 36:a8:71:e8:13:37:d3:d3:e0:69:05:b9:99:4b:ea:cf:d0:14: 5d:0c:e5:d9:83:b5:c5:ac:35:45:a7:96:56:7c:81:9d:0e:38: 52:a2:ac:31:bf:d3:5f:a9:b0:9d:c3:c5:b9:9e:81:4d:36:71: 1c:fc:d4:8b:24:f5:52:ed:15:12:11:fc:8d:94:3a:42:8a:b5: 43:b1:dc:ad:99:ac:2b:30:f5:07:6f:51:5a:4e:cc:d2:19:5c: 8b:89:13:1e:e9:93:c1:1c:94:e6:ea:13:e2:b9:a9:d2:64:35: 83:f7:54:4c:42:7e:14:c5:05:c5:9f:04:71:18:6a:93:31:10: 6d:c1:66:61:62:1c:b3:10:2d:06:66:7d:e0:ea:4f:85:1a:46: a3:c5:73:72:bc:bb:d2:dc:86:35:07:7d:3e:3a:26:37:f2:40: c1:37:47:bf:3d:bd:08:33:61:1b:85:c8:26:eb:52:a9:a6:5e: a0:96:e0:c4:dd:67:11:0f:7b:50:4a:da:83:04:16:22:ba:1e: fa:2b:90:90:8a:be:f2:ed:8d:50:98:b4:94:c3:e4:c1:24:f4: d4:f9:ee:d9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAgEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjhFMzgxMTAvBgNVBAUTKDcyNEUxRjY0NkM0NTFCMDE5RTFDREEzNkQ0MzQ2QURC OUI1RkRCRjgwHhcNMjUwNjE3MDEzNDMzWhcNMjUwNjI0MDEzNDMzWjAYMRYwFAYD VQQDEw02ODUwYzYyOS03ODNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAznAxW5tK2hz4oB2ednwIs4i+zIKrQLKkNRl0eevTOBE1gJ5qKYb5MQD9a9hP kupGsiIsVwHT4xn2cNHeZDtKt2ZZhCA6la5y8/7ckiOKx8HnjO8QgWraxwUT8sOg Lfb0cAwyVbSmd4KH+vDkV7SK59tlJticC9RaRJQdXUDfvBlZp98dp9nJJSw4kWFQ tIX2+3nppjJdr6HXZzxYaL/8ipnoUzEFbar8DZ6Sd6aXAv/9aErM4mfFpOSiyNRv OCwh3hNuPC+6lRRybOR2gh+PTKor0SQLp22KPJSOj0NiAvXTeG3Onrz3ndXByLjl 3Ql9oCndVQ+uX9lZwIa5dyATUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHnloEB9 iwWnaNgXaMjrW/y+ucLcMB8GA1UdIwQYMBaAFHJOH2RsRRsBnhzaNtQ0atubX9v4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOEUzOC81MUYwREIzQzNG RkUxMUVEOUE4N0EzMTVDNEY5QUUwMi9jazRmWkd4Rkd3R2VITm8yMURScTI1dGYy X2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NrNGZaR3hGR3dHZUhObzIxRFJxMjV0ZjJfZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OEUzOC81MUYwREIzQzNGRkUxMUVEOUE4N0EzMTVDNEY5QUUwMi9jazRmWkd4Rkd3 R2VITm8yMURScTI1dGYyX2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA256iLnaj8tqMqjtC1eg42oiYKtA1zLNCYau9T/RDrYlae8j82qHHo EzfT0+BpBbmZS+rP0BRdDOXZg7XFrDVFp5ZWfIGdDjhSoqwxv9NfqbCdw8W5noFN NnEc/NSLJPVS7RUSEfyNlDpCirVDsdytmawrMPUHb1FaTszSGVyLiRMe6ZPBHJTm 6hPiuanSZDWD91RMQn4UxQXFnwRxGGqTMRBtwWZhYhyzEC0GZn3g6k+FGkajxXNy vLvS3IY1B30+OiY38kDBN0e/Pb0IM2Ebhcgm61Kppl6gluDE3WcRD3tQStqDBBYi uh76K5CQir7y7Y1QmLSUw+TBJPTU+e7Z -----END CERTIFICATE-----Generated at Wed Jun 18 10:23:52 2025 by rpki-client